Businesses and individuals are increasingly relying on computers and Internet-based networking. They experience several benefits, but also potential risks. When staff or business partners have constant access to internal networks from insecure locations, security is a major concern.
The Rise of Cybercrime
Cyberattacks generally refer to criminal activity involving the use of a computer network, normally conducted via the Internet. Internet users and organizations face increased risk of becoming targets of cyberattacks. An independent research report conducted by Ponemon Institute on organizations located in the United States in 2013 found that the U.S. experienced an increase of 18 percent in successful attacks from the previous year.
Today, criminals have more advanced technology and greater knowledge of cyber security. Attacks may include financial scams, computer hacking, virus attacks and distribution, denial-of-service, theft of an organization’s information assets, posting of sensitive business data on the Internet, and malware.
Risks of Cybercrime
For businesses and corporations, the cost associated with cyberattacks is large. Stolen or deleted corporate data can inflict financial damage on the victim, damage the company’s reputation, and negatively affect people’s livelihoods. The risks are even higher for small companies, since their businesses may rely solely on project files or customer data bases. The same Ponemon Institute study reported that in 2013, the average cost of cybercrime in the U.S. was $11.6 million annually - an increase in cost by 26 percent from the previous year.
Organizations should follow basic guidelines in order to reduce the security threat to their data and devices. To prevent cyberattacks, companies should:
1. Use a Secure Connection to the Corporate Data
This generally involves implementing a Virtual Private Network (VPN). VPN technology provides protection for information that is being transmitted over the Internet by allowing users to form a virtual “tunnel” to securely enter an internal network to access resources, data and communications.
2. Store Data Centrally
Centralized storage of data offers protection and increases speed, convenience and efficiency for accessing files. Sharing of files enables rapid and easy access to important data from virtually anywhere in the world. The relative mobility and control of data improves effectiveness of workflow. Another crucial advantage of centralized data is cost. Although it is possible to store and backup data on multiple machines, it is considerably more cost effective to use central storage. For instance, data can be stored on a server within the corporate LAN behind the firewall.
3. Use Modern Authentication Methods
Authentication is the process by which the parties at either end of a network connection can verify the identity of the other party. Verification is typically based upon something you know (such as passwords), something you have (smart card or tokens), or something you are (biometric techniques, including fingerprint and eye scans). Deployment of modern authentication methods, such as Kerberos authentication protocol, ensures confidentiality through encryption that ensures no one can tamper with data in a Kerberos message.
4. Use Reliable, Strong Encryption Technology
Encryption is the process of changing information in a manner that cannot be deciphered by anyone except those holding special knowledge (generally referred to as a "key") that enables them to alter the information back to its original, readable form. A VPN turns the Internet (an unsecure environment) into a secure private network, by providing heavy encryption. In particular, an SSL VPN is best-suited for mobile apps.
5. Enforce Strong Passwords
Implementation of strong passwords is a basic security procedure, however it is often overlooked. Complex, hard-to-crack passwords are a simple line of defense against a security breach. Password policies, which offer advice on proper password management, should be in place. Password best practices include:
• Avoid using dictionary words or common sequences, such as numbers or letters in sequential order or repetitive numbers or letters.
• Do not use personal information.
• Use special characters, such as * and #. The majority of passwords are case sensitive, therefore, a mixture of both upper case and lower case letters, as well as numbers, should be used.
• Choose a long password, as passwords become harder to crack with each added character.
• Create different passwords for different accounts and applications. Therefore, if one password is breached, the security of other accounts is not at risk.
• Never write down passwords and leave them unattended in a desk drawer or any other obvious place.
• Never communicate a password by telephone, e-mail or instant messaging
• Never disclose a password to others, including people who claim to be from customer service.
• Change passwords whenever there is any doubt that a password may have been compromised.
The growing popularity and convenience of digital networks has led to an increase in cyberattacks; consequently, keeping up to date with the most recent and important concerns facing the organization is in itself a challenge. Organizations can protect their highly sensitive information by following a safety plan and adopting reasonable security practices.
If you would like to learn more about VPN technology, and review some tips on critical security aspects, download our free e-book: How Do I Find the Best VPN Solution for My Company?
Controls are a mode of living. Whether it’s the workplace that requires a key fob or an identification badge, a password to log into the company network, or an access permission to use a copier, there are numerous controls/safeguards that we encounter during the normal course of our everyday lives.
Defining Control Activities
Control activities are actions taken to minimize risk. A risk is the probability of an event or action having adverse consequences on an organization, such as information assets that are not adequately safeguarded against loss.
Control activities occur throughout the organization and include diverse activities, including approvals, authorizations, verifications, reviews of operating performance, and security of assets.
Internal controls are a fundamental part of any organization’s financial and business policies and procedures. The advantages of internal controls are:
- Prevention of errors and irregularities; if these do occur, the inaccuracies will be detected in a timely method
- Protection of employees from being accused of misappropriations, errors or irregularities by clearly outlining responsibilities and tasks
IT controls are a subdivision of internal controls, and refer to policies, procedures and techniques on computer-based systems. IT controls are essential to protect assets, highly sensitive information and customers. IT controls support business management and governance; they also offer general and technical controls over IT infrastructures.
Subdivisions of IT Controls
Generally, IT controls are divided into two main categories:
1. General Controls
These apply to all system components, processes and data for a specific organization. General control activities are conducted within the IT organization or the technology they support, which can be applied to each system that the organization depends upon. These controls facilitate confidentiality, integrity and availability, contribute to the safeguarding of data, and promote regulatory compliance. General controls make safe reliance on IT systems possible. Examples of such controls include access controls (physical security and logical access) and business continuity controls (disaster recovery and back-up).
2. Application Controls
These controls are business process controls, and contribute to the efficiency of individual business processes or application systems. Examples of application controls include access authorization, which is essential for security of the corporate network. This prevents users from downloading illegal material or viruses, and may also block unproductive or inappropriate applications. Other examples of application controls include segregation of duties and concurrent update control.
Modern IT Solutions
Virtual private network (VPN) technology enables a secure connection to the organization’s data to be made over insecure connections, such as the Internet, and is essential to providing comprehensive security, safety and flexibility to businesses. Furthermore, advanced VPN technology offers several services which help users maintain access to critical information. VPNs facilitate the implementation of IT controls. For instance, VPNs provide dynamic access portals, whereby network managers can define server access with application publishing in such a way that the user only sees his or her personal, customized portal.
Control activities occur throughout the organization, and IT controls are fundamental to protect information assets and mitigate business risks. Deployment of a modern virtual private network (VPN) technology facilitates the implementation and management of IT controls.
If you would like to learn more about VPN technology, and review some helpful tips on critical security aspects, download our free e-book: How Do I Find the Best VPN Solution for My Company?
The year 2013 is synonymous with cyber attacks and numerous data breaches. Individuals and organizations worldwide are now more aware of widespread surveillance and cyber threats. But what are the costs associated with business security breaches?
1. Direct Financial Loss
Attackers may specifically target customers’ credit card numbers, employees’ checking account numbers, and the company’s merchant account passwords. Especially in the financial services industry, indirect legal fees or fines resulting from the security incident can significantly increase the costs, independent of whether the criminal is brought to justice.
2. Violation of Privacy
Employees are trusted to keep personal information private. Likewise, customers trust the organization to keep their credit card numbers and credit histories confidential. If this privacy is violated, legal consequences arise.
3. Lower Competitive Advantage and Lost Sales
Theft, modification, destruction of propriety sales proposals, business plans, product designs or other highly sensitive information can significantly give competitors a marked advantage. Sales are also lost as a consequence of the cyber attack, and the repercussions ensue long after the incident takes place.
4. Damage of Corporate Reputation and Brand
Building and maintaining a corporate image and establishing trusted relationships with customers and business partners is critical to an organization. However, the corporate credibility and business relationships can be considerably damaged if proprietary or private information is compromised.
5. Loss of Business Continuity
In the case of a service disruption caused by a data breach, the IT team must quickly address the problem, so as to minimize downtime of the system, and restore data from backup files. Nonetheless, when mission-critical systems are involved, any downtime can have catastrophic consequences. In other cases, when lost data may have to be meticulously reconstructed manually, this decreases the amount of time that systems are functioning to below acceptable levels.
Business Network Protection
As discussed above, the consequences associated with security breaches are vast and long-lasting. Several organizations now use remote access solutions to maintain a high level of security for sensitive corporate information. In particular, many companies opt for SSL VPNs due to their flexibility – SSL VPNs are not restricted to employee remote access, but incorporate partners, contractors, and possibly also customers. The increasing amount of hacking attacks and sophistication of security threats demand the use of advanced network security via a high-quality VPN as a component of a comprehensive business security policy.
If you are interested in how to secure your network from cyber attacks, we invite you to visit our website www.hobsoft.com. On our website you will be able to find data sheets of our VPN solutions as well as interesting e-books and whitepapers.
Author: Hazel Farrugia
Today, mobile workforces stay connected in and out of the office and use their devices for work and personal purposes. The ultimate goal of a remote working strategy is to increase productivity and reduce costs; indeed, studies by Best Buy, Dow Chemical and many others have proven that teleworkers are 35-40% more productive than their in-office counterparts.
The drafting and implementation of an organization-wide workplace strategy will ensure that end users at all levels of the organization will enjoy a positive experience. The following are five best practices that effectively boost remote workers’ productivity:
1. Maximize Employee Participation
Maximizing employee participation is the first step to maximizing employee productivity. Not all employees benefit equally from remote working; however, without a critical mass of users, the benefits will be limited. IT teams should not restrict solutions, such as mobile workplaces, to only those who “seem” to need it. Remote working allows employees to respond to colleagues and customers faster, therefore IT teams and managers should not deter employees from working anywhere and anytime.
2. Ensure Employees Have the Productivity Tools they Require
Employees should be encouraged to use a wide range of productivity tools which do not pose network security risks. However, if IT teams are uncertain how to handle such employee requests, they generally allow employees to use these tools without providing adequate security, or block the use of the tools entirely. Regardless of the circumstances, IT teams should circumvented security risks by deploying security solutions that allow employees to utilize tools without compromising the network security.
3. Free Use of Personal Apps and Services
Whether the device is personally owned or provided by the company, employees should be able to use their personal apps and services. Blocking an employee from storing their personal information with a cloud service provider is significantly different from ensuring corporate data does not end up in the public cloud. IT teams should focus on controlling data rather than controlling devices.
4. Offer Self-Service Support for Everyday Activities
There is a common notion that mobile devices will result in an increase in support costs – however this is a misconception. Conversely, if the IT teams provide a self-service capability, particularly for routine activities, it usually results in decreased in support costs. IT teams should stop short of supporting personal apps and services, but should invariably offer to assist with supporting business apps.
5. Support Wide Range of Devices
For the mobile workplace program to be widely adopted, the program should support a wide range of devices. Though challenges may arise, such as Android’s variability regarding support for on-device encryption and other enterprise-level security and management controls, the overall benefit is net positive.
The Future of Remote Working
The current trend towards remote working is expected to become even more prevalent in the future. With the right practices and controls in place, employee productivity can be maximized, without putting the security of the network at risk.
If you would like to learn about the advantages and limitations of mobile workplaces, and find out how to develop a strategy for mobile workplaces with the help of VPNs, please download our free eBook “Home Offices Made Easy”.
Author: Hazel Farrugia
Remote access via virtual private networks (VPNs) is a major technological advancement reshaping organizations worldwide, including educational institutions. The IT solutions of all educational institutions, ranging from primary schools to universities, face unique challenges in order to provide a more advanced learning and working environment, while also maintaining security requirements and optimal IT efficiency.
Common Applications in an Educational Institution:
Educational institutions require numerous IT applications, which are managed by the network support teams. These include:
- email accounts for students and faculty
- secure email access
- intranet set up and functionality
- web and mail services
- storage and management of sensitive data
- online examination management and results posting
- secure intra-departmental data transfer
- secure remote access to server rooms and on-site data centers; and
- maximum security levels preventing hacker attacks, and enabling secure login and sensitive information transfer
In addition to providing a secure mechanism to access the above list of necessary applications, IT administrators are also responsible for minimizing network downtime, monitoring uptime, and keeping service costs under control. In order to provide this, remote access technology is the optimal solution.
Reasons for Using Remote Access:
1. 24/7 Accessibility
Remote access through VPNs provides cost-effective 24/7 data access to students and staff from anywhere.
2. Reduced Security Concerns
VPN technology allows secure remote access to educational resources and individual desktops for faculty and staff members through encrypted connections, via Web Secure Proxy and secured authentication methods.
Innovative remote access solutions implement a security strategy that also includes firewalls, anti-virus software and intrusion prevention services to protect vital and sensitive information within the network.
3. Reduced Investment in Technology Infrastructure
Due to the potential for mechanical failure, hardware solutions are prone to break downs. Initial costs and costs to repair cause hardware solutions to be significantly less viable than pure software solutions. Additionally, software solutions enable IT administrators to resolve several problems remotely, thereby further reducing costs and resource use. The implementation of a software based solution has the additional benefit of optimizing existing server resources, which reduces total cost of ownership.
4. High Availability
Access from the client requires a Web browser only. This allows for specialty software applications to be made more readily and widely available to the students, staff and faculty. This high application availability allows for e-learning programs and superior online delivery methods after school hours.
The total enrollment in public and private postsecondary institutions increased 47% between 1995 and 2010, and a further increase of 15% is expected between fall 2010 and fall 2020. The growth in the number of students attending educational institutions puts network administrators under pressure to increase the amount of PCs and network facilities in order to accommodate their staff and students. An increase in terminals necessitates an increase in the number of servers; since these servers are the pillar of the institution’s Network, it is important that they be consistently reliable, as network downtime implies an interruption of essential services.
High-quality VPNs allow for workload balancing of cluster servers, meaning the division of a computer/network’s workload between two or more computers/servers. This process facilitates the system’s optimum performance, which results in faster data access. Load balancing also prevents failover, which occurs when a user cannot access a database in a cluster - either because they cannot access the database itself or they cannot access the database server.
A VPN is highly scalable and supports many different platforms. VPN technology provides remote access via any device, such as desktop computers, notebooks and tablets, and all operating systems are supported, including Microsoft Windows, Apple MAC OS X, and Linux. In addition, this technology allows educational institutions to purchase resources as needed. If the institution experiences significant growth, it can easily increase the capacity of their remote access solutions. Conversely, if their needs decrease, they can scale down.
6. Single Sign-On
Single sign-on is a capability that enables secure authentication across many services with only one password. It allows users to be logged into multiple services once the user has signed in to one. Single sign-on streamlines the authentication process for the user, while simultaneously protecting the institution’s resources.
Remote access technology has proven beneficial to several organizations as it optimizes resources, decreases administrative costs, increases productivity and enhances the learning process. Today, remote access technology for educational institutions is considered an essential part of a comprehensive IT security infrastructure.
Author: Hazel Farrugia
In one of our last blog posts, we introduced the concept of WAN clustering (the use of multiple redundant computing resources housed in different geographical locations that form, what appears to be, a single, highly-available system), and its role in disaster recovery and business continuity. Part II takes a deeper dive into WAN clustering and its role in load balancing.
The Need for Load Balancing
In the Internet Age, the networking (connecting) of enterprise IT infrastructure to its customers or suppliers has become mission critical. Data centers full of server farms were created by the proliferation of servers for diverse applications. The complexity and challenges in scalability, manageability, and availability of server farms is one driving factor behind the need for intelligent switching. It is unacceptable for a network to fail or exhibit poor performance, as either will virtually shut down a business in the Internet economy. In order to ensure scalability and high availability for all components, load balancing emerged as a powerful tool to solve many of the issues associated with network failure and poor performance.
Load balancing is the division of computer/server/network workload amongst two or more computers/servers. Load balancing can be implemented with hardware, software or a combination of both.
In the case of load balancing Web traffic, there are several options. For Web serving, one option is to route each request to a different server host address in a domain name system (DNS) using the round-robin technique. Usually, if two servers are used to balance a work load, a third server is needed to determine to which server work is assigned. Another option is to distribute the servers over different geographic locations.
Benefits of Load Balancing
This technique offers a number of important benefits, including increased network utilization and maximized throughput; minimizing the load on individual systems and decreasing response time; improved user satisfaction, reliability and scalability.
Generally, load balancing is the primary reason IT teams opt for a clustering architecture. Companies whose websites receive large volumes of traffic also commonly select clustering architecture, so as to avoid a situation where a single server becomes overwhelmed. Workload balancing of cluster servers facilitates the system to attain optimum performance, resulting in faster data access.
Additionally, the process also prevents failover, which occurs when a user cannot access a database in a cluster, due either to inability to access the database itself or inability to access the database server.
Virtual Private Network (VPN) technology is also critical to an effective load balancing strategy. A fast, safe and secure transfer of critical business data among servers optimizes the user experience, while simultaneously giving employees/users anytime, anywhere access to critical information.
As implementation of web applications grows and user bases become more geographically diverse, load balancing becomes increasingly less of an option, and more of a requirement in IT planning and provisioning. Load balancing enables organizations to run uninterrupted operations when WAN clustering is supported by reliable, well-managed VPNs.
If you would like to learn more about WAN clustering, and explore how VPNs can help you to create an optimal WAN clustering solution for your needs, download this free eBook:
Effective WAN Clustering Relies on High-Quality VPNs
Author: Hazel Farrugia
Remote access through a Virtual Private Network is essential when an organization’s operations have been disrupted. WAN clustering allows business continuity in the event of a natural disaster or cyber-attack.
As the majority of mission-critical business processes are IT-based, companies and institutions are becoming increasingly dependent on the availability of their digitized information in order to maintain functionality. The ability for a network to recover from a disaster is a function of its hardware and software architecture.
In today’s business environment, server clustering is essential to providing the high availability and scalability of services that are required to support 24/7 operations. Clustering increases the reliability of Internet-based systems because it eradicates several of the single points of failure that are possible in a single server system.
WAN clustering, also called geoclustering or remote clustering, is a network architecture through which multiple servers and other computing resources housed in different geographical locations form, what appears to be, a single, highly-available network. WAN clustering can be used for almost any computing resource, including mainframes, file servers and software application stacks.
Benefits of WAN Clustering
WAN clustering allows business environments to run operations uninterrupted and maximize employee productivity by ensuring information assets are available anytime, anywhere – a substantial competitive advantage.
Compared to server clusters which are not geographically distributed, WAN clustering’s main advantage is that applications are always available. Even in cases of extensive regional disaster whereby entire processing centers are destroyed, servers in the cluster continue running, with little to no interruption.
The ultimate goal of WAN clustering is to support enterprise business continuity, by providing location-independent load balancing and failover. Business continuity, defined as the ability to do business under any circumstances, is a vital to a company’s success. It aims to prevent problems before they happen, and in the case that they do, it ensures that there are the necessary tools and protocols in place to reduce the damage.
Formerly, stored data was connected to servers in very basic configurations: either point-to-point or cross-coupled, whereby the failure or maintenance of a single server often made data access impossible for a large number of users, until the server was back online. More recent advances, such as the storage area networks and cloud computing, make any-to-any connectivity possible among servers, data storage and other systems. Usually, these networks utilize several paths between the server and the network, each consisting of complete sets of all the components involved. A failed path can result from the failure of any individual component of a path. IT teams employ multiple connection paths, each with redundant components to avoid single points of failure, helping to ensure that the connection is still viable even if one or more paths fail.
Disrupted Communications and the Virtual Private Network (VPN)
When disaster strikes, disrupted communications inevitably ensue, rendering the normal operational tasks unavailable. However, workers can generally perform several tasks using remote access solutions such as a virtual private network (VPN).
Recovery options are extremely limited if applications and servers are not accessible via remote access or VPN service, since one may need to temporarily locate recovered users away from the server environment. A high-quality VPN facilitates safe, effective and cost-efficient WAN clustering – an architecture critical for organizations with offices around the world.
The Recovery Process
The functions of a particular server or entire network location are taken over by any server(s) at a different location should one server or network location becomes unavailable for any reason, such as scheduled down time, hardware or software failure, or a cyber-attack. This process occurs automatically, so that the procedure is as seamless as possible to the end user. A 2013 study on data center outages conducted by Ponemon Institute reported that 91% of the companies investigated had experienced an unplanned data center outage in the past 24 months; in cases of server downtime, WAN clustering makes business continuity possible.
The recovery process can apply to any aspect of a system, such as protection against a failed processor, network connection, storage device, Web server, as well as protection against locally limited natural disaster effects, such as flooding or blackouts.
Fundamentally, business continuity ensures a business can endure any emergency or disaster by safeguarding a company’s greatest assets: its employees and its data. The concepts of high availability and disaster recovery are made possible by WAN clustering, which relies on high-quality VPNs.
If you would like to learn more about WAN clustering, and explore how VPNs can help to create optimal WAN clustering solution for one’s needs, download this free eBook:
Effective WAN Clustering Relies on High-Quality VPNs
Author: Hazel Farrugia (Link to LinkedIn)
After we have already been to trade shows in the USA, Germany and Australia during the past weeks, we are now going to present our connectivity solutions to the Spanish audience.
HOB will be an exhibitor at the @sLAN in Madrid, which will take place from April, 23 – 24, 2014.
In the fast-paced IT industry it is especially important to always be up to date. That’s why we at HOB try to be present at as many tradeshows as possible. Being on the @sLAN in Madrid allows us to inform ourselves about the newest trends and opinions of the international IT market, without having to rely on information from a third-party.
The Spanish IT congress will host numerous IT companies, which will be presenting their latest innovations and products. This year, HOB will also present itself to the Spanish market and try to convince the visitors of its superior remote access solutions. IT trends that will be the focus of this year’s tradeshow are Cloud Computing, IT Security, Mobility, Big Data and Virtualization.
The @sLAN will take place from April 23 until 24 at the exhibition area Ifema – Parque Ferial Juan Carlos I in Madrid. If you are planning to visit the trade show, you can find HOB at booth number 22. At our booth, we will be presenting exciting live demos of our software solutions and provide you with additional information. Also, we will be having great giveaways for you. A special highlight for HOB will be the presentation of International Account Manager José Antonio San Juan Sampron, who will be talking about “Going Mobile – New Trends in the Enterprise Mobility Market.” The presentation will be held April 23, at 10:20 am in Room N110 CANAL.
We are looking forward to welcoming you at our booth and hopefully having many interesting discussions with all of our visitors!
For all of you who can’t make it to Madrid to visit us personally: HOB provides several opportunities to stay up-to-date about the newest IT security trends. On our HOB Trendtalk Blog, as well as on Google+ and Facebook, you can find information on topics about Secure Remote Access, Mobile Working, Cloud Computing and IT Security. Videos about those topics can be watched on our YouTube channel. And for those who like it short and simple, follow us on Twitter.