Blog

Is Multi-Factor Authentication the Backbone of Future IT Security Protocols?

Every small-to-medium sized business owner needs a strong IT security protocol for accessing internal networks, Wi-Fi networks, and even basic email accounts. A business needs strict control over how their networks and accounts are accessed to prevent unauthorized access and disclosure of sensitive data.

Each new data breach is a reminder that a secure password isn’t enough to protect your company’s data. For instance, if an employee uses the same password for Twitter and their company email account, if their Twitter account password is leaked in a data breach, their company email account is automatically compromised.

Unfortunately, data breaches have become more frequent than ever with more than 3,800 publicly disclosed breaches exposing 4.1 billion records in the first six months of 2019. Many of these data breaches could have been prevented or thwarted with multi-factor identification (MFA) also known as “two-factor identification” or 2FA.

Multi-factor authentication is highly secure

Using multi-factor authentication goes a step beyond using a password. The National Institute of Standards and Technology (NIST) describes multi-factor authentication as “a security enhancement that allows you to present two pieces of evidence – your credentials – when logging in to an account.”

The NIST explains how these credentials work. “Your credentials fall into any of these three categories: something you know (like a password or PIN), something you have (like a smart card), or something you are (like your fingerprint). Your credentials must come from two different categories to enhance security – so entering two different passwords would not be considered multi-factor.”

MFA is one of the strictest IT security protocols around. If a person doesn’t have access to all required accounts or devices, they can’t log in even with the correct password. For instance, Google allows users to enable two-factor authentication, which requires a password and a code sent via text message to log in. Without the code, a correct password won’t log you into the account.

Many online services offer users the option of turning on MFA, but it should be a requirement, especially among small-to-medium sized businesses. Even trustworthy employees put company data at risk by accessing the company network on an unsecured public Wi-Fi network or by allowing someone else to access their computer.

Requiring MFA with clients, contractors, and vendors

MFA should always be used to protect highly sensitive data. If your employees are allowed to access a company account or network from a remote location, they should be required to complete two-step verification. Even when your employees can only access the company network from within the office, you should enable MFA. An unauthorized user might successfully spoof your company’s IP address and gain access to company data.

Using MFA to lock down security also applies to interactions with other businesses, contractors, vendors, and clients. Say you hire a contractor to update your website via FTP and they store your login credentials in their browser. If their computer gets stolen or the browser’s cloud data is compromised, access to your website will also be compromised. Requiring two-step verification for FTP access is the only way to protect your data when an unauthorized third party gets ahold of valid credentials.

Encryption plus MFA for FTP access equals secure data

Your company data is much safer when you have an SSL certificate for encryption and two-factor authentication for all FTP users. If you run your own server, you can install 2FA software called WiKID or you can move your web hosting account to a dedicated server provided by a hosting company that enables two-factor authentication via SSH.

Who uses MFA?

Several industries have been using MFA for decades. The financial industry has been using MFA for decades. If you’ve ever used a debit card, you’ve used 2FA. Using a physical card and a PIN number is 2FA. Although it’s an option, 2FA isn’t required for logging in to most online bank accounts. Soon it will be a requirement.

2FA is also used in the U.S. military via the Common Access Card (CAC) to provide military personnel with access to buildings, controlled spaces, and DoD computer networks. Law Enforcement agencies require 2FA verification when an officer accesses the NCIC database from a mobile device or unsecured location.

 Bank of America specifically uses MFA for higher-value transfers. Other notable companies using MFA include Amazon Web Services, Facebook, GitHub, Microsoft, Apple, and Charles Schwab. You don’t need to be a major corporation to benefit from using MFA. In fact, statistics show that 43% of cyberattacks are aimed at small businesses and unfortunately, only 14% are prepared to defend against the attack.

In 2018, more than half of all small businesses suffered a data breach and each attack costs an average of $200,000. After a data breach, 60% go out of business. The problem is bigger than it seems. Eventually, every organization’s security perimeters will be breached; it’s simply a matter of when.

Although some businesses currently provide MFA as an option, it’s only a matter of time before MFA becomes the gold standard in IT security.

Keep your IT systems secure

Managing IT security is complicated. If you’re going to keep your data secure with MFA, it’s crucial to start with secure IT infrastructure, including a secure network monitored around the clock. At Bluetowne, we can monitor, manage, support, and maintain your IT infrastructure regardless of location. We can manage your IT infrastructure, whether it’s on-premise, cloud, or at a data center colocation.

Our network security experts will implement industry-standard protocols to detect and prevent intrusions, encrypt end-point storage and email, inspect applications, and provide gateway threat protection. We will monitor your IT infrastructure 24 hours per day and continuously collect and process data to make sure your network remains secure.

We can be your in-house IT department or support your existing team. We’re focused on providing remarkable customer service and want to help you create and maintain secure IT infrastructure efficiently and cost-effectively.

If you’re tired of paying too much for IT management, talk to us about our managed IT services and find out how we can help.

 

 

6 Steps for Disaster Preparedness for Your Business

We keep a close eye on hurricanes here on the southeast coast of the United States. Uncertainty over whether storms are going to make U.S. landfall at category 5 or category 4 can lead to panic among many residents of our region. But in other parts of the country (and across the world), people have their own kinds of natural disasters to contend with as well.

The good news is that no matter where they’re located, Bluetowne clients have peace-of-mind — knowing that if and when a disaster strikes, their business can continue to operate thanks to our strategic disaster preparedness solutions. How do we ensure this? By creating a comprehensive disaster recovery plan and business continuity infrastructure for each client, and by storing client data in a strategic data center location that’s been constructed to meet and exceed the highest standards of protection. Why is this so important? Because today’s customers have high expectations— and that includes the expectation that your business will continue to provide the products or services they depend on, regardless of nature’s ups and downs. Even a relatively brief period of weather-related downtime can hurt your brand and your bottom line.

Have you taken the time to closely evaluate your business’s disaster preparedness? If not, now is the time to take make sure your business can continue to operate through whatever mother nature decides to send your way. Here’s how to start.

To prepare your business, the following steps are critical to your comprehensive disaster preparedness plan:

  1. Review and validate your disaster recovery plan

Many companies find that they either don’t have a disaster recovery plan, or their plan is old and out-of-date. It’s important to review and validate your disaster recovery plan often to ensure that it’s still the one that will work for you during a hurricane or other natural disaster.

  1. Review and validate your business continuity plan

Can your business continue if your power is out? Do you have online web applications that will continue to work — or will your entire company wind up in a blackout? These are important questions to ask yourself.

  1. Verify backups are running and test restores

Are all data and information backed up to a cloud? Have you tested their restorability? A surefire way to set your mind at ease is to make sure that you have all of your data backed up into a cloud-based system.

  1. Verify your team is prepared for work stoppage and resuming tasks

Does your team know how to handle a work stoppage? Do they have clearly defined roles and tasks assigned to them for natural disaster situations? If so, have they practiced these tasks and do they regularly refresh their memories on the procedures that you have in place?

  1. Do you have a procedure for notifying customers?

During natural disasters and power outages, many companies have to shut down completely because they don’t have a plan in place for their employees and customers. It’s important to notify customers if your business has to temporarily shut down or if certain services may be unavailable until power is returned to your region. This helps maintain customer trust in your brand.

  1. Validate that your IT infrastructure is sound, up-to-date, and stable

It’s important to keep all of your hardware, software, and network services up-to-date, so that you can ensure all of your services and resources are organized and ready to deploy at all times. Do you have systems and services in place that will keep your most important people and processes operational during a natural disaster? Some important pieces of the continuity puzzle include a warm/hot failover site, hybrid cloud, layer 2/3 networking, a virtualization recovery platform, and browser-based continuity.

How well did your business’s disaster preparedness plan fare during your evaluation? Were you able to answer yes to all of the above questions? In our experience, we all too often find that companies have overrated their level of readiness. When an emergency or disruption hits, chaos and confusion ensue — rather than quick response and recovery.  Resolve to be resilient by carving some time out ahead of a storm or disaster to focus on your preparedness efforts.

“In an era when systems and applications are dispersed throughout the enterprise and the cloud, IT leaders have to rethink their disaster recovery plans.” –InformationWeek.com

Seems like a lot of work? It definitely is—and that’s where Bluetowne comes in to play.

Our mission: to support you in ensuring your organization can continue delivering the products or services your customers expect, at acceptable predefined levels following a disruptive incident — and ensuring optimized, speedy recovery and restoration of your data and applications once things are back to normal. Give us a call today.

 

 

 

 

 

MUST READ: POPULAR PC MAINTENANCE SOFTWARE CLEANER COMPROMISED BY HACKERS

Users of a free software tool designed to optimize system performance on Windows PCs and Android mobile devices got a nasty shock this morning when Piriform, the company which makes the CCleaner tool, revealed in a blog post that certain versions of the software had been compromised by hackers — and that malicious, data-harvesting software had piggybacked on its installer program.

The affected versions of the software are CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191.

The company is urging users to upgrade to version 5.34 or higher (which it says is available for download here).

An estimated 2.27 million users have been affected.

Read more on Cisco’s Blog here.

Hurricane Irma: Follow Us on Twitter for Important Updates

Our team is proactively checking in with clients today ahead of the storm to ensure you are prepared. Please reach out to us if you have any additional concerns, or if we can be of any assistance leading up to and after the event.

We will be updating our Twitter feed throughout the event for updates related to infrastructure, power, Internet and general status. After the storm passes, we will be reaching out to customers with status checks on individual networks and next-steps.

Follow us: https://twitter.com/bluetowne

Get in touch: 843.352.0130 x203 or info@bluetowne.com

State of Emergency Has Been Declared: Let Us Know How We Can Help

**State of Emergency Has Been Declared**

Gov. Henry McMaster Asks South Carolinians to Prepare for Hurricane Irma, Declares State of Emergency.

Bluetowne’s mission is to support you to ensure that your organization can to continue to deliver your products or services at acceptable predefined levels following a disruptive incident, and ensure optimized, speedy recovery and restoration of your data and applications.

We will continue to monitor this storm very closely, and are here to help you prepare. Let us know how we can assist by giving us a call at 843.352.0130, or e-mail us at info@bluetowne.com.

 

 

 

 

 

Hurricane Irma: Disaster Preparedness Advisory

We are keeping a close eye on Hurricane Irma. Uncertainty over where this category 5 storm is headed was intensified this morning by computer runs that shifted the track east — potentially toward the Bahamas, the Southeast coast and potentially South Carolina.

Now is the time to take responsibility to enable your business to continue to operate through whatever storm it is forced to weather.  Our mission is to support you to ensure that your organization can to continue to deliver your products or services at acceptable predefined levels following a disruptive incident, and ensure optimized, speedy recovery and restoration of your data and applications.

To prepare your business, the following critical activities need to take place as part of a comprehensive disaster preparedness plan:

  • Review and validate your disaster recovery plan  
  • Review and validate your business continuity plan
  • Verify backups are running and test restores
  • Verify your team is prepared for work stoppage  and resumption tasks
  • Validate your IT infrastructure is sound, up-to-date and stable

We will continue to monitor this storm very closely, and are here to help you prepare. Let us know how we can assist by giving us a call at 843.352.0130, or shoot us an e-mail.

All too often, we find that companies overrate their level of readiness. When an emergency or disruption hits – chaos and confusion ensue, rather than quick response and recovery.  Resolve to be resilient by carving some time out ahead of the storm to focus on your preparedness efforts.

Tech Quick Tips: 4 Ways to Increase Your Laptop Battery Life and Charge

1. Keep the Vents Clear

Never ever sit your laptop on a couch cushion, or on a mattress, or anything soft that hinders airflow through the little slot on the bottom and sides of your machine. Those vents can suck up dust and debris, clogging up the fans and causing your laptop to work harder. And, the harder the machine works, the more battery power it is going to require. If you hear a loud buzzing (like a fan spinning really fast), or your laptop base is so hot you could cook an egg on it, chances are you should consider moving to a tabletop or hard surface to work on.

2. Keep the Screen Brightness Down

When you do not need the screen brightness cranked up, turn it down. The screen is the number one battery drain on any mobile device, including your laptop. Adjusting this setting through the Power Options will prove beneficial, I promise. If you are using Windows 7, Windows 8, or Windows 10, type “Power” in the search field by the power menu. Click on “Power Options,” and notice the slide bar at the bottom of that window, aptly named “Screen Brightness.” You can adjust accordingly from here. Make sure to keep the backlight to a minimum.

3. Hibernate and Sleep

While you are in the Power Setting menu, you can tweak your Power Plan to help optimize battery life. Two settings to note are the “Choose when to turn off the display” and “Change when the computer sleeps” commands. These are listed on the left-hand side of the window and can also be accessed by clicking the “Change Plan Settings” link in the middle of the same window. In this menu, you have the ability to tell your computer what to do when it is plugged in, and when it is not plugged in. When you are just running on battery power and are not hooked up to any outlets, adjust the display to turn off or dim after a short period of time. Essentially, you want your laptop to hibernate and sleep sooner when it’s inactive and not being charged.

4. Unplug When Charged

When the battery is full and the laptop is not in use, unplug it from the charger. Generally speaking, and according to Battery University, a battery will give you 300 to 500 full discharge cycles or charges. Keeping it plugged in can significantly decrease the amount of charges that this battery can take. Keeping that juice flowing when the laptop battery is full can be damaging to some batteries. Battery University even recommends operating your laptop between forty and eighty percent battery life to get the most life out of the battery.

Download the PDF here.

Bluetowne Offers Free IT Infrastructure Assessments


Bluetowne offers free IT Infrastructure Assessments to help local businesses prepare for what is predicted to be an overly active hurricane season.

MT. PLEASANT, S.C. – August 15, 2017 – Bluetowne, a leading provider of innovative information technology solutions and infrastructure managed services, today announced it is offering free on-site IT Infrastructure Assessments to help local businesses prepare for what is predicted to be an overly active hurricane season. An IT Infrastructure Assessment is a no obligation way to gain insight into the true status of your IT systems and processes, uncover any potential threats, and point the way to appropriate corrective actions you can make to secure your business effectively and efficiently. Bluetowne will deliver a comprehensive report detailing recommendations to remediate any problems, so you can be confident your business is operating at optimal performance and would survive a hurricane or other natural or man-made disaster.

“All too often, we find that companies overrate their level of readiness. When an emergency or disruption hits – chaos and confusion ensue, rather than quick response and recovery. Our mission is to support organizations to ensure that they can continue to deliver their products or services at acceptable predefined levels following a disruptive incident, and ensure optimized, speedy recovery and restoration of data and applications.  The alternative—excessive downtime and lost data—can be completely devastating for a company’s bottom line and reputation.  We care about the businesses in our community, and as we enter the peak weeks of hurricane season we want to offer our services to help them be proactive about focusing on their preparedness efforts,” said Eric Hartley, President, Bluetowne.Read More

What is the Financial Impact of a Ransomware Attack?

The reason for ransomware’s popularity boils down to one thing: economics. Without the proper defenses, cybercriminals can extort hundreds – sometimes thousands – of dollars from SMBs by encrypting valuable data and demanding a ransom be paid to restore the data. Below, see the rise in the average ransom amount by year (in US dollars).

Let Bluetowne help you ensure your company’s data is protected with the highest level of security as part of your overall IT strategy. Reach out at info@bluetowne.com or 843.352.0130.

Silicon Harbor has become a tech landing spot for some weary city dwellers

CHARLESTON, S.C. — It may be 2,740 miles away, as the crow flies, but Charleston seems like a million miles away from the hustle, bustle and stress of Silicon Valley.

An idyllic beachfront on the Carolina coast, drawing 7 million tourists annually. Horse-drawn carriages and pastel antebellum houses with roots to the American Revolution. Fort Sumter in the distance, a reminder of where the first shots were fired in the Civil War.

And yet the economic formula is decidedly 21st Century after decades of relying extensively on the military, automotive and textile industries. The focus today is on high-wage jobs in an affordable, lifestyle-friendly setting.

Welcome to Silicon Harbor: Home to more than 250 tech companies employing 11,000. This port city has quietly become the No. 1 mid-sized U.S. metro area (500,000 to 1 million) for IT job growth, adding 4,000 jobs the past five years, according to the U.S. Bureau of Labor Statistics.

Read more from USA Today.

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from Youtube
Vimeo
Consent to display content from Vimeo
Google Maps
Consent to display content from Google