Everything You Need to Know About the Dark Web

July 31st, 2019 by Julie Lough

The Dark Web

What Is the Dark Web and How Can You Stay Off It?

Ever heard of the dark web? It’s definitely not a place you want your company’s information to be. Learn everything you need to know about the dark web here.  

Most people have heard about the dark web in one form or another. It’s a place where criminal activity happens — from the purchase of illegal drugs to the hiring of assassins.

Of course, there is a legal side to the dark web as well; though, most people don’t know about. In fact, the origin story of the dark web is entirely legitimate and is even linked to the government.

Still, as a business owner or CEO, your relationship with the dark web (should you unfortunately have one) will not likely be good. It’s a bad sign if any of your information is found there. That’s why it’s important to know about what exactly the dark web is: Where it came from, what’s on it, and what you should do to stay as far away from it as possible.

What Is the Dark Web?

The dark web is essentially one “section” of the Internet. Specifically, it’s a section that isn’t included in mainstream search engines like Google. So, when you search a normal search inquiry, such as, “Where’s the best hamburger joint in downtown Pittsburgh?” you don’t get results from the dark web.

Instead, this section includes all sorts of illicit goings-on. Mostly, it’s a marketplace for things you shouldn’t be buying because they’re illegal to sell and/or buy. For instance, you can buy lifelong access to Netflix for a small price (six bucks). You can hire someone to hack into someone else’s computer for you and download their data or track their keystrokes. You can purchase credit card credentials. You can obtain prepaid debit card numbers and security codes.

How Does One Access the Dark Web?

We’ll reiterate again that the dark web is not a place you want to find yourself (or your information). However, for the sake of knowledge, we’ll explain that in order to access the dark web, you must download what’s called the Tor browser.

Tor stands for The Onion Router. This is basically the software that makes the dark web operate in the dark.

Where Did the Dark Web Originate?

The dark web began in the late 1990s as a way for the United States Naval Research Laboratory (NRL) to better hide their online communications. At this time, The Onion Router or Tor was brand-new.

Soon after its initial creation in 2004, the dark web’s Tor software was released for public use. Since that time, it has ceased to be solely a government resource and has turned into the “back alley” of the Internet.

How Can the Dark Web Affect Business Owners?

The dark web is a potential danger to all businesses of all sizes and in all industries. In fact, it can be a potential danger to individuals as well. But let’s talk about your business and the dark web.

Basically, it has been found that 60% of the web listings on the dark web could harm a business. That’s because, these listings offer individuals searching the dark web ways to obtain things like the following:

  • Customer data
  • Tips for hacking computers
  • Tips for hacking networks
  • Malware
  • Financial data
  • Phishing advice
  • Operational data
  • Intellectual trade secrets
  • Tutorials for cyber crime
  • Remote access Trojans (RATs)
  • Espionage services
  • Credentials access

How Can You Keep Your Business Safe From the Dark Web?

The best way to keep your business safe from the dark web is to have the proper cybersecurity measures in place. This means hiring a cybersecurity team or a managed service provider (MSP) to handle your company’s cybersecurity. Even if you’re a small business, hiring an MSP to have on retainer is a good idea.

They will make sure that you have firewalls and other detectors of malware in place for adequate security. It’s also essential to back up your data and to make everyone who works for or with your company aware of how to avoid phishing attempts.

Lastly, your cybersecurity team should be monitoring the dark web to make sure that none of your information lands there. This goes for personal information for you and your employees, as well as overall company information. Taking these measures is the only surefire way to ensure that your company does not end up on the wrong end of the dark web.


URGENT/11 Zero-Day Vulnerabilities Impacting 2 Billion Devices

July 31st, 2019 by Julie Lough

IoT Security

Check Your IoT: URGENT/11 Zero-Day Vulnerabilities Impacting 2 Billion Devices

It was only a matter of time before connected devices become a target. The current vulnerability allows remote attackers to gain full control over IoT devices.  

Security professionals have known that connected devices are a risk, but the latest news around the URGENT/11 vulnerabilities may surprise even the most hardened security professional. Over 2 billion connected devices are thought to be vulnerable, including a range of printers, VOIP phones, routers, medical equipment, firewalls, elevators and industrial controls. Any connected device that is running the VxWorks operating system created by Wind River has the potential to be affected, allowing users to remotely gain control over the device.

URGENT/11 Vulnerabilities

Dubbed “URGENT/11”, these security risks include six critical vulnerabilities connected with VxWorks 6.5 or higher that includes the IPnet stack. There are a few versions of the OS that may not be affected, according to security research firm Armis, such as their VxWorks Cert Edition and VxWorks 653. Whether devices are within the network perimeter or on the edge, they can still be leveraged for remote access directly into networks. The vast range of manufacturers of the devices at risk means the level of security at the device level is likely to vary dramatically between product types. Fortunately, Wind River Systems provided critical patches during a recent July 19 release, but that may not be enough to reduce the risk for organizations utilizing these connected devices.

What is VxWorks?

“VxWorks is the most widely used operating system you may never have heard of,” said Ben Seri, vice president of research at Armis. “A wide variety of industries rely on VxWorks to run their critical devices in their daily operations—from healthcare to manufacturing and even security businesses”. As an RTOS, or real-time operating system, VxWorks has generally been considered to be a stable solution for IoT and other interconnected devices with only 13 vulnerabilities reported in over 32 years of operation for the platform. Since it is only older versions of the RTOS that are vulnerable to attack, it’s thought that newer devices should be relatively safe and many affected devices are already reaching end-of-life. These devices are generally ones where chipsets only need to manage a few basic pieces of information, such as input/output operations, where little data processing is required.

How to Protect Your Business

While officials at VxWorks and Armis note that there are no indications that the URGENT/11 vulnerabilities have been exploited, the extreme disruption that could be caused within an organization is reason enough to warrant a proactive effort to protect your organization. Here are the recommended steps from Wind River security professionals and engineers:

You can view the full URGENT/11 whitepaper with a breakdown of the vulnerabilities and suggestions for remediation online. Experts note that the level of disruption could be significant, perhaps even rivaling the EternalBlue 2017 vulnerability or the WannaCry ransomware attack. In each of these instances, it was challenging for many small businesses to determine the best steps to move forward and protect their organization.

Partnering with an IT services firm helps ensure that your business is alert to this type of critical attack vector. Staying vigilant for vulnerabilities and quickly applying patches may mean the difference between a few hours of work patching devices or servers and months of remediation as you attempt to recover from a major attack.


Clearing Up The Cloud – Have You Harnessed Its Strategic Advantages?

July 30th, 2019 by Julie Lough

Cloud Services

The cloud may still feel like a new technology – but in reality, it’s been around for more than 10 years now.

Does that make you feel old?

Let’s be clear about something – the cloud is here to stay. In recent years you may have still heard the occasional “industry insider” suggest that the world may be moving too quickly to an untested and unsure platform in cloud computing, but no more. The cloud is now an integral part of daily life for private consumer and business users alike.

What Is The Cloud?

The cloud is a network of technologies that allows access to computing resources, such as storage, processing power, and more. That’s where the data is – in these data centers all around the world. Which data center your data is in depends on what cloud service provider you’re working with.

The Cloud’s Many Layers

Public Cloud

Ideal for small businesses that may have trouble budgeting for any other type of cloud deployment, a public cloud is simple and cost-effective. Your data is stored in a “communal” data center, which, while not offering the best possible security or compliance guarantees, is often sufficient enough for organizations that aren’t required to maintain regulated compliance.

Private Cloud

A secure, dedicated environment to ensure maximum performance, security, and functionality for your business applications and employees. This is usually deployed for complaint-driven businesses such as healthcare and finance.

A Hybrid Cloud

This is like a dedicated cloud computing resource on Office 365 and Azure Stack with an extension to on-premise resources for maximum performance, control, security, and functionality. This is for businesses that require maximum control and scalability.

Instead of entrusting your legacy solutions to a public or private cloud, many businesses are opting for a hybrid cloud. They use a mix of on-premise, private and third-party public cloud services because this provides an infrastructure where one or many touchpoints exist between the environments.

Using a hybrid cloud gives you the freedom to choose which applications and resources you want to keep in the data center and which ones you want to store in the Cloud.

The Cloud Isn’t As New As You Might Think…

Would you say the cloud is “new”?

To some, this may seem like a question with an obvious answer, but it’s not that simple.

The way in which we think about technology can lead to something feeling new for a lot longer than would make sense otherwise.

After all, the cloud is more than a decade old, but a lot of people still think of it as a new technology.

For context, it was 2006 when Google and Amazon began using the term “cloud computing” – not necessarily the beginning of the cloud, but as good a point to choose as any.

In that year, the now woefully dated Crash won Best Picture at the Oscars. The Tesla Roadster was still two years from hitting the streets. Netflix was more than a year away from launching its now prolific streaming services.

Does that put it in perspective?

How Is The Cloud-Delivered?

SaaS (Software as a Service)

Software as a Service (SaaS) applications are being adopted at a much faster pace today than in the past. These are productivity applications like Microsoft Office 365, cloud-based practice management solutions, accounting programs, and more.

Your SaaS provider helps you identify and select line of business applications that will run well in the cloud. They can migrate your data and integrate it with software platforms in your current premise or cloud technology stack, or help you implement new ones.

PaaS (Platform as a Service)
This is whole cloth delivery of web applications that are based in the cloud, all via a comprehensive platform. The idea is that, in accessing this platform, you can utilize, develop and even deliver applications based on resources that you don’t need to maintain on-site.

IaaS (Infrastructure as a Service)
Infrastructure as a Service (IaaS) delivers IT infrastructure on an outsourced basis and provides hardware, storage, servers, data center space, and software if needed. It’s used on-demand, rather than requiring you to purchase their own equipment. That means you don’t have to expend the capital to invest in new hardware.

Why Should You Use With The Cloud?
For the same reasons that thousands of other businesses around the world have already adopted cloud computing:

  • Computing Power: The cloud has the ability to activate tens of thousands of CPUs. This unparalleled power can quickly perform deep analytics of your data, and process nearly any ad-hoc queries that you require.
  • Reliable Costs: The cloud services subscription model offers the strategic advantage of low-cost, low-risk opt-in combined with a simple, predictable monthly fee.
  • Easy Scalability: Cloud services have the unique strategic characteristic of being able to stretch or shrink to suit your current level of demand. This is especially useful for businesses of scale or companies that go through seasons of activity.
  • Real-Time Collaboration: With cloud technology, your staff doesn’t have to wait for each other to be done with their part of the document or project in order to tackle their own aspect. They can all work on the same project at the same time to maximize productivity.
  • Remote Work Capability: This cloud feature allows you and your employees to work remotely as need be, which will give your business members the flexibility they desire to have a more balanced home/work life.

You Need To Keep An Eye On Your Cloud

As beneficial as the cloud can be, it’s important to note that it can also pose risks if it isn’t managed properly. It all comes down to the classic binary relationship between convenience and security.

The cloud gives you unparalleled access to your data from anywhere with an Internet connection. That means that external parties (including cybercriminals) can have undue access to your data as well if you don’t take the necessary steps to secure your environment.

That’s why you need to monitor your cloud. No matter who you entrust your data to, you should ensure that you or someone in your organization is given appropriate visibility over your cloud environment. That way, you can guarantee that security and compliance standards are being maintained.

If you don’t have the resources to manage this type of ongoing monitoring, then it would be wise to work with the right third party IT services company. Doing so will allow you to outsource the migration, management, and monitoring of your cloud. You’ll get the best of both world – security and convenience.


How we made a food manufacturer more efficient

July 29th, 2019 by Tracy Slaugher

*|FNAME|*,

I wanted to share a story I think you can relate to. One of our manufacturing clients has been with us for over 10 years. They recently decided to dispense with their spreadsheets and paper-based processes in favor of new line-of-business software and iPads. What initially felt like a risky investment paid off for them big time. Here’s the story.

I hope you’ll find some inspiration from their journey to apply to your own business.

Take care,

Tracy


How Technology Improved Production for One Food Manufacturer

July 29th, 2019 by Tracy Slaugher

How Technology Improves Manufacturing

Serving clients in the competitive food industry meant this food manufacturer needed a new level of sophistication in technology.

Manufacturing companies live and die by the amount of efficiency achieved from every process. Time spent manually moving data around a spreadsheet or waiting for confirmation about the successful completion of a loading dock is time and money wasted.

That’s why many in the manufacturing industry are looking to revamp their technology infrastructure. It’s not about replacing human workers, but enhancing their efforts while finding areas of improvement that can result in positives for the entire organization.

Still in the Dark Ages

Micro Visions’ long-standing food manufacturing client was running operations through a series of paper documents and Excel spreadsheets that were inefficient, wasteful and prone to avoidable problems in production.

A disparate workforce of 30 employees did their best to communicate with each other – from office to production to QA, throughout the company – in pursuit of delivering quality products. But, they found themselves at the mercy of many manual, back-and-forth communications to keep things running smoothly.

Seeing the Light

Company leaders decided the time had come to establish more secure control and monitoring of production, using established technologies. With Micro Visions’ help, they implemented line-of-business software that allowed them to track production and enabled instant messaging across 30 new iPads, using a secure channel.

Guiding the Process

Micro Visions worked with the manufacturer to implement the new line-of-business application to help the company:

  • Track processing speed
  • Gain insight into loss ratios
  • Facilitate better communication among the staff
  • Access real-time statuses on tasks and processes

We brought our in-depth technical expertise to the company, shining a light on essential infrastructure support needed to carry out a successful transition to the new technology and way of conducting business. This included:

  • Replacing their virtual machine server and adding new switches
  • Expanding their new wireless network to accommodate all the added technology
  • Updating their firewall to one better equipped to support their software changes
  • Establishing mobile device management to inventory, track and monitor the iPads
  • Installing threat management software that prevents the installation of high-risk applications and prevents workers from browsing questionable websites on company devices
  • Replacing devices that were running Windows 7 in preparation for the end-of-support date of January 14, 2020.

Technology Improves Manufacturer Production

The changes had an immediate impact throughout the operation. Each worker gained real-time insights into the speed of production so they could adjust accordingly. Most importantly, the software heightened production accountability and the plant was able to improve their processes by identifying trouble areas, leading to a reduction in waste and overhead costs.

With their new application’s powerful analytics, the plant’s executive team can use data insights to identify further improvements and company strengths.

By updating their firewall and adding mobile device management, the company can assure clients of security – knowing recipes, confidential manufacturing processes and other top secret materials won’t be exposed to competitors or criminals through malicious or negligent behavior – giving them the peace of mind to continue exploring how technology can enhance their operations.

The company, one of many manufacturing clients we provide stellar managed IT services to in Western Michigan area, trusted Micro Visions because of our long-standing relationship. If you’re dreaming of how to use technology to make your manufacturing plant more efficient, productive or secure, we can help.

Contact us online or call us at (616) 776-0400.


OAuth Phishing Attacks: Threat Advisory

July 25th, 2019 by Julie Lough

OAuth Phishing Attacks

What You Need To Know About OAuth Phishing Attacks

Amnesty International has reported that OAuth Phishing attacks targeted dozens of Egyptian human rights defenders since the beginning of this year. They are warning that these human rights defenders should be vigilant and contact them if they receive any suspicious emails.

“Since January 2019 several human rights defenders and civil society organizations from Egypt started forwarding dozens of suspicious emails to Amnesty International. Through the course of our investigation, we discovered that these emails were attempts to access the email accounts of their targets through a particularly insidious form of phishing known as OAuth Phishing … We estimate the total number of targeted individuals to be in the order of several hundreds.” Amnesty International

What Is OAuth Phishing?

The Egyptian authorities are using a new spear-phishing technique called OAuth phishing. OAuth is an industry-standard protocol used for authorizations. All computer users should beware of OAuth Phishing.

OAuth Phishing is being used to abuse the legitimate authorization feature of online service providers that lets third-party applications gain access to an account. OAuth is the protocol used by many companies, including Google, Facebook, Amazon, and Microsoft. It’s used to manage access to user data across these and other platforms.

With access to a user’s email account OAuth can add events or flight times to their calendars. The OAuth Phishing hackers use malicious third-party applications to trick users into giving them access to their accounts.

OAuth Phishing targets OAuth tokens instead of passwords. When a user grants a third-party app the right to access their account, the application uses the OAuth token instead of a password. Egyptian authorities are gaining unauthorized access and use third-party apps to compromise users’ accounts.

How Does OAuth Phishing Work?

The hacker uses phishing emails with fake security warnings from Google to trick victims into clicking on a malicious link. The victim is instructed to click the “Update my security now” button. When they do, they’re sent to a third-party application called “Secure Mail.” This prompts the OAuth process.

But that’s not all. They are then asked to give the “Secure Mail” app access to their Gmail or other accounts. They’re told to click on the “Allow” button. When this happens, the hacker gains access to the victim’s account.

Now the attacker can use a malicious application to:

  • Download other messages, attachments and files.
  • Search for and read their messages.
  • Install filters and forwarding rules.
  • Inject macros into Word documents.
  • Access users’ contacts.
  • Get into OneDrive and search for downloaded files.
  • Extract emails by searching for keywords.
  • Setup malicious Outlook rules.

Amnesty International warns that these OAuth phishing attacks also target users’ Yahoo, Gmail, Outlook and Hotmail accounts.

How Can You Prevent Your Employees From Being Victimized By OAuth Phishing?

The best way is to be educated. Security Awareness Training is the go-to solution to keep employees informed about security threats and how to avoid them. But, because OAuth phishing can be difficult to detect and the victim authenticates through a legitimate site, people are still being tricked.

OAuth Phishing can be hard to identify. And, even with Security Awareness Training, people are being tricked. They’re trained to look for suspicious website URLs and to use Two-Factor Authentication. But these tactics don’t work to prevent OAuth phishing.

Phishing messages can convince users to click links that deliver malware or reveal their user credentials. Now with new tools, OAuth is being used for this. The account can be accessed until authorization is explicitly revoked. Not even password resets or using 2-factor authentication will work to stop it.

Train and test your users to:

  • Spot phishing messages and specifically OAuth phishing messages.
  • Know how to submit suspicious email messages if they find them.
  • Defend and respond to OAuth attacks.

Along with Security Awareness training, companies must ensure that their IT service companies have set up the technology, policies and remote monitoring and management to detect these OAuth attacks.

What Does OAuth Recommend?

You can visit this page for security guidance. They say that if a suspicious or malicious third-party application is found in the OAuth environment that all permissions should be revoked. Then review remote monitoring logs to learn what was compromised.

They also suggest that you:

  • Limit the number of third-party applications that can be accepted.
  • Disable any third-party applications that you don’t need.
  • Search and monitor all third-party applications that have been approved for use, and check for suspicious activity.
  • If you use Microsoft Office 365, be sure to monitor your application permissions in the Cloud App Security.

The Bottom Line

All of your employees should be educated about the dangers of OAuth and other phishing attacks. They should always use best practices and only access applications that they trust.

Also, make sure that you and your IT provider periodically review the list of applications that you use. Revoke access to all applications that you no longer need.


Create Your Own Fonts In Windows 10

July 25th, 2019 by Julie Lough

Windows 10 Tech Tips

Create Your Own Fonts In Windows 10

You may have been using Windows 10 for some time now, but it’s likely that you haven’t mastered all of its features just yet.

Did you know that you can create your own fonts?

In the Windows store, you can get the “Make Your Own Font” app, a great way to add a personal touch to anything you may need to write. For example, you could even send an email in your own handwriting!

All you need to do is fill out the alphabet letter by letter (lower and upper case) as well as numbers and symbols. Then you name it, save it, and upload it via Control Panel > Fonts.

The next time you’re drafting something and find that Times New Roman is too formal, you’ll be able to switch to your personalized font instead.

Let us know what you think about this Windows 10 tech tip.  Just reply to this email.  Over the next few weeks, we’ll have more Windows 10 tips for you.


Why Today’s CEOs are Worried About Cybersecurity

July 25th, 2019 by Julie Lough

The top concern for CEOs today isn’t competitors or a recession — it’s cybersecurity. See why this is becoming the biggest challenge for an organization’s top executive.

Why Today’s CEOs are Worried About Cybersecurity

A business’s top executive has plenty on their minds: the potential of a major recession, competitors nipping at their heels and a shortage of talent. However, none of these hot topics are the top concern for US CEOs in 2019 — that banner falls to cybersecurity. When there are so many other issues facing organizations, why is cybersecurity the highest business concern for CEOs? Perhaps part of the issue is the continual cycle of mainstream media coverage of the massive breaches such as Equifax in 2017 that affected millions of individuals and can cost billions of dollars to resolve. It could also be the high-profile challenges that FacebookYahooUnder Armour and Marriott have been facing over the past few years. A recent poll of over 1,400 CEOs and senior executives by The Conference Boardpoints to some of the reasons cybersecurity is a top strategic consideration for CEOs in 2019.

CEO Concerned About Cybersecurity

CEOs Struggling to Find the Right Cybersecurity Leaders

One of the key threats facing today’s CEOs is the ability to adequately resource their cybersecurity teams. This relatively new need is one that is causing a significant shortage in the hiring market, with organizations wrestling with budget requirements for an increasingly-expensive skill set. Unfortunately, the dearth of talent is not just at the executive leadership level, it is also causing IT departments around the country and the world to flounder as they attempt to staff up to meet the growing needs of cybersecurity as well as data compliance requirements. These individuals will be in high demand for the foreseeable future as gaining knowledge about cybersecurity requires time and investment in education. Savvy CEOs and other technology leaders have been growing these skills internally for the last several years, but having a split focus between cybersecurity requirements and their “day job” can quickly cause individuals to fall behind in the ever-changing security landscape.

Keeping Cybersecurity Initiatives in the Limelight

It’s relatively easy for CEOs to keep shorter-term strategies top-of-mind for their executive teams, but there are no quick solutions to enhancing your organization’s cybersecurity. This requires a long-term, focused effort — and resisting the siren songs of short-term gains to ensure that your strategic focus on IT security stays in place. Changes in the economy or in the competitive marketplace may tease CEOs to redirect some of the funds or teams to other parts of the organization, but it’s crucial that top executives stay in tune with the benefits that cybersecurity provides to the organization. In many cases, the changes that need to be made to make your organization more secure will also have payoffs in the efficiency of your operations, too.

Marketplace Perception of a Data Breach

The extremely negative perception and sheer quantity of negative publicity that can come with a data breach are reason enough for CEOs to be overly concerned about the cybersecurity within their organization. It doesn’t take long for smaller, leaner competitors to enter many marketplaces, and these organizations can receive positive publicity if larger organizations are caught up in a breach situation. How the business handles their communication around a massive breach, ransomware or other cybersecurity incidents can be as damaging as the incident itself if the CEO isn’t careful. These situations require a great deal of proactive communication and notification to customers along with the major effort required to evaluate the incident and begin remediation. Without a comprehensive incident response plan in place, the situation becomes that much more difficult for leaders throughout the organization.

Creating a proactive field for cybersecurity does start at the top, which makes it encouraging that CEOs are considering cybersecurity their very top initiative for 2019. As long as this focus on IT security and the value for the business continues strong over the next few years, businesses should be able to prepare adequately to weather this type of storm.


What Is Network Segmentation?

July 25th, 2019 by Julie Lough

What Is Network Segmentation?

Businesses that offer WiFi to their customers or have sensitive data needs should consider network segmentation as a necessary component of their IT solution.

Email User On Segmented Network

With network segmentation, your wireless services are separated into different parts, allowing you to better control access and data flow.

Network segmentation splits your wireless services into different segments or subnetworks. By establishing separate networks, you significantly reduce your company’s security risks.

Instead of putting all your corporate and guest traffic on the same WiFi network, segment the activity to keep sensitive data apart from visitors, reduce risk.

Why?

When devices are connected to the same network, by default they can “talk” to other devices on the same network. That increases the potential for devices to listen to network traffic without any rules or monitoring in place.

The risk is lower if all the devices on your network are trusted and managed by your company. However, you could have a problem when less trustworthy devices are connected, such as guest and visitor smartphones, legacy computers and servers, or employee personal devices.

How Does Network Segmentation Work?

Network segments are designed with their own hardware and only allow credentialed users to access the services. Rules are built into network configurations to determine how devices on subnetworks can connect with each other.

Network segmentation limits the impact if there is a system intrusion by containing the threat within a subnetwork.

What Does a Typical Segmented Network Look Like?

For many small- and medium-sized businesses, there is only a need for a simple, two-subnetwork structure. A corporate subnetwork would be used for company-owned and -managed devices, providing access to the internal company subnetwork and, through a firewall, to the internet.

A guest subnetwork would be built to provide access to the internet only, also through a firewall. It keeps those guest devices disconnected from the corporate subnetwork from the start. Employee-owned devices can also be connected to a guest subnetwork.

Your business, whether it’s a medical practice, retail operation, auto dealership or professional services firm, may want visitors and guests to have WiFi access. It’s an appreciated service for those who need connectivity and do not want to use up their allotted data. If that service is the expectation or norm, you want to make sure it’s done carefully.

What Are the Security Benefits of Network Segmentation?

Security is the primary reason to choose network segmentation. The benefits are considerable

  • Stronger Security Standards. Segmentation allows you to better protect your most sensitive data. With layers of separation among your segmented networks, you’re putting up additional barriers to all users — whether well-intended or not.
  • Slowed Access for Attackers. If there is a breach to one segment of your network, it will be more difficult and take more time for the attacker to reach other parts of your system.
  • Minimized Threat from Outside Devices. Outside devices may have been hacked for the sole purpose of accessing corporate networks when connected. Often hackers install programs that lie dormant until connected to a wireless network. If compromised guest devices are contained within a subnetwork, the impact is minimal.
  • Better Policy Development. Strong network segmentation means your company can better restrict user access. Using a policy of least privilege lets you limit user access to files and systems to only what’s necessary.
  • Limited Damage. Network segmentation lets you reduce any damage inflicted by successful attacks. A breach to a single device within a subnetwork will mean less time and money to repair the damage of a widespread, system-wide assault.
  • Improved Performance. An added benefit of having segmented networks are the performance gains. With fewer devices on each subnetwork, local traffic is minimized and broadcast traffic can be isolated and prioritized.

What’s Needed to Start Network Segmentation?

If your internal IT staff does not have experience with network configuration, it’s a smart move to work with a local managed services provider to complete the project. Your business should do the following in preparation for a segmentation project:

  • Identify your network and data security needs, including the sensitivity of data you use and the business impact of compromised data and system downtime
  • Know where the data you want to keep safe is stored and how they could be separated
  • Determine who needs access to information on your network and limit access to only what is necessary by department or role
  • Identify those who will be responsible for monitoring and maintaining your network. A managed IT services company can do both remotely with net-generation firewall solutions

Network segmentation is a strategic move to keep data protected and accessible only by those who need it.


5 Signs Your Manufacturing Business Can’t Run on Your Existing Technology

July 23rd, 2019 by Tracy Slaugher

Any manufacturer knows quality raw materials are essential to crafting quality products. A woodworking company using cheap materials might save money in the short term, but the quality of their products would lead customers to look elsewhere.

While the technology in the plant isn’t a raw material, it is critical for every aspect of the manufacturing process – from concept to prototyping to production and delivery.

Budget consciousness is understandable for manufacturers but avoiding technology updates can cost you in quality, efficiency, security, safety and competitiveness.

You can end up undercutting your bottom-line the longer you try to keep going with outdated technology.

Software, workstations, servers, switches and cables all need to be kept up-to-date. Over the years technology improves and, as you chose not to stay current, your competitors are taking advantage of improvements in security, efficiency, profitability and customer acquisition.

Technology doesn’t always tell you directly when it needs to be updated. However, it does give you signs. Here are 5 indicators that your technology is hurting your manufacturing business.

1. There are concerns with quality and service

Even if the solution isn’t obvious, existing technology (or lack thereof) is very likely behind issues with your quality and service delivery. If there was a technology that reduced waste, made your customers happy enough to keep coming back and decreased your overhead, wouldn’t you want it? That’s exactly what updating your technology does. With quality and service concerns, technology is the most likely solution.

2. You’re stuck

When your technology hinders your growth and expansion, it’s better to act on it sooner rather than later. For example, if you are adding a new line of business and your existing software can’t accommodate it, you’ll need a new line-of-business application. It’s not always obvious what’s creating a roadblock. You might believe you can’t add more workstations because they’re all running slow and you think you’ve used up your bandwidth, when the reality is your workstations are outdated or your cabling is only allowing 1/10 of what updated cables could. If you’re stuck, bring in experts.

3. You can’t handle anything out of the ordinary

Oftentimes, it seems your technology is working just fine until you get an unusual order or have to do something out of the ordinary. For example, your order processing system’s business applications might process regular orders just fine, but struggle with unusual or exceptional ones. This is a strong indicator that your technology is not working for you.

4. Slow Speeds

Slow speeds are a chief indicator that your technology is dated and not working effectively for you. In manufacturing, where time is everything, your data needs to be processed at the same speed as your competitors. You might have switches that are slowing the flow of information, overcrowded servers, dated line-of-business applications or workstations or any number of issues causing slow speed. Speed is subjective, but with technology today it’s fair to say that if the speed of yours reminds you of the ’90s, it needs to be addressed.

5. You’re using Excel spreadsheets

Using spreadsheets and documents for order processing, tracking and creating reports is a sign you’ve outgrown your line-of-business application. Ideally, you’re using zero spreadsheets. One or two as an exception is tolerable, but any more than that is a red flag. A problem with manual processes is this: one data-entry error can have your company ordering 100,000 units of material instead of 10,000. Another is that these manual processes are tedious for your workforce and an inefficient time drain. There is likely more current technology that can automate these processes and reports for you.

Properly Planning Your New System

The direction you take with your technology depends on your goals and where you want to see your manufacturing business in the next 5 to 10 years. We recommend a managed IT services provider with specific manufacturing company experience, like Micro Visions.

Micro Visions can audit your existing technology, identify trouble spots and work within your budget to create a custom roadmap to:

  • Increase the speed of your information flow
  • Gain data accuracy
  • Leverage automation and reduce manual processes
  • Gain deeper insights and analytics
  • Enhance quality control
  • Acquire new lines of business
  • Expand your footprint
  • Increase efficiency

Ready to start building a strategic roadmap for your manufacturing company? Contact us online or call (616) 776-0400.