Secure Now, or Pay Later: “Collection #1” Data Breach Reports 773 Million Personal Records

A developing story regarding one of, if not the largest data breach dump of all time. Deemed “Collection #1” for its collated structure. Collection #1 was a series of data dumps from over 2,000 databases, and this data breach hits close to home. After being alerted early Saturday, January 19th, 2019, I noticed an odd email forward from a website I’d never seen or heard of, alerted me that an older personal email and password was compromised. Taking this notice, we’ve used our experts to dig deeper into the Collection #1 data breach.

By starting with the raw-data first, Collection #1 is a set of email addresses and passwords that have totaled 2,692,818,238 rows, of spreadsheets, with decrypted passwords. Made up of several smaller breaches organizations, forums, social platforms make up the varying sources. In total, the data creates 1,160,253,228 unique combinations for emails and passwords. (emails are NOT case sensitive) It should be noted, 772,904,991 unique emails and 21,222,975 other personal data records were released on the dark web on Friday, January 18th, 2019.

Origins of this Data

To further heighten the stakes, with the original documentation pictured above, we can see hackers are neatly formatting their data-dumps, and this shows the delimited text formats (commas, semicolons, syntax) further proving the original origin of this data. Posted late last week on the popular dark web service MEGA, over 12,000 separate files were collected, totaling 87GB of data that has since been removed from the dark web site. Referencing the image below, the expanded view shows the file listing and the many alleged sources. (it’s very difficult to discover the source of data breach information)
Clare Computer Solutions MSSP Managed Security Service
What I can say, is I checked, and verified my own personal data, though it was inaccurate, it was credentials, that I personally used several years ago. Like many of you reading this, I’ve bared witness to my data being in these breaches and although it’s always outdated credentials it still provides me with a sense of dismay, though I know it’s not personal.

How “Hashed Passwords” are Used in Hacking

As I’ve mentioned, there was a mix of “hashed” and “de-hashed” passwords that were cracked, and output to plain-text. These massive files are used with automation tools to resplendently attempt numerous credentials. For an example, if you head over to HIBP, and you enter the word “P@assw0rd” it will return the password as being cracked or broken 51,000 times, so this is obviously ill-advised though it meets common password standards, like upper case, lower case, number, and 8 characters long.

So, What’s at risk here?

In short, if you’re involved in this data breach, many of your passwords could already be compromised, in this case, used for credential stuffing. Credential stuffing is the process of automated injection of breaches usernames, emails and password pairs to gain fraudulent access to your accounts, once reporting with access, they leverage this same list across banking, emails, and website servers.

The cold reality of this situation is 140 million emails were taken with 21 million in passwords not already disclosed or discovered. My hope is that many will be prompted to broaden their security posture and look past the basic steps in password difficulty. There is something big to take away from all these breaches occurring. Two-step verification could prevent access to many business’ vital applications that are now being moved to the cloud or online.

To learn more about the launch of our latest security initiatives, head over to our Managed Security Services page, to learn the latest technology used to combat cyber attacks in for small to medium business. Providing greater uptime maximization, and peach of mind through fully securing your network.

Remote Desktop Protocol clare computer solutions IT services protection,

Ready to Ditch the Protocol? Reasons to End Remote Desktop Protocol

Remote Desktop Protocol (RDP)has been known to IT professionals for years, added into our arsenal since the original release with Windows NT 4.0. This provided the technical people the ability to treat any system or task as though it were local. Before we go further, it’s worth noting most Ransomware attacks occur through the open-ports in your network. These ports are what leadership sometimes use to remote into a work machine. You’re internal IT uses this to assist in taking control of your work PC to troubleshoot a problem.

Quickly, the productivity tool was adopted, widely seen by many as an initial attack vector. From a security standpoint, any software or program that takes remote control of your PC is worth of severe scrutiny. In the wrong hands, RDPs can assist cybercriminals in deactivating device’s in the organization’s network, concerning endpoint protection, and deliver nasty payloads of malware.

Using a publicly accessible Remote Desktop Protocol session to reach systems creates major concerns surrounding your network vulnerability. Public sessions are targets, with cybercriminals discovering new ways of conducting port and IP sweeps. According to Tyler Moffit, Webroot’s Senior Threat Analyst and partner “It’s a matter of when not if.

Recent reports suggest the state of banking security as half of all banks in the SF Bay Area have left remote access and control interfaces like Remote Desktop Protocol, openly accessible from the internet. Shocking finding for many in an industry built on securing customer information.

Turning Remote Desktop Protocol into an Attack Vector

Although most cyber attacks are from the results of lateral movement through your IT network, malicious payloads will spread between each system, fully compromising and stealing each PCs data. By adding pubic accessible Remote Desktop Protocol, you compromise those with weak credentials, using password breakers to easily accomplish these lateral movements, from user to user.

With four high-level options for securing your environment, and managing them with more security:

  1. Consider eliminating the Remote Desktop Protocol access by changing the default TCP ports and leveraging a virtualized network, or VLANs to critical systems. A more secure option would be to block all RDP connections through none whitelisted IPs. Additional solutions are available when it comes to logon monitoring and activity summaries with heightened visibility utilizing multi-factor authentication.
  2. Secure all systems and endpoints first, with solution designs to monitor and remedy any network anomalies. Similar to that of an RDP session from other workstations and notify your technical team or leadership.
  3. Utilize paid encryption Solutions for remoting into work systems. Some of the most popular remote solutions are TeamViewer, LogMeIn, and Screen connect all companies through encrypted connections to release communications as need.

Ready to Ditch the Remote Desktop Protocol?

With security threats and attack vectors mounting, remote desktop options are out there, and your Managed Service Provider or IT Consultant should be attending to the major attack vector. Companies must begin to recognize the security dangers across their network, and how to best leverage their current technology investments. Paired with our award-winning suite of solutions, better secure the access to RDP, the data, or black all remote sessions until further notice, per security posture.

To learn more about what Managed IT Support can do in terms of your networks RDP, contact us today to get started in discovering network vulnerabilities, the criminals will leverage.

SMB cybersecurity practices clare computer solutions

Uncovering the Gaps: 7 Proactive Cybersecurity Best Practices for Bay Area Businesses

For businesses, the traditional approach towards cyber security is focused on defending against threats, and prevention. As criminals become bolder, and tactics grow in sophistication, defense and prevention aren’t enough. “Over 80% of businesses are looking for third-party help with cybersecurity,” according to Webroot’s 2018 Report. By following these practices, you can securely position your company from a secure-data standpoint.

  1. Focus on Risk – Instead of achieving a 100% fully-secured business, shift the conversation towards how much risk to a business, and it’s data, each employee’s faces. Come to terms with the idea “100% Secured” is unattainable. Cybercriminals can and will always find new ways to attack. By implementing cybersecurity metrics that track logs and security patching. By uncovering how many applications lack the latest security patching, your team can uncover any security vulnerabilities that have not been addressed.
  2. Prioritize the Data – Each business has that information, that remains at risk. For many of your businesses, it would be employee health records, customer information, bank routing numbers. This sensitive data should get the highest level of security. This ensures a harder time for hackers to access info, and work to educate employees on protecting these valuable assets.
  3. Cyber Clean-Up – It’s always good practice to stay vigilant about security maintenance, to prevent commonly overlooked threats, such as ransomware, and phishing attacks. These “housekeeping” tasks are typically strengthening endpoint security, administrative rights for hardware access, and folder structure, schedule and automate patching roll-ups, data backups, and overall response planning in preparation of an event.
  4. Security Stand Out – While it’s obvious for most business to leverage security as a differentiator, it might be less clear for employees, who interact with multiple businesses each day. From financial firms to outsourced HR, or even healthcare, all of them require strong security, to protect employee data or their clients.
  5. Regulatory Churn – New regulations, such as Europe’s recently released, General Data Protection Regulation (GDPR) often cause concerns for businesses based in the United States, but selling in Europe. Businesses are told to comply but lack the tools and know-how to bring systems, and processes to standards. Compliance managers were force-fed regulations, in hopes to determine how best to position the tools and services needed. As a trusted IT service partner, we assist companies in the discovery, and remediation of non-compliant networks to meet business needs, and compliance standard, making for great security.
  6. Boosting Security Expertise – With a threat landscape, similar to that of the wild west, cybersecurity must change with it. Shrouded in secrecy, the threat landscape has never been more open to knowledge sharing. If your company doesn’t have the time to research the specific threats linked to your business, maybe it’s time to meet with us or attend an awesome cybersecurity event.
  7. Build a Culture – Due to the constant threat of cyber attacks, security awareness training should employ best-of industry security habits, such as password changes, encrypting mobile devices, and avoiding public Wi-Fi, when accessing sensitive data. It’s ok to work while on-the-go but use a VPN, or a remote desktop receiver with 2-factor authentication.

Something most businesses lack and your competition forgot about. Win more business and increase your bottom line, by keeping network uptime maxed, and efficiency within your processes intact. Realize the Power of Technology with the help of a trusted IT service provider. Contact us to begin an uncovering the gaps in your cybersecurity today.

bay area disaster recovery and business continuity solutions

Managed Service Provider Best Practices for Protecting Your Employees

Cybercrimes are reaching all-time highs, with many organizations being hit with at least one of the 230,000 attacks that occurred in 2017. As a Managed Service Provider, it’s our job to make security a priory for clients in 2018. By following 3 simple best-practices, we use to begin protecting NetCentral Partners. Built to enhance MSP security, mitigate client risk, and grow your revenue.

User Education

Effective anti-virus is essential to keeping your business protected, but it’s simply not enough. With increased risks and social engineering, many have found the need for user education as a major objective for 2019. By educating end-users through security awareness training can reduce the cost of infection or data breaches. These tactics have evolved, and are beginning to target businesses through social engineering, and the favorite method for delivering an attack.

Common Social Engineering Includes:

  • Typically, an email from a trusted friend, contact, or colleague, whose account has been compromised. The message will usually have a URL link to open or download, and invoice or website.
  • Phishing emails, comments, or text messages luring readers to confirm the legitimacy of your accounts. These are usually fake email vendor emails that have been spoofed or recreated by these criminals.
  • Fraudsters are more common in major business cities like San Francisco, Oakland, San Jose, California. These criminals leave USB or zip-drives around the company’s premises, in hopes a curious employee takes it. Hoping a curious employee will insert the temporary storage it into a computer providing access to company and personal data that is saved on your systems.

These attacks are usually devised through relevant and timely education can minimize your exposure to breaches caused by user error. By training our partners and clients on social engineering, and other tactics including ransomware, email passwords or data protection, you assist in fostering the behavior with which you wish to see across your organization.

Backup & Disaster Recovery Plans

Your IT support team should always stress the importance of backups and creating a disaster recovery plan, with regular testing of each asset. If hit with ransomware, without a secure backup, businesses face the intended ultimatum. To pay the ransom and risk the money or lose countless amounts of company data.

We’ve continued to offer our clients options to fit their network, with automated cloud-based backups and physical appliances for any company’s data retention policies to avoid encryption. With access to data anywhere at any time, the best form of proactive support comes with the industry knowledge gained from building business continuity plans.

Things to Consider:

  • Who declares the disaster?
  • How are employees informed?
  • How will you communicate with customers?

The secret to building the perfect disaster recovery plan for your business comes after the plan is implemented. The most common failure point for many businesses before NetCentral support is a failure to test a backup solution. Then a small-scale disaster or accident occurs, and your business can’t restore its data. Imagine the loss of business financials, intellectual property, client data. Insurance won’t pay you for lost information, and your disaster recovery plan is the only thing between business risk and your employees. Once a plan has been implemented and adopted by the staff, it’s important to develop your process.

Patch Management

Patch Management continues to be one of the largest areas of vulnerability for businesses with more than 2 “production” servers. Most updates are security related and should be updated as needed. Outdated technology, including an operating system (OS) or Java, are common exploits in several of this year’s largest cyber attacks. By staying atop of operating system updates, you prevent your business from learning a “very costly lesson.” A great example, of this, was back in 2017, with Windows 10. Win10 initially only marked 15% of malware files, while Windows 7 machines saw over 63% according to Webroot’s 2018 Threat Report.

Patching Process

Your patching process should feel like “a never-ending cycle,” of auditing existing systems to generate a complete inventory of all your production systems, their standardization, and operating systems and applications. By building these standards with a trusted IT support team, your patching process will become easier. Through the classification of vulnerabilities, higher priorities can be remedied, while lower vulnerabilities begin to be automated, never disrupting your workday again.

By following these best practices, your business can begin thinking like an MSP. This will ensure the safety of your business, but also securing customer data. Business owners looking to scale operations should be looking to align business objectives, with an MSP that focuses on your IT experience, if you’re in need of IT Support and Services, we can help! Contact us, to begin talking about your IT stance.

3 MSP Best Practices for Protecting Your Users

Cybercrimes are reaching all-time highs, with many organizations being hit with at least one of the 230,000 attacks that occurred in 2017. As a Managed Service Provider, it’s our job to make security a priory for clients in 2018. By following 3 simple best-practices, we use to begin protecting NetCentral Partners. Built to enhance MSP security, mitigate client risk, and grow your revenue.

User Education

Effective anti-virus is essential to keeping your business protected, but it’s simply not enough. With increased risks and social engineering, many have found the need for user education as a major objective for 2019. By educating end-users through security awareness training can reduce the cost of infection or data breaches. These tactics have evolved, and are beginning to target businesses through social engineering, and the favorite method for delivering an attack.

Common Social Engineering Includes:

–  Typically, an email from a trusted friend, contact, or colleague, whose account has been compromised. The message will usually have a URL link to open or download, and invoice or website.

–  Phishing emails, comments, or text messages luring readers to confirm the legitimacy of your accounts. These are usually fake email vendor emails that have been spoofed or recreated by these criminals.

–  Fraudsters are more common in major business cities like San Francisco, Oakland, San Jose, California. These criminals leave USB or zip-drives around the company’s premises, in hopes a curious employee takes it. Hoping a curious employee will insert the temporary storage it into a computer providing access to company and personal data that is saved on your systems.

These attacks are usually devised through relevant and timely education can minimize your exposure to breaches caused by user error. By training our partners and clients on social engineering, and other tactics including ransomware, email passwords or data protection, you assist in fostering the behavior with which you wish to see across your organization.

Backup & Disaster Recovery Plans

Your IT support team should always stress the importance of backups and creating a disaster recovery plan, with regular testing of each asset. If hit with ransomware, without a secure backup, businesses face the intended ultimatum. To pay the ransom and risk the money or lose countless amounts of company data.

We’ve continued to offer our clients options to fit their network, with automated cloud-based backups and physical appliances for any company’s data retention policies to avoid encryption. With access to data anywhere at any time, the best form of proactive support comes with the industry knowledge gained from building business continuity plans.

Things to Consider:

–  Who declares the disaster?

–  How are employees informed?

–  How will you communicate with customers?

The secret to building the perfect disaster recovery plan for your business comes after the plan is implemented. The most common failure point for many businesses before NetCentral support is a failure to test a backup solution. Then a small-scale disaster or accident occurs, and your business can’t restore its data. Imagine the loss of business financials, intellectual property, client data. Insurance won’t pay you for lost information, and your disaster recovery plan is the only thing between business risk and your employees. Once a plan has been implemented and adopted by the staff, it’s important to develop your process.

Patch Management

Patch Management continues to be one of the largest areas of vulnerability for businesses with more than 2 “production” servers. Most updates are security related and should be updated as needed. Outdated technology, including an operating system (OS) or Java, are common exploits in several of this year’s largest cyberattacks. By staying atop of operating system updates, you prevent your business from learning a “very costly lesson.” A great example, of this, was back in 2017, with Windows 10. Win10 initially only marked 15% of malware files, while Windows 7 machines saw over 63% according to Webroot’s 2018 Threat Report.

Patching Process

Your patching process should feel like “a never-ending cycle,” of auditing existing systems to generate a complete inventory of all your production systems, their standardization, and operating systems and applications. By building these standards with a trusted IT support team, your patching process will become easier. Through the classification of vulnerabilities, higher priorities can be remedied, while lower vulnerabilities begin to be automated, never disrupting your workday again.

By following these best practices, your business can begin thinking like an MSP. This will ensure the safety of your business, but also securing customer data. Business owners looking to scale operations should be looking to align business objectives, with an MSP that focuses on your IT experience, if you’re in need of IT Support and Services, we can help! Contact us, to begin talking about your IT stance.

Empowering Executives with Integrations for the Technology You Love

For many CIOs and COOs, the process of technology continues to be a top priority for many come 2019. As a major headache, businesses are increasing their cloud investments to move forward with digital transformation efforts were then faced with the massive undertaking of getting multiple resources connected for a seamless user experience.

Many of the local SMBs have found a lack of competency in many smaller providers, with stitching together applications and services to make up your current IT environments. It’s these environments that will increasingly become more-hybrid. With a large mix of on-premises equipment dispersed across various sites, public and private continue to muddy the waters.

As part of the many businesses moving towards a digital transformation, IoT (Internet of Things) has entered further cluttering device options and platforms that can begin to optimize your operations. As many begin with 2019 initiatives, that will further bring-on greater levels of complexity. As a result, many local business owners have identified this gap and began to address this in their technology plans.

Digital Initiatives
As many CEOs begin cracking down according to the latest “State of the CIO 2018” report, IDGs. This continues to add pressure on the organization. As one of the most experienced MSPs in the SF Bay Area, we continued to rapidly innovate, enhance your speed-to-market and greater your customers experience with your business.

By assessing your existing investments in equipment and resources to better determine what new investments need to be made, when achieving technology goals. The digital transformation many businesses are undergoing isn’t exclusively about new technology, but instead, deciphering what makes sense to retain and what needs to be integrated for legacy applications and services, it’s more of a comprehensive assessment.

With all this in mind, we offer CIO’s and COO’s a range of services to further assist in the development of these transformative plans. In our experience, these three components continue to best assist companies in their digital future.

  1. Assessments & Planning – As you begin launching digital initiatives the need to measure twice, cut once an be a great undertaking for several businesses. Involving a review of current architecture, and bandwidth demands of these assets require greater discovery and review to determine a solution that’s right for your business.
  2. Execution – Once planning and alignment are finished, technology providers assist in multiple ways to execute this vision. It takes an IT Expert to match workloads to platforms with optimization in mind, followed by the task of creating a truly digital ecosystem where your business network can be secured and managed successfully by a business that’s done it for over 30 years.
  3. Follow Through – With experience gained through time, we continue to see clients with a lack of talent and expertise in these fields. To fully integrate technology, it requires businesses to either hire someone full-time or outsource to an MSP. As your business continues to propel further towards a more connected network, how does a business keep all of this secure, and up-to-date?

Section 179 Makes Most of Our IT Products 100% Tax Deductible

2018 section 179 tax deduction write off clare computer solutions IT support leader SF Bay area

Many of our clients, rely on this tax incentive each year, to provide them with the ability to purchase or update the technology that runs their business. Utilized by many for licensing, software packages, servers, routers, and switches, many of our clients have leveraged Section 179 as an invaluable asset for the innovation and management of their network infrastructure

Below is an overview of the section 179 tax-incentive for 2018 include deduction limits, and bonus depreciation. Originally used by innovators and investors to further the(their) businesses technology goals, many of our clients rely on this credit for the larger items in their technology scope.

2018 Deduction Limit = $1,000,000 (one million dollars)
The initial deduction is good for purchasing new technology equipment or off-the-shelf software. To take the deduction successfully in 2018, the equipment must be purchased or financed and put into service between January 1, 2018, and December 31st, 2018.

2018 Spending Cap on equipment purchases = $2,500,000
The maximum amount that can be spent on equipment, before the small business tax incentive is affected, is $2.5 Million to $3.5 Million. Most businesses looking to qualify for the tax-incentive doing $2.5 Million in technology spending, don’t meet the needs of a small business.

Bonus Depreciation: 100% for 2018
An additional bonus to close-out the year-end budgeting for 2018, bonus depreciation is generally taken from the spending cap that a business reaches and is available for both new and used equipment.

What’s the Section 179 Deduction?

Most small to medium-sized businesses in the San Francisco Bay Area think the Section 179 Tax Deduction is some mysterious or complicated tax code that you’ll need an accounting or financial firm to clear. Essentially, Section 179 is the IRS tax-code allowing businesses to deduct the full purchasing price of qualifying equipment and/or software purchased or financed during the tax year. This incentive was created to encourage businesses to invest in themselves and update vulnerable technology.

Currently, Section 179 is one of the few incentives available to small and medium-sized businesses. Large businesses also benefit from Section 179 for Bonus Depreciation. Join the millions of SMBs that have begun taking action and get your team real benefits.

Here’s How Section 179 works:

In the past, businesses would purchase IT equipment, typically writing-off some through depreciation. While this writes off was better, it wouldn’t be until 2018 that the government would include the write-off of all qualified equipment purchases for the same year your IT equipment was purchased. Making a big splash so far, many of the companies looking to move to the cloud or replace an older exchange server would qualify to write-off on the 2018 Tax Return up to $1 million.

Limits of Section 179

  • 2018 Cap to the total amount of write-offs is $1 Million
  • Amount of technology equipment purchased $2.5 Million
  • Dedication phases-out on a dollar-for-dollar basis after $2.5 Million is incurred and goes away at $3.5 Million.

Who Qualifies for Section 179?

Businesses looking to purchase, finance, or lease new or used business equipment during the 2018 tax-year qualify. Most of the tangible goods purchased through Section 179 and must be placed into service no later than December 31, 2018.

If your business is looking for ways to save on technology spending, look no further. With over 30 years of experience serving the San Francisco Bay Area, our seasoned staff knows just how to get you the technology you need. If you wish to price it out, visit the Section 179 Calculator.

Not sure what you might need? Sourcing-out gaining desktops or mail-servers are always at the top of an SMBs list. If you need assistance in discovering and identifying technologies that could benefit your business, contact us today to speak with one of our many experts.

Applying Our Award-Winning MSP Process to Your Security Framework

Every week, I’m sure your inbox becomes bombarded by the daily news alerts regarding the dangers of hacking attack, phishing attempts, and data breaches. The rapidly-evolving landscape poses major challenges for companies today, by establishing or updating your security framework.

Information and technology managers are especially concerned about gaps created in security system controls, and processes. These will begin your ongoing shortages of resources and expertise needed to protect information or stick to compliance. Your industry and business will begin to dictate your approach to advancing your security posture. Given the scope of this problem, your security team is uncertain where to begin and how to proceed.

Begin taking a phased approach to your cybersecurity systems. Plug the most important security gaps first, following the later when timing and process are flushed-out. Typically, security gaps are created when assumptions are made surrounding your IT network, as these new threat vectors emerge as soon as updates are rolled out.

Security Is More of a Journey

Typically, companies push security initiatives through, with no real destination in sight, so it wouldn’t be likely, every gap can’t be solved at once. For this reason, it’s best to begin revisiting your security framework, and any pressing risks or vulnerabilities. This better aligns our comprehensive security platforms better, over time. Begin focusing efforts around securing the most important aspect of your business, for some companies that are patient safety, for others, it’s privacy or monetary funds. By creating what is important, IT companies like ourselves can assist better in the threats haunting your business. It Starts with a reference point, and if you don’t have any security framework, or are unsure, it can usually be found by asking your IT manager, or the resident computer guy.

Getting cybersecurity right requires extensive experience, with a multitude of business models. Hackers are always looking for ways to generate some form of social engineering, to take advantage of our emotions. I get robot-dialers calling my cell phone all the time, with fake stories about a prince, needing my help. By following this framework, business leaders can evaluate the current and future state of business cybersecurity.

There will always be social engineering, hackers and sneaky back-door entries to software. As a result, no matter the stance on cybersecurity, it’s essential to your business to begin training the members in your organization and contribute to stopping the spread of these threats. As people will always be the weakest link when scrutinizing your cybersecurity.

Sharing the knowledge, we’ve gleaned from over 30 years in IT support and consulting services the best way to defend against the constant threat of cyber attacks for our managed service clients, is with a phased approach, built from alignment and cohesion of your strategic plan, and our knowledge.

To further understand what your security framework could be, or to have any questions answered, contact us today to get started.