Nobody Gets Fired For Investing in Security

In the early days of business computing, the industry catch phrase was “Nobody ever got fired for buying IBM.” During a time of rapid innovation and before there were industry standards to ensure interoperability, even if IBM didn’t have the best technological solution, it was a safe investment. Times have changed and IBM has changed its focus, but the catch phrase is often applied to new technologies, especially security. As business depends more and more on higher levels of digital information and internet connections, no one ever gets fired for having security that is too good…but plenty of people get fired for having security that isn’t good enough. Unfortunately, many don’t realize they have security blind spots until it’s too late. Read more

How Could You Let This Happen?

Those are words we never want to hear, no matter what the situation. Something undesirable has happened, we were expected to have prevented it, but it happened. By the time the question is being asked, there isn’t much to do except damage control.

When it comes to information security, sadly, this question is asked all too frequently. Attackers continue to refine their skills while, at the same time, more and more aspects of business are being digitized and moved online. If you don’t have a robust and constantly improving security posture, sooner or later you’re going to hear those words directed at you.

In the previous blog post, Make vs. Buy, we discussed the economic tradeoffs of investing in internal expertise versus leveraging external expertise. Maintaining effective information security is like running on a treadmill that doesn’t have a stop button; if you aren’t constantly moving forward it’s going to get ugly real fast. Staying up to date on the latest security trends, vulnerabilities, and solutions is a full-time job, and when you factor in PCs, phones, servers, networking gear, and other technologies, more than just one person can handle.

Read more

Seamless Cybersecurity & Two Emerging Threats

For most businesses, the pandemic has been a rush of implementing new policies and procedures while at the same time, trying to keep end-user Cybersecurity fortifications intact. Organizations that acted early following the shelter-in-place safety procedures are still focusing on maintaining or improving their Cybersecurity needs.

Most users can work from home and many have implemented tools to allow for a remote workforce. Many firms are adding collaboration tools to their remote strategy, with the hope of improving teamwork and collaboration more efficiently. However, this new workflow and new tools can expose your business to additional risks.

At Clare Computer Solutions we have uncovered at least two troubling new trends to keep an eye on:

Read more

Four Risks to Consider with VPN Deployments

With the sudden and rushed deployment of Virtual Private Network (VPN) services to further support new remote workers, many companies are discovering firsthand, the struggles of implementing a VPN into their network. Without the needed experience, the configuration can leave your network, endpoints, and data vulnerable to attack.

Proper implementation, ongoing management and monitoring of this device is the key to success. Clare has been assisting clients with implementing new solutions for over 30-years. Our approach is to assure your business objectives are addressed while highlighting potential risks and vulnerabilities. We will review the overall network architecture to identify and address potential access control concerns, issues of scaling and load challenges, authentication concerns, and, finally, endpoint protection as part of our design discussions. A thorough implementation will ensure a successful and secure VPN solution. Read more

Average Ransomware Payment Rises Again

COVID-19 continues to create opportunities for the bad actors to wreak havoc. In this week’s blog we discuss the latest security concerns created by the COVID-19 pandemic, specifically around Ransomware. This quarter saw a 33% increase in ransom from Q1 2020, with average payment requirement of $111K! It’s the seventh straight quarter that system hijackers have reaped more money and shows that this security breach continues to grow. Compare this to the previous numbers we shared in which the average ransom in Q4 2019 had increased from $84,116 reflecting a staggering increase from $41,198 in Q4 2018. Read more