All Posts By

Winston

Wi-Fi KRACK

By | Uncategorized | No Comments

Wi-Fi Key Reinstallation Attack (KRACK) and Its Potential Effects on IT Companies in Ottawa

All Ottawa computer services users, should be aware of a vulnerability found within the
Wi-Fi protocol. Revealed in a paper published on October 19th 2017, this vendor-neutral
attack, which affects most if not all Ottawa IT companies and computer services users in
Ottawa, should update all Wi-Fi capable devices. Below is a short list of FAQs about the
attack, it’s potential for damage and security tips for end users.

What is KRACK ?

KRACK in it’s most basic terms, is an attack where a copy of what is supposed to be a
unique cryptographic key is given to a second user(an attacker). They can then use this
key to decrypt your encrypted traffic while it travels across a Wi-Fi network. The
implications of this on Ottawa IT companies and users of computer services in Ottawa
are of high severity.

What does this mean?

It means you can not trust Wi-Fi networks. Unless you know your devices have been patched
or you have other secure protocols in use (which will be discussed below), you should not
send out any sensitive information across a Wi-Fi network. Ottawa IT companies should
inform their staff and users of their computer services in Ottawa to treat all Wi-Fi networks
as if they were open Wi-Fi networks.

Will changing my password help?

Nope. The reason this attack is creating such a stir is because it is the first successful
attack against WPA2, that is not just password guessing. It is an attack against the protocol
and not a weak password, which is unprecedented.

Is there anything I can do to fix this?

Yes there is. follow this link (https://github.com/kristate/krackinfo#vendor-response-complete),
and see if the vendor(s) of your device(s) have issued a patch, then install the patch.

My vendor has not issued a patch, what can I do while I wait?

There are a few things you can do to make sure your transmissions are safe:

  1. Ensure that you are using HTTPS instead of HTTP. You can do this by checking to see if
    there is a lock icon in the URL bar in you web browser. This is a good idea when online in general. All Ottawa companies IT service providers should inform clients and their staff about HTTPS
    through end-user awareness training or security bulletins.
  2. If you are running Firefox, Chrome or Opera, there is an extension you can download
    from the Electronic Frontier Foundation, called HTTPS Everywhere. HTTPS Everywhere
    establishes a HTTPS connection with a website if they have the capability to do so.
    Although it can not establish HTTPS communications with all websites, it is better to
    have it installed than to not have it installed.
  3. Using a virtual private network solution like OpenVPN, so you can browse the internet
    securely and anonymously.

All Ottawa companies need to address this issue, whether it be for their own data
confidentiality, or that of their clients. Ottawa companies using IT, especially those using
wireless networking in any way, shape or form, need to ensure that they are doing everything
within their power to not fall victim to this attack.

Social Engineering

By | Uncategorized | No Comments

Social Engineering and the Dangers It Poses For IT Companies in Ottawa.

While most of the users of computer services in Ottawa are aware of the technical
expertise that hackers possess to gain unauthorised access to a device or network,
not many are aware of their capabilities in hacking people. Social engineering
is considered a powerful tool within the cyber security sector. IT companies in
Ottawa as well as users of computer services in Ottawa, need to understand that attackers
are trying to manipulate people as much as systems and protocols to gain access to
their data.

Social engineers are essentially con artists, with extraordinary skills in getting
an unwitting target to give information or perform tasks to meet their malicious needs.
With social engineering in their arsenal, attackers not only challenge technical
security solutions, but use human nature for their own advantage. Which means that
social engineers pose a significant threat to the security posture of IT companies
In Ottawa. Below are 3 examples of social engineering tactics that can be used against
a member of staff. This is not a comprehensive list, and some recommendations for
further reading on the subject will be presented at the end of this article.

Authority: In this method, the social engineer pretends to be a person of authority
within the company, to get the target to perform a task for them. They may act aggressively
towards the staff member, suggesting that they may lose their job if they do not
comply. They may also act kind, suggesting that a promotion consideration might
be on offer to them if they complete this task.

Sympathy: The social engineer present themselves as someone in the company who needs
help with a problem. They may act as though they are under extreme pressure from their
superior to complete a job and a problem such as computer issues is preventing them from
doing so. They will then ask the target staff member to complete the job on their behalf,
giving them guidance on completing the task.

Friendly: This method can be used for developing longer lasting relationships which the
social engineer can leverage on more than one occasion. The social engineer will present
themselves as a friendly and trustworthy person, establishing a camaraderie between
themselves and the target. The first few interactions might be innocuous to develop
the relationship. Eventually the attacker will “need a favour”, the target will do it
without question, believing the attacker is their trustworthy friend.

IT Companies in Ottawa and users of computer services in Ottawa should understand that
there are no technical solutions for social engineering. The only solution is being
informed. A great starting point for information on social engineering are the books
the Art of Deception and the Art of Intrusion by Kevin Mitnick, a prolific hacker and
social engineer during the 1980s and 90s. These books are not an awareness solution
though, and are therefore not a substitution for regular end-user awareness training.

Password Policies

By | Uncategorized | No Comments

NIST & Passwords – What American Standards Can Provide to Companies in Ottawa.

Ottawa IT companies will be required to report data breaches or face fines on top
of a loss of the public’s trust in the computer services they are providing. If
you are a business in Ottawa using one of the many IT companies in Ottawa, are
responsible for computer services in Ottawa or are subject to PIPEDA regulation,
you should start looking in to NIST standards for computer security.

Below is an explanation of some of the NIST SP 800-63B-3 guidelines for passwords
released in June 2017. NIST recommendations are in accordance with FISMA regulation,
so they are US Federal agency standards. They are also the standard reference for
enterprises offering services where Personally Identifiable Information will be handled.
Meaning that they can help Ottawa computer services users and IT companies in Ottawa
keep their information as secure as possible

Password Length: NIST recommend that if the password “is chosen by the subscriber”,
it must be at least 8 characters long. Since the publication of these standards.
Norwegian company, Stricture Consulting Group, built a 5-server system utilising 25
AMD Radeon Graphics cards and programmed to behave like a single desktop computer, to
bring the time to crack an 8-character password from 83.5 days down to just 5.5 hours.
As infeasible and impractical for a potential attacker to have such capabilities, it is
not impossible. If you used a 10-character password, it would take this system over 5
years to crack it.

Complexity: It is recommended that you use upper and lower-case letters, numbers and
punctuation characters. If the attacker was to figure out that your password consisted
of just numbers and lower-case letters, it significantly reduces the amount of time it
would take to crack your passwords .

Hints: Hints that an unauthorised user can access, should never be used. This not only
applies to hints displayed at the log on screen, but to hand-written copies of hints, or
worse, passwords. The first stages of planning an attack involve gathering as much
information as possible. Dumpster diving and shoulder surfing are often lucrative steps
performed during this phase of an attack. Most pen testers out there will tell you that
when performing a black-box pen test, information gathering, research and reconnaissance
are the most valuable activities to the process.

Changing passwords: Changing passwords regularly seems like a good idea, but with all
the confusion it can generate it does more harm than good. NIST are aware of this and
under the standard, it is only necessary to change a password if there is an indication
of a password being compromised.

With implementation of just these 4 simple considerations from the NIST SP 800-63B-3
standard, IT companies in Ottawa can be certain that it will strengthen their overall
IT security posture, and help provide clients of their computer services in Ottawa
peace of mind that their data is as safe as possible.

Linux Distros

By | Uncategorized | No Comments

Linux Distributions and How They Can Reduce Costs for Ottawa IT Companies

Clients of Ottawa computer services providers should be aware of the Linux Kernel
and the distributions (distros) based on it. Ottawa IT companies are bound to know
about it considering anywhere from 36 – 96% of public facing servers use it.
While Microsoft’s Windows and Apple’s Mac OS offerings would be familiar to most
desktop users, Linux distros seem to not be in the general public consciousness.
Which is a surprising thought considering there is a high chance that Ottawa IT
Companies and clients of Ottawa computer services utilize the Linux Kernel
everyday in the form of Android OS. Linux, including Android, runs on just shy of
40% of devices globally.

The great news for IT companies in Ottawa about Linux is if it is not free it costs a
fraction of the price of proprietary operating systems. As an added bonus open
source alternatives to proprietary applications such as Microsoft Office are usually
free as well, making it attractive to users of computer services in Ottawa. Below
is a brief explanation of 3 distributions that will help Ottawa IT companies to
decide if Linux is the right choice for them.

Ubuntu: Ubuntu is usually the first Linux distro mentioned when somebody enquires
about Linux, and with good reason. It is one of the more accessible distros for
novice users, but also has the power that experienced super users have come to expect.
Ubuntu itself is free but Canonical, the company behind Ubuntu, offers Ubuntu
Advantage. A pay-per-license professional support service to help with your larger
(50 host devices or more) Ubuntu-based networks and environments. Ubuntu has a life
cycle (release to end of support time) of approximately 5 years.

Linux Mint: Linux Mint is Ubuntu based and seems to be designed with user migration
from Windows in mind. Once in the desktop environment, a sense of familiarity can’t
help but being noticed. Linux mint is aimed at new users with a gentler learning curve
than Ubuntu and a familiar layout. There are no enterprise solutions for Linux Mint,
meaning while ideal for a SOHO(Small Office, Home Office) environment, it would not be
suitable for larger companies like other distros. Of course it is free to download
and has a life cycle of approximately 5 years.

Fedora and Red Hat Enterprise Linux (RHEL): Fedora is a free community-driven OS
offering that targets general users and SOHO environments, and RHEL is it’s
pay-per-license enterprise-level sibling. Fedora is a constantly changing breeding
ground of sorts for innovations and features that could very well be in the next RHEL,
which responds in kind with advances in stability, security and integration. Both offer
a sleek interface, and act like a traditional Linux system, so the learning curve is
steeper than Linux Mint. Fedora offers a relatively fast life cycle of about 13 months
while REHL offers a long life cycle of 7-8 years.

With many cloud-based solutions to traditionally, locally-stored applications being
offered like Microsoft’s Outlook and Office 365, platform independence has never been
greater. Meaning that all Ottawa IT companies should start taking interest in the lower
costing Linux platforms, and Ottawa computer services user should too. The above list
is just a taste of Linux distros on offer, and are great jumping points for IT companies
in Ottawa to get introduced to the Linux Environment and the benefits they can offer.

End User Awareness Training

By | Uncategorized | No Comments

How End-user Awareness Training Can Benefit IT Companies in Ottawa

Users of computer services in Ottawa need to be in the know when it comes to
their capabilities in protecting their company’s IT Infrastructure.
In a study published in April 2016, researchers found that 48% of people
who find a USB thumb drive will plug it in to their own computer. Very few
of these people had concerns for their device security. This should be
an eye-opening fact to management at Ottawa IT companies.

People seem to be the weak link in the security chain. 95 % of successful
security breaches are caused by human error, and the majority of those
breaches are caused by innocent mistakes. How are IT companies in Ottawa
to mitigate the substantial risk their staff present to their networks and
data? End-user awareness training. Below are examples of what Ottawa
computer services users and staff at Ottawa IT companies will learn
through end-user awareness training.

Password strength: Weak passwords equals weak security. End-user awareness
training will teach users of computer services in Ottawa how to develop strong
passwords and keep them secure to prevent data breaches and loss of public
trust in the company.

Fact: 66% of small and medium sized businesses that experience a data breach
shutdown for a day or more, or go out of business entirely within the 6 months
following the incident.

Phishing emails: Phishing attacks are a great way for attackers to gain access
to your network. Whether they are “phishing” for account log-in credentials,
or presenting malicious software in the form of email attachments, phishing
is often the quickest and easiest way to get past perimeter security solutions.
End-user awareness training can teach your staff how to identify phishing
emails, and how to recognise more targeted efforts like spear-phishing and
whaling attacks.

Fact: It costs a company approximately 136 US dollars per record after a
data breach.

Social engineering: Social engineering is the art of manipulating people
for personal gain. Social engineers can be so skilled at deception that
it is entirely possible that Ottawa IT companies have been victim to
a social engineering attack and are completely unaware of it. End-user
awareness training can teach your staff in determining whether a person is
a genuine client with genuine questions, or a social engineer with malicious
intentions.

Ottawa computer services users and staff at Ottawa IT companies need to be
trained in how to use their devices securely. The benefit for staff is that
they can apply the principles they learned in company sponsored training at
home. The benefit for Ottawa IT companies is knowing their staff are now
educated in keeping their systems, data, reputation and livelihoods secure.

Overcoming the Scalability Problem in Network Management

By | Uncategorized | No Comments

What Is the Scalability Problem?

Businesses need tools, supplies, and machines to serve their customers. As a result, a limited number of said assets mean a limited number of customers who can be served at the same time. If a business wants to be able to serve more customers at the same time, it will need to acquire more of the assets that it needs to serve its customers, with IT infrastructure being no exception to this rule. In the context of IT infrastructure, scalability is the ease with which a business can expand its computer network with the help of the right Ottawa computer services.

To understand scalability problems, imagine a business that provides information about its products and services to interested individuals through its website. When someone visits its website, its server will run the processes needed to provide them with that information. However, a server has limited computing resources, meaning that it cannot serve more than a limited number of visitors at the same time. Furthermore, if the business starts selling its products and services through its site, it would be able to serve an even smaller number of visitors because the processes for an e-commerce operation are much more complicated and thus much more resource-intensive. This means that a business’s IT infrastructure limits the number of people that it can serve at the same time, which can create a bottleneck for its revenue-earning operations unless it plans ahead with the assistance of IT companies in Ottawa.

 

How Can the Scalability Problem Be Overcome?

Theoretically, a business can solve the scalability problem by adding more computing resources either on its own or by entrusting it to one of the numerous IT companies in Ottawa that can help. However, this is a poor solution in the long run because adding more computing resources without changing the network architecture will result in diminishing returns, meaning that there will come a point when adding more computing resources will provide fewer benefits than what the business has to pay for them even if it is receiving assistance from the best provider of the relevant Ottawa computer services that it can find.

Instead, a business’s best solution is to plan out upgrades to its IT infrastructure before its IT needs press its computer network to the breaking point. Such planning is best done in close cooperation with the best iT companies in Ottawa, which can help businesses choose the setups that are best-suited for meeting their IT needs in the long run without exceeding their budgets. Furthermore, businesses will want to call in the best Ottawa computer services when the time comes for the installation. This is because a botched installation can cause extended delays, meaning that they need the best IT companies in Ottawa to minimize the chances of such an occurrence.

 

Contact Us

Interested in learning more about how the right Ottawa computer services can help businesses handle their long-term problems? Be sure to contact us for a professional’s opinion on the matter.

The Edge, the Fog, and the Cloud

By | Uncategorized | No Comments

To provide effective IT solutions, IT companies in Ottawa will have to fully understand and implement the edge, the fog, and the cloud technologies. While cloud technology has been around for some time, the concepts of fog and edge computing are pretty new. It might seem on the surface that these technologies are competing with cloud technology, but in their true essence, they are only ways to take cloud computing to a whole new level. Take a look at what these technologies are and how they are different from each other.

Cloud Computing

Ottawa IT services have been providing cloud computing solutions just like other international IT services for years now. While cloud computing has its complex ways of operating, the main concept is pretty simple. Cloud computing allows its users to access and use data that is stored on the internet rather than on their computers. The simplest example is when you save your files on Google drive and let your friends view, download and make changes to them.

Edge Computing

Edge computing is enhancing the powers of cloud computing by taking the processing power of the cloud to the network’s edges. As technologies located close to their data producing sources are enabled to process information, less and less computing will be required in the cloud, i.e., the centralized servers. The immediate advantages of this technology will be lower consumption of network resources, faster processing and actions of peripheral devices, and avoidance of latency which will result in lower operational costs for IT companies in Ottawa and the rest of the world.

Fog Computing

The difference between fog computing and edge computing can be confusing for many. They do seem like similar concepts, but there is surely a difference. With fog computing, it’s the local area network that receives the power of intelligence. Once the power comes down to local area network level, data processing takes place in the fog node. On the other hand, processing power and intelligence are brought right to the peripheral devices residing at the edge of the network. Programmable automation controllers are great examples of edge computing in use.

IP video cameras, routers, and switches from CISCO seem like the devices that have introduced the concept of fog computing. CISCO received the credit for introducing the term “fog computing” to the world but companies like IBM and VMware are equally important players in incorporating this technology in their recent solutions.

What Causes Network Degradation?

By | Uncategorized | No Comments

What Are Some Causes of Network Degradation?

Network degradation is when the connectivity of a computer network falls, which can happen for a number of reasons. Sometimes, it is because the computer network has become infected with either a virus or some other kind of malware, which is why businesses should investigate by calling the providers of the relevant Ottawa computer services as soon as possible. Other times, the cause is less urgent, with examples ranging from a bad configuration to hardware failure. There are even cases when network degradation just means that business has insufficient computing power, meaning that it is time for it to consult one of the right IT companies in Ottawa about upgrading its systems.

Why Is Network Degradation Such a Problem?

The primary problem with network degradation is that it causes slowdowns. This makes it more time-consuming for the business’s personnel to complete the tasks entrusted to them. Even worse, slowdowns can cause a lot of frustration, which tends to make people less motivated to provide their best performance. These factors are more than enough reason for businesses to call in one of the numerous IT companies in Ottawa for help. However, letting the problem persist can lead to outages, thus providing even more reason for businesses to call for help because the losses from an interruption of their revenue-earning operations can be much higher than making use of the relevant Ottawa computer services.

Network degradation can affect the business’s customers as well. For example, network degradation can cause customers to experience slow loading speeds when buying products and services over the Internet. When they become frustrated, they will search elsewhere for the products and services that they are interested in, thus resulting in lost sales. Furthermore, frustrated customers like to leave bad reviews, which can have a long-lasting impact on the business’s reputation. These make even more reasons that businesses shouldn’t hesitate to contact the right IT companies in Ottawa when they start to experience network degradation. After all, IT companies have the most expertise, experience, and manpower, meaning that they can solve such problems much faster than what most businesses can manage on their own. Having a provider of the relevant Ottawa computer services on-hand is particularly beneficial because they have a better chance of pinpointing the exact source of the problem, thus saving businesses the need to conduct an exhaustive examination of their entire computer network.

Contact Us

Some IT companies in Ottawa are better-suited for tackling network degradation than others. As a result, businesses should contact us to learn more about the causes of network degradation as well as why how the right IT companies can help resolve the problem.

Articles

By | Uncategorized | No Comments

Data Backup Service – Why your business needs it

By | Uncategorized | No Comments

Data Backup Service- Why your business needs it

Many business people wonder whether they can afford to pay for extra precaution when it comes to securing their business data, the truth is that businesses cannot actually afford not to take extra data security measures. Most Ottawa IT support providers recommend that it is critical to rely on offsite data backup and recovery services. Below is a rundown of reasons your business should consider getting professional services with regards to data backup.

1. System Crashes

Computers are not immune to problems. When a system crash occurs, you risk losing all your data instantly. The problem is that, like any other accident, you never know when this is going to happen. Thus, it is important to ensure that your data is continuously backed up to avert the challenge of losing all your business data. If your main fear is a system crash, IT services providers in Ottawa have myriad data backup solutions that will ensure that your business data is always safe.

2. Virus Attacks

A computer virus can take down individual computers and even infect an entire computer network. Since lost data is extremely difficult to recover, it is essential that you protect yourself from such attacks. Although antivirus software can go a long way in keeping your computers free from computer viruses, it is important to note that no software is perfect. It is, therefore, essential to consult Ottawa tech support providers who are conversant with the best offsite data backup services. Convenient offsite data backup will help you access your data quickly after a virus attack.

3. Theft

When thieves break into your office, they will most likely be interested in equipment rather than data. However, if they go away with your computer, you will have lost your data. The problem is that although it can be easy to replace the machines, the same cannot be said about the lost data. Having your business data properly backed up will ensure that all your data will still be accessible after such an ordeal. An online data backup service would be the most appropriate for such. All you need is to log in to your account and access all your files instantly.
When it comes to the provision of data security solutions, you cannot afford to take chances. It is advisable to get the assistance of experienced Ottawa IT Services providers who are up-to-date with the latest data backup solutions. The IT experts will audit you data security system, understand your needs, and advise you accordingly.