Why You Should Upgrade to a Managed Synology Router

When was the last time you did a security update on your Wi-Fi router? When was the last time you changed its password? Did you know that your Wi-Fi router could be infected with malware that’s monitoring and potentially stealing information from your network, right now?

For many home offices and small businesses, a Wi-Fi router is an essential piece of equipment. As long as it seems to be working, it also tends to be invisible and overlooked. That’s why routers can be very tempting targets for those seeking to break into your network or intercept your data.

To help you protect yourself and your business, Visibil.IT offers our managed Synology router. With a managed Synology router, you get higher security without having to keep up with the latest security threats, updates, and patches yourself. Let us do the work for you!

 

Routers Are Under Threat

In April 2018, the FBI, Department of Homeland Security, and the United Kingdom’s National Cyber Security Center issued a joint Tactical Alert. This alert warns that Russian state-sponsored hackers are carrying out attacks by exploiting network devices, particularly targeting the kinds of routers designed for small office/home office (SOHO) use.

Then in May 2018, DHS and the FBI issued another alert, this one warning about a specific malware called VPNFilter, which targets SOHO routers. Researchers found that this malware had infected over 500,000 devices worldwide, in 54 countries.

Further investigation found that this malware was developed by a Russian hacking group, like the ones warned about in the earlier alert. The malware can infect a wide range of routers, including models made by Netgear, LinkSys, MikroTik, QNAP and TP-Link.

 
Once it has infected a router, VPNFilter can cause a great deal of damage. For one thing, it can collect communications going through the router. The FBI warns that this could lead to the loss of proprietary or sensitive information.

VPNFilter can also take control of the router and use it to launch attacks on others. Plus, the attackers can command the malware to destroy the router itself. For many business, losing their network even for a few hours can cause serious problems.

 

Why Are Routers Being Targeted?

As TechRepublic reports, it appears that targeting routers may be the next big trend in cyberattacks. There are a few main reasons for this.

  1. The FBI’s April alert points out that the security of routers is usually not maintained as well as the security of other devices such as servers and desktop computers. In other words, they tend to be invisible and overlooked, as long as they seem to be working.

  2. The FBI warns that SOHO and residential-type routers in particular don’t generally run anti-virus or other security tools. Plus, owners don’t always remember or know how to change the default passwords and other settings.

  3. Sometimes the issue is that owners don’t regularly perform security patching or that patches aren’t available.

  4. And another reason routers are so vulnerable is that vendors produce an extremely large number of different models. The vendors themselves may have difficulty supporting and providing updates for all those different devices.

  5. Ultimately, routers are also popular targets because once a hacker takes control of a router, they can do a lot with it. As TechRepublic puts it, the thing about routers is that they are both “high value targets” and “low-hanging fruit.” In other words, attacking routers is both easy and potentially very rewarding.

 

Protect Your Router, Protect Your Business

As you can see, defending your router from cyberattacks is necessary and important. That is what makes our managed Synology router so imperative.

 
You may have noticed that the list of routers affected by VPNFilter doesn’t currently include Synology. No router is invulnerable to attack, but Synology has a strong security focus with their routers. Consequently, they also have a good reputation for releasing security patches frequently.

Unlike some other vendors that release dozens of router models, Synology currently only offers two. This allows them to keep up with support and security better, as discussed above.

 
The most important piece of this security puzzle, though, is the Visibil.IT management of the router. When we manage your router or your network, that means we take care of keeping up with security issues for you.

 
We’ll set up your router so that it’s hardened against attacks, and then we’ll keep up that defense by updating it as security patches and firmware upgrades become available. We’ll monitor your router for signs of infection or attacks and take action to remove malware as necessary.


A managed Synology router may cost a little more, but it’s an investment in the security of your business. Let us help you keep your data safe and your business running smoothly!

Email Filtering and Encryption: Why Google’s Filtering Isn’t Enough

Businesses today simply cannot afford to skimp on email security. In fact, email has become the number one path that malicious attackers use to slip past your defenses and infiltrate your network. While Google G Suite offers good, basic security, it does not provide full protection against today’s quickly evolving email threats.

That’s where Symantec Email Security.cloud comes in. Symantec’s cloud-based email security solution provides the full range of protection your business needs to withstand known and emerging threats like business email compromise, ransomware and spear phishing.

 

Why Is Email Targeted?

Email has become the favored target of attacks for several reasons. First, it’s everywhere. These days, nearly every business, large or small, uses email for both external and internal communications.

This also means that email users vary a lot in their awareness of threats. Users who aren’t as aware of security risks may open attachments or click links that download malware or give hackers access to your network.

For instance, as Tripwire.com’s State of Security reports, in 2016 a police department in Dallas, Texas, was infected by ransomware through an email that came from an address that imitated a departmental email address. The ransomware encrypted police files, including documents, photographs and videos. It demanded $4,000 in Bitcoin to decrypt the files.

While the Texas police department chose not to pay the ransom, these attacks can also be very profitable. For instance, according to Symantec’s annual Internet Security Threat Report, in 2016 the average ransomware payout was more than $1,000.

One victim of an email-based ransomware attack that paid significantly more than that was the Hollywood Presbyterian Medical Center. In 2016, their network was infected by ransomware spread by spam phishing emails. Ultimately, the hospital paid a $17,000 ransom to get access to their data back.

Plus, emails themselves often contain sensitive and valuable information about a business. As a result, hackers can steal confidential data directly from the emails themselves, for later sale or other purposes.

Because email is such a tempting target for cybercriminals, it’s particularly important to ensure that your company or organization’s email is secure.

 

How Does Symantec Email Security.cloud Protect Against Threats?

Symantec’s email security solution provides a blanket of protection that addresses three major types of threats. First, Symantec defends against malware and spam using technology such as antivirus engines and reputation analysis to evaluate the links and attachments in emails.

To protect against phishing, Symantec checks links in emails before they’re even delivered, following them all the way to their final destination. This way, Symantec’s security can catch brand new phishing attacks, unlike less advanced security systems that can only detect already-known phishing links.

For additional defense against phishing, it also has the ability to identify and block emails that are designed to impersonate actual users or domains belonging to your organization. This could have prevented the ransomware attack against the police department in Dallas.

Finally, Symantec Email Security.cloud also protects against emerging threats—new and targeted attacks that may be designed to evade less sophisticated email security products.

For instance, today some malware is written so that it won’t execute unless it’s on a physical server and detects what appears to be human interaction. When Symantec detects an unknown file, the file gets “sandboxed”—isolated and sent to a physical server that mimics human behavior to see whether it’s actually a threat.

The email threat isolation capabilities offered by Symantec cannot be matched by any other email security solution available today. Suspicious links and websites are made harmless by either preventing the user from accessing them or rendering them in read-only mode so that the user literally cannot enter the sensitive information that the phishing attack is trying to capture—such as passwords.

Advanced machine learning, network traffic analysis, and behavior analysis are also used to analyze code, detect hidden threats, and find new and hidden ransomware that may be lurking inside seemingly harmless attachments.

 

Symantec Email Security.cloud Leads the Way

So how well does Symantec do in actual testing? In 2017, Symantec conducted internal testing of four email security solutions: Symantec, Proofpoint, Mimecast, and Office 365. They sent almost two thousand emails, including both clean emails and those containing malware and phishing attacks.

Symantec easily beat all of the competition. Symantec caught 98.77% of all the malicious email, with zero false positives. By comparison, the second-best security solution was Office 365, which caught only 88.11% of the malicious emails and had 0.06% false positives.

For instance, Symantec’s current Service Level Target for Antispam Efficacy is “Over 99%.” Every month, they report whether this target has been achieved. In June 2018, their actual Antispam Efficacy was 99.999986%!

 

Conclusion

Malicious attacks via email continue to rise, with new threats developing every day. Symantec’s Email Security.cloud can shield your company against both known and emerging threats. And thanks to its education and assessment components, it can even help to train your employees to guard against threats too.

Email Archive

Why Should My Business Spend Money to Archive Email?

Any business that uses email—which is just about every business, these days—should strongly consider setting up an email archiving system. Investing in an email archiving system now can save you time and money in the long run, and help to protect you from legal problems too.

Archive Isn’t Just a Fancy Word for Back-Up

Some people think that archiving email is just a technical term for backing it up. But that’s not the case. An email archive copies and saves your email in a format that cannot altered.

The contents of the emails, along with attachments, are extracted and saved in a read-only format. This ensures, for both legal and business purposes, that the emails’ contents cannot be tampered with or accidentally deleted.

Additionally, email archives are designed to be easily searchable. That way you can quickly and reliably access to the internet gives past emails that you need to find. A basic back-up system generally isn’t searchable, at least not in any convenient way.

 

Legal Reasons for Archiving Your Emails

For some businesses, email archiving isn’t just an option—it’s required by law. Many industries, including financial, healthcare and energy, must comply with governmental regulations that require saving emails in an unaltered form and in a way that can be easily accessed.

But even if your business doesn’t have to follow regulations like those, email archiving can be extremely important for other legal reasons. If your business is ever involved in litigation—as many businesses these days are, at one point or another—then you may be required to produce relevant emails.

If you don’t have those emails or cannot easily find and retrieve them, it could cause serious legal and financial harm to your business. Aside from dealing with litigation, you could also need to produce emails for compliance audits or if your business is being investigated.

None of us like to think that our business might be the subject of an investigation or face a lawsuit, but it’s better to be safe than sorry. Investing in email archiving can help to protect your business in these situations.

 

Information is Money

Think about how much information about your business is contained in your emails. There’s not only the intellectual property being discussed in the emails, but also the information that can be gleaned about your business and marketing practices.

From this perspective, securely archiving emails is like putting money in the bank. Those unaltered emails can be used to prove that the intellectual property discussed in them belongs to you. They contain the knowledge of your employees, protecting it from being lost if those employees move on to other jobs. New employees can use the searchable email archive to retrieve that knowledge and learn from past employees.

And the emails themselves can be analyzed for insights into improving business practices, like determining the most effective ways to communicate with customers. Because email archives are designed to be easily searchable, they make this kind of analysis much faster and easier to do.

 

Decrease Waste and Enhance Productivity

Email archiving can also help your employees to be more productive. Without email archiving, users will often have to spend hours managing emails, determining which to save and which to delete, how to organize them, how to set things up so they can find those emails again when they need them.

Often in this situation, employees either end up saving almost everything, creating a major storage problem on your servers, or deleting almost everything, including important emails that needed to be saved.

And when emails need to be retrieved for business or legal purposes, employees waste even more time trying to find them. An archiving system takes all of these burdens off of the users, so that they can focus on doing their actual jobs, not managing emails.

 

When Disaster Strikes, Cloud-Based Email Archiving Can Save the Day

Another thing we don’t like to think about, but absolutely must prepare for, is disaster recovery. Floods, fires, tornadoes and other disasters can happen to any business.

Cloud-based email archiving stores your data in the cloud, where it will be waiting for you when the disaster is over and you’re ready to get back to business. Considering again how much of your business’ information can be found in your email, this is an extremely valuable benefit that can play a major role in getting you back on your feet.

 

You’ll Never Run Out of Storage Space in the Cloud

Finally, another advantage of cloud-based email archiving is that you never have to worry about running out of room on a server. Cloud-based archiving gives you unlimited storage space. As your business grows, your email archive will grow with it. Setting up a cloud-based email archiving system now is an investment in the future of your business.

Case Study: NovaHR

In today’s connected world, almost every business has IT needs, like secure email for internal and external communication and a professional website so potential customers and clients can find you. But many small and medium-sized businesses may not find it cost-effective to hire their own, full-time IT staff.

That’s where Visibil.IT can help. We create complete IT solutions for small and medium-sized businesses. We use our expertise to select cutting-edge products and vendors that will keep your business up-to-date, and we provide the traditional core services like email and websites that all businesses need.

Let’s take a look at one of the businesses we currently support so you can get a better idea of what Visibil.IT can do for you.

 

NovaHR Business Profile

NovaHR is an Alabama-based consulting firm that provides human resources support and advice for small and medium-sized businesses that may not have their own full-time HR professional on staff. In other words, they’re not that different from us, except they provide HR services instead of IT!

NovaHR provides a wide range of services, all specifically tailored to clients’ needs. These services include handling recruitment, improving hiring practices, developing orientation and training programs, and consulting on discipline and termination practices to decrease the risk of legal actions.

The owner of NovaHR, Laurie Halvorson, first started her consulting business in 2001, then spent eight years working full-time for another company before going back into business for herself in 2017. Her new business needed email and a website, so she turned to Visibil.IT.

 

Getting Started with Visibil.IT

For many business owners, the process of setting up things like email and a website can be stressful and consume valuable working hours that could be spent in more profitable ways. According to Laurie Halvorson, working with Visibil.IT made her part of the job much easier, which meant less time taken away from running her business.

On setting up her email and website, Halvorson says that Visibil.IT “handled pretty much everything. I just sent my logo and a description of services, and they did the rest.” She appreciated that the site was up and running in less than a week, with no other input or decision-making required on her end.

NovaHR’s website includes descriptions of the services they provide, as well as a contact form that allows potential clients to quickly and easily get in touch with them. In fact, the website has been so effective at connecting her with clients, Halvorson says that she hasn’t had to do any other advertising!

 

Improving the Wi-fi Network

One technical problem that Halvorson encountered as her business got up and running was insufficient wi-fi coverage that limited where and when she could get work done. She asked Visibil.IT what we could do about that, and we suggested a mesh wi-fi network.

A mesh wi-fi network uses multiple routers, called nodes, to provide consistent wi-fi coverage throughout a large space, like an office building or a large house. For many businesses, a mesh network can really help with meeting today’s wireless needs. The Eero system that we prefer works with an app that allows you to easily monitor the network from your smartphone.

According to Halvorson, once she decided that she wanted to try the mesh wi-fi network, Visibil.IT handled everything else. Describing the process, she said, “It was so easy. They purchased the equipment, programmed it for me, and made sure all my devices were connected to it.”

She appreciated how quickly the work was done as well, noting that the entire network was installed in less than a day.

Halvorson likes the mesh wi-fi network because it allows her to work from anywhere. According to her, that flexibility “benefits me personally, which benefits my business.”

 

Trusted Service, Ongoing Support

When asked why she initially chose Visibil.IT to provide the IT services she needed, Halvorson said, “I have worked with the owner, David before and trust his work.” 

Halvorson also reports being very satisfied with the support she’s received from Visibil.IT since the initial set-up and installation. She likes that she can easily get in touch by phone call, email, or text and that there is a quick response to all of her questions.

Overall, Halvorson describes her experience of working with Visibil.IT as fast, easy, and providing significant benefits to her business. We’re glad we could help!