Cybersecurity 102: How Firewalls Protect Against Threats

The internet is two-way connection. You don’t just go onto the internet. The internet goes onto the device you’re using. If you’re not careful, a lot of bad things can get into your system through the internet.  

Recently, we discussed some of the major threats that companies face on the internet. Now it’s time to look at the first step to protect yourself from those threats.  

It’s Starts with a Firewall 

A firewall is the gatekeeper to your network and/or device. Its purpose is to let safe information in while keeping the bad stuff out. Dangerous items could include spyware, viruses, hackers, and much more. Additionally, certain firewalls can be customized and configured to keep out content that’s technically “safe”, but unwanted on a particular network. For example, companies may use firewalls to block time-consuming websites such as Facebook or YouTube. 

Firewalls can also act as a filter between different company networks. This is helpful in protecting your information from vendors and contractors you may work with. 

Are All Firewalls the Same?

No. First of all, a firewall can either be a software program or a physical device. Both perform the function of flagging questionable content and preventing it from coming through, though they do so in slightly different ways. 

A software firewall operates on your computer (or other device), protecting the information found there. Should a virus or hacker breach your network, a software firewall can still protect your individual device.  

A software firewall continues to protect your device even when you’re on other networks, which is very beneficial.  

Hardware firewalls are physical devices that act as the first point of connection to the internet, protecting your entire system and every device connected to it. Sometimes hardware firewalls double as routers. Other times, they connect to a router. Different hardware firewalls can offer different features. 

Not only do hardware firewalls protect against hackers and viruses, but they also keep out spam traffic that can slow down your network. 

The best form of protection is a mixture of both physical and device-based firewalls throughout the environment. DataYard provides a comprehensive solution that may include physical, hosted, and next-generation firewall solutions.  

Firewall Systems Need to Stay Updated  

Digital attacks are constantly changing as hackers find new flaws and loopholes in network systems and computer software. In order for your firewall to do its job, it needs to be maintained and updated. It’s important that you keep your network and online data somewhere that’s secure and protected against the latest threats. 

As an IT partner DataYard values an ‘eat your own dog food’ model that incorporates all the products that we would recommend to a client including physical devices, hosted firewall solutions, and software-based products. The more points of security the better. All of these options are available to new and current clients utilizing DataYard’s access, cloud hosting services and colocation. Second to great firewall solutions we maintain backups as an extra safety measure.  

For those who have extra security compliance standards to meet, we have you covered. Our team has a track record for providing thorough solutions that check all the boxes for all compliance requirements.  

And for those who want to make sure they have the right firewalls in place and configured correctly, our IT support in Dayton, Ohio can help you out. 

Not sure what you need? We’re happy to consult so you get the protection you need. Contact us today! 

Our Data Center is Here for You

LEARN MORE ABOUT HOW WE CAN KEEP YOUR DATA PROTECTED


Dayton Cares

DataYard has been located in the heart of Dayton’s downtown community for over two decades. Naturally, when the heartbreaking news of Sunday morning’s tragedy scrolled across our screens, we were devastated along with the rest of the community. Some of our own staff were in the district that night but had headed home just before the madness broke out. Sunday morning was a slew of messages, everyone checking in on one another. The sigh of relief that our team was safe was instantly followed by the realization that others were sending the same messages with empty replies, making our stomachs sink. Coping in the wake of tragedy is an endless carousel of questions and “what if?” scenarios. 

 

Our team somberly entered the office on Monday and had to deliver service like any other day, but the day was not the same. It was a day filled with confusion, mixed with a desire to do something in response. But how could we respond as a business? Our service isn’t poised to directly help or comfort someone hurting. We were at a lost as to how we could be there for our community, other than by just being there. It wasn’t until the end of the day on Monday that we discovered how we could help.

 

Monday afternoon we received a call from the Dayton Foundation with a request to help the victims of the Oregon District shooting. NBC Columbus was going to be hosting a telethon the next day, President Trump was visiting Wednesday, and American Airlines had already given $75,000. They were expecting to see unprecedented numbers hit the Dayton Foundation website over the next several days. We responded by immediately bulking up their resources so they were able to accommodate the traffic and security risks that come with national attention.

Dayton Strong. Dayton Proud. Dayton Cares.

Over the last 5 days, we’ve been able to help support our community and the victims in our own way, doing what we do best. This is where the joy of doing what we do shines through the darkness. When we could help the Dayton Foundation reach over 610,000 people from all over the world as well as give over 2,100 people the opportunity to contribute to the victims, we were glad to know we could help in our own way that was unique to our resources and abilities.

 

We’re Daytonians. What Daytonians do is show up and care for their own. We’ve watched this community rally against hate, around tornado victims, and in response to tragedy, each person giving what they could in the way they knew how. That is what makes Dayton great – the people. In Dayton, when someone gets hit, the entire community picks them backup. Dayton cares. So far, you can see 360,000 reasons why we care in the Dayton Foundation’s Oregon District Fund.

 

Dayton Strong. Dayton Proud. Dayton Cares.

HIPAA Compliance for Hosting and Data Security

If you work anywhere in the healthcare space, you’re probably very familiar with HIPAA compliance. Passed in 1996, the Health Insurance Portability and Accountability Act provides rules and guidelines for healthcare access, health information storage, health insurance, and more.

HIPAA consists of five primary parts or titles:

  • HIPAA Title I – Health care access, portability and renewability,
  • HIPAA Title II – Preventing health care fraud and abuse; administrative simplification; medical liability reform
  • HIPAA Title III – Tax-related health provisions
  • HIPAA Title IV – Group health insurance requirements
  • HIPAA Title V – Revenue offsets for tax deductions

While HIPAA provides an important function of protecting the health coverage and personal information of individuals, along with reducing fraud across the industry, it can get a little confusing.

Arguably the most complex section of HIPAA is Title II, which among other things, covers how information is stored and accessed. Since almost everything is digital these days, that means Title II covers your hosting, server, and network setup. 

Meeting the Requirements of HIPAA Title II

Failure to follow the proper requirements of HIPAA Title II can put your customers personal data at risk, not to mention result in some serious penalties. It’s very important that all of your information is stored securely within a HIPAA compliant system. 

Of course, HIPAA extends beyond hosting, covering IT areas such as account access, password management, and more. You also need to be mindful of working with external vendors and third parties, as they bring additional risks and requirements regarding your data. 

Professional Help for Staying HIPAA Compliant 

By itself, the world of hosting and IT support is very technical. When you add in HIPAA compliance, the complexity multiplies. That’s why it’s best to utilize an experienced IT team that’s well versed in HIPAA compliance. 

At DataYard, we offer a wide range of services for companies and organizations that operate under HIPAA. This includes private cloud hosting at our data center in Dayton, Ohio that meets HIPAA and HITECH requirements. Additionally, we can provide you with consultation, on-going support, and threat protection so that all of your technological and digital fronts are covered. 

You don’t need to understand all of the complexities of HIPAA Title II. You just need an IT team that does. Contact us today! 

Our Data Center is Here for You

LEARN MORE ABOUT OUR HOSTING AND CONSULTATION SERVICES


Cybersecurity 101 – What are the Threats?

With so much of our lives and businesses online, cybersecurity is more important than it’s ever been. And it’s not just something that big businesses have to worry about. Nearly half of cyber-attacks are targeting small businesses 

For small businesses, one bad hack could be enough to put them out of business for good. 

That means cybersecurity should be a top priority for all businesses. If any part of your business is storing information online (and it probably is), you need to protect yourself against threats. How do you do that? 

The best place to start is by understanding what types of attacks are happening out there. Here are some of the most common types of attacks taking place in 2019. 

Today's most common threats to your data...

Ransomware  

Ransomware has been around since ‘89, and it’s a tactic that’s still going strong. As you might deduce from the name, ransomware is malware that gets into your system, locking you out of it, and cutting you off from your data. In order to get access back, hackers will demand payment or “ransom”. 

Sophisticated encryption in modern day ransomware ensures that your data is virtually impossible to recover without gaining permission from the random holder. What’s even scarier is the fact that should you pay the ransom, the hacker might delete your information anyway. 

This is why regular backup systems and segmentation is so important in modern server systems. 

Cryptojacking 

This is a relatively new attack that’s quickly gaining steam. You’ve probably heard of cryptocurrencies such as Bitcoin and Ethereum. Without going into too much detail (because cryptocurrencies can get very confusing, very fast), these currencies involve a process called mining, which requires a lot of computer power to perform efficiently.  

This is where cryptojacking comes into play. 

Cryptojacking involves planting hidden malware that secretly uses your company’s hardware and resources to mine cryptocurrencies. These attacks can be very hard to notice as they don’t cause obvious problems. They do, however, slow down your system and anyone who is connected to it. 

The good news is it’s relatively simple to prevent cryptojacking from happening. Even if your system has been infected, a skilled IT professional can get it removed quickly. 

Device Exploitation 

Smart technology is only growing more popular. These devices connect with the internet and with each other, forming something called the “Internet of Things”. While these devices can offer a lot of convenience, they can also serve as areas of exploitation. 

Individual devices have their own systems which require their own updates. Failing to update your devices is one of the easiest ways to expose yourself to attackers. Software and network updates exist largely to patch potential security risks in products. 

Systems need to be in place to ensure that the various devices connected to your network are secure and up-to-date. 

Third Parties 

Everyone likes to think of their vendors and contractors as trusted allies, but the truth is, they can be massive security risks as wellEspecially smaller companies who often lack proper security systems and dedicated IT teams.  

If your vendors have any access to your system, they pose a potential threat. You need to account for this. An IT audit, or Discovery, as we like to call them, can help expose where these weaknesses exist and provide steps to remediation.  

Phishing 

Despite a pretty wide awareness of phishing, it’s still a popular (and often successful) means of attack. Today’s phishing schemes are smarter than ever, often utilizing personal info and professional sounding email addresses to seem legitimate. 

These schemes can easily steal important passwords or spread malware through one wrong click. 

Cyber Attacks are Constantly Changing and Evolving 

Technology is advancing faster than ever. With it, cyber-attacks are constantly evolving. The only way to protect yourself, your customers, and your partners is with on-going security. Software or a simple firewall isn’t enough. 

You need a professional team by your side. 

At DataYard, we provide cyber security in Dayton, Ohio and beyond. Our web hosting and cloud services ensure regular backups of your data are made and that your systems stay up-to-date. Our IT support services (AYS) can further assist you in forming proper security protocols and ensuring that you stay protected from the latest digital threats. 

Contact us today to learn how we can keep you and your business safe.  

Is your company safe?

LEARN MORE ABOUT OUR CYBER SECURITY SERVICES


What Place Does Colocation Have in a Cloud Based World?

For many companies, having their own servers has become a thing of the past. Where once, a business had to find space to place racks, run wiringprovide backup power, etc., they can now utilize someone else’s servers halfway across the world. 

Even for companies who need high-performance, extra security, and 24/monitoring, cloud hosting solutions can provide dedicated server space that keeps up with all of their demands. 

But in-between cloud servers and in-house servers, there is another option: colocation. 

Colocation is when you house your own physical server equipment in a third-party data center. You handle the purchasing and configuration of the equipment. The data center keeps it secure, powered, and cooled.  

This has proven to be a popular solution, as it frees businesses from having to store their dedicated servers in their own buildings. Advanced systems can make noise and run hot, not to mention they need backup power sourcesextra security measures, and high-speed network access. 

By placing your equipment in a data center, you can free up your own real estate and remove the responsibility of keeping your servers powered, protected, and connected. It’s a best of both worlds approach. 

However, as cloud hosting and dedicated virtual servers have grown in capabilities, many have moved away from colocation. Some have even gone as far as to say that colocation is dead. This is not true. In fact, colocation is on the rise. 

Why is that? It’s simple. Some businesses need their own equipment.  

And others just like having ownership over it. 

There are a few reasons why you may want colocation.

Specific Hardware Requirements 

Every business has different hardware, compliance, and security measures to follow. Cloud servers take a universal approach to hosting, providing more of a “one-size-fits all” solution, even if there are some options you can customize. 

With colocation, you choose every part of your setup, which means you can tailor it to your specific needs. In some cases, a company’s software and/or internal systems may require server hardware that simply isn’t popular enough to be found as an option for cloud hosting. 

Technical Knowhow 

Due to the fact that you’re purchasing and configuring your own equipment, colocation does require some advanced IT knowhow. For companies with IT workers on staff, this is great, as it allows them to setup their system exactly how they want it.  

And we know firsthand how particular IT people can be about the way things are configured. 

Ownership 

Cloud hosting, even when you’re using private or dedicate servers, is a rental service. You are paying someone to use their equipment. When you stop paying them, you lose the ability to use that equipment. They may also have specific rules regarding how you use the equipment. Some businesses are completely fine with that. 

Others prefer ownership. 

With colocation, the equipment is yours to use as you wish. If you decide to change who you’re partnering with for hosting, you can take your equipment with you. 

In Need of Colocation? 

Our Data Center in Dayton, Ohio is equipped to handle all of your server needs. Whether you want private cloud hosting, shared hosting, or space for colocation, you can expect a high quality, customer driven experience. 

Our colocation services are scalable and move-in ready. At DataYard, you’ll have 24/7/365 access, should you need it. Meanwhile, we’ll make sure your equipment stays secured, protected, and connected.  

Our Data Center is Here for You

LEARN MORE ABOUT OUR COLOCATION SERVICES


How To Discover The Greatest Risk Facing Your Business

There is a huge risk facing your business (and it’s data) out there and it’s probably more familiar than you realize. Data loss can be a huge blow to any business whether its account information, billing history, or client files. Any kind of data loss can be critical to a business and it’s the ability to operate and in today’s world that data is susceptible to numerous risks.

To find out the greatest risk facing your business follow these steps:

1. Turn on your smartphone.

2. Go to your camera app.

3. Switch to the the Front Camera

4. Hold the phone up and look into the camera and what you will see is the greatest risk to your business data.

The greatest risk to your business data is YOU.

Since the beginning of time, we’ve been plagued with our own mistakes. Though never intentional they have the propensity to bring about disastrous results. In 1922, an American Chemist, Thomas Midgley, discovered that the compound tetraethyl lead helped fuel to burn at a slower rate. This helped decrease cost but it also resulted in several workers dying from lead poisoning in US factories during the early ’20s. In England, an elderly man accidentally threw away his Euromillions lottery ticket losing his chance to take home over $180 million. In 2005, a Japanese trader “fat-fingered” a trade in which he sold 610,000 shares for 1 yen instead of 1 share for 610,000 yen.

The fact is we’ve all made mistakes and and some of those mistakes have a price to pay with them. Unfortunately, no matter how hard we try we’ll always make mistakes and science and statistics say you’ll never be able to avoid them (here’s why). When it comes to a company’s mistakes with data it can have a devastating effect. It can hinder the ability to accomplish day-to-day tasks, lead to hours of repetitive work, and even result in fines or lawsuits. The scary part is that 44% of data loss is caused by an unintentional human action, which means it was an accident. So that ‘fat fingered’ keystroke can affect more than trades on the stock market they could wipe out your critical business data in less than a second.

In the world of technology, we are no less susceptible to mistakes, however, technology has the ability to adapt and statistically lessen the impact of a mistake or remediate the mistakes almost entirely. At DataYard, we believe that mistakes are mistakes and they shouldn’t destroy or hurt someone’s business and that’s why we believe in providing READY Backups to our clients. READY backup provides a solution where we can protect data from mistakes and other threats.

Thomas Midgley, (Photo Credit: Wikimedia)

We can protect your data from yourself.

USER ERROR

Is the source for the majority of data loss. Our backups provide a safety net from little mistakes becoming major catastrophes.

COST OVER COST

The cost of backups is minimal in comparison to what a business could face in fines or data recovery fees.

PEACE OF MIND

Live and work without the worry of little mistakes and threats or malicious activity because we have your back (ups).

GET YOUR BACKUPS HERE


Quick Tips to Greater Password Security

Globally people are taking the time today to bring awareness to the importance of password security. For both individuals and organizations alike password security is of the upmost significance when it comes to protecting ones personal information, finances, documents and many other forms of information. Passwords are one of the most critical layers of security in any situation.

Why should you care about having strong passwords?

  • Because your information is important.
  • Because your privacy is something you can’t ever get back.
  • Because you don’t want to be taken advantage of over something you can control
  • And for businesses it might be part of the policy and you’re risking more than you realize.
  • Because identity theft is not a joke.

Here are a few quick tips that you should understand when it comes to creating and managing your password security.

  1. Include numbers, symbols, and uppercase and lowercase letters.
    We recommend a random assortment of different characters all jumbled up like a good box of Ester-Price candy. The more the merrier.
  2. Do not reuse the same password(s).
    When you use the same password for multiple accounts it puts all those accounts at risk with one breach. When you have different passwords for every login you can limit the extent of a breach to that single account.
  3. Make your password long.
    Passwords that are three characters long take less than one second to crack.
  4. Use a nonsense phrase instead of common words or phrases.
    If it’s never been said or heard before you’re in the clear. Common sayings or even words in the dictionary can be easier to crack so be creative.
  5. Avoid using your personal information, especially things that can be found on social platforms.
    Your name and birthday together is not fooling anyone, Karen.
  6. Don’t give your passwords away to other people.
    This should be a given, but you’d be surprised.
  7. Use a password manager.
    Here are a few we recommend – Keypass, LastPass, Dashlane, 1Password. There are many others as well just find what suits you and see how it goes.
  8. Change your passwords regularly.
    It’s a pain but it can save you a great deal of challenge if done properly.
  9. Use dual-factor authentication
    When this is an option we high recommend that you use it. There are a few different forms of duel authentication and they are all great such as single-use codes, fingerprint ID, and USB Tokens.
  10. If you own or manage an organization YOU NEED A PASSWORD POLICY.
    There is no reason that all of the above shouldn’t be in your corporate handbook or policy for employees to be implementing into all their work passwords. If you do not currently have a password policy in your workplace we highly recommend putting one in place.

Today is the day to change all your passwords, it should only take you a few hours – have fun.

DataYard Tools | How to Change Your Password

DataYard is continuously striving to make IT better and today we’re launching the new and improve Connect Mail Password change module. Below you will find a link to launch this tool, but you can also find access to the Change Your Password Tool on the “My DataYard” page. Otherwise please check out the video below on how to utilize this tool.

 

 

If you still have questions feel free to reach out to our technical support team at 937-226-6896.

DataYard Tools | How To Use Alias Editor

DataYard has recently released a new Alias Editor tool with a fresh new face that gives our users a better experience.  Our email alias tool allows you to set up emails with your domain that forward to another email address. An alias email can be set up to send to either an email at the same domain or a completely different email at a different domain.

For example, if someone owned the domain, yourdomainname.com they could set up an alias email of hello@yourdomainname.com to send to a personal email john@yourdomainname.com or john-smith@gmail.com.

Here is a quick click through on how to use the Alias Editor.

 

How to Login or Sign Up

Open your browser and go to: tools.datayard.us

Login with your Username and Password.

Don’t have a username/password? Click the Sign-Up button.

DataYard Alias Editor Login Screen

Understanding the Dashboard

Once logged in you will see the Alias Editor Dashboard with the domains you own listed on the left and the aliases currently in place listed on the right. On the right side of the screen, you will see columns for ‘Alias’ and ‘Destination’, which are pretty self-explanatory in that the Alias column is a list of the ‘Aliases’ in use and the ‘Destinations’ are where they are being sent.

If you have more than one domain click on the domain you would like to manage add, edit, or remove your custom aliases from on the right and then you will see the following options on the screen:

 

 

Create New Alias – this will allow you to create a new alias for your domain

Create New Catch-All – this will forward all emails that are sent to the domain that don’t already have predefined alias definitions.

Edit – this will give you the ability to edit the alias name and the recipient addresses for that alias.

Duplicate – this will allow you to duplicate the alias and all the recipients for that alias.

On/Off Switch – this will turn on or turn off the alias so that it continues to work or discontinue working but keeping the record.

Delete – this will delete the alias record altogether.

Understanding the Editing Alias Screen

Once creating or editing an alias you will see the option to create, edit or delete the alias where you can make the changes you desire.

 

If you have further questions please check out our How-To Tutorial video available below or reach out to our support team.

 

New Website Announcement

We’re sticking to our motto “make IT better” by launching this brand spanking new website. It’s a little different than before but we think you’ll like it. For some, this change may come as a surprise and you might not recognize that it’s really us and for others, it might be hard to navigate at first, but that’s what this blog is all about.

 

ACCESSING THE QUICK TOOLS

Our site previously had a top menu bar that featured links to My DataYard, My Webmail, Connect Exchange, and Remote Support. We’ve taken these links and condensed them down to one link ‘My DataYard’, just look to the top right hand of your screen, I’m sure you’ll find it. The My DataYard page will now be the home to all those same links you’re familiar with from the old website.

 

MY DATAYARD

The ‘My DataYard‘ page has been built to give you even more access to our tools, announcements, and system updates. While today it is host to all the same tools you recognize from our old site over the next few months we will be adding some new features that we’re really excited to share with you.

 

QUICK NOTES

The site is up to date on several services, specs, and information that was either out of date or inexistent on the previous site so check it all out and if you have any questions let us know. We’re particularly excited about the new IT support page for our AYS service, which has been one of our fasts growing service, but was previously unrepresented on the website.

Hope you love it and if you have any problems feel free to reach out!

Make IT better!