Cybersecurity 102: How Firewalls Protect Against Threats

The internet is two-way connection. You don’t just go onto the internet. The internet goes onto the device you’re using. If you’re not careful, a lot of bad things can get into your system through the internet.  

Recently, we discussed some of the major threats that companies face on the internet. Now it’s time to look at the first step to protect yourself from those threats.  

It’s Starts with a Firewall 

A firewall is the gatekeeper to your network and/or device. Its purpose is to let safe information in while keeping the bad stuff out. Dangerous items could include spyware, viruses, hackers, and much more. Additionally, certain firewalls can be customized and configured to keep out content that’s technically “safe”, but unwanted on a particular network. For example, companies may use firewalls to block time-consuming websites such as Facebook or YouTube. 

Firewalls can also act as a filter between different company networks. This is helpful in protecting your information from vendors and contractors you may work with. 

Are All Firewalls the Same?

No. First of all, a firewall can either be a software program or a physical device. Both perform the function of flagging questionable content and preventing it from coming through, though they do so in slightly different ways. 

A software firewall operates on your computer (or other device), protecting the information found there. Should a virus or hacker breach your network, a software firewall can still protect your individual device.  

A software firewall continues to protect your device even when you’re on other networks, which is very beneficial.  

Hardware firewalls are physical devices that act as the first point of connection to the internet, protecting your entire system and every device connected to it. Sometimes hardware firewalls double as routers. Other times, they connect to a router. Different hardware firewalls can offer different features. 

Not only do hardware firewalls protect against hackers and viruses, but they also keep out spam traffic that can slow down your network. 

The best form of protection is a mixture of both physical and device-based firewalls throughout the environment. DataYard provides a comprehensive solution that may include physical, hosted, and next-generation firewall solutions.  

Firewall Systems Need to Stay Updated  

Digital attacks are constantly changing as hackers find new flaws and loopholes in network systems and computer software. In order for your firewall to do its job, it needs to be maintained and updated. It’s important that you keep your network and online data somewhere that’s secure and protected against the latest threats. 

As an IT partner DataYard values an ‘eat your own dog food’ model that incorporates all the products that we would recommend to a client including physical devices, hosted firewall solutions, and software-based products. The more points of security the better. All of these options are available to new and current clients utilizing DataYard’s access, cloud hosting services and colocation. Second to great firewall solutions we maintain backups as an extra safety measure.  

For those who have extra security compliance standards to meet, we have you covered. Our team has a track record for providing thorough solutions that check all the boxes for all compliance requirements.  

And for those who want to make sure they have the right firewalls in place and configured correctly, our IT support in Dayton, Ohio can help you out. 

Not sure what you need? We’re happy to consult so you get the protection you need. Contact us today! 

Our Data Center is Here for You

LEARN MORE ABOUT HOW WE CAN KEEP YOUR DATA PROTECTED


HIPAA Compliance for Hosting and Data Security

If you work anywhere in the healthcare space, you’re probably very familiar with HIPAA compliance. Passed in 1996, the Health Insurance Portability and Accountability Act provides rules and guidelines for healthcare access, health information storage, health insurance, and more.

HIPAA consists of five primary parts or titles:

  • HIPAA Title I – Health care access, portability and renewability,
  • HIPAA Title II – Preventing health care fraud and abuse; administrative simplification; medical liability reform
  • HIPAA Title III – Tax-related health provisions
  • HIPAA Title IV – Group health insurance requirements
  • HIPAA Title V – Revenue offsets for tax deductions

While HIPAA provides an important function of protecting the health coverage and personal information of individuals, along with reducing fraud across the industry, it can get a little confusing.

Arguably the most complex section of HIPAA is Title II, which among other things, covers how information is stored and accessed. Since almost everything is digital these days, that means Title II covers your hosting, server, and network setup. 

Meeting the Requirements of HIPAA Title II

Failure to follow the proper requirements of HIPAA Title II can put your customers personal data at risk, not to mention result in some serious penalties. It’s very important that all of your information is stored securely within a HIPAA compliant system. 

Of course, HIPAA extends beyond hosting, covering IT areas such as account access, password management, and more. You also need to be mindful of working with external vendors and third parties, as they bring additional risks and requirements regarding your data. 

Professional Help for Staying HIPAA Compliant 

By itself, the world of hosting and IT support is very technical. When you add in HIPAA compliance, the complexity multiplies. That’s why it’s best to utilize an experienced IT team that’s well versed in HIPAA compliance. 

At DataYard, we offer a wide range of services for companies and organizations that operate under HIPAA. This includes private cloud hosting at our data center in Dayton, Ohio that meets HIPAA and HITECH requirements. Additionally, we can provide you with consultation, on-going support, and threat protection so that all of your technological and digital fronts are covered. 

You don’t need to understand all of the complexities of HIPAA Title II. You just need an IT team that does. Contact us today! 

Our Data Center is Here for You

LEARN MORE ABOUT OUR HOSTING AND CONSULTATION SERVICES


Cybersecurity 101 – What are the Threats?

With so much of our lives and businesses online, cybersecurity is more important than it’s ever been. And it’s not just something that big businesses have to worry about. Nearly half of cyber-attacks are targeting small businesses 

For small businesses, one bad hack could be enough to put them out of business for good. 

That means cybersecurity should be a top priority for all businesses. If any part of your business is storing information online (and it probably is), you need to protect yourself against threats. How do you do that? 

The best place to start is by understanding what types of attacks are happening out there. Here are some of the most common types of attacks taking place in 2019. 

Today's most common threats to your data...

Ransomware  

Ransomware has been around since ‘89, and it’s a tactic that’s still going strong. As you might deduce from the name, ransomware is malware that gets into your system, locking you out of it, and cutting you off from your data. In order to get access back, hackers will demand payment or “ransom”. 

Sophisticated encryption in modern day ransomware ensures that your data is virtually impossible to recover without gaining permission from the random holder. What’s even scarier is the fact that should you pay the ransom, the hacker might delete your information anyway. 

This is why regular backup systems and segmentation is so important in modern server systems. 

Cryptojacking 

This is a relatively new attack that’s quickly gaining steam. You’ve probably heard of cryptocurrencies such as Bitcoin and Ethereum. Without going into too much detail (because cryptocurrencies can get very confusing, very fast), these currencies involve a process called mining, which requires a lot of computer power to perform efficiently.  

This is where cryptojacking comes into play. 

Cryptojacking involves planting hidden malware that secretly uses your company’s hardware and resources to mine cryptocurrencies. These attacks can be very hard to notice as they don’t cause obvious problems. They do, however, slow down your system and anyone who is connected to it. 

The good news is it’s relatively simple to prevent cryptojacking from happening. Even if your system has been infected, a skilled IT professional can get it removed quickly. 

Device Exploitation 

Smart technology is only growing more popular. These devices connect with the internet and with each other, forming something called the “Internet of Things”. While these devices can offer a lot of convenience, they can also serve as areas of exploitation. 

Individual devices have their own systems which require their own updates. Failing to update your devices is one of the easiest ways to expose yourself to attackers. Software and network updates exist largely to patch potential security risks in products. 

Systems need to be in place to ensure that the various devices connected to your network are secure and up-to-date. 

Third Parties 

Everyone likes to think of their vendors and contractors as trusted allies, but the truth is, they can be massive security risks as wellEspecially smaller companies who often lack proper security systems and dedicated IT teams.  

If your vendors have any access to your system, they pose a potential threat. You need to account for this. An IT audit, or Discovery, as we like to call them, can help expose where these weaknesses exist and provide steps to remediation.  

Phishing 

Despite a pretty wide awareness of phishing, it’s still a popular (and often successful) means of attack. Today’s phishing schemes are smarter than ever, often utilizing personal info and professional sounding email addresses to seem legitimate. 

These schemes can easily steal important passwords or spread malware through one wrong click. 

Cyber Attacks are Constantly Changing and Evolving 

Technology is advancing faster than ever. With it, cyber-attacks are constantly evolving. The only way to protect yourself, your customers, and your partners is with on-going security. Software or a simple firewall isn’t enough. 

You need a professional team by your side. 

At DataYard, we provide cyber security in Dayton, Ohio and beyond. Our web hosting and cloud services ensure regular backups of your data are made and that your systems stay up-to-date. Our IT support services (AYS) can further assist you in forming proper security protocols and ensuring that you stay protected from the latest digital threats. 

Contact us today to learn how we can keep you and your business safe.  

Is your company safe?

LEARN MORE ABOUT OUR CYBER SECURITY SERVICES


What Place Does Colocation Have in a Cloud Based World?

For many companies, having their own servers has become a thing of the past. Where once, a business had to find space to place racks, run wiringprovide backup power, etc., they can now utilize someone else’s servers halfway across the world. 

Even for companies who need high-performance, extra security, and 24/monitoring, cloud hosting solutions can provide dedicated server space that keeps up with all of their demands. 

But in-between cloud servers and in-house servers, there is another option: colocation. 

Colocation is when you house your own physical server equipment in a third-party data center. You handle the purchasing and configuration of the equipment. The data center keeps it secure, powered, and cooled.  

This has proven to be a popular solution, as it frees businesses from having to store their dedicated servers in their own buildings. Advanced systems can make noise and run hot, not to mention they need backup power sourcesextra security measures, and high-speed network access. 

By placing your equipment in a data center, you can free up your own real estate and remove the responsibility of keeping your servers powered, protected, and connected. It’s a best of both worlds approach. 

However, as cloud hosting and dedicated virtual servers have grown in capabilities, many have moved away from colocation. Some have even gone as far as to say that colocation is dead. This is not true. In fact, colocation is on the rise. 

Why is that? It’s simple. Some businesses need their own equipment.  

And others just like having ownership over it. 

There are a few reasons why you may want colocation.

Specific Hardware Requirements 

Every business has different hardware, compliance, and security measures to follow. Cloud servers take a universal approach to hosting, providing more of a “one-size-fits all” solution, even if there are some options you can customize. 

With colocation, you choose every part of your setup, which means you can tailor it to your specific needs. In some cases, a company’s software and/or internal systems may require server hardware that simply isn’t popular enough to be found as an option for cloud hosting. 

Technical Knowhow 

Due to the fact that you’re purchasing and configuring your own equipment, colocation does require some advanced IT knowhow. For companies with IT workers on staff, this is great, as it allows them to setup their system exactly how they want it.  

And we know firsthand how particular IT people can be about the way things are configured. 

Ownership 

Cloud hosting, even when you’re using private or dedicate servers, is a rental service. You are paying someone to use their equipment. When you stop paying them, you lose the ability to use that equipment. They may also have specific rules regarding how you use the equipment. Some businesses are completely fine with that. 

Others prefer ownership. 

With colocation, the equipment is yours to use as you wish. If you decide to change who you’re partnering with for hosting, you can take your equipment with you. 

In Need of Colocation? 

Our Data Center in Dayton, Ohio is equipped to handle all of your server needs. Whether you want private cloud hosting, shared hosting, or space for colocation, you can expect a high quality, customer driven experience. 

Our colocation services are scalable and move-in ready. At DataYard, you’ll have 24/7/365 access, should you need it. Meanwhile, we’ll make sure your equipment stays secured, protected, and connected.  

Our Data Center is Here for You

LEARN MORE ABOUT OUR COLOCATION SERVICES


sdlan.datayard.us upgrades

On Tuesday June 11Th at 3PM EST DataYard will be upgrading our Unifi controller, sdlan.datayard.us. The Unifi web portal may be unavailable for 15 minutes during this time. No other systems will be affected.

Let us know if you have any questions, concerns, or just want to chat: 1.800.982.4539 or support@datayard.us. Remember to follow us on Twitter (@datayardtechops & @datayard)!

Google Chrome Updates – Is Your Site Secure?

The world’s most popular Internet browser, Google Chrome, is releasing an important update in the coming weeks.  Starting with the public and stable release of Chrome update 68, the browser will show a yellow “warning” icon next to the URL of web sites which are not protected by a SSL cert, and when this icon is hovered over a “Not Secure” warning will be displayed.  With over 53% of total browser market share, this update is sure to affect a wide swatch of users and websites.

Read the Google blog post here.

Not sure if your website will be affected by this change?  Visit your site in a browser, and then look at the URL in the address bar.  If your address begins with “HTTP” and not “HTTPS”, your visitors may start to see a warning when this update is released.

To get ahead of the curve on this, give us a call or send us an email – for $175 a year, we can purchase, coordinate, and install a fix for this issue for any DataYard hosting customers.  Just another way we are here to help you make IT better.

 

Keeping the Internet Safe

Earlier this month was Safer Internet Day, which is a day dedicated to creating awareness around safe internet usage mainly geared towards children and teens. I realized this topic didn’t exist when I was growing up. Think about it for a second. I am in my mid-late twenties and I have had more years with dial-up internet or no Internet at all, than I have with anything close to the high speeds we have today. I’ve grown up with the Internet quite literally. When I was a kid, teachers and parents were just trying to grasp the concept of the Internet and how it was used, let alone talk about how to safely address it. For this reason, I’ve taken it upon myself to catch all of us up on some quick Internet Safety Tips.

Passwords

Creating complex passwords and changing your passwords regularly can go a long way. That means moving past the passwords like ‘Password123’ and ‘Jacob19’, onto more creative phrases and symbols. It is also beneficial to use different passwords for your different accounts and websites, rather than using the same one across the board. For this reason, I would recommend using tools like LastPass, KeePass or 1Password to help keep track of all of your different passwords. These tools can also be set up to remind you to reset your password every couple of months.

Public Network Security

Free public Wi-Fi has essentially become a basic utility, making the internet easily accessible virtually anywhere. This is also making users increasingly vulnerable. The challenge with public Wi-Fi is that it’s often unsecured, making it easy for hackers to access your device. If you want to utilize public Wi-Fi in a secure manner, you can purchase a Virtual Private Network (VPN). A VPN is a software that will provide you with a secure connection to the Internet.

At Home Network Security

Taking a comprehensive look at your home network will allow you to have peace of mind when you are connecting to the Internet at home on your various devices. Changing administrative passwords and implementing a few precautions can make your connection much safer. For a checklist on securing your home network check out our Securing Your Home Network blog.

Safe Browsing

Many times, Internet browsers themselves provide Safe Browsing functions (see Google). However, you can go an extra step and retrain yourself on not giving away personal information, avoiding questionable websites, only downloading software from sites you trust, and increasing your browsers security settings.

  • Click Smart – don’t click on sketchy links or ads
  • Share Selectively – don’t just share your personal information with anyone
  • Shop Safe – when shopping online always make sure to look for https

HTTPS

Keep an eye on the addresses of the sites you are visiting. In the address bar for your website, you will see either HTTP or HTTPS (more about the difference) which represents how data is transferred between a web server and a web browser. With an HTTPS site, the data is encrypted, which keeps your information safe. This is extremely important for any online shopping or banking, and any site taking your personal information. You need to make sure that it has encryption.

Stay Up to Date

Staying up to date on the latest operating systems (OS) and software/application versions will ensure that you have the most up-to-date security measures in place. We recommend turning on auto-update when applicable.

If you have more questions about making your home a safe place please feel free to reach out to us on social media or at hello@datayard.us

Other Resources:

How to update your DataYard Mail Filter Settings

DataYard’s new and updated mail filter features improvements to both spam and virus filtering performance and the user interface.  This article explains how to create an account on DataYard’s Mail filter, update your password, add and remove entries from your whitelist and blocklist and adjust your spam filtering levels from the defaults.

Creating an account

Access the Mail filter login page at https://filter.datayard.us.  Enter your email address in the username field and click  “Create New Password”

Spam_Walkthrough_1

It will tell you that an account has been created and will have sent an email to you with your password.

Spam_Walkthrough_2

Spam_Walkthrough_3

Now you can log in to the portal with your email address and password.

Spam_Walkthrough_4

Here is what you’ll see when you log in.  The page will default to the Quarantine Inbox that is disabled by default (you can enable it by following the instructions here).

Spam_Walkthrough_5

 

Changing Your password

Upon logging in, click on Preferences

Spam_Walkthrough_6

Then click Password

Spam_Walkthrough_7

Enter your old password and desired password as directed, then click Save Password.

 

Updating your whitelist/blocklist

Click Preferences, then Whitelist/Blocklist

Spam_Walkthrough_8

You will be presented with the following page.  To add an address to either list, click into the entry box in either list, then enter the address and click Add.  To remove an entry, click the trash can next to the entry you wish to remove.

Spam_Walkthrough_9

To remove an entry, click the trash can next to the entry you wish to remove.

Spam_Walkthrough_10

You can edit the list as a whole by clicking Bulk Edit on the list you wish to edit.

Spam_Walkthrough_11

Never edit the first line and put each entry on its own line, as shown below. Click Save once finished.

Spam_Walkthrough_12

 

Customizing your filter settings

Click on Preferences, then Spam Settings

Spam_Walkthrough_13

In order to change your settings from your Domain defaults, select No for Use Domain Defaults under the Spam Scoring section, then click Save.

Spam_Walkthrough_14

You’ll now be able to adjust the scoring levels for blocking, quarantine (see Enabling Your Spam Quarantine if you’d like to utilize the quarantine feature) and Tagging.  Adjust the sliders to your desired levels and click Save.  Higher numbers are less sensitive and lower numbers are more sensitive. For example, if you change the Block slider from the default level of 5 to 8, you will receive more messages.

Spam_Walkthrough_15

Getting Help

The new mail filter includes comprehensive help, if you need an explanation for a setting or section, simply click the “Help” link at the top right of every section header.

Spam_Help

You can also contact us any time at support@datayard.us or 937-226-6896 for assistance.

DataYard – At Your Service

DataYard – At Your Service!

Now available by popular demand, DataYard has created a brand new offering under a brand new division, At Your Service.  AYS will help regional companies with all aspects of business IT – whether it is managing existing workstations and servers, migrating to a VoIP phone service, upgrading network equipment, or guiding your transition to the cloud – DataYard has you covered.

The DataYard Difference

For over two decades, DataYard has helped thousands of local businesses use technology to improve business efficiency and reliability. But we noticed that we were getting more and more requests from clients to assist with projects beyond just Internet services or hosting projects – they needed help with technology inside of their businesses, and turned to us for advice. AYS is an answer to those questions and needs, and DataYard can now bridge the gap between on-premise IT work and cloud-based hosting services.

We’ve built some great partnerships over the last twenty years – with Microsoft, VMware, and Cisco, to name a few – and these relationships make it possible for DataYard to be your full-service, end-to-end IT partner. If you have a problem, project, or just want to talk through an issue, give us a call – DataYard is here to help you make IT better.

DataYard’s 2016 Internship Program – Internet of Things Kick-Off!

On June 1st DataYard officially brought on two new summer interns for a specific and pretty cool project – to explore the Internet of Things (IoT)!

The chosen ones – Owen Devine and James Kinion – will be working with us through August to design, build, and deploy mobile units which report not only their own geographic location, but a slew of environmental variables as well. While we have a vague idea of how we at DataYard might accomplish this task, the interns have been set free in a sea of low-cost devices which when used together can accomplish almost anything.

We’re makers here at DataYard, and are super excited about the future of the IoT space. We got a 3D Printer for the office last Christmas, and Eric Wright has probably burned through twenty pounds of PLA over seventeen generations of a custom-fit phone Heads Up Display for his road bike. We built our own big-screen network status and reporting display, have daily DJ battles on a Raspberry Pi3 via Airplay to the MusicBox interface, and a Retrobox Pi3 for SNES emulation is coming soon – not even mentioning the custom solutions we put in place for clients every day.

We’re hoping to support the future of the IoT movement by getting some sharp young minds playing the field – and we plan to do that while deploying additional (and mobile) environmental monitoring to our data center – stay tuned for updates on DataYard’s continuing quest to innovate and create ways to Make IT Better!