Firewalls and social media: Feeling sheepish about security? – WatchGuard Product Manager, James Taylor, explains.
This article first appeared in OGL’s IT User Magazine, issue 2.
In today’s technological world that is communicating via instant messages, has friendships on Facebook, a link up on LinkedIn or shearing sheep on Farmville, (for anybody over 25, Farmville is a game available on Facebook) it’s surprising there is time left in the day to do any work at all.
And therein lies a problem; these constant interruptions into daily working life are not only expensive to our productivity but also on the resources we deploy to keep our business running. The resultant lack of concentration often manifests into mistakes being made and we are all too aware how costly errors are to business; cleaning up the mistake, re-training staff, loss of customer confidence and disciplinary actions are just some of the potential problems.
So do you know what your employees use your valuable internet connection for?
Many companies in the Small and Medium Enterprises (SME) marketplace tend to adopt a level of trust with their staff on what they can and can’t do on the internet. In reality, if we adopt such a policy, we have no idea of the misuse that is occurring, either inadvertently or deliberately.
By simply regaining productivity control over the internet we enjoy a number of benefits; firstly we are able to re-assure ourselves that services we want to run for our own business can run efficiently: business mail gets delivered promptly, informative webinars run smoothly, VoIP communications between branch offices have clarity, and so on.
Secondly, by controlling those applications that run over our WAN (Wide Area Network) we see an improvement in staff productivity without severely impeding on previous perceived privileges of internet use. In doing so we will also make cost effective use of an expensive resource. Maybe there is no need today to upgrade to a 10Mb connection, for example, if unnecessary internet use can be reduced.
And finally, through increased control we improve our IT security position. With social websites being the most visited internet pages, they have fast become the playground of the hacker; the simple basis of trust that is inherent on these sites fools us into being rather naïve. Therefore, by taking control of the active content needed to play games or interact with the social media site, we reduce our exposure to malware.
So who’s pulling the wool over whose eyes? Productive staff, making fewer errors and increased profits, or a healthy virtual flock prospering on Facebook’s Farmville, care of your staff (mis)using your web connection? It’s your call.
Internet or WAN connectivity – a practical guide
As soon as we mention the word ‘policy’, we immediately shy away; we think of verbose governmental gobbledygook and that’s enough to give anyone a headache. However, if we break down all of the component parts of an internet policy, they really are bite-size, easy to understand, and once we are properly equipped with what is needed, we are quickly able to build a policy that is fit for our business. If we have done this sufficiently well, we are then able to interpret your written requirements into a proactive computer policy onto your firewall (contact OGL if you would like further guidance on how to do this).
Step 1 – Why do you have a connection to the internet?
I make no apologies for this step: going back to basics is essential in building a robust policy. The response “we need it for business” is just not sufficient: we require as much detail as possible. Appropriate responses are going to be along the lines of, “we use our connection to communicate with our customers via SMTP e-mail using Outlook; we use the internet to order stationery supplies from e-Bay; we use the WAN connection to allow our employees to remotely access the office on the weekend”. The more specific you can make your response, the better.
Step 2 – Who needs the internet?
By understanding the tasks that need to be run, we can very quickly identify which employees are charged with completing them. If it is only the purchasing department which orders the stationery, then we have recognised that perhaps other departments do not require access to on-line ordering websites. Is it only senior management and the external sales force that need remote access to identified services?
By properly understanding the “why” and the “who”, we make significant strides into those key benefits identified in the introduction. Business critical applications prioritised and granting access to those who require the specific internet tools (and not everyone) will enhance productivity, and not surprisingly we automatically improve our security position by reducing our exposure.
Step 3 – Harden your internet Acceptable Usage Policy
“We trust our employees” is not a good starting position: Acceptable Usage Policies have nothing to do with trust. Internet access may be a Human Right according to the UN but falling foul of vicarious liability responsibilities should provide the company directors with all the guidance needed. And besides, all we are looking to do is ensure our web-access is kept clutter free of non-business traffic; by association we have the added bonus of making sure our employees’ minds are kept clutter free of distraction.
If we allow access to the internet for personal purposes, then we should set the time-frames for the non-working hours. Should we allow this level of browsing, then make certain that our business is protected. Today we are able to get highly granular in the policies we can set. We started this article referring to Farmville on Facebook (a highly addictive game, requiring constant attention); so where previously we granted a straight ‘yes / no’ access policy to social sites or even Facebook as a unique site, we are now able to control various applications within that specific site.
Maybe my new policy will state that we can authenticate to Facebook so we can read our messages and see who has scrawled on our wall – but that’s it: no chat, no gaming and no posting. Again the benefits to our business are two-fold; firstly, the anecdotal feedback from a number of sites that deploy this kind of discipline to Facebook browsing is just 10% of its former levels; their staff are more productive and the business is more efficient and secure. Secondly, bearing in mind the vast majority of malicious code is delivered via active content over the internet, by limiting and controlling this active content, you absolutely mitigate your security risk.
Cybercrime is on the increase and moving swiftly into the SME sector because businesses of this kind are often a soft target. Let’s face it, this market is the one that is confidently stating it well never happen to me and therefore the hacker knows the guard is down. With the bottom falling out of the black market for personal details, credit cards and national insurance numbers, the hackers now need to find new revenue streams. Banks, e-retailers and on-line betting houses have tough defences; it is far simpler to tackle the unaware and those companies in denial.
So how can you secure your network?
Gateway and desktop defence are the cornerstones of any security consideration for a company’s network, and this means anti-virus products like the industry leading Kaspersky, as well as firewalls on the network perimeter, such as those provided by us at WatchGuard.
Provided we have adopted a sensible approach to what gets plugged into the desktops, then the only way we are going to suffer a security breach is via the gateway or a rogue device (including insufficiently protected corporate laptops) being allowed inside the LAN. WatchGuard’s comprehensive Security Suite enables us to write simple but effective policies to keep our LAN not only secure, but also productive.
Firewalls have long since extended their capabilities of protecting unwanted traffic entering our network over our WAN connection. We are able to leverage the significant improvements in chip technology to not only continue providing the rudimentary firewall considerations but also extend this into other security areas such as Intrusion Detection and Intrusion Prevention (IDS/IPS), anti-virus scanning across multiple protocols including the internet HTTP(S) or for e-mail on SMTP or POP3, for instance. Reputation services are unique to WatchGuard where we are able to prevent access to sites or pages that are known to host malicious code. So too, the SPAM engine is a robust solution that has a high degree of accuracy in the recognition of SPAM, while the internet filtering engine helps us manage our Acceptable Usage Policy and the Application Control gives even greater granular management of applications within sites, as we have discussed earlier.
Hope for your network
The threats from the internet and social media sites in particular are real but utilising the benefits and features discussed, there’s hope out there for your network. WatchGuard and OGL can bring this together for you.
To find out more on how you can protect your network or to discuss any issues raised in this article, please contact OGL by telephone on 01299 873 873 or by e-mail: ITSolutions@ogl.co.uk.
Disaster Recovery Checklist
This checklist was originally featured in the first issue of OGL’s IT User Magazine.
The following guidelines will help ensure the strength and quality of your data backup and disaster recovery system:
- Make a disaster recovery plan
It’s imperative that your business has a plan of how it will protect its mission-critical data and how long it will take to gain access to it.
- Make a data backup every day
A daily backup minimises data loss in the event of a worst case scenario.
- Archive data backups to ensure maximum safety
Creating a weekly and monthly data backup archive provides a more robust system and enables you to retrieve historic data copies.
- Ensure success of your backup
Particularly if you’re using tapes and tape drives, it’s imperative that you check rather than assume that your backup has been successfully created.
- Keep it offsite
When you’ve made your data backup, ensure that the data storage media is placed in a separate and secure location – ideally a fire safe.
- Consider the time of recovery
A system reinstall could take from two days up to a week, assuming you have a secure copy of your backup media, available premises and a working server. Time is of the essence in disaster recovery and upgrading to an online data storage and access system could easily be the more efficient option.
- If in doubt, contact OGL
If you would like further advice on securing your data backup and creating a disaster recovery plan using tapes or any other system, contact OGL on 01299 873 873 or e-mail: Enquiries@ogl.co.uk.
Due to the latest technology the internet is more accessible than ever before and cybercrime is at an all time high. In order prevent yourself from becoming a victim of cybercrime you can take some simple steps to enhance the security of your online accounts.
In order to access your online accounts you are required to enter a username and password, the strength of this password contributes to the security of your account.
Did you know that three of the most common passwords are ‘Password’, ‘Monkey’ and ‘123456’?
When deciding on a password you can apply the following steps to ensure your password is at maximum strength:
Choosing a password
- Make your passwords memorable, so that you can avoid writing them down where possible, if this is unavoidable then keep the recorded passwords somewhere secure.
- Use over eight characters or more.
- Try not to use personal information such as the name of your favourite football team, your birthday, your pet or child’s name.
- Use a mixture of uppercase and lowercase letters, numbers and non-alphanumeric characters such as hyphens, although these aren’t always accepted.
- Try to use a sentence, removing the spaces, rather than a single word.
- Don’t use the same password for multiple accounts because if one account is breached they can all be breached.
- Try to avoid using words that have been spelt backwards or abbreviations.
Keeping your password safe
- Don’t tell anyone your password and if a company contacts you and asks for your password, even by phone, don’t give them any of your personal details. Remember, you don’t know who’s actually on the telephone.
- Aim to change your passwords every three months.
- If you receive an email confirmation that contains a new password, login again and change your password immediately.
- Keep your internet security software up to date.
It would be almost impossible to not have heard of “the Cloud” in this day and age, but just because we frequently hear it uttered doesn’t necessarily mean we know exactly what it means or what it actually is? I think that most people would respond fairly similarly: “It’s information being stored up there somewhere,” whilst pointing to the sky if they were asked the direct question: “What is the Cloud?”. In some respects this would be a perfectly reasonable answer, but let’s don our ever so slightly more technical hats and try to explore it a little further.
So how does that information get “up there” in the first place? Most ‘Clouds’ begin at a data centre somewhere. Wikipedia defines a data centre as: “a facility used to house computer systems and associated components, such as telecommunications and storage systems. It generally includes redundant or backup power supplies, redundant data communications connections, environmental controls (e.g., air conditioning, fire suppression) and security devices.” So basically a data centre will house many many computers, servers and storage devices all broadcasting information directly to the internet 24 hours a day, seven days a week. OGL’s own cloud based offerings are delivered from a data centre that is close to its Worcestershire based offices. The IT infrastructure required to run OGL’s cloud is owned and maintained by OGL itself.
Okay, so the information is “up there” how do you access it? Most companies that require access to cloud based services will have a client installed on their local machines. This client acts as the gateway between your office and the cloud; it works basically in the same way as you connecting to your local area network (LAN). Once connected to the cloud you will have all of your applications and documents available. One of the most advantageous reasons for using cloud based systems is that your information is then available from any broadband internet connection, and also on almost any device, regardless of your proximity to your company’s network.
So there you have it, all fairly straightforward, hopefully.
In part two we will explain a little more about the different types of Clouds available as well as more about the benefits of switching to cloud based services. In the meantime if you would like more information on OGL’s Hosted Services then please take a look at www.ogl.co.uk/hostedsolutions .
Hackers have featured in the news frequently over the past couple of months after breaking into large corporate websites such as Facebook, CIA, Sony and Foxconn. Hackers can be individuals or a group such as Anonymous or Lulzec, who exploit security vulnerabilities and break into a computer system.
Today’s computer software is very complex, comprised of thousands of lines of code which can contain programming mistakes, known as vulnerabilities. These vulnerabilities are used by hackers to break into individual computers, networks or to launch their programs automatically on your computer.
Once they have access, they may install malicious programs, steal confidential data, or perhaps use compromised computers to distribute spam. In order to maximise the protection of your IT system from hackers follow these steps:
1. Install anti-virus software, run regular checks and keep it up to date. Installing an anti-virus program protects your computer from viruses and other malicious software.
2. Install a firewall. A firewall is designed to permit or deny unauthorised entry to your system based on a set of rules defined by you.
3. Do not open an e-mail attachment unless you know what it is and who it has come from, as e-mail attachments from unknown sources usually contain viruses.
4. Install patch updates when they are available. Hackers can enter your computer through commonly used software such as Adobe Acrobat. The patch updates are usually developed in order to fix security issues in order to stop hackers accessing your system.
5. Ensure your operating system is kept up to date. Windows updates are crucial to protecting your computer from known security vulnerabilities, updating prevents hackers from exploiting these vulnerabilities.
6. Monitor your system events. Frequently check your system log to find out what tasks your computer is undertaking. If you’re getting alerts about any programs you don’t remember starting or installing, then we would advise you to run a security update.
For more information please contact OGL on 01299 873 873 or e-mail firstname.lastname@example.org
OGL presents a round-up of IT and Technology news that has hit the headlines recently.
It has been announced that the founder of the file-sharing website, Megaupload, which was recently taken offline by US Officials has had his bail denied by a New Zealand court.
The US Federal Bureau of Investigation (FBI) ordered the arrest of German national, Kim Dotcom, as well as four others, on accusations of internet piracy and money laundering.
Lawyers acting on behalf of Mr Dotcom have claimed their client’s innocence stating that his company simply offered “online storage facilities”.
An extradition hearing will be heard on 22 February and Mr Dotcom has to remain in custody until this time as he poses a “flight risk”.
The BBC reported that Mr Dotcom holds German and Finnish passports and is a resident of Hong Kong and New Zealand.
US federal prosecutors have accused Megaupload – one of the internet’s largest file-sharing sites before it was shut down – of costing copyright holders more than $500m (£320m) in lost revenue.
Megaupload countered this by stating that it was diligent in responding to complaints about pirated material.
There’s no such thing as a free tweet…
It was recently announced that Twitter now has the technology to selectively block tweets on a country by country basis.
In an article posted by the microblogging site, it stated that it could “reactively withhold content from users in a specific country”.In an article posted by the microblogging site, it stated that it could “reactively withhold content from users in a specific country”.
In a change to how Twitter previously handled “sensitive” issues and in a move that freedom of information advocates have criticised, it said that removed content would be available to other territories as opposed to it disappearing completely worldwide. The blog post went on to state that Twitter’s international growth meant entering countries “that have different ideas about the contours of freedom of expression”.
Many Twitter users have expressed dismay over the move, with some pointing out the adverse impact it would have on free speech, especially outside the US.
The BBC spoke to Freedom of Information campaigners, Reporters Without Borders, whose spokeswoman, Heather Blake, commented: “It allows for Twitter or other internet organisations to censor things. Freedom of information and freedom of the press can be compromised.”
In response to criticism, Twitter has stated: “In general this would be a response to a valid legal request from a government. Our policies and our philosophy towards recognising freedom of expression has not changed – this is simply a clarification to how we respond to legal requirements.”
Facebook flirts with flotation to facilitate further funds
Facebook is in the process of becoming a publicly-listed company. Reports suggest that the social-networking giant has been valued at between $75bn (£48bn) and $100bn (£64bn).
It was also reported that the flotation, which is likely to happen later this year, would raise about $10bn, which would make it one of the largest share sales ever seen on Wall Street, dwarfing the $1.9bn raised by Google when it went public in 2004. The largest amount achieved by a flotation was by car maker General Motors, which raised $20bn in 2010.
Facebook was started by Mark Zuckerberg and fellow students at Harvard University in 2004 and has steadily become one of the world’s most popular websites. Rumours of its initial public offering (IPO) have been circulating for many months, however the company has yet to confirm the story.
Facebook, who makes most of its money through advertising, would become one of the world’s biggest companies by market capitalisation based on the reported valuation.
Further to the support of Worcestershire children’s charity, Mentor Link, by Kidderminster Harriers FC and OGL Computer via a donation of £1 from the sale of evey replica shirt, OGL is also looking to support Mentor Link by recruiting volunteer mentors from across the company’s 180 members of staff.
Mentor Link trains and provides ‘mentors’, volunteer adults who befriend and support children who are experiencing a range of difficulties, from low confidence and bad behaviour to family-based issues. Now, Mentor Link and OGL are investigating the possibility of involving keen, committed members of OGL’s workforce as potential mentors.
For Mentor Link, if potential candidates were selected from OGL, this would provide welcome additional resources. For OGL, providing mentors would present an opportunity to further engage with and support the local community, especially considering that the majority of the company’s workforce reside in and around the Wyre Forest district.
For more information on the work of Mentor Link, visit the website www.mentorlink.org.uk
IT User magazine is now here: the new publication designed to help business users of IT, from IT directors to network administrators to IT end-users, get the most from their IT.
Download the magazine from the OGL homepage. The first issue’s feature article focuses on data backup and disaster recovery; principally, how you should backup your data and how you can create the most effective DR plan.
On a similar theme, the article Proactive Administration discusses how a hands-on approach to managing your IT with a regular ‘service’, can ensure the most effective, efficient system.
The magazine is also complete with news from OGL and the wider IT industry, with staff profiles and a customer focus.
Download the magazine now and let us know what you think by e-mailing OGL’s Marketing Manager, Alex Byles, on email@example.com or by calling 01299 873 873.
Forget Lord Sugar: OGL has its own leader of the Apprentice in Paul Richards, Head of HR and Training, who will host an Apprentice-style competition offering six Sales Academy roles to the winning candidates of an intensive selection process, taking place throughout September and October.
OGL Computer is inviting applications until Friday 14 October from dynamic, enthusiastic candidates who are just beginning their careers in sales or who are looking for the opportunity to break into the field. Experience is a bonus, but Paul and his team are looking for candidates with the drive and dedication to progress in a sales environment, meaning that recruits with no sales training are free to apply.
Selected candidates’ commitment will be tested in OGL’s Apprentice-style selection process, which will involve group exercises, role plays, one-to-one presentations and interviews, taking place at assessment centres over the coming weeks. The six winning candidates from OGL’s assessment centres will then formally join OGL and begin the Sales Academy, involving up to 12 months’ training in techniques from across the sales spectrum, provided by OGL’s sales training team.
For OGL, this means that the company can garner the sales consultants of tomorrow, using a tested technique. Indeed, current OGL Sales Manager Lee Reece came to OGL through the same process. For the selected candidates, the Sales Academy means full sales training and the possibility of career progression within OGL.
Interested candidates should send their CV and an e-mail explaining why they wish to apply to firstname.lastname@example.org For more information visit www.ogl.co.uk/careers or call 01299 873 873.
With over 180 members of staff spread across two sites, today OGL Computer is one of central England’s biggest providers of IT Support and IT Solutions for business large and small. This August, the company is celebrating an anniversary of 35 years in business, an age which also makes it one of the oldest and most established IT companies in the UK.
Today, OGL provides premier IT Support and cutting edge IT Solutions, including IT hardware infrastructure installation, disaster recovery, business continuity, IT Security, e-commerce and website development, and the company also has partnerships with the world’s leading brands in IT, including Microsoft and HP. However, despite today’s impressive setting, OGL’s beginnings originated from a smaller scale.
In 1976, OGL was established in neighbouring Worcestershire to provide, service and repair Olivetti typewriters for businesses in the Midlands – hence the name OGL, standing for Oliquip Group Limited. In the early 1980’s and with the development of Olivetti’s first computers, coinciding with the first significant emergence of computers in the business workplace, OGL began providing and supporting the earliest models. At the same time, the company also began its work in software development with its own early stock control and accounts package.
The beginning of the 1990s saw the boom in modern computing as we know it today. The technical specifications of servers rocketed as prices dropped, allowing businesses to network PCs together to share resources, applications and data. As a result, the use of PCs in the workplace became far more prevalent. OGL identified this market trend and while increasing its installation and support of IT infrastructures, the company also became one of the UK’s earliest partners of both Microsoft and HP. Still accredited by these leading brands in IT to this day, partnership provided the most advanced training and guidance on the latest technologies, as well as affording high product availability and competitive pricing to businesses in the Midlands.
To accommodate its continued expansion in installing and supporting IT infrastructures to an increasingly large amount of business in the Midlands, in the early years of the 2000’s OGL Computer opened an additional premises, where OGL’s Technical Centre continues to be based today. With the company’s growing expertise in software development and to meet increasing market demand, the company also released its flagship software, prof.ITplus: over 60 man years in the creation, prof.ITplus remains the industry’s leading business management software for stockists and distributors of products in a variety of market sectors.
Today OGL provides IT Support & Solutions to over 1,000 organisations large and small throughout the Midlands including Gloucestershire and Cheltenham, and the company is focussed on providing for a business’ complete IT needs.
In addition to remote and onsite IT Support, provided by OGL’s team of fully qualified IT Technicians, the company can also provide solutions including disaster recovery. OGL has recently launched its own Disaster Recovery Suite, complete with PC workstations and office facilities, which a business can relocate to in the event of a disaster at their premises. Meanwhile, OGL can provide an automated backup of a business’ data and protect it at its own maximum security Data Centre, thanks to its Offsite Recovery disaster recovery solution.
“OGL Computer provides a partnership in IT with businesses in Cheltenham and around the Midlands,” says OGL’s Marketing Manager, Alex Byles. “This means that we can provide high level technical assistance on specific IT projects to an existing IT department, or we can offer comprehensive IT Support and proactive IT administration to smaller organisations which may not have capacity for their own dedicated IT expertise.”
Visit www.ogl.co.uk for all your business IT needs.