Your address will show here +12 34 56 78
Blog

Hee-haw (gun smoke flaring and horses galloping)! The flamboyance of the traditional celebratory shouts of outlaws play in my    head as they hold up a bank and make their getaway into the sunset leaving nothing but dust trail. This is how many of us remember old western movies and television shows portraying the typical bank robberies of the wild west. 

Sadly, these bank robberies were real and occurred on regular basis during the mid and late 1800s. The criminal (sometimes glorified) acts left many towns defenseless, financially burdened, and ultimately deserted as the gold rush faded. Fast forward 150 years, instead of gun slinging outlaws holding banks hostage, it is now hackers behind closed doors using lines of codes to hold businesses ransom. 

The spike in ransomware attacks in the past few years has left security analysts and administrators scratching their heads and seeking solutions. Being infected with a computer virus is one thing, but when a business is locked out of their own system (or hackers releasing sensitive business data), it can be potentially devastating. Recent threats and ransomware are not just hindering businesses, but actually halting their operations. Some attacks are sophisticated and dire that forces businesses to reluctantly pay the hackers. The internet has become the new wild west. Experts expect global business losses to exceed $5 billion in 2017 due to ransomware and cyber-attacks. However, there are steps businesses can take to minimize the impact of the threat and attacks.

Back Up Your Data: Cannot emphasize enough on this step. Make sure to back up your data on a non-networked environment (disconnected from network) so that outside access is cut off. This will potentially prevent outside hackers getting hold of your back up data. Routinely schedule either daily or weekly back up depending on your business needs. Additionally, verify the integration and restore process by scheduling and performing routine data restore as part of the contingency plan.

Check Your Network: Always use firewall configuration to limit IP address accessing your environment. But additionally, regularly check and block suspicious IP addresses promptly. Revisit your network access privileges for each user account. Ensure their level of access are correct and consider configuring multilevel of access to minimize potential impact if one of the users are affected by ransomware or virus. If possible, limit administrative rights to the very few within the organization. Finally, change credential passwords regularly ( minimum every 2-3 months).

Patch Regularly and Promptly: Earlier this year, ransomwares known as WannaCry and NotPetya took hold of businesses across the globe. The threat was recognized by many software manufacturers and an emergency security patch became soon available. However, many businesses neglected the urgency to apply the patch in time. Implement a protocol to apply patches regularly and emergency patches promptly from your verified software vendors.

Next Generation Antivirus: Although many locally installed antivirus software does a decent job with ‘known’ viruses and malware, it is not as effective when stopping unknown attacks. Nowadays, hackers are becoming more sophisticated and creative in penetrating businesses with their ransomware. Consider taking a look at cloud based antivirus software that are innovative and less resource intensive that uses smarter algorithm to detect suspicious activity ‘before’ an attack occurs. Consider a system that can block malware and non-malware attacks, and provide visibility into all activity occurring on your endpoints without having performance or security impact within your local environment. Also, it is cost effective as many offer subscriptions based services.

 

As businesses become more and more reliant on computers, vulnerability will always be there for the lurking hackers. Computers and technology help businesses thrive and survive. But with such reliance comes unexpected issues with viruses, ransomware, malware and so on. Unlike the old western days where the outlaws freely robbed banks and were meagerly resisted, there are solutions and strategies available to help your business survive these modern day hold ups. Hackers will continue to be more sophisticated and creative in an attempt to hold your business hostage. So be vigilant, but also be smart about protecting your business. Let’s make sure the next ‘hee-haw’ is coming from your business as you thwart the next cyber-attack.

 

0

Blog

Our organization partook in a company-wide training few weeks ago hosted by a major partner. The training was a full day engagement with extended coverage of topics including cyber security to trend setting shifts occuring in the industry. It was an educational and informative seminar indeed. The day was filled with slides, videos, speakers, IT terminologies and endless acronyms. As we all know, there are no shortages of acronyms or industry terminologies in use. It runs abundant and sometimes wild out in the industry. Understandably, a handful of the attendees looked dazed and confused during the training as common and collective questions were about clarifying what a certain acronym or word meant.

SQL, PC, API, Domain Name System, Secure Shell and etcetera may look and sound familiar to many in the industry. But for some, trying to understand or decode these words can be baffling. Information Technology is a broad and sometimes confusing industry with overlapping innovation crossing boundaries between technologies which adds additional confusion. You can find a full array of acronyms and abbreviations on the web and even Wikipedia to even further how massive the list is.

As a refresher, here is the difference between an acronym and abbreviation.

Abbreviations
An abbreviation (from Latin brevi³re → brevis meaning “short”) is a shortened form of a word or phrase used mainly in writing to represent the complete form.

Examples: DB = DataBase , CPU = Computer Processing Unit

Acronyms
An acronym (from Latin acro- meaning “beginning” + -onym meaning “word, name”) is a pronounceable word formed mostly (but not always) from the initial letters of a descriptive name or title. 


Examples: Wi-Fi (Wireless Fidelity) or .com (derived from word commercial)

To further muddle the word usages, IT industry also use industry and category terminologies which are specific to their IT fields. We want to take this opportunity to let you know that if you come across words or abbreviations that you are not familiar with, don’t sweat it. IT is such a vast and evolving segment that words are developed out of whim and sometimes transformed overnight. However, below are some of the commonly used words and acronyms that most IT professionals should be aware of that are more specific to business IT.

 

AI – Artificial Intelligence: Field of computer science that attempts to simulate characteristics of human intelligence or senses. These include learning, reasoning, and adapting. This field studies the designs of intelligent agents, or a system that acts intelligibly.


API – Application Program Interface: API is a technology used to create software applications using a group of set protocols and routines that define the functionality of the software. This allows interchange of data between different software.

ASCII – American Standard Code for Information Interchange: ASCII is a format used for text files in both UNIX and DOS operating systems. The files consist of 7-bit binary numbers that represent a numeric, alphabetic, or special character within the code. The purpose of the files is to support specific functions and format within an operating system.

BPS – Bits per Second: BPS is a computing bit rate which defines the number of bits that are transmitted over a specified unit of time. Bits per second determines the connection speed of computers and communications technology.

BYOD – Bring Your Own Device: BYOD is a policy used in business environments that permits employees to use their own computers and mobile devices in the workplace. BYOD policies are put in place to keep sensitive information safe while improving employee productivity.

CPU – Central Processing Unit: A CPU is the electronic circuit board inside a computer and is responsible for carrying out instructions delivered by a computer application. The instructions involve performing the logic, arithmetic equations and I/O (input/output) as specified by the program.

DNS – Domain Name System: A DNS is used to identify devices connected to the Internet by using a unique IP (Internet Protocol) address. The IP address for each device or website location is translated into a domain such as anyname.com which is easier for users to remember instead of entering the numeric IP address version to access a website.

DOS – Disk Operating System: The term DOS refers an early IBM operating system prior to the inception of Windows. The DOS operating system use a command line to perform tasks and access applications and was partially present in the early Windows operating systems (95 and 98). Currently, PC technicians use DOS commands to perform computer repairs and to work with settings within the operating system.

DRAM – Dynamic Random Access Memory: DRAM is the main memory in laptops, tablets, desktops, and workstation devices. It is responsible for storing frequently accessed data and applications to provide the user with faster access while performing computing tasks. It provides enhanced performance by using separate capacitors to store one bit of data in an integrated circuit.

e-Commerce – Electronic Commerce: Consist primarily of the distributing, buying, selling, marketing and servicing of products or services over electronic system such as the Internet and other computer networks.

EDI – Electronic Data Interchange: EDI is a standard used for electronic communications to transfer structured data between two devices, companies, or users in different areas of the world. The standard ensures documents can be opened and read when exchanged with devices of different operating systems and applications.

e-Learning – Electronic Learning:  involves the use of a computer or electronic device (e.g. a mobile phone) in some way to provide training, educational or learning material. And it also, involves using the Internet or an Intranet

Enterprise Security (Cyber-Security):
Protection of the security of information in all of its forms (electronic, physical) and the security of the systems and networks where information is stored, accessed, processed, and transmitted.

EULA – End User License Agreement: A EULA is a contract used by software licensers that defines to the end user how the software can be used. It is used to protect the copyrights of the software vendor and to establish parameters for the licensed copy of the software.

FTP – File Transfer Protocol: FTP is a protocol which is used to transfer files over the Internet. The files are transferred from one host to another using a network or Internet connection. Website managers frequently use FTP to upload files from a computer to a server where the website is stored.

Hackers: A person who accesses a computer network without permission for profit, criminal mischief, or personal satisfaction. Hackers are often able to break into computers because of operating system or other built-in system defects, hackers can get information relating to legitimate users and modify it and change it.

HTTP – Hypertext Transfer Protocol: HTTP is a standard protocol used for data communications on the Internet. The standard is used for request and response such as when you type in a website domain address to access a specific website. Your browser is requesting access to the website and the server responds by displaying the web page.

IaaS – Infrastructure as a Service: Infrastructure as a Service is full blown virtualization environment. IaaS is popular in the data center where software and servers are purchased as a fully outsourced service and usually billed on usage and how much of the resource is used. IaaS gives the consumer ability to control the operating system, arbitrary software/applications, network and storage.

Intelligent Agents: Is software that assists people and act on their behalf. Intelligent agents work by allowing people to delegate work that they could have done, to the agent software. Agents can perform repetitive tasks, remember things you forgot, intelligently summarize complex data, learn from you and even make recommendations to you. An intelligent agent can help you find and filter information and customize it.

Internet Security:
Set of rules, policies, procedures and technical measures used to prevent unauthorized right of entry, modification, theft, or physical damage to information systems that we may face when we access to the internet.

IEEE – Institute of Electrical And Electronics Engineers: The IEEE is an organization that consists of members of the Institute of Radio Engineers and the American Institute of Electrical Engineers. The primary purpose of IEEE is to define standards for electronic and wireless

Java Script: A scripting language based on the concept of prototype-based programming. JavaScript is only distantly related to the Java programming language, the main similarity being their common debt to the C syntax. The language is best known for its use in websites such as, write functions that are embedded in or included from HTML pages and interact with the Document Object Model

JRE – Java Runtime Environment: A JRE works with the Java Virtual Machine which hosts valid class files created in the Java Virtual Machine language. Java is a programming language that supports many objects embedded in websites. Without JRE, some of the website components may not work unless Java is installed on your computer from the Sun Microsystems Java website.

LAN – Local Area Network: A LAN is a network that connects a series of computers together to enable the devices to communicate with one another. Local Area Networks are limited to a specific area such as a business, corporation, school, or other.

MAC – Media Access Control Address: MAC is a type of communication protocol which provides channel access and addressing to control devices. The technology enables multiple terminals to communicate with a shared medium network that provides multiple access. The hardware which is used for MAC is known as a Media Access Controller.

NFS – Network File System: NFS is a file system protocol that allows an end user to access network files from a client computer. When the protocol is implemented on a network, any device connected to the network can access and share files.

PaaS – Platform as a Service:Platform as a Service is an environment where the business or consumer can install its own custom software or application that is located offsite and hosted by a cloud provider. However, the server is not maintained by the consumer including network, storage, operating system and so on. But the consumer still has full control of its deployed application or software. An example would be a business storing its database on the cloud server for access. This is cost effective for many businesses as investment in hardware, security, maintenance, and upgrades are not needed.

PC – Personal Computer: PC is a term used to describe a computer designed to accommodate individual users. A PC is operated directly and personally owned by the end user without any third party intervention.

RAID – Redundant Array of Independent Disks: RAID is method of backup storage that is comprised of multiple hard drive devices combined into a single unit for the purpose of data protection. When data is backed up, it is distributed across multiple drives (also known as redundancy) so if one drive fails, the data can be accessed on an alternative disk drive

Real Time Computing:
Enabling technology for many important applications, including multimedia, financial trading systems, air-traffic control systems, robotics, and process control, just to name a few which are subject to a real-time constraint.

SaaS – Software as a Service: Software as a Service is probably the most common reference we know when referencing to the cloud. It is a software delivery method that allows access to software and its functions via the internet connection usually through a web browser. A simple example would be an email service such as Gmail. You are connecting to the email contents through your laptop/pc or even a mobile phone. But the software and data are all handled by Google. For businesses, an example would be CRM or a healthcare software that runs offsite on a server by a vendor/software provider.

SAN – Storage Area Network: A SAN is used to access files and data via a dedicated network of multiple storage devices. The technology is used to manage optical storage, disk arrays and other storage resources connected to a server. When the SAN network becomes accessible on the server, the storage devices appear as though they are an included component in each individual computer connected to the network.

SATA – Serial Advanced Technology Attachment: SATA is a technology that establishes a connection to optical and hard drives using a computer bus interface. The interface is responsible for connecting host bus adapter to the optical or hard drive or other type of mass storage device. The advantage of this technology is to provide faster data transfer and smaller cable sizes at a reduced cost

SQL – Structured Query Language: SQL is a programming language used by database developers to enable the management of data in a relational database management system. SQL is a standard programming language designed to be transferrable to different database configurations without requiring code modification.

SSID – Service Set Identifier: An SSID is a service set that assists with the identification of a specific wireless network. The identifier locates the origin of a device connected to a wireless network, in addition to the wireless access point

TCP/IP – Transmission Control Protocol/Internet Protocol: TCP/IP is a protocol used to determine how data transmission should be addressed, packetized and routed to a specific point of destination. It is an important standard protocol used for successful communications over the Internet.

URL – Uniform Resource Locator: A URL is also known as a website address and is the domain address you type into your browser to access a specific website. URLs are also present on the Search Engine Results Page (SERP) and contain a link that leads you to the website. Think of it as the street address (URL) of your home (website).

USB – Universal Serial Bus: USB is a technology that defines various protocols included in a serial bus component. The protocols, in addition to the connectors and cables, are used to facilitate communications between computers and peripheral devices such as USB flash drives, headphones, external hard drives, portable media players, and more.

VoIP – Voice over Internet Protocol: VoIP refers to a method of communication using an IP (Internet Protocol) network. VoIP is commonly associated with IP telephony which offers telephone communication using an Internet connection.

VPN – Virtual Private Network: A VPN is a private network which is accessed using traffic encryption or virtual tunneling protocols. Although the network uses an Internet connection for remote access, the encryption technologies and security policies provide secure access. VPNs are frequently used by remote workers and other professionals that require a secure connection when performing computing tasks.

WAN – Wide Area Network: A WAN is a network that is spread over a large geographical area and is connected via telecommunications lines that are leased. A WAN commonly refers to the Internet but also can consist of a series of networks from different geographical locations, such as those for government entities, corporations, and others.

Web Services:
A Web service is a component of programmable application logic that can be accessed using standard web protocols. It’s basically a component, or an assembly in ASP.NET, that can be accessed over the web. Anyone with a browser can see and use this application logic.

XML versus HTML:
HTML short for HyperText Markup Language is the predominant markup language for the creation of web pages. Where XML short for The Extensible Markup Language is metalanguage written in SGML that allows one to design a markup language and for the easy interchange of documents on the World Wide Web also, it is more popular than HTML with web site designers

 

0