• Welcome to Demakis Technologies! We are waiting to help you!

Category Archives: Network Security

access controls

Access Controls: Keeping You Safe from the Inside Out

In a world where more and more time is spent dwelling upon and selling software, we shouldn’t lose sight of the importance of quality hardware and other physical tools. In many industries, reliable physical security tools are still vital to the safety of business data, assets, and employers. One of the most useful tools for your company’s security could be access control.

Whether the danger of a cyberattack is coming from a malicious outside group or it’s caused by a disgruntled employee, you should do the most to secure what matters the most.

So even though digital technology is currently reigning supreme in the security industry, you will benefit from a physical tool such as access control that gives you a nuanced and intuitive approach to physical security.

Brief Look at Access Controls

A good physical security solution almost always has an effective door and digital access control system. Such systems let you control who can enter and leave the physical grounds of your company, or its certain zones. They also let you control who can access data stored on company hardware.

In other words, access controls are stopgaps for unwanted personnel who shouldn’t get insight into certain company data and insights.

As mentioned above, long gone are the days when such physical tools were separated from digital technology. Today’s secure door access systems have advanced with the arrival of the Internet of Things (IoT) and other software tools. Getting IP and cloud-based access controls became a popular option for company CEOs. But some still go down the old lock-and-key control route, or a combo of the two.

Access Control Cybersecurity

How Does Access Control Work?

Access control works by identifying a person, confirming that the person is who it says to be, and letting it have the access and perform the actions connected with the login or IP address. 

There are two directory services and protocols you should know about:

  • Lightweight Directory Access Protocol (LDAP)
  • Security Assertion Markup Language (SAML)

These give access controls for identifying and authorizing users and allowing them to access computer resources like distributed apps and web servers.

Steps to Take When Implementing Access Control

Before you jump into the decision of getting a new security system feature, you need to find a good provider of managed IT services. Then and only then, you need to communicate with the service provider about your needs. Here are some of the basic foundation-building steps you will undertake together.

Develop Role-based Access

Your organization will most likely have numerous departments with varying levels of responsibility. Not everyone requires access to every sector.

As a result, it’s necessary to devise a system in which your staff’ tasks are clearly defined and suitable authorizations are granted depending on the sort of work that they perform. The network administrator who has access to the server room or the accountant who has access to the business safe are examples of role-based access. Ensure to examine regulatory compliance practices for each role when creating them.

Don’t Forget About Least Privilege Access Control

When talking to IT managed service providers, a lot of them will tell you about the importance of the least privilege rule. In short, that refers to the point that access should be given just by those who really require it – rather than being a convenience. Moreover, IT staff and security teams with roles dealing with access control privilege decisions should be put under some amount of monitoring.

After all, lots of cyberattacks come from inside the organization, and this is one way to minimize the risk.

Installing Access Control Software

There are many different forms of access control programs and applications, and to maintain access control, numerous components are frequently utilized simultaneously.

The software tools could be on-premises, in the cloud, or a combination of the two. They may be primarily concerned with a firm’s current access control or with consumer access management. The following are some examples of access management software tools:

  • Tracking apps
  • Reporting apps
  • Tools for managing passwords and other security access data
  • Provisioning tools
  • Identity databases
  • Security policy enforcement tools
Access Control Cyberthreat

Final Word

One Statista research found that in 2017 a record-breaking number of data leaks happened. And in 2020, another record was shattered – regarding the amount of records exposed.

So as the number of cyberattacks climbs up, so does the requirement to undertake action in your company and install both physical and software solutions for security. As a business owner, you should be in the know with technology advancements in this area and implement the newest trends that can benefit your company and secure employers and data.
So the next step you should take is to find a trusted managed service provider who will tailor you a package of services suited for your needs.

IT Assessment

Top 7 Benefits of an IT Assessment

We’re all guilty of delaying our routine checkups with doctors and dentists. And we’re also guilty of doing so with IT assessment. But the same as with our bodies, we should have an ongoing objective view of what exactly is going on within our IT system. All of this is done for the reason of mitigating future risk.

There are a myriad of benefits of an IT checkup. A complete IT checkup gives you an overview of your business’ IT situation. That way, you have a better view of your operations and a complete outside perspective. Also, system assessments keep you focused on trends in your industry and on what your employees are doing.

Let’s expand on these benefits of IT assessments a bit more.

Defining an IT Assessment

First, let’s understand a bit better what we mean by “IT assessment”. This sort of checkup refers to the assessment of the general strengths and weaknesses of an IT system in any organizational network. Along with the assessment, a list of suggestions is given, as well. The suggestions focus on ways to improve system security, network design, and the general IT infrastructure.

What has to be done for an IT assessment to happen?

For starters, you need to hire a reliable IT consultation service provider and give them total access to the organization network, IT facilities, and other needed data. Next, the provider conducts the assessment by checking key areas of your digital environment, such as:

  • System Security
  • Data Security
  • Mobile Device Management 
  • Server Infrastructure 
  • Network software 
  • Etc. 

Before we look at the most obvious benefits on system checkups, bear in mind that there are risks in IT assessments. They mostly come from the risk of your data being leaked to third-party vendors.

IT Assessment for your company

5 Benefits of an IT Assessments

Some of the best practices expert IT service providers recommend can help in building a strong company foundation as well as reliable plans for company growth.

Reduced chance of accidental misconfiguration: The company can decrease its system vulnerabilities in the cloud environment by implementing the specific configuration adjustments recommended as part of the cloud security assessment.

Reduced chance of missed notifications: The recommendations of the cloud security assessment team can help an organization enhance its ability to detect and respond to compromise, preventing a minor issue from becoming a full-blown breach.

Improved resiliency: The IT assessment team will provide suggestions to help enterprises recover from breaches more quickly.

Detection of past compromise: While an IT security assessment is not a full-fledged IT compromise investigation, it can detect deviations from the standard in the organization’s IT configuration that may have been caused by compromised behavior.

How IT Assessments Help Your Team Function Better?

So, the technical aspect of benefits is pretty clear now. But how does that further help your team operate better?

Employee Awareness

Apart from the apparent security benefits, one of the things that individuals overlook when conducting these assessments is their employees. All of the information gathered from a checkup like this can be utilized to improve employee performance and raise understanding of the hazards they face, such as how to spot phishing attack emails.

Motivation

Another benefit for your team is that assessments will serve to remind them of your commitment to security and adequate procedures. Every day, we all have a lot on our plates, and it can be difficult to keep all of them spinning at the same time. Maintaining the integrity of your systems by reinforcing priorities is always a wise technique.

Budget Planning for Middle and Upper Management

It’s vital to have good reasoning for the plans you’ll have when creating budgets for the following year. Your cloud assessment’s facts and lists will help you justify future spending and explain the long-term benefits of the acquisitions you intend to make. All of this information also aids in determining what security requirements should be prioritized in your IT budget.

IT checkup

Final Word

No matter if you looked up this article because you are currently facing IT difficulties in your company, or are just looking out for options to keep your ongoing business safe, we hope this helps you get your operations in order. Having an assessment done will help you build a foundation of security controls and assist you identify risks that are leaving you vulnerable to attack.

After all, all organizations and businesses need to employ the help of IT experts from time to time – at least once in 6 months, to be more exact. Especially when extra demands are placed on IT, it is helpful to outsource someone who can implement the new initiatives and meet the changing needs of your department.

Following an IT checkup, you’ll feel more at ease – just like after a regular checkup with your doctor.

Content Filtering

Content Filtering [Definition + Benefits]

This is a quick guide to content filtering.

In this new guide, we’re going to answer questions such as:

  • What is content filtering
  • How it works
  • Why is it important for your company
  • And more

So if you’re looking to integrate a content filtering solution or improve the filtering on your firewall, then this article will help you.

Let’s begin.

What is content filtering?

Content filtering (or information filtering) is the process of screening access or availability to web pages or emails that can threaten user or network security. The goal of this software is to block content that contains this harmful information and let organizations control content access via their firewalls.

What types of solutions exist?

There are two main types of content filtering:

  • Content filtering hardware
  • Content filtering software

Both of these solutions are often built into devices or integrated into their systems to block access to information. At the same time, information filtering is a crucial part of internet firewalls.

There are also content filtering tools that typically companies use to raise their cyber security or enforce corporate policies around IT system management.

For example, organizations use information filtering to limit employee access to social media websites.

Besides this there are also several sub-types of content filters:

Internet filters: the most common form of content filter. Internet filters block access to specific webpages or websites and are managed via firewalls or browser-based filters (extentions).

Search engine filters: these content filters allow users to deny access to inappropriate links from their search results pages.

Search engine filters

DNS: this form of filters blocks domains that operate outside of acceptable DNS settings that an organization outlines in its corporate policy.

Email filters: email content filters screen the body, subject line, headings, and attachments in email messages to block or reject incoming mail with malicious intent (e.g. Phishing scams).

Web content filters: these filters prevent users from accessing web pages by blocking URLs and preventing browsers from loading specific sites, either based on content or site security.

Proxy filtering: proxy filters are gateway security measures between user devices and servers that enable admins to restrict user access to specific websites. Proxy filters are commonly used by public institutions such as governments or schools. 

Why is content filtering important?

Content filtering helps to protect users and their devices, networks, and servers from harmful information by preventing access to it.

This enables all parties to operate on the internet in a safe and secure environment.

Besides this, there are other benefits of content filtering to users and their organizations:

Minimizing malware attacks

Content filters enable your organization to block access to websites known to carry malware. In this way, you protect data by reducing threats. 

You also reduce remediation time and the workload necessary for incident response.

Protecting you from exploit kits

Cyber attacks are a big security risk to your organizations’ data and assets. Exploit kits have codes that allow hackers to attack your web browsers via its extentions and plugins.

Content filters prevent this from happening by identifying exploit kits and blocking access to them before a user can trigger it with a download.

Boosting network bandwidth

User activity that isn’t work-related can affect the bandwidth of your organization. Content filters help you to limit users’ access to specific websites that raise bandwidth usage (e.g. YouTube). In turn, blocking these websites can make internet usage more efficient for all of your employees.

Raising staff productivity

Besides technical benefits, content filters also have a practical application. By limiting access to specific websites, like social media channels, online shopping platforms, and streaming sites, you raise the productivity of your workforce. (Since they’ll spend less time wasting the company’s time).

Web content filtering

Start Using Content Filtering

What type of content filtering are you using at the moment?

Do you want to improve the way your company filters information?

We can help you.

Demakis Technologies is a professional IT service provider. 

We specialize in managed services, helpdesk support, and, yes, network and cyber security.

So we can offer you IT services tailored to your needs. (Including a tailored solution to boost your content filtering policies)

CONTACT US to get in touch with one of our IT professionals and get started today.

endpoint detection and response

We Tested 3 Best EDR Tools for 2022 – Here Are the Results

We tested many endpoint detection and response (EDR) tools to help you choose the right one for your business.

Specifically, we looked at their capabilities, price, success rate, integration, and add-ons.

In the end, we picked out our three favorite solutions:

  • CrowdStrike
  • SentinelOne
  • Check Point SandBlast

This is quick review of our top 3 EDR tools:

#1 CrowdStrike

CrowdStrike Falcon is one of the more powerful EDR tools on the market. The ideal solution if you’re looking for response and cloud-based management with excellent UI and ease of use.

The thing that really makes CrowdStrike stand out is its advanced endpoint protection. It combines EDR capabilities with next-gen antivirus and a 24/7 managed threat hunting service.

If you’re looking for an affordable EDR, then CrowdStrike may not be the solution for you.

Still, it’s worth the price you pay for since you’ll get all the critical features necessary for detection and cybersecurity:

For an additional fee, you can get access to add-ons like automated remediation and vulnerability assessment, which sets CrowdStrike apart from its competitors.

Beside the price tag, the only other downside to Crowdstrike is its lack of content filtering or VPN.

VERDICT: One of the most powerful EDR solutions available on the market, with the largest number of features that guarantee maximum detection and protection.

Open padlock on modern laptop. Computer Security Vulnerability concept

#2 SentinelOne

SentinelOne is another full-featured EDR tool. But what sets this solution apart is that it uses AI-powered threat detection and response.

This makes it an ideal security system to cope with hackers that use artificial intelligence and machine learning in their attacks.

SentinelOne comes with an endpoint protection platform (EPP) that enables you to control everything from detection, through response, to remediation. 

In fact, automated remediation is included into the price and is highly rated by many users.

However, SentinelOne lacks some features you may be looking for. Specifically, this EDR tool doesn’t include full-disk encryption, VPN, mobile support, or web content filtering.

But even without these capabilities it is still a top-rated solution, which is why Gartner named SentinalOne one of the best EDR platforms in its Peer Review with a score of 4.9 (out of 5).

VERDICT: One of the most popular EDR products on the market, with great features, scores and usability.

#3 Check Point

Check Point SandBlast is a feature-rich EDR solution. What makes this solution stand out is that it’s built for ease of use. 

Check Point is also tailored towards smaller businesses that operate on a smaller budget and with fewer resources, often with small teams or with managed IT services.

The price of this EDR system is also on the lower-end of the spectrum but that doesn’t mean you won’t get a bang for your buck.

In fact, Check Point is powerful enough to cater to both SMBs and large-scale and complex enteprises.

Red human figure in a network. Leader and leadership skills. Teamwork of a talented professional worker. Weak link, toxic worker. Security threat. Cooperation, collaboration. Spy. Employee replacement

The biggest downside to this solution is that Check Point doesn’t provide you the ability to create custom rules. There are also some issues with implementation, but the developers have assured us that this is going to be fixed this year.

VERDICT: With a solid performance and a lot of capabilities, one of the best EDR products in its class and price range.

Ready to Make Your Decision?

These are our top three picks when it comes to endpoint detection and response solutions.

But the decision is up to you.

Still, if you need more information about EDR, we’re here to help you.

Demakis Technologies is a professional IT service provider. 

We specialize in managed services, helpdesk support, and, yes, network and cyber security.

We can offer you IT services tailored to your needs.

CONTACT US to get in touch with one of our IT professionals and get started today.

recent ransomware attacks 2021

Ransomware Attacks: Plan, Prepare and Respond

In this article, we will explain how you can plan, prepare, and respond to ransomware attacks.

Specifically, you will find out: 

  • What are ransomware attacks?
  • How to prevent them?
  • How to respond to an attack? (If it happens)

So, if you want to protect your business from ransomware attacks and raise your cybersecurity, then this post will be helpful to you.

Let’s begin. 

What are Ransomware Attacks?

Ransomware attacks are extortion malwares. They employ encryption to hold a victim’s information at ransom. Basically, it’s the act of holding your files or computer hostage. It’s only released once the ransom is paid. 

Hackers usually extort cryptocurrencies, which is why it’s difficult to trace and prosecute them. 

Biggest Ransomware Attacks

Ransomware is a growing threat, generating billions of dollars to cybercriminals.   

Recent ransomware attacks in 2021 seem to be more sophisticated and disruptive than last year. 

New forms are quickly evolving and the number of attacks is expected to increase.

Now let’s go through some of the biggest ransomware attacks. It will help you understand how these ransomwares generally work. 

Here we go. 

1. Wannacry ransomware attack

WannaCry is a ransomware cryptoworm cyberattack. It targets computers running Microsoft Windows OS. 

The first, worldwide Wannacry ransomware attack happened in 2017. The ransomware encrypted data and demanded ransom of $300 to $600, paid in Bitcoins. 

Estimates from Europol put the number of computers infected at more than 200.000 across 150 countries. Financial damages ranged from hundreds of millions to billions of dollars. 

Ransomware Attacks

2. Darkside ransomware attack

The Darkside ransomware group announced their Raas (Ransomware-as-a-Service) in August 2020 via a “press release”. 

Since then, they’ve become known for their professional operations and large ransoms. 

Darkside ransomware attacks target multiple large, high-revenue organizations. These attacks result in encryption and theft of sensitive data. If the ransom demand is not paid, they make the data publicly available. 

3. REvil ransomware attack

REvil (Ransomware Evil) is a Russian Raas operation. REvil ransomware encrypts files and discards a ransom request message. 

The message says that if a ransom is not paid in time, it doubles. If it’s not received at all, the information gets published on REvil’s page “Happy Blog”. 

REvil sold ransomware tools to other hackers. Some of their customers caused serious damage. 

For example, in July 2021, they targeted customers of IT software supplier Kaseya. This REvil ransomware attack breached 1.500 businesses and demanded a ransom of $70 million.

Lots of the latest ransomware attacks in 2021 are REvil’s doing. Some public figures were attacked, too, such as Donald Trump, Lady Gaga and Madonna.

4. Ryuk ransomware attack

Ryuk (Ree-yook) is a ransomware that first appeared in 2018. Ryuk tops the list of the most dangerous ransomware attacks. 

It accounts for 3 of the top 10 largest ransoms of 2020: causing damages of $5.3 million, $9.9 million and $12.5 million

Ryuk ransomware attacks successfully target industries and companies around the world. 

It’s believed that a russian cybercriminal group known as “Wizard Spider” operates Ryuk ransomware.

5. Maze ransomware attack

Maze is another sophisticated strain of Windows ransomware. 

Since December 2019, Maze ransomware has been very active. It targets organizations worldwide across many industries. 

As with other forms of ransomware, Maze extorts cryptocurrencies for the recovery of sensitive data. If victims refuse to pay, they are threatened with the leakage of data. 

Maze ransomware attacks are usually distributed through spam emails, RDP brute force attacks, and exploit kits. 

6. Conti ransomware attack

Conti is a ransomware that’s been observed since 2020. 

Conti has caused a great deal of damage in a short period of time. The Conti group makes headlines around the world. They are probably best known for “Graff ransomware attack”.

Graff has a clientele of Hollywood A-listers. The Conti group leaked 69.000 confidential documents as a preliminary show of force. After that, they demanded tens of millions of dollars ransome to prevent further leakage. 

ransomware attack solution

How to prepare for ransomware attacks?

Preventing ransomware attacks is crucial, so you need to know how to prepare. This is what people are usually advised to do: 

  • Regularly backup your data. Storing data in the cloud is commonly used for backups.
  • Train your staff so they can detect and report a possible ransomware
  • Contract with a vendor that can provide response support, in case anything happens
  • Train your staff to detect a phishing email. Most of ransomwares start with phishing. 
  • Update your software with the latest security patches
  • Create an organization-wide policy regarding ransomware attacks. 

How to respond to a ransomware attack?

If you ever receive a ransom request, first check with your IT manager if it’s legitimate. If it is, you have two ransomware attack solutions. 

If you have backups that work, you don’t need to worry. Just restore all your data and you’re fine. 

If you don’t have backups, you must asses:

  • Is the data critical to your business?
  • Has your company pre-determined that it’s ok paying a ransom?
  • Does your insurance cover it?

Preventing ransomware attacks

Preventing ransomware attacks requires an all-hands-on-deck approach.

You’ll most probably need a team of professionals to deal with it. 

But don’t worry. 

We’re here to help!
Please CONTACT US at Demakis Technologies to find out more about how we can raise your cybersecurity and protect your business data and digital assets.