Tag

IT security Archives - Page 2 of 2 - thinkCSC

Jan 06
0

Avoid Devastating Security Breaches with Sender Policy Framework

By | Communication Security

Over the last year we’ve seen a significant increase in the volume of “spoofed” email, where the sender of the email appears to be internal to the company, attempting to trick the recipient into initiating an action that appears to be legitimately requested, such as a wire transfer or the opening of an attachment that enables ransomware. These emails can be very deceptive. Often, company executives are impersonated, and emails are sent to people within the organization who would typically be involved in such transactions. While there is no foolproof way of stopping these messages – and the best line of defense, of course, is a well-trained staff who reacts with caution before opening attachments or sending money – we do recommend implementing Sender Policy Framework (SPF) technology to help prevent the spoofed emails from even reaching their destinations. 

Sender Policy Framework 

Sender Policy Framework is a technology used to establish approved email systems for a domain. To implement SPF, thinkCSC creates a special DNS record that identifies which servers are allowed to send email for your domain. This record is then read by supported mail systems and processed according to their configured policies. In other words, we create a special code that tells the email provider which messages are legitimate email, allowing the provider to better detect spoof messages and mark them as spam. Most major mail providers now factor SPF evaluation into their overall scoring mechanism for determining whether a message should be delivered or marked as spam, and some mail providers will automatically junk messages that fail an SPF evaluation. While this technique does not ensure that spoofed message will always be considered spam, it does increase the likelihood considerably.

In order to successfully implement an SPF record, it’s critical to identify all of the mail servers and third-party services that could be used to send email on behalf of a domain, including the email provider, company websites, relays, third-party SaaS tools (like CRM), and marketing software that sends emails on behalf of the organization. Once these are identified, thinkCSC will create the DNS record, test and validate email flow from known senders, and update the SPF record as needed.

If you have been the victim of phishing emails or would like to learn how to protect your organization from sender address forgeries, contact thinkCSC for more information.

Jan 26
0

IT Trends – 2015 Edition

By | Data Security, Managed IT Services | No Comments

Crystal BallLast year we predicted several IT trends that are, for the most part today, standard operating procedures for most businesses. From VoIP to secure collaboration using Enterprise File Synchronization and Sharing, the big focus last year was the shift away from legacy processes and applications, with the gradual adoption of access-anywhere, work-anywhere work tools that didn’t compromise security.

This year we predict nearly every operational focus trending in IT will have something to do with security. IT security is the trend of 2015.

In fact, the biggest trend of 2015 will be the acknowledgement that no business is secure. No business – from the one-man work-at-home freelancer to the largest international corporation – is immune from incident. If you use technology and access the internet, whether from a smartphone or through applications on a bank of servers, you are a potential target for malware, cyber-attacks, viruses, natural disasters, and other business-disrupting issues.

Managed IT

Managed IT services, while not a new trend, will take center stage for even more companies because the need to maintain state-of-the-art equipment and have access to offline backup and disaster recovery will be too great to ignore and too costly for every non-IT business to do well. Shifting from a capital expenditure model for IT to an OPEX model will also be a priority for businesses striving to remain globally competitive. Managed IT services accomplishes that.

BDR Goes Mainstream

When disaster strikes, business leaders recognize the need for remaining operational. Backup and disaster recovery services provide a cost-effective business continuity solution that reduces downtime and allows you to keep serving customers from anywhere.

Enterprise Threat Detection

Rather than waiting for hackers and malware to highlight security gaps, then developing security patches in response to protect businesses, you can make your approach to security more aggressive. Enterprise threat detection offers proactive security that uses predictive analytics to stay ahead of the next attack. This will become a necessity for businesses of all size.

The most competitive businesses are the ones preparing for possibilities and designing their infrastructure in such a way that they can remain flexible, proactive, and competitive. Managed IT and BDR are not new concepts, but they are trending in 2015 as adoption becomes ubiquitous.

Discover how thinkCSC can help your business. Learn more.

Oct 15
0

We Help Our Clients Keep Their Promises to Their Customers

By | Managed IT Services | No Comments

Businessman Hand Working With New Modern Computer And Business SWe often talk about our services in terms of what we deliver to our clients:

  • Predictable costs
  • Uptime
  • Enhanced security
  • Collaboration tools
  • Secure remote work options

But what do these benefits really mean to our clients?

Government agencies must meet legislative requirements and serve a body of constituents. School district must not only comply with mandates but also meet parent and student expectations. Private business must remain profitable in a highly-competitive global environment while satisfying both customers and business leaders. thinkCSC services are designed not just to deliver on our promises but to make sure you can keep your promises to your customers.

Predictable IT Costs

Predictable IT costs are good for business because it makes budgeting easier when converting capital expenditures into operating expenses. But it’s not just about managing the budget; it’s also about your ability to offer competitive pricing to customers or meet mandates within the constraints of your budget that truly make predictable IT costs something worth pursuing.

Uptime

Uptime is a common goal for managed service providers. It’s the way that we measure, in part, our ability to deliver on our promises. Uptime also means that you have the ability to meet the needs of your customers when they expect you to.

Enhanced Security

Security is the foundation of the integrity of any business. And while enhanced security is something we offer our clients, our enhanced security really means that our clients have the ability to meet both mandated as well as guaranteed protection of customer data. Whether you operate a business that processes financial transactions or a medical office required to maintain HIPAA standards, enhanced security is as much a necessity of doing business as it is a benefit.

Collaboration Tools

The collaboration tools we offer allow you to securely and efficiently work with team members around the world. And the reason this becomes important is because it allows you to be flexible and responsive, offering your customers the best innovations at the most competitive prices possible.

Secure Remote Work Options

By offering you secure, remote work options, we provide you with freedom. Whether it’s the freedom to attract talent from other locations around the globe or the freedom to work from home yourself, it’s a powerful offering. But what it really means to your customers is that you can be available to meet their needs from wherever you are – or reach the members of your team who can.

Predictable costs, uptime, security, collaboration, and remote workforce tools: Those are the benefits we offer our clients. What we are really delivering, however, is the ability for you to keep their promises to their customers.

Jun 09
0

Implement Security Before a Breach

By | Cloud Services | No Comments

security breachE-mail is a cornerstone of business communications, and obtaining your customer’s email address is a privilege that allows you to personalize your marketing efforts and learn details about your target market and gain insight that might otherwise be difficult to obtain. How do you assure your customers that their email address (and all the other information they share with you) is secure?

Right now, Sony is busy doing damage control over the security breach that occurred on the PlayStation 3 that let user information, including credit card numbers, escape their grasp. Last month, many financial institutions and retail stores were scrambling to reassure customers and apologize for a breach that occurred when their email company, Epsilon, was compromised and hundreds of thousands of names and email addresses were stolen. While only names and email addresses were accessed and not credit card information, there was a lot of placating to do to reassure uneasy customers. The month before that, Play.com admitted that their email provider had experienced months of irregular activity before revealing that their customers email addresses had been accessed and compromised.

As a business, ensuring the security of your internal email as well as the information you maintain about your customers has to be a primary concern – something you think about doing before there’s a risk for a breach. The question is, can you really create an environment that provides you with the security you need to offer the reassurance your customers and your investors want? It’s a matter of choosing the right hosted e-mail service that provides you the best possible security.

Here at thinkCSC, we have biometric security in place that ensures that only certain people can access the data center and firewalls. We run regular backups, but our backups are completely encrypted, so even the information stored on our back up server is safe from harm. Even if someone were to break in and physically steal our servers, the thieves would not have access to anything because all of the information on it is encrypted. We’ve literally locked out the hackers from the get-go.

We can actually run a piece of software from your location that encrypts your data before it is sent over the internet. When it gets to our site, even we can’t access it unless we have that encryption password. Most of the time, we are taking care of your whole network environment, so we will be the ones managing that password, and we have layers of security protocols in place that keep you protected. But we can also provide you with complete control, and can set it up so you’re the only who has the password.

The choice is simple: you’re either aggressively protecting your customer’s information by having the best email security available, or you’re preparing a letter to your customers to apologize to them after their information was stolen.