Tag Archives: data protection solution

You’ll catch more phish with honey than vinegar

Businesses know that they have to combat the human error that results in cyberattacks to their network and potential loss of critical data. They value their employees but need to create an atmosphere of awareness. Savvy business owners and managers turn to training and education. But it can be challenging to train employees in best practices without a security background.

Studies prove you’ll get a higher retention rate and better participation when you train employees with “carrots, not sticks”. The Wall Street Journal examined this idea in the recent article ‘A Better Way to Teach Cybersecurity to Workers’: “The problem, security experts say, is that the usual security training is a big turnoff for employees. Most of the time, all it does is try to instill fear of clicking on suspicious links or using weak passwords. But research shows that approach doesn’t work.”

Keep your cyber awareness training from becoming a chore. Make it positive and incentivize employees for participation. Our Managed Security Awareness Training does just that! With its built in reporting features the program is ideal for tracking your employee’s progress and rewarding them for successfully spotting a phishing trap!

What is the most common result of clicking on a link in a phishing email? Ransomware. The cyber epidemic that results in 57% critical data and/or hardware loss and up to 75% downtime for small to medium sized businesses (Datto State of the Channel Report). That’s too much to risk! Social engineering techniques exploit a very basic concept: it’s possible to trick people into doing the dirty work for thieves. Ransomware is the payload of choice for malicious email campaigns and in 2016 U.S. companies experienced the greatest number of ransomware attacks, over 500 million due to the Locky ransomware.

So how do you reduce the 30% phishing email open rate? Education, Engagement and Encouragement.

A training and awareness program that encourages good cyber hygiene can make a big difference between recognizing a phishing email or becoming a victim. When employees fully understand the issue – and the risks – they’re in a position to serve as the barrier of protection, essentially the “human firewall”. The Managed Security Awareness program combines a 3 step approach:

• Training – Employee email security training on a computer based training module

• Evaluation – Periodic testing through the use of simulated phishing that puts their training to the test

• Insight – In depth quarterly reporting reveals campaign statistics, vulnerabilities and employee activity

If organizations aren’t monitoring internal emails, they risk potential downtime, data & financial loss. Combat attacks by utilizing education with cutting-edge training methods to reduce human error. And with the detailed reporting features you can track the employees who successfully detect the phishing emails and reward them with recognition and prizes. Something as simple as an Amazon gift cards goes a long way to fostering good cyber awareness. A positive-reinforcement campaign like Ancero’s Managed Security Awareness will result in greater security, peace of mind and enthused team members!

Where do you start? Take an in depth look at our Managed Security Awareness Program and then give our data protection specialists a call at 856-210-5800 or email at info@ancero.com.

New firewalls, new protections, no upfront capital expense!

Don’t fight the threats of today with the technology of the past. Upgrades are essential to your security.

Ancero Managed Security as a Service (SECaaS) combines the security of a SonicWall firewall appliance with Ancero managed IT services, reporting software, and content filtering, plus all related warranty and subscription services in a bundled solution at a low monthly subscription price. Always have a current firewall with no capital expenditure. And SonicWall firewalls and management software deliver the features, flexibility and visibility you need to fight threats without slowing down your network.

With Ancero SECaaS all the necessary security components are bundled into a convenient monthly subscription price with no upfront hardware investment required. Deploy a network security solution that fits within virtually any budget!

What’s included with SECaaS?

  • Firewall hardware
  • Advanced software solutions
  • Security configuration
  • 24×7 Monitoring and management
  • On-Demand Reporting
  • Content Filtering
  • Hardware flexibility
  • Ancero support service

Always have a current firewall with long-term flexibility to upgrade equipment as your needs change and as technology changes. Eliminate your capital expenditure with no upfront cost for hardware, and pay a predictable monthly service fee for security instead. SECaaS is available across the entire SonicWall product portfolio – from the smallest to the largest firewall.

Eliminate time consuming management when you outsource your network security to Ancero. We install, configure and deploy your security solution – managing everything for you, plus 24×7 Ancero support. SECaaS includes many of the SonicWall network security services that are essential to your data protection, including their Capture Advanced Threat Protection.

For the full features and list of benefits download our Managed SECaaS brochure.

The #1 selling small business firewall, the SonicWall TZ firewall, delivers the same level of security, performance and manageability as firewalls used by banks, government agencies and large businesses. Watch the video or download the TZ firewall technical data sheet

Ready to upgrade your old firewall? Call Ancero, your full service IT company, to discuss this new Managed SECaaS service 856-210-5800 or email us at sales@ancero.com.

What your team needs now – Security Awareness Training

What your team needs now – Security Awareness

In the midst of this tumultuous cybersecurity climate, Ancero is proud to unveil a new security awareness offering to help protect organizations against countless ransomware and malware scams.

52% of all security breaches are a result of human error

30% of all Phishing emails are opened

Now you can do something about it….

Introducing Ancero Managed Security Awareness (AMSA)

Data breaches in the U.S. are expected to rise. The criminals are after your critical data and they’re targeting your people to get it. Unfortunately end users are easy prey for cybercriminals. They are increasingly exposed to phishing schemes and ransomware attacks. People are the common denominator in most cyber intrusions but they can be trained to recognize threats which minimizes human error.

With the Ancero Managed Security Awareness program, employees become a front line of defense against threats to critical business data and systems. AMSA is a subscription based security awareness service, priced per seat, per year, that creates awareness and communications through ongoing training solutions embedded into employees’ daily activities. These proven methods work to minimize human error by keeping security at the forefront while staying compliant with industry regulations or state laws.

91% of cyberattacks start with a phishing email. The success of these cyber attacks relies on human error. A training and awareness program that encourages good cyber hygiene can make a big difference between becoming a victim or recognizing a phishing email when it comes in. The Managed Security Awareness program combines a 3 step approach:

  1. Training – Employee security training on a computer based training module
  2. Evaluation – Periodic testing through the use of simulated phishing that puts their training to the test
  3. Insight – In depth quarterly reporting reveals campaign statistics, vulnerabilities and employee activity

If organizations aren’t monitoring internal emails, they risk potential downtime, data & financial loss. Combat attacks by utilizing education with cutting-edge training methods to reduce human error. With Ancero’s Managed Security Awareness program you can choose the level that fits your security needs and your budget. Download the free AMSA brochure to learn more about each offering, the features included and pricing. If the AMSA program can benefit your business call us to arrange a consultation 856.210.5800.

VoIP is not immune to security threats

VoIP is not immune to security threats

The many benefits of switching to a VoIP system from traditional telephony are why it has become widely adopted by businesses everywhere. But since most businesses view the switch to VoIP as just an upgrade to their phone system, the importance of VoIP security rarely crosses their mind. VoIP’s technology has inherent vulnerabilities that can pose a risk, but with the right security measures set in place, VoIP can be secured to prevent attacks or misuse of services. Security specifically for VoIP communications can be examined in three important parts:

What do you need to protect?

  • Keep your VoIP service running continuously, without disruptions or downtime
  • Protect sensitive customer information and business data, including call transcripts and transaction records
  • Prevent unauthorized users from making calls, and gaining access to your network
  • A secure VoIP system will help your business maintain compliancy standards

Who are you protecting against? Understanding where threats may come from and the motivations behind the attacks is critical. The main threats generally come in three forms:

Toll Fraud: A person or organization that wants access to VoIP services can piggyback on your system to gain free international or long-distance calls and data transmissions.

DoS attacks: Denial of Service attacks, organized assaults on a VoIP system are initiated to gain access to confidential information, along with telephone numbers, IP addresses, etc. This sensitive data can then be sold to competitors, or used to redirect calls for other purposes. DoS attacks are not always financially motivated. Sometimes the intent is simply to disrupt or shut down a network and may have been initiated by a disgruntled ex-employee or a sneaky competitor.

SIPVicious attacks: SIPVicious in its benign form is a developer tool used to audit the state of your SIP network. But the tool can be corrupted for bad intentions and used to gain access to a network or shut down systems, crippling your business.
What security measures are needed? VoIP security measures are not that different from data network security and layered steps work best.

Encryption – Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the standards for data encryption. These measures encrypt or scramble information so that it cannot be easily deciphered if the data transmission is intercepted.

VLAN – A VLAN segregates broadcast domains between networks. Because it separates voice and data, you can apply different security measures to your voice and data packets while improving the performance of your VoIP system. A VLAN is a good security measure for remote phones that connect to the business network.

Network security – It is just as important that your business network infrastructure is secured with firewalls, antivirus, gateway protection, end point security measures. Software patches and updates should be run regularly to keep systems up to date and eliminate vulnerabilities. To prevent outages and downtime, a redundant power supply, backup servers and regular data backups should be built into your VoIP network.

User Security – Educating the user is vital to preventing human error. Employees must use strong voicemail passwords, be educated about threats and how their actions can either help or hurt security. Employers must set and enforce security policies. For instance, applying a pin code for international calling is a common security measure to prevent unauthorized international calling. If a business is lax with precautions, they may not even know when a breach has occurred until after the damage has been done.

Businesses shouldn’t shy away from a VoIP phone system due to security concerns. The benefits far outweigh the risks! Just as with any technology, when you take the necessary steps to ensure that your system remains secure, risk becomes greatly minimized. Many of the VoIP systems available today include robust security protocols as part of their offerings. Be sure to inquire with a VoIP service provider about built in security options if you are planning a move to VoIP.

Take a look at Ancero’s Utility VoIP cloud based phone system. Our award winning Managed Communications services can help you plan a communications strategy perfect for your business needs.