Star Wars and the best blog on network security I wish I wrote

Last year I read a blog, Star Wars: I Find Your Lack of Segmentation Disturbing and I found it to be utterly entertaining, but also spot on. As we approach the release of a new Star Wars movie in December, [...]

Star Wars and the best blog on network security I wish I wroteOli Thordarson2019-07-16T21:13:03-07:00

S.770 – MAIN STREET Cybersecurity Act of 2017 has passed the Senate vote

There is pending cybersecurity legislation that looks like it will affect almost every company on Main Street. It is known as the S.770 - MAIN STREET Cybersecurity Act of 2017. What is S.770? It is a law designed to help [...]

S.770 – MAIN STREET Cybersecurity Act of 2017 has passed the Senate voteOli Thordarson2020-05-28T13:21:06-07:00

Endgame on how Wannacry ransomware works

There has been a lot of discussion about the method of propagation and the overall impact of this ransomware, but what does this ransomware actually do from start to finish? Click HERE or on the image below to see the [...]

Endgame on how Wannacry ransomware workstlgadmin2017-06-29T15:23:51-07:00

Wannacry ransomware’s rich cousin – Is your computer mining money for hackers?

Here are a couple of snippets from Perth Now Sunday Times in Australia ANOTHER large-scale, stealthy cyber-attack is underway on a scale that could dwarf last week’s assault on computers worldwide. The new attack targets the same vulnerabilities the WannaCry [...]

Wannacry ransomware’s rich cousin – Is your computer mining money for hackers?tlgadmin2017-09-17T23:54:14-07:00

How do I prevent WannaCry ransomware?

Dear Valued Client,

Before we begin, if at any point while reading the message below, you need assistance or are just not sure, call 877-662-6624 or contact us by email and let us know so we may assist you. If you are one of our Patchworx clients or that rare organization that is covered through other effective measures, we sincerely congratulate you for your efforts to protect your company.

Whether you request our assistance or do the work of protecting yourself, not acting could be a very costly choice.

Critical news:

As you have likely heard in the national news, networks all over the world (in more than 150 countries) have been infected by WannaCryp Ransomware also known as WannaCry since Friday 5/12/2017…in fact it is estimated that 100s of thousands of computers are already infected and potentially million more will soon be. So, before we move into the details of why this matters, please DO NOT OPEN any attachments, click on links in emails from unknown senders, bring in un-scanned USB drives or otherwise invite an infection into your network.

What does ransomware do?

There are different types of ransomware but, all of them will prevent you from using your PC or server normally. They will then ask you to do something such as pay money before you can access your systems and data. Not all but most make getting data back impossible without

How do I prevent WannaCry ransomware?tlgadmin2017-06-29T14:32:15-07:00

Ransomware Training for End-Users – Be Ransomware Aware

Educate your users - Don’t let them be tricked into downloading ransomware/malware

Everyone should follow this advice:

Be very cautious when opening an attachment or clicking a link in an email, instant message, or post on social networks (like Facebook)—even if you know the sender. If you are suspicious, call to ask the sender if they sent it. If not, delete it.
The attack can look like it is from an official sources like banks, UPS, FedEx, USPS, eFax, etc. This has been the most common attack method to date.
If an e-mail gets blocked and quarantined by your spam filter, be very certain about the message and any attachments before you release it from quarantine. One user recently got burned this way.
Avoid clicking Agree, OK, or I accept in banner ads in unexpected pop-up windows with warnings or offers to remove spyware or viruses, or on websites that may not seem legitimate. These are usually bogus. Call your IT specialist if you are concerned.

Ransomware Training for End-Users – Be Ransomware Awaretlgadmin2021-01-28T20:16:40-08:00

What changed in NIST 800-171r1?

If you must comply with NIST 800-171 under DFARS you may wonder what has changed with the first revision, released in December, 2016. There are two substantive changes: 1. "Information Systems" has been replaced by "Systems" throughout the document. [...]

What changed in NIST 800-171r1?tlgadmin2024-04-21T19:36:04-07:00

How to get DFARS 252.204-7012 compliant and legal

December 31, 2017 is an important date for many in the DoD world. For those with contracts subject to DFARS 252.204-7012 it might feel like an overwhelming and impending date. I am sure this is another heavy responsibility thrown onto your plate with the expectation you get it done.

How to get DFARS 252.204-7012 compliant and legaltlgadmin2023-02-07T07:54:22-08:00

5 warning signs that shadow IT lurks in your company

Here is a blog by our friend Joe Stangarone of mrc's Cup of Joe Blog. He writes about the dangers of shadow aka stealth IT and how to spot it. Shadow IT is basically software and services that enter your company network without your knowledge or permission. Here is his blog....

Summary: A growing trend, “Shadow IT” is a term used to describe IT systems and solutions built and/or used inside organizations without the approval of the IT department. This could include anything from employees emailing spreadsheets back and forth to entire departments licensing third-party, cloud solutions behind IT’s back. The problem: Since Shadow IT usually happens on the sneak, IT departments don’t know where (or how much) it’s happening. Is Shadow IT lurking in your business? Read this article to learn the warning signs.

Like it or not, Shadow IT is probably alive and well in your organization. Recent surveys find that it’s not only growing, it’s far more rampant than business leaders realize.

What can you do about it? In past articles, we’ve explored a few ways to address and reduce risks of Shadow IT. We’ve looked at:

That being said, there’s still a problem: You can’t address Shadow IT if you can’t see it. How do you know whether or not Shadow IT lurks in your company?

5 warning signs that shadow IT lurks in your companytlgadmin2024-04-21T19:36:30-07:00

Bad Backup, bad bankruptcy

Orange County, CA - Always make sure your backups are in good working order. Here is a story of a company reports to be out of business because they lost 300 GB if their IP and company operations history - GitLab.com melts down after wrong directory deleted, backups fail. The story mentions Gitlabs.com outgrew the cloud and that is why this happened. No, they simply had bad backups and they did not check to make sure they had an ability to recover before doing work on the storage system. Data loss disasters can happen in the cloud, too. So make sure you have your backup operations in order. Disaster can strike in innumerable ways no matter your IT operation model.

Backups need to be constantly examined to make sure they are working. Here is a partial list of questions you should be asking when doing your due diligence:

Bad Backup, bad bankruptcytlgadmin2017-09-18T00:47:29-07:00

CEO Message

Alvaka's Philosophy

Alvaka Facilities

Management Solutions

Services Overview

Ransomware Prevention

Ransomware Recovery

Infrastructure Monitoring

DFARS Compliance

NIST 800-171

Vulnerability Management as a Service

"Net" Solutions

AlvakaNet

NetPlan

NetSecure

Network Management Consulting

"Worx" Solutions

Software Patching

Backup & Disaster Restore

Managed Firewall

Advanced Email Security

Advanced Email Filtering

Staff Augmentation