Network Security Specialist

Take Advantage of A Network Security Specialist for Your Business

The more our society becomes dependent on technology, the more we see an increase in data breaches, cyber crimes and leaking of sensitive information. This is why the government and businesses of all sizes are focusing more of their efforts on network security. When it comes to keeping your information safe, you can’t go it alone. Network security specialists are in high demand for assisting companies with their online safety needs. Below we discuss the importance of working with a network security specialist to keep your business secure and information safe.


Role of a Network Security Specialist

Your network security specialist is in charge of safeguarding your computer system and protecting it from threats. The threats may be external or internal in nature, but one of the biggest threats to network security generally comes from outside sources. The network security specialist will install firewalls and programs that issue alerts when there is an attempt to infiltrate the system. Network security specialists are constantly updating their level of knowledge to keep up with the growing technology industry.


Advantages of Hiring a Network Security Specialist

Having a network security specialist in your arsenal of weapons to combat hackers has many advantages, including:


Protection of Company Data

Part of the job of a network security specialist is to constantly monitor the flow of information within the network, prevent unauthorized users from accessing sensitive data and to check on bandwidth usage. This data may be pertaining to customers when dealing with companies like banks or other large corporations. Information such as phone numbers, account numbers, credit card numbers, addresses and emails can become exposed. Government agencies will have information that pertains to internal communications and secret operations, posing threats to national security. A network security specialist is vital to the safety of these organizations’ information.


Setting IT Infrastructure Usage Rules

A network security specialist is the one who is in charge of designing and implementing security protocols within a computer network. This involves having control over the data that users have access to and setting up password authentications and firewalls. The specialist is able to block access to particular websites as well as prevent the installation and usage of certain applications that may pose a threat to the network infrastructure. With a network security specialist on board, they will be able to catch employees violating company computer policies and notify their manager.


Custom Security for Your Network

Your network security specialist will sit down with you and create a plan that is specific to your business’s needs. There is no “one-size-fits-all” model for any company and that model should never be offered to clients. Your custom network security plan will help your business grow much quicker by eliminating potential technology roadblocks that pop up. If you do not have a network security specialist working with your organization, you run the risk of losing customers to security breaches.


We want to be your network security specialist! Contact us today and we will discuss the best path for your company to follow when it comes to data and network security.

Network Security

Benefits of Network Security

You’ve spent countless hours, days, months, maybe even years building your business…what if everything you had worked for was ruined because of a security breach? All it takes is one bad security breach and you’re out of business. This is why your company needs CognoSecurity. Let’s look at the benefits of network security.

Reduced Stress

With CognoSecurity you will never lose sleep over stressing about your business’ security. We will handle everything so that you don’t have to. Now you have more time to focus on making your business even more successful, because you know it’s safe with CognoSecurity.

Decreased Risk

Think about all of the risks you’re taking without having your business protected by network security. Are you willing to risk your business’ reputation? What about your data? Or even your entire company? If not, you need network security to make sure none of these things are put at risk.

Disaster Recovery

Unexpected things happen – that’s just life. But wouldn’t it be nice to be prepared for the unexpected? Well, with CognoSecurity you can be. When disaster strikes, CognoSecurity will help your business recover quickly, whether you’ve suffered a security breach, natural disaster, or anything else that might happen.

Increased Productivity

When you aren’t stressing over network security issues and security breaches, you and your employees can focus on the business’ success. You’ll become more productive and you’ll also save your hardware and software from any potential harm caused by security breaches.

Ready to protect your business from harm? Let’s talk today about your business’ security needs.

Malware for Christmas

Don’t get caught by this holiday email scam!

The holidays are a busy time for all of us and with the advent of online shopping to avoid the crowds we are becoming conditioned to receiving purchase related emails from a variety of sources.

The cyber crime community is well aware of this and a new trend in cyber crime using fake order confirmation and other typical purchase-related emails has been noticed, as reported by internet security company Malcovery. The primary payload of these emails is the malware known as ASProx, a particularly nasty trojan that collects email addresses and passwords from it’s victim’s computers, then turns the infected machine into a botnet relay allowing spam messages to be passed through it.

Malcovery reports that in December 2013, spammers used ASProx to deliver fear in the form of a Failed Delivery email from CostCo, BestBuy, or WalMart.  Malcovery analysts identified more than 600 hijacked websites that were used as relays to prevent detection by causing the spammed links to point to websites that had been “white listed” until the very day of the attack. People responded because the email told them their Christmas gift shipment had been delayed and the only way to get a refund was by clicking the (infected) link.

This year the scammers are getting even craftier and their tactics have changed. Fake order confirmation emails appeared after cyber Monday with titles like “Thank you for your confirmation,” “Order Confirmation,” “Thank you for buying from [company name],” “Acknowledgement of Order,” and “Order Status.”. The email content now targets people’s greed by saying that a delivery (that they didn’t order) is waiting for them:

“We are happy to inform you that our online store has an order whose recipient details match yours.  The order could be received in any Local Store of within the period of 5 days.  Open this LINK to see full information about your order.”

Opening the link infects the victim’s machine.

Another trend is with hijacked credit card numbers. Instead of charging several hundred dollars on a single credit card – which is immediately noticed and blocked – online thieves are now content to charge several thousand people $20 – $30 each, which is less likely to be noticed by either the bank or the victim.

Cognoscape is committed to your security

There are a few simple rules to follow whenever you open your inbox:

  • Ask yourself: Were you expecting this email?
  • Check the sender’s address – hover over the address to verify the sender
  • Check the link address – hover over the link to read the address it is sending you to. Does the domain name look valid?
  • Learn to spot fake domain addresses
  • If you have any concerns DO NOT click the link, instead type the address into your browser and access the information from there
  • Review your credit card statement regularly for fraudulent transactions
  • Remember scammers target people’s greed – if it sounds too good to be true, it probably is!

Would you like to learn these techniques and have them taught to your colleagues? Cognoscape are now providing a series of lunch and learn presentations to avoid phishing scams and keep you safe from these attacks. Fill in the “Request a Consultation” form to the right of this blog post if you would like more details.

Don’t forget your friends need to know about this too – please share this post!


Top 5 Reasons You Need Network Security At Work

Conducting day to day business can be consuming and stressful. Making sure that your company network is secure does not always rank number one on your list of things to do. There are so many things that need to be tended to! Here are the top 5 reasons why network security should be your top priority:

1. First and foremost, without network security at work your livelihood is at stake. As a business owner, most of your important documentation and records are stored on a computer. Leaving your network unprotected means that at any time your system could be infiltrated by unwanted viruses, trojans or even worse – malicious hackers who could obtain and distribute personal information.

2. Not only can your vital company information can be compromised, your identity could be stolen and used. Different types of computer viruses and trojans do different things. If a virus relays information to a third party your identity could be used by that person or worse. It could be sold to other people.

3. If losing your identity isn’t bad enough, it can get worse. Without network security you could unknowingly provide internet predators with your customer’s information. This means that your reputation as a company is at stake. Any business owner would agree that a good reputation is your best asset and a bad reputation could mean your demise.

4. By having a good network security system in place, you will be saving money in the long run. Companies that are constantly putting out fires and spending unnecessary money to fix problems as they occur. Each time they pick up the phone to call an IT specialist money flies out the door. By being proactive you will keep your budget minimal.

5.  Using network security guarantees that you will be successful in your endeavors. By protecting your assets you will be able to focus on what you do best. Safeguarding your network allows others to trust in your ability to conduct business and do what is best for everyone.

Network security at work is beneficial in many ways. It helps you to save money. It also offers security to your team of employees and customers. Network security prevents unexpected problems. In conjunction with these benefits, network security is necessary to safeguard your personal information and that of your affiliates. Without network security your business could be in serious jeopardy.


Why SMBs Must Proactively Address the Threat of Mobile Hacks

70More cyber criminals are targeting small-to-medium sized businesses. One reason for this is too many workplaces have insufficient bring-your-own-device (BYOD) policies in place. Some have none at all. Although firms are generally more knowledgeable about network security risks than in years past, they still woefully underestimate the security vulnerabilities linked to mobile devices like smartphones and tablets.

This is a real cause for concern since data breaches have the ability to put many already financially challenged SMBs out of business.

If customer/client data has been breached, there could be potential litigation costs, and naturally, lost goodwill and an irreparable hit to brand or company reputation.

Don’t Just Say You’re Worried About the Bad Guys… Deal With Them

SMBs say they view network security as a major priority but their inaction when it comes to mobile devices paints a different picture. An April 2013 study found that only 16% of SMBs have a mobility policy in place.

Despite the fact that stolen devices are a major problem in today’s mobile workforce, only 37% of mobility policies enforced today have a clear protocol outlined for lost devices. Even more troubling is the fact that those firms who have implemented mobility policies have initiated plans with some very obvious flaws.

Key components of a mobility policy such as personal device use, public Wi-Fi accessibility, and data transmission and storage are often omitted from many policies.

Thankfully, most SMB cybercrimes can be avoided with a comprehensive mobility policy and the help of mobile endpoint mobile device management services.

A Mobility Policy Is All About Acceptable/Unacceptable Behaviors

Your initial mobility policy doesn’t have to be all encompassing. There should be room for modifications, as things will evolve over time. Start small by laying some basic usage ground rules, defining acceptable devices and protocols for setting passwords for devices and downloading third-party apps. Define what data belongs to the company and how it’s to be edited, saved, and shared. Be sure to enforce these policies and detail the repercussions for abuse.

Features of Mobile Device Management Services

MDM services are available at an affordable cost. These services help IT managers identify and monitor the mobile devices accessing their network. This centralized management makes it easier to get each device configured for business access to securely share and update documents and content. MDM services proactively secure mobile devices by:

  • Specifying password policy and enforcing encryption settings
  • Detecting and restricting tampered devices
  • Remotely locating, locking, and wiping out lost or stolen devices
  • Removing corporate data from any system while leaving personal data intact
  • Enabling real time diagnosis/resolution of device, user, or app issues

It’s important to realize that no one is immune to cybercrime. The ability to identify and combat imminent threats is critical and SMBs must be proactive in implementing solid practices that accomplish just that.

CLICK HERE for a free technology assessment.


Just Because You’re Not a Big Target, Doesn’t Mean You’re Safe

69Not too long ago, the New York Times’ website experienced a well-publicized attack, which raises the question – how can this happen to such a world-renowned corporation? If this can happen to the New York Times, what does this bode for the security of a small company’s website? What’s to stop someone from sending visitors of your site to an adult site or something equally offensive?

The short answer to that question is nothing. In the New York Times’ attack, the attackers changed the newspapers’ Domain Name System (DNS) records to send visitors to a Syrian website. The same type of thing can very well happen to your business website. For a clearer perspective, let’s get into the specifics of the attack and explain what DNS is.

The perpetrators of the New York Times’ attack targeted the site’s Internet DNS records. To better understand this, know that computers communicate in numbers, whereas we speak in letters. In order for us to have an easy-to-remember destination like, the IP address must be converted to that particular URL through DNS.

Therefore, no matter how big or small a company’s online presence is, every website is vulnerable to the same DNS hacking as the New York Times’ site. The good news is the websites of smaller companies or organizations fly under the radar and rarely targeted.  Larger targets like the New York Times, or LinkedIn, which was recently redirected to a domain sales page, are more likely targets.

For now… There is no reason to panic and prioritize securing DNS over other things right now. But there is a belief that DNS vulnerability will be something cybercriminals pick on more often down the road. Here are a few ways to stay safe:

Select a Registrar with a Solid Reputation for Security

Chances are, you purchased your domain name through a reputable registrar like GoDaddy, Bluehost, 1&1, or Dreamhost. Obviously, you need to create a strong password for when you log into the registrar to manage your site’s files. Nonetheless, recent DNS attacks are concerning because they’re far more than the average password hack.

It was actually the security of the registrars themselves that was compromised in recent attacks. The attackers were basically able to change any DNS record in that registrar’s directory. What’s particularly frightening is the registrars attacked had solid reputations. The New York Times, along with sites like Twitter and the Huffington Post, is registered with Melbourne IT. LinkedIn, Craigslist and US Airways are registered with Network Solutions. Both had been believed to be secure.

So what else can be done?

Set Up a Registry Lock & Inquire About Other Optional Security

A registry lock makes it difficult for anyone to make even the most mundane changes to your registrar account without manual intervention by a staff registrar. This likely comes at an additional cost and not every domain registrar has it available.

Ask your registrar about registry locking and other additional security measures like two factor authentication, which requires another verifying factor in addition to your login and password, or IP address dependent logins, which limits access to your account from anywhere outside of one particular IP address.

While adding any of these extra safeguards will limit your ability to make easy account change or access your files from remote locations, it may be a worthwhile price to pay.

CLICK HERE for a free network assessment and avoid cybercrime with Cognoscape.


Why it’s Time to Move on if Your Hosting Cloud Provider Won’t Sign a HIPAA BAA

68Despite new HIPAA Business Associate Agreement (BAA) regulations going into effect in 2013, many healthcare organizations are still encountering the occasional cloud service provider who refuses to sign a BAA. Although they may have a logical explanation, any refusal to sign a BAA should be seen as a red flag.

Here’s the logic from their angle. There are still many cloud vendors who view themselves more as conduits of Personal Health Information (PHI). They feel their role is more akin to that of a mailman. They’re merely transporting data to others and have no real access to the actual contents.

If the data is encrypted and cannot be read, or If they don’t touch the actual PHI data at all, the cloud service vendor will argue that HIPAA regulations do not apply to them and possibly refuse to sign a BAA.

Fair enough, right? If the data is encrypted and the vendor doesn’t hold the encryption key, what’s the problem? Well, here’s the problem.

File this in the unlikely yet not improbable category. Let’s say that the PHI data wasn’t properly encrypted before it was sent into the cloud or unencrypted data was mistakenly transferred over to the cloud service provider. If the cloud provider has refused to sign a BAA, this jeopardizes your HIPAA compliance and could potentially result in a fine anywhere from $50,000 to $1.5 million.

This is why those in the healthcare sector must move on from any cloud provider that is reluctant to sign a BAA. They are basically refusing to be complaint since the new HIPAA Omnibus Rule clearly defines a business associate as anyone who creates, receives, maintains, or transmits PHI on behalf of a covered entity. By refusing to share accountability for HIPAA compliance, they’re a liability to your organization that you just can’t afford.

CLICK HERE for a free network assessment.



2 Steps to Ensure Healthcare Data Availability in the Cloud

66In 2013, major companies like Google, Amazon, and Microsoft experienced outages. Not only were these big name outages disruptive to users, but they also made headlines and proved to be costly to each brand. Google’s hiccup footed an estimated bill of $500,000 while Amazon’s 30-40 minute blackout contributed to roughly $3 million in losses.

2013 was also the year the healthcare industry embraced cloud computing thanks to modifications to the HIPAA Privacy, Security, Enforcement and Breach Rules. With these modifications extending the definition of a Business Associated (BA) to cloud service providers, many of the data breach concerns that had previously kept the healthcare sector from taking to the cloud have been quieted.

But as more patient health data is electronic and residing in a virtual environment, the availability of this data is just as important, if not more important, than securing it. Unlike Google, Amazon, and Microsoft, the disastrous effects of data outages in the healthcare sector can have potentially deadly consequences.

Not only is high uptime mandatory in a healthcare cloud, business continuity and disaster recovery (BCDR) plans are also crucial. The good news is the cloud’s virtualized infrastructure, coupled with the expertise and cloud monitoring of a trusted Managed Service Provider (MSP) can help healthcare organizations maintain uptime and reliability. Here are two helpful steps:

  1. Risk Assessments Are Absolutely Necessary

While risk assessments are critical to protecting patient health information, a 2012 audit conducted by the Office of Civil Rights revealed that many healthcare entities and contracted service providers fail to perform them. These evaluations must be conducted regularly and require an honest assessment of probable risks ranging from malicious cybercrime attacks to acts of nature such as natural disasters, flood, earthquakes and power outages. Analyze both the architectural vulnerabilities relative to data availability and security as well as the effectiveness of the counteractive measures in place. The goal is to minimize the plausible impact of such an event and prevent service disruption.


  1. Proactively Monitor for Cybercrime

It is often months before a security breach is detected. By this time, hackers have had ample time to infiltrate your system and feast on its data. Since cybercriminals use an unpredictable array of methods to strike, such as viruses, malware and phishing schemes to steal credentials, the strength of your detection system is key. Alerts should be set up to identify anomalies such as unusual application requests, forced entry attempts, suspicious spikes in traffic, and abnormal data patterns that suggest a breach. The proactive monitoring tools available through a MSP can help scan, pinpoint, and remediate such attacks.

Any BCDR plan must be built upon your organization’s recovery time objective (RTO) and recovery point objective (RPO). Your RTO is the duration of time in which your service level must be restored to avoid dire consequences. Your RPO is the maximum age of the recoverable files in storage to resume normal operations. A MSP can help determine the optimal scenario for your healthcare organization and prioritize the most critical health care information with near real-time replication.

Through this preparation and foresight, your organization can lay the groundwork to not only protect healthcare information in the cloud but potentially save patients’ lives in the event of an unforeseen outage.

CLICK HERE for a  free network assessment.


Healthcare and Cloud Computing Together at Last

65 For years, the healthcare industry was thought to be the very last sector to embrace cloud computing. With HIPAA compliance, storing private patient data in the cloud seemed much too risky from a security and legal standpoint. However, with a government issued mandate to migrate patient data to electronic heath records by 2015, the cost-effectiveness of the cloud was simply too logical to not entice independent practitioners and small healthcare entities now burdened by the need to invest technology and tech-savvy personnel. If only there was a way around the security and privacy concerns.

Wish granted. In January of 2013, the U.S. Department of Health and Human Services introduced a few revisions to the regulations administered under the Health Insurance Portability and Accountability Act of 1996. Labeled the “Final Omnibus Rule,” this update spelled out the legal framework to be used by healthcare organizations working with cloud service providers.

With a signed Business Associate (BA) agreement, a cloud service provider accepts the responsibility to protect patient data under HIPAA law. This expanded definition of BA means that the government can now penalize cloud service providers accountable for data breaches.

Although many healthcare organizations had already entrusted certain cloud service providers with their data, only the HIPAA covered entity (the healthcare organization) was penalized in the event of a breach prior to this ruling. While the HIPAA covered entity is still responsible for oversight, this shared accountability with the cloud service provider has expanded responsibility and has led to an influx of healthcare organizations and cloud service providers working together, worry-free, in perfect harmony.

CLICK HERE for a free network assessment.


4 Easy Ways to Boost Your Web-Surfing Security

The internet has become more of a necessity than a luxury. With social networks becoming more popular and the usage of the internet becoming more widespread, it’s important to make sure that you’re secure online.

Here are 4 easy ways you can protect yourself online.


#1) Don’t Overshare

When you’re spending lots of time on your favorite social networks, it can be tempting to post lots of personal information, including your location and your full name. But sharing those kinds of things can really compromise your privacy!

Check out the privacy settings for your online profiles and make sure that your personal information is not available to the public.


#2) Watch Out For Scammers

Have you ever received an email from a random person stating that you were an heir set to receive a huge fortune?

Or maybe you’ve received an email from someone you don’t know that included a sob story and a desperate plea for financial help.

Either way, these types of emails are scams – the scammers use your sympathy or excitement against you, get your credit card information, and steal your money or your identity.

Make sure that you are careful about which emails you take seriously and respond to. Remember – pretty much anyone can email you. Make sure you use discretion so you can keep your money and information secure.


#3) Protect With Passwords

Many popular websites require you to register, create a password, and log in to gain full access. While some people see this as an inconvenience, it’s truly a good way to keep your data secure and private.

Be sure that, when you create a password, you make it one that’s difficult to guess. Use varied capitalization, use numbers, and try not to use a dictionary word. That way, you can feel confident that your accounts are safe from hackers.


#4) Safe Shopping

It’s important to follow best safety practices when you’re shopping online. After all, you’re likely using your credit or debit card. You don’t want that information to get into the wrong hands! Make sure that you never enter your credit card on a page that is not encrypted. When a page is encrypted, the web address will begin with “https” instead of “http.”

Also, make sure you never enter your social security number. No seller should ever need that information – if they do, it’s likely that they’re trying to scam you

Another good practice is to check out the seller’s reviews and policies. You can shop a lot more confidently if you know other people have had a good experience purchasing from the seller.


Why stop there? It’s good to make sure you’re secure when you’re casually using the internet, but it’s also important to make sure that your company networks are secure. I mean, you could lose your money, your clients, or even your business if a hacker accessed and used your data!

Here at Cognoscape, we’ve got the security solutions you need to gain peace of mind and keep your critical information safe. Contact us today, and let’s work together to prevent security breaches.