Keep hackers out with cyber security

Understanding the Mind of a Hacker

 

In the information age, hacking is the new burglary. Skilled hackers are capable of compromising your security, stealing your information, and engaging in any number of fraudulent activities from the safety of their own desk. Individuals, businesses, and even government agencies are regular targets. One of the best ways to protect your business and shore up your cyber security is to go inside the mind of a hacker. Take a look at your cyber security – as if you were trying to breach it.

Simple Errors are Easily Exploited

Just like many burglars skip houses with home security signs in the front yard, most hackers will opt for easy targets. They will pass up targets which appear to have strong, legitimate cyber security in place. By this very basic action, you can make your business significantly safer.

For example, you and your IT consultant can take steps to ensure your network can only be accessed by employees. Furthermore, as hacking becomes significantly easier with password access, require your employees to change their passwords every sixty to ninety days as a safeguard against cyber snooping. When websites ask you to include a seemingly ridiculous amount of numbers and figures in your password, their motives are pure. Passwords should be as random as possible, as those with personal significance is always riskier than something random and impersonal. If you or your employees struggle to remember longer passwords,keep track with a password management program.

Your employees should also be trained for web scamming & phishing awareness. Phishing is the act of impersonating a legitimate entity on the web in order to gain trust and personal information from a target. Hackers have become more and more talented at this, trapping many unsuspecting victims. When a popup window offers you a free iPad for the 27th time, it’s pretty easy to recognize it as a scam. However, when a perfect impersonation of a trusted website asks for your credit card information, it can easily fly under the radar.

Cyber Security Professionals are Best Equipped to Combat Hackers

DIY network security solutions are certainly helpful and may work for personal use, but as your business grows, it’s smart to enlist professional help to insulate your business from cyber threats. Hackers are innovative and crafty by nature and have learned to change methods on a daily basis. The best way to deter a hacker is to have a specialist on standby to counter his or her every move. An IT company such as Cognoscape works round-the-clock to combat hackers and shield businesses from new threats which may emerge. Cognoscape can also integrate professional deterrence strategies into your current network architecture, turning your network into a fortress.

Advancements in technology are made to make our lives easier. But each advancement presents hackers with new opportunities. Without professional insight, there might be numerous gaps in your cyber security for a hacker to exploit. We’d rather not let that happen. Drop us a line. We’d love to sit down with you to discuss all the things we can do together to keep your network safe and secure, and your business strong and prepared for the future.

pokemon go security

Pokemon Go: Global Craze or Huge Security Risk

If you see people, adults and kids alike, walking around town with their eyes locked on their phones – chances are, they’re playing Pokemon Go. The game, which was released on July 6, has been a massive success. It’s been downloaded millions of times, already overtaking the dating app Tinder, and set to shortly overtake the social network Twitter.

Using augmented reality technology, Pokemon Go fuses the real world and digital world together, allowing you to see and catch virtual Pokemon alongside real-world objects right from your phone screen. For instance, a Doduo could be peeking out from a tree just outside your house.

However, due to the app’s immense popularity, users have experienced problems such as crashing servers, freezes, and delays. On top of that, security issues have been raised. According to Adam Reeve, the principal architect at the cybersecurity analytics firm RedOwl, when users sign into Pokemon Go using their Google account (instead of registering for an account), they risk granting the game access to their entire Google account – allowing the app to see and modify nearly all the information in your account.

In response to the security issues, Niantic Labs, the company that developed the game for Nintendo, said the app’s request for full account access was a mistake. In fact, they’ve addressed the security concerns with a new update that is live in the app store.

The update fixes some security bugs that stops the popular app from requesting full access to your Google account. Now the game will only ask for basic information such as your name and email address. The update also promises more stability and patches such as:

  • Resolved issues causing crashes
  • Fixed Google account scope
  • Trainers do not to have to enter their username and password repeatedly after a force logout
  • Added stability to Pokémon Trainer Club account log-in process

Fixing the Security Issues Ahead of the Update

To revoke the full account permissions access, Pokemon Go users should go to their “My Account” Google page. From there, navigate to “Connected Apps and Sites” under “Sign-in and Security.” Then select “Manage Apps,” click on the Pokemon app, and select “Remove Access.”

President Obama taking his government stance on information technology security.

Government Stance on Information Technology Security

President Obama and his administration are talking technology. Obama is taking the time to weigh in on his observation on the exponential growth and acceleration in the tech world. The president recognizes technology as an important factor which has driven our economic growth. The Obama administration is committed to ensuring America has a thriving and growing Internet economy, and takes a stance on information technology security.

Positive Thoughts for Information Technology

Information technology is the systematic process implemented to measure systems constructed to securely protect and safeguard information –business and personal data, voice conversations, still images, motion pictures, and multimedia presentations. The Obama Administration has publicly declared their encouragement of Internet innovation, protection of consumer choice, and the importance of defending free speech. The Administration created the Internet Policy Task Force to bring together the technology industry, consumer groups, and policy experts to help ensure the Internet stays reliable and trustworthy for consumers and businesses.

President Obama has declared that “cyber threat is one of the most serious economic and national security challenges we face as a nation” and that “America’s economic prosperity in the 21st century will depend on cybersecurity.” To help the country meet this challenge and to ensure the Internet can continue as an engine of growth and prosperity, the Administration is implementing the National Strategy for Trusted Identities in Cyberspace. The Administration also released the International Strategy for Cyberspace to promote the free flow of information, the security and privacy of data, and the integrity of the interconnected networks, which are all essential to American and global economic prosperity and security.

 

Businessman pressing a SOX Compliance concept button

Top 5 Signs You’re Out of SOX Compliance

The Sarbanes-Oxley Act (SOX) became effective in 2006 and was implemented to hold all USA corporations accountable for their internal financial auditing controls to the Securities and Exchange Commission. This federal law was passed in response to a number of major corporate and accounting scandals. The Sarbanes-Oxley Act itself is organized into eleven sections, but sections 302, 404, 401, 409, 802 and 906 are the most important in terms of compliance. Failure to comply with regulations can result in fines up to $10 million and 30 years in prison for a corporation. We have compiled five signs for you to reference in order avoid the extensive civil and criminal penalties for non-compliance.

5 Signs You’re Non-SOX Compliant:

You Don’t Periodically Report the Effectiveness of Safeguards

Stated in Section 302.4.D you are required to have officers continuously generate a report based off the efficiency of the security system and clearly state their findings.

You Don’t Disclose Security Safeguards to Independent Auditors

Stated in Section 404.A.1.1, you are obligated to select auditors and hold them accountable to review control structures and procedures for financial reporting. All information that correlates with security framework and parties responsible for the operation of the security framework must be disclosed to the auditors.

You Don’t Disclose Failures of Security Safeguards to Independent Auditors

Stated in Section 404.B, you are required by auditors to be aware of and report on any drastic modification to internal controls and/or significant failures that could immediately affect internal controls.

You Don’t Ensure that Safeguards are Operational

Stated in section 302.4.C this demands that appointed officers are testing the durability of internal controls within 90 days prior to the previous report. This security framework needs to be constantly reviewed and made verified.

You Don’t Establish Verifiable Controls to Track Data Access

Stated in section 302.4.B this section requires internal controls over data, so that officers are aware of all relevant data. Data must exist in an internally controlled and verifiably secure framework.

If you have any questions on whether or not your company is in SOX compliance, allow Cognoscape to verify for you. Call and learn more today!

 

Silhouette of men on the duck hunting with his hunting dog highly advance tech gadgets.

Arming Your Hunting Dog with the Coolest Tech Gadgets

Are you ready for the hunt? Is your partner your hunting dog? There are traits every champion hunting dog should possess before he steps out on the field. But if you are ready to take you best pal to the next level, you should arm him with some of the coolest tech gadgets.

Love of Fetch

Finding the perfect hunting dog that possesses a keen sense of playing fetch is a number one trait! He should have an instinctive nature to chase the scent of game, but with the electronic handheld wind meter Wind Wizard II, you’ll be able to detect wind speed at a great value and help your dog accurately determine his trajectory of pursuit.

Great Nose

Every great champ needs to be able to sniff out his prize. If you’re looking to gain the upper hand over the game, look no further. Ozonics Hunting machine is a silent fan that circulates oxygen molecules into ozone molecules. This nifty tech gadget can be used next to a treestand or ground blind and covers the scent of you and your pup.

Disciplined

A winning dog is one who is the most disciplined. Do your buddy a favor and get him an odorless gas cartridge repellant. This simple tech gadget will keep mosquitoes and other flying insects away so he can focus on the hunt.

Genetically Gifted

Those who got the juice are born with the juice. The tech gadget, Garmin Astro, will help you stay connected to your hunting dog 24/7. The transmitter collar allows him freedom of tuning in to his naturally gifted talents while you track where he is running, sitting, or treeing a bird.

Water Lover

Perfect hunting dogs are not afraid of water or of gun shots. The Contour HD video camera is waterproof and rugged, and it fits snuggly behind the neck of your dog. This will help you watch what he was able to see the moment after take off.

Energetic

Your hunting dog is ready to go at the snap of a twig and has a thirst to catch his prey. Make his job that much easier with the Swann Outback Cam that straps to a tree and captures both video and photos. He will be able to exert his energy positively and more efficiently.

Having second thoughts if your canine is up to handle all these technical gadgets? Partner up with some IT experts who will focus on your business while you focus on helping your hunting dog.

Patient release of information form with HIPAA compliance regulations documents. Names, serial numbers, and/or dates, are random and any resemblance to actual products is purely coincidental.

Top 5 Signs You’re Out of HIPAA Compliance

HIPAA compliance refers to a set of regulations by the Health Insurance Portability and Accountability Act which sets the guidelines designed to protect important medical documents. Similar to constant technology updates, there are continual changes regarding HIPAA regulations. If you have any follow up questions or concerns in regards to HIPAA compliance, check out this handy checklist for protecting the privacy of personal health information. Here is a quick overview to check to see if you are currently out of HIPAA compliance.

Access Control

Have you assigned a unique name or number for identifying and tracking user identity? You should establish procedures that will help you obtain protected health information in case of an emergency. By implementing software that encrypts and decrypts electronic health information, you are ensuring clients’ protection.

Audit Controls

If you have not implemented tracking software that records and examines activity in information systems, which is the set of information resources that share the same common functionality,  then you are not properly protecting electronic health information.

Person or Entity Authentication

Do you have procedures that will confirm a person or entity who is seeking access to protected health information? Have you established policies and procedures that safeguard electronic health information from improper alteration or destruction? Be sure to implement appropriate security measures to guard against unauthorized access to electronic protected health information to ensure that documents are not modified without detection or improperly disposed of.

Transmission Security

Are you able to implement software to encrypt electronic health information whenever deemed appropriate? This will encompass all of the administrative, physical, and technical safeguards in your information systems.

Failure to follow HIPAA compliance can result in civil and criminal penalties. Make sure you are following the law and properly protecting the health information of individuals. If you are feeling lost, we will be able to help you get back on track. Call Cognoscape  today for a free consultation.  

 

motion-sensors-security

Using Motion Sensors To Protect Your Home

The Incorporation of Motion Sensors in Home Security Systems

More people than ever are using technology to protect their homes and businesses. If you wanted to have a security system back in the day, the best you could do was analog video, which produced tapes that you could evaluate at a later date. But technological advances have come far enough to where you can have a digital video security system that live-streams directly to your smartphone, tablet, or computer over the internet. One of the biggest new features that homeowners and business leaders are taking advantage of is motion sensors. Motion sensors take technology that used to only be available to the military, and make it available to those who want to keep their homes or enterprise facilities safe from intruders. Although motion sensors are primarily used as anti-theft technology, they have other uses too — such as informing you if a teenager has missed curfew and is arriving home late or alerting you if a customer has entered your business. Motion sensor technology works by using microwave pulses, infrared sensors, or a combination of both to detect movement. Once detected, notifications are sent to your monitoring center, letting you know exactly where the motion was found.

Different Types of Motion Sensors

There are several different types of motion sensors that you can use to keep your home or business safe. Passive infrared, or PIR motion detectors, detect body heat. They are the most common form of motion detectors used in home-based security systems. Microwave, or MW motion detectors, are another option. They send out microwave pulses, which reflect off of a moving object, tripping the sensor. Although these sensors can cover large areas, they aren’t as widely used because they are prone to electrical interference issues. There is also the option of choosing a dual technology motion sensor, which combines both of the features of the MW and PIR sensors.

Different Ways You Can Use Home Security Systems

Although motion sensor technology is typically used to protect against theft and home invasion, you can also use them for other purposes. You might connect your motion sensors to your lights, for example, and save money by only having the lights on while you are moving in a particular room. You can use motion detectors to restrict the movement of pets or small children while you are in the house as well. Motion sensors can alert you to when a friend or neighbor is at the door, so you know to expect them before they ring the doorbell. Motion sensors are versatile and can meet all of your home/business security and safety needs.

smart-guns-obama-executive-order

New Obama Executive Order Creates Investment In Smart Guns

Obama’s New Executive Order

President Obama has long been frustrated by the lack of gun legislation in Congress and earlier this month, he announced an executive order that would clarify some existing laws already on the books. President Obama’s new executive order will expand background checks to include gun shows and some private sales, which previously allowed buyers and sellers to come together and complete a transaction without doing a background check. President Obama will be hiring more ATF agents and other federal agents to ramp up enforcement of gun laws. But the President also did something else fascinating — he created an investment in smart gun technology.

The Investment in Smart guns

President Obama’s interest in smart gun technology is not accidental. The President knows that while stricter gun legislation and potential penalties would be nearly impossible to pass through Congress, smart gun technology could make sense for responsible gun owners, law enforcement, and the greater population alike. The executive order creates three directives for federal departments on smart guns:

  • It authorizes research and development spending
  • Departments must now review the availability of gun safety technology and possible improvements
  • It permits research on how smart technology can limit gun-related homicides

Smart gun technology is appealing because it uses sensors that can read fingerprints or radio waves to determine who is authorized to use the weapon. Some smart guns are even using more complex indicators, such as grip recognition. This technology could keep guns out of the wrong hands and prevent violence if guns are stolen or sold illegally.

Detractors

Even though President Obama’s executive order was applauded by many, some groups have claimed it is illegal and unnecessary. Among these groups are the NRA, which is perhaps Congress’s strongest lobby. There are legitimate concerns about the accuracy of smart gun technology, but perhaps extensive research could curb some of those fears.

What is the Future Of Smart Gun Technology?

In the future, smart gun technology could be incorporated into all federal agencies. Once the federal government proves that smart gun technology is accurate and can work within its departments, it will likely filter down through the states and to the US population as states and localities pass their own laws. President Obama’s hope is that smart guns will eventually have legislation in Congress, making the technology a key component in owning a firearm.

Online Security

What Gamers Need to Know About Online Security

Remember when video games were limited to Player 1 and Player 2? The explosion in video game technology has made it possible for gamers to evolve from playing Pong alone in their bedroom to becoming part of a complex online network of games. Massive Multiple Online Role Playing Games (MMORPGs), such as World of Warcraft have millions of players online at any given time.

By 2017, the video game industry worldwide is expected to generate over $80 billion in revenue, due largely to online gaming. Like anything that exists on the Internet, there are increased online security risks, questioning the safety of online gaming. Below we discuss the risk assessment involved with playing video games online and how to protect yourself.

 

Technological Risk Assessment of Online Gaming

There are a number of technological risks to your computer system when one becomes involved with online gaming.

 

  • Worms and Viruses: Instant messaging programs and email messages can house viruses that arrive as attachments, or are hidden in game files that are downloaded or found in installed software.
  • Malware: Worms and viruses can be used to install malware in order to take advantage of the social networks associated with online games that use email, chat or voice communication. The malware is used to invite you to visit fake websites or to open up email attachments that contain malicious software and install it on your computer. This software is then used to gain access to personal information for financial gain.
  • Compromised or Insecure Game Servers: When software on a game server has been compromised, any computers that connect to it can become compromised. By exploiting vulnerabilities, online criminals can gain access to your computer and control it remotely. Malicious users can use your computer to install Trojan horses, spyware, adware or access personal information on any computer that connects to yours during gaming or communications.
  • Insecure Game Coding: Some game protocols for communicating information between machines are not as secure as other protocols. Game code may not be monitored as well as other commercial software. Erratic behavior on your computer can introduce dangerous vulnerabilities.

 

Social Risks of Online Gaming

Now that video games involve community chats, talks and instant messaging, a whole new batch of social risks are involved, such as:

 

  • Identity Theft: Malicious gamers can take information from your profile created in games and use it to set up accounts in your name, access your financial accounts or sell your personal information.
  • Social Engineering: Cyber-criminals try to trick gamers into installing software on your computer that they can use to control it, launch attacks on other devices or monitor your online activities.

General Security Practices for Online Gamers

Here are the most common ways to protect yourself when participating in online gaming:

 

  • Securely configure your web browsers.
  • Use antivirus programs.
  • Do not open files attached to email or instant messages without being cautious.
  • Use a firewall.
  • Verify the security and authenticity of new software and downloaded files.
  • Update and patch your application software.
  • Identify then back up financial and personal data.
  • Create and use strong passwords that are unique to that system.
  • Use administrator mode only if the vendor is reputable.
  • Play the game at the game site and save web browsing for a later date.

 

Contact us if you have any questions about security for online gaming or for your personal or business network.

Business Success

4 Business Tips for the Modern World

In today’s world, businesses enter a harsh arena every day. The challenges that face owners are staggering and constantly changing. So how do you stay competitive while keeping your employees and your customers in focus? Here are four simple things to keep in mind for running a 21st Century business.

 

  1. The Wide Angle Lens

When it comes to business, it’s easy to get too focused on minute details. Everything seems important. It shows your commitment and your passion, but it can also lead to some shortsighted decisions. This is made all the more complicated if you have clients or customers in the picture making even more demands on your time and attention.

The key is to make sure that you’re occasionally taking a step (or three) back to look at the entire picture. Often this means hiring the right managers. Having the opportunity to keep track of how the many pieces of your business work together is essential.

 

  1. Apply Technology; Don’t Rely on Technology

This ability to see how systems actually affect each other is critical when it comes to Information Technology. These days, too many businesses think that buying a new platform or productivity suite or cloud-based database is going to make all of the difference. It’s a natural temptation and in some cases it can boost your output.

Here’s the problem with technology: without the right workforce matchup, it’s a tool without a user. Always build IT systems and additions off of your core needs regarding your employees or your customers. If there isn’t a clear problem your tech is solving, it may not be the right tech.

 

  1. Find the Simple Balance

So what is the right tech? With new options coming out every day, the right tech threads the needle between smart complexity and elegant simplicity. More than ever before, businesses are in the driver’s seat of function. Open source programs like Google’s or adaptive platforms like Office 365 give tremendous control to how that technology gets tailored and used.

The main thing to avoid is overcomplicating your infrastructure. Make sure that as you’re adding that much-needed functionality, it isn’t bloated or needlessly tangled with a host of new procedures.

 

  1. Don’t Forget the Old School

Lastly, in a world that is obsessed with technology and moving faster and with greater efficiency, be sure not to lose sight of the old ways. It’s true that analytics can cut down the time it takes to find a qualified applicant or new customer preferences, but the human side is what will make the difference. Don’t rely solely on testing for the same reason you wouldn’t hire someone sight unseen because they have a diploma. Make sure what you add works on a human level as well as a big data level.