508-909-5961 [email protected]

5 Tips to combat VoIP eavesdropping

Eavesdropping has recently been making headlines, but this form of cyberattack has been around for years. Cybercriminals have been listening in on VoIP phone calls since the tech was introduced to the market, and they show no sign of stopping their malicious activities anytime soon.

The post 5 Tips to combat VoIP eavesdropping appeared first on Complete Technology Resources, Inc..

31 Oct, 2018 / by Complete Technology Resources / in VoIP category
5 Tips to combat VoIP eavesdropping

Eavesdropping has recently been making headlines, but this form of cyberattack has been around for years. Cybercriminals have been listening in on VoIP phone calls since the tech was introduced to the market, and they show no sign of stopping their malicious activities anytime soon. Fortunately, there are some things you can do to combat VoIP eavesdroppers.

Change the default configurations

Using your VoIP phones without changing the default configurations can be the worst mistake you can make. Doing so means bad guys can search vendor documentation for things like default usernames and passwords. Depending on your VoIP solution, you should have the option of changing the default configurations on your VoIP handsets. Otherwise, you should come up with a manual process to change default configurations before rolling phones out to your staff.

Get updates from your handset vendor

In 2015, Cisco detected vulnerabilities in their VoIP phones that enabled attackers to listen in on phone conversations. Cisco quickly issued security alerts, but if they hadn’t, several companies would have fallen victim to VoIP eavesdropping. The lesson here is you must regularly monitor advisories from your hardware vendor or work with an IT provider that does so for you. Without proper monitoring, you won’t know how susceptible your corporate VoIP phones are to being eavesdropped.

Update session border controllers

Another way to combat VoIP eavesdropping is to constantly update your session border controllers (SBCs). By doing so, you’ll be updating your VoIP’s antivirus software, so your systems are better protected from constantly evolving cyberthreats. Routine SBC updates are essential for securing SIP trunking as well as responding to new threats.

Encrypt VoIP calls

If you work in a regulated industry like healthcare or finance, encrypting VoIP calls is essential to staying compliant. Work with your VoIP provider and auditors to determine the best encryption options for your communications infrastructure. Many cloud VoIP providers offer call encryption guidelines, and some even offer it as a premium service.

Build a hardened VoIP network

Make sure your VoIP network includes:

  • IP private branch exchange (PBX) using minimal services, so that the hardware can only power the PBX software
  • Firewalls with access control lists set to include call control information
  • Lightweight Directory Access Protocol lookup, and signaling and management protocol
    Reinforced endpoint security with authentication at the endpoint level

To effectively combat VoIP eavesdropping, businesses need to take a holistic approach. This includes policies, deployment, and security practices that will keep malicious agents out of your network. Feel free to contact us for further information on how to protect your business.

Published with permission from TechAdvisory.org. Source.

The post 5 Tips to combat VoIP eavesdropping appeared first on Complete Technology Resources, Inc..

Read More

Office 365 stops billions of phishing emails

Sending phishing emails is the most common method hackers use to distribute malware and steal information. In fact, there are billions of phishing emails sent every year, and millions of people keep falling for them. However, if you’re subscribed to Office 365 there’s a good chance that you won’t see harmful messages in your inbox, and here’s why.

The post Office 365 stops billions of phishing emails appeared first on Complete Technology Resources, Inc..

30 Oct, 2018 / by Complete Technology Resources / in Office, Office 365 category
Office 365 stops billions of phishing emails

Sending phishing emails is the most common method hackers use to distribute malware and steal information. In fact, there are billions of phishing emails sent every year, and millions of people keep falling for them. However, if you’re subscribed to Office 365 there’s a good chance that you won’t see harmful messages in your inbox, and here’s why.

Effective anti-phishing solutions must be able to recognize the key elements of a phishing attack, which includes spoofed (or forged) emails, compromised accounts, unsafe links, and harmful attachments. In April 2018, Microsoft upgraded Office 365’s Advanced Threat Protection (ATP) features so it can better detect these elements and prevent a wide variety of phishing scams. These enhancements include:

  • Anti-impersonation measures – ATP will now look for potential phishing indicators in an email, including the sender’s address, name, and links, to identify whether the user is being impersonated. You can specify high-profile targets within your organization, such as managers and C-level executives, so Office 365 can protect these users from email impersonation. Office 365 also utilizes machine learning to analyze a user’s email patterns and flag suspicious contacts that have had no prior correspondence with your company.
  • Anti-spoofing technology – This feature reviews and blocks senders that disguise their true email address. You can even enable safety tips that flag certain email domains that have strange characters. For instance, if your real domain is Acme.com, a spoofed domain could be Acḿe.com.
  • Email link scanning – Office 365 launched Safe Links, which scans emails for fraudulent links and redirects users to a safe page in case it does contain harmful materials. This feature also applies to email attachments, ensuring you’re protected against all types of phishing scams.

Due to these improvements, Office 365 had the lowest phish rate among other well-known email services between May 1 and September 16, 2018. The company has stopped over five billion phishing attempts and protected users against seven billion potentially malicious links. If you’re looking for a secure email platform, Office 365 is the best option for your business.

That said, it’s not a substitute for good security awareness. No matter how secure Office 365 is, employees still need to be adequately trained to recognize a phishing email when they see one. Hackers are constantly changing their tactics to evade Office 365’s detection systems, so it’s important that everyone is alert at all times.

If you need a well-fortified email service, we can implement and manage Office 365 for you. We even offer practical security advice to make sure your business, employees, and assets are safe and sound. Contact us now.

Published with permission from TechAdvisory.org. Source.

The post Office 365 stops billions of phishing emails appeared first on Complete Technology Resources, Inc..

Read More

Helpful Cortana commands you need

Cortana is an intelligent personal assistant that assists you with a variety of tasks such as making phone calls, setting reminders, as well as searching for files. In order to fully utilize her, we’ve picked four of the most handy commands you can ask or say to Cortana on Windows 10 devices.

The post Helpful Cortana commands you need appeared first on Complete Technology Resources, Inc..

29 Oct, 2018 / by Complete Technology Resources / in Windows category
Helpful Cortana commands you need

Cortana is an intelligent personal assistant that assists you with a variety of tasks such as making phone calls, setting reminders, as well as searching for files. In order to fully utilize her, we’ve picked four of the most handy commands you can ask or say to Cortana on Windows 10 devices.

Hey, Cortana

Before asking her to do anything, we need to get Cortana's attention by clicking or tapping the Cortana button on the taskbar. If you do not see Cortana on your taskbar, right-click the taskbar and go to Cortana > Show Cortana icon. To enable Hey, Cortana, simply say ‘Hey, Cortana,’ followed by your question. If you're using a Windows Phone, you can press and hold the search button to activate Cortana.

Basics tasks

If you want to launch a program or open a website, simply use the word ‘Launch’ or ‘Open’ followed by the website’s name. Make notes by uttering the words ‘take a note’ or ‘note it down’. As for making drafts, start with ‘Write an’ followed by ‘email’ or ‘text,’ and end with the contact name and the message itself. Lastly, ‘Show me emails from [contact]’ will display all the emails sent from the specified contact.

Scheduling/Reminders

It’s important for small- and medium-sized business owners to stay on top of their schedules. Take a glance at your calendar events with commands such as ‘How’s my schedule looking?’ or ‘What do I have next week?’. Add or move appointments with ‘Add’ or ‘Move’ followed by the appointment and time. Reminders are easily scheduled by uttering the words ‘Remind me’ followed by whatever you need to be reminded about and when.

Search

If you can’t locate the file you need, don’t worry. By asking Cortana to ‘Find’ a document, video, or picture on your device from a specific time frame, she will sift through everything quickly to find what you need. You can easily initiate search queries with ‘Can you find’ followed by whatever you are looking for. You can even look at basic search results without having to open a browser window: Simply ask whatever question you have and enjoy combing through the results.

Window’s voice-activated personal assistant, Cortana, helps you accomplish daily tasks with ease and efficiency — but only if you use the right commands. If you have further questions or would like to know more Cortana commands, feel free to contact us. We’re ready to help!

Published with permission from TechAdvisory.org. Source.

The post Helpful Cortana commands you need appeared first on Complete Technology Resources, Inc..

Read More

5 proactive defenses against cyberattacks

As IT security consultants, we’re stuck between a rock and a hard place. Managed IT services providers (MSPs) such as ours want to provide clients with enterprise-level IT, but that requires that we specialize in overwhelmingly intricate technology.

The post 5 proactive defenses against cyberattacks appeared first on Complete Technology Resources, Inc..

26 Oct, 2018 / by Complete Technology Resources / in Security category
5 proactive defenses against cyberattacks

As IT security consultants, we’re stuck between a rock and a hard place. Managed IT services providers (MSPs) such as ours want to provide clients with enterprise-level IT, but that requires that we specialize in overwhelmingly intricate technology. Explaining even the most fundamental aspects of cybersecurity would most likely put you to sleep instead of convince you of our expertise. But if there’s one topic you need to stay awake for, it is proactive security.

Understand the threats you’re facing

Before any small- or medium-sized business (SMB) can work toward preventing cyberattacks, everyone involved needs to know exactly what they’re up against. Whether you’re working with in-house IT staff or an MSP, you should review what types of attacks are most common in your industry. Ideally, your team would do this a few times a year.

Reevaluate what it is you’re protecting

Now that you have a list of the biggest threats to your organization, you need to take stock of how each one threatens the various cogs of your network. Map out every company device that connects to the internet, what services are currently protecting those devices, and what type of data they have access to (regulated, mission-critical, low-importance, etc.).

Create a baseline of protection

By reviewing current trends in the cybersecurity field and auditing your current technology framework, you can begin to get a clearer picture of how you want to prioritize your preventative measures versus your reactive measures.

Before you can start improving your cybersecurity approach, you need to know where your baseline is. Devise a handful of real-life scenarios and simulate them on your network. Network penetration testing from trustworthy IT professionals will help pinpoint weak spots in your current framework.

Finalize a plan

All these pieces will complete the puzzle of what your new strategy needs to be. With an experienced technology consultant on board for the entire process, you can easily synthesize the results of your simulation into a multi-pronged approach to proactive security:

  • Security awareness seminars that coach all internal stakeholders – train everyone from the receptionist to the CEO about effective security practices such as password management, proper mobile device usage, and spam awareness
  • Front-line defenses like intrusion prevention systems and hardware firewalls – scrutinize everything trying to sneak its way in through the borders of your network
  • Routine checkups for software updates, licenses, and patches – minimize the chance of leaving a backdoor to your network open
  • Web-filtering services – blacklist dangerous and inappropriate sites for anyone on your network
  • Updated antivirus software – protect your data and systems against the latest and most menacing malware

As soon as you focus on preventing downtime events instead of reacting to them, your IT infrastructure will increase your productivity and efficiency to levels you’ve never dreamed of. Start enhancing your cybersecurity by giving us a call for a demonstration.

Published with permission from TechAdvisory.org. Source.

The post 5 proactive defenses against cyberattacks appeared first on Complete Technology Resources, Inc..

Read More