Protecting Your Law Firm in 2019: Part 1

From Equifax to The Panama Papers, recent history has seen its fair share of cybersecurity blunders. Breaches of well-known companies have proven that even largest and most secure corporations are susceptible to cyber attacks. And if you’re thinking that you may be too small to attack, think again — Ransomware is projected to attack a business every 14 seconds by the end of 2019, up from every 40 seconds this year.

It’s no surprise that law firms have a target on their back when it comes to hacking. Legal firms often deal with highly sensitive information and larger quantities of capital – any hackers dream. Lax security measures and the use of Internet of Things (IoT) devices, many of which lack proper protection, creates unknown vulnerabilities that could result in a digital disaster.

With legal client relationships based on confidentiality, even one publicised mishap can ruin a reputation. Today’s virtual workplace and the growing amount of digital tools servicing the legal industry make it more important than ever to have a contemporary and updated cybersecurity front. In this post, we’ll introduce you to the top three attacks you may face in 2019, then in part two, we’ll teach you exactly what you can do to avoid them.

 

1. Phishing

A Phishing scam is an act of using a fake notification, such as an email, to acquire important credentials from a victim. The notification is often disguised as a normal email, using brand logos and a URL that appears familiar. Leveraging the assumed trust, the scammer will ask for private information in order to fix an issue. With the unsavvy victim confused and vulnerable, they will usually forfeit their information, allowing the thief to easily access their accounts.  On average, 12-30% of people click on phishing messages and are the most common issues in cybersecurity.

 

2. Ransomware Infections:

Ransomware is exactly what it sounds like — a hacker will use a specific software to hold your information or accounts hostage until you can produce a required ransom. Unlike phishing, the information is seldom “taken” from the organization, rather it is obstructed from being accessed or used.

Ransomware can be especially dangerous depending on the infrastructure of an enterprise — while some can lock employees out of their email, others can shut down the entire website or operating system the company relies on.

According to Verizon’s 2018 Data Breach Investigations Report, organizations need to be on high alert for ransomware attacks. The most common causes of a ransomware breach are employee tricked into downloading a disguised file, visiting a compromised website that hides malicious code, a user opens a malicious email attachment, or a user clicks on a malicious link within an email message.

 

3. Distributed Denial-of-Service (DDoS) Attacks.

NETSCOUT Arbor revealed there were seven times more distributed denial (DDoS) attacks… observed during the first six months of 2018 compared to the first half of 2017. In this cyber attack, the perpetrator wants to make a computer or network unavailable. With the denial of service attacks (DoS), cybercriminals flood your site with an extortionate amount of traffic, either rendering it unusable or causing the system to crash.

By overloading a law firm’s internet server, criminals temporarily disrupt the firm’s ability to conduct business. The attack gives the perpetrator leverage for a number of malicious reasons, including holding the site at ransom. For firms relying on IoT services, DoS attacks are a very serious matter, as they can spread like a virus and cause invaluable lose of time and resources. They can also be the first sign of a larger, more complex attack. For this reason, monitoring your traffic to prevent a DoS attack should be at the top of your cybersecurity priorities.

Stay Tuned!

In our next blog, we’ll discuss various methods you can begin to implement for enhanced cyber safety and security.

From Equifax to The Panama Papers, recent history has seen its fair share of cybersecurity blunders. Breaches of well-known companies have proven that even largest and most secure corporations are susceptible to cyber attacks. And if you’re thinking that you may be too small to attack, think again — Ransomware is projected to attack a business every 14 seconds by the end of 2019, up from every 40 seconds this year.

It’s no surprise that law firms have a target on their back when it comes to hacking. Legal firms often deal with highly sensitive information and larger quantities of capital – any hackers dream. Lax security measures and the use of Internet of Things (IoT) devices, many of which lack proper protection, creates unknown vulnerabilities that could result in a digital disaster.

With legal client relationships based on confidentiality, even one publicised mishap can ruin a reputation. Today’s virtual workplace and the growing amount of digital tools servicing the legal industry make it more important than ever to have a contemporary and updated cybersecurity front. In this post, we’ll introduce you to the top three attacks you may face in 2019, then in part two, we’ll teach you exactly what you can do to avoid them.

 

1. Phishing

A Phishing scam is an act of using a fake notification, such as an email, to acquire important credentials from a victim. The notification is often disguised as a normal email, using brand logos and a URL that appears familiar. Leveraging the assumed trust, the scammer will ask for private information in order to fix an issue. With the unsavvy victim confused and vulnerable, they will usually forfeit their information, allowing the thief to easily access their accounts.  On average, 12-30% of people click on phishing messages and are the most common issues in cybersecurity.

 

2. Ransomware Infections:

Ransomware is exactly what it sounds like — a hacker will use a specific software to hold your information or accounts hostage until you can produce a required ransom. Unlike phishing, the information is seldom “taken” from the organization, rather it is obstructed from being accessed or used.

Ransomware can be especially dangerous depending on the infrastructure of an enterprise — while some can lock employees out of their email, others can shut down the entire website or operating system the company relies on.

According to Verizon’s 2018 Data Breach Investigations Report, organizations need to be on high alert for ransomware attacks. The most common causes of a ransomware breach are employee tricked into downloading a disguised file, visiting a compromised website that hides malicious code, a user opens a malicious email attachment, or a user clicks on a malicious link within an email message.

 

3. Distributed Denial-of-Service (DDoS) Attacks.

NETSCOUT Arbor revealed there were seven times more distributed denial (DDoS) attacks… observed during the first six months of 2018 compared to the first half of 2017. In this cyber attack, the perpetrator wants to make a computer or network unavailable. With the denial of service attacks (DoS), cybercriminals flood your site with an extortionate amount of traffic, either rendering it unusable or causing the system to crash.

By overloading a law firm’s internet server, criminals temporarily disrupt the firm’s ability to conduct business. The attack gives the perpetrator leverage for a number of malicious reasons, including holding the site at ransom. For firms relying on IoT services, DoS attacks are a very serious matter, as they can spread like a virus and cause invaluable lose of time and resources. They can also be the first sign of a larger, more complex attack. For this reason, monitoring your traffic to prevent a DoS attack should be at the top of your cybersecurity priorities.

Stay Tuned!

In our next blog, we’ll discuss various methods you can begin to implement for enhanced cyber safety and security.

These Police Officers Called for Backup… and it was Infected with Ransomware

The police exist to serve, protect, and enforce the law, but who can we turn to if even the cops are made victim of a cyberattack? This is the question the residents of Cockrell, Texas have to answer, as their police department fell victim to a ransomware attack known as the Osiris Ransomware.

Before you start to worry too much about this terrible new strain of ransomware, you should know that “Osiris” has been identified as a recent version of the Locky ransomware. The police department likely only referred to it as “Osiris” due to their encrypted files all sporting the extension “.osiris.”

This began as many ransomware attacks do; an on-screen message notified the police that their files had been locked, and would only be unlocked if the department paid up the demanded $4,000. As happens far too often, the ransomware was introduced into their system when a member of the department opened a spoofed email that appeared to be an official department communication. In keeping to best practices, the police’s IT department elected to restore the infected server’s files from a backup.
Unfortunately, the backup they had to restore from was taken after their systems had been infected, meaning that all they had were more locked and infected files.

This caused Cockrell authorities no small amount of trouble, as the encrypted files included years and years of photographic and video evidence to be used to prosecute cases. Time will only tell how much of an impact this will have on legal proceedings.

These events serve as a warning to all who rely on data in order to do their job, including businesses everywhere. It is essential to remember that your security is only as good as the people who are given access to your data. Furthermore, it reinforces the importance of keeping more than just one backup of your system. Backing up incrementally, and storing archived backups off site will usually safeguard a business from having the entire backup corrupted in the event of ransomware like this.

Contact Us

Reach out to us at (844) 493-0015 so we can optimize your IT to protect you against ransomware and other critical issues.

The police exist to serve, protect, and enforce the law, but who can we turn to if even the cops are made victim of a cyberattack? This is the question the residents of Cockrell, Texas have to answer, as their police department fell victim to a ransomware attack known as the Osiris Ransomware.

Before you start to worry too much about this terrible new strain of ransomware, you should know that “Osiris” has been identified as a recent version of the Locky ransomware. The police department likely only referred to it as “Osiris” due to their encrypted files all sporting the extension “.osiris.”

This began as many ransomware attacks do; an on-screen message notified the police that their files had been locked, and would only be unlocked if the department paid up the demanded $4,000. As happens far too often, the ransomware was introduced into their system when a member of the department opened a spoofed email that appeared to be an official department communication. In keeping to best practices, the police’s IT department elected to restore the infected server’s files from a backup.
Unfortunately, the backup they had to restore from was taken after their systems had been infected, meaning that all they had were more locked and infected files.

This caused Cockrell authorities no small amount of trouble, as the encrypted files included years and years of photographic and video evidence to be used to prosecute cases. Time will only tell how much of an impact this will have on legal proceedings.

These events serve as a warning to all who rely on data in order to do their job, including businesses everywhere. It is essential to remember that your security is only as good as the people who are given access to your data. Furthermore, it reinforces the importance of keeping more than just one backup of your system. Backing up incrementally, and storing archived backups off site will usually safeguard a business from having the entire backup corrupted in the event of ransomware like this.

Contact Us

Reach out to us at (844) 493-0015 so we can optimize your IT to protect you against ransomware and other critical issues.

JDL Group Inc. Receives 2017 Best of Berkeley Heights Award

BERKELEY HEIGHTS March 22, 2017 — JDL Group Inc. has been selected for the 2017 Best of Berkeley Heights Award in the Computers & Electronics category by the Berkeley Heights Award Program.

Each year, the Berkeley Heights Award Program identifies companies that we believe have achieved exceptional marketing success in their local community and business category. These are local companies that enhance the positive image of small business through service to their customers and our community. These exceptional companies help make the Berkeley Heights area a great place to live, work and play.

Various sources of information were gathered and analyzed to choose the winners in each category. The 2017 Berkeley Heights Award Program focuses on quality, not quantity. Winners are determined based on the information gathered both internally by the Berkeley Heights Award Program and data provided by third parties.

About Berkeley Heights Award Program

The Berkeley Heights Award Program is an annual awards program honoring the achievements and accomplishments of local businesses throughout the Berkeley Heights area. Recognition is given to those companies that have shown the ability to use their best practices and implemented programs to generate competitive advantages and long-term value.

The Berkeley Heights Award Program was established to recognize the best of local businesses in our community. Our organization works exclusively with local business owners, trade groups, professional associations and other business advertising and marketing groups. Our mission is to recognize the small business community’s contributions to the U.S. economy.

Contact Us

Contact us today for all of your cyber security needs.

BERKELEY HEIGHTS March 22, 2017 — JDL Group Inc. has been selected for the 2017 Best of Berkeley Heights Award in the Computers & Electronics category by the Berkeley Heights Award Program.

Each year, the Berkeley Heights Award Program identifies companies that we believe have achieved exceptional marketing success in their local community and business category. These are local companies that enhance the positive image of small business through service to their customers and our community. These exceptional companies help make the Berkeley Heights area a great place to live, work and play.

Various sources of information were gathered and analyzed to choose the winners in each category. The 2017 Berkeley Heights Award Program focuses on quality, not quantity. Winners are determined based on the information gathered both internally by the Berkeley Heights Award Program and data provided by third parties.

About Berkeley Heights Award Program

The Berkeley Heights Award Program is an annual awards program honoring the achievements and accomplishments of local businesses throughout the Berkeley Heights area. Recognition is given to those companies that have shown the ability to use their best practices and implemented programs to generate competitive advantages and long-term value.

The Berkeley Heights Award Program was established to recognize the best of local businesses in our community. Our organization works exclusively with local business owners, trade groups, professional associations and other business advertising and marketing groups. Our mission is to recognize the small business community’s contributions to the U.S. economy.

Contact Us

Contact us today for all of your cyber security needs.

Tip of the Week: You May Want to Remove Your Wi-Fi Information From the WiGLE Database

The next time you look at your device’s available Wi-Fi connections when in public, take a look at what some of the local connection names are. Chances are that you’ll see some names that match a nearby organization or family. Others might still be using the default SSID, like Linksys/Netgear-something-or-other. Others might get a little more creative. The latter example may have the right idea; using an obscure wireless network name is much more secure than naming your connection after what it’s associated with.

That’s not to say that those who have named their home Wi-Fi networks things like “FBI Surveillance Van 3” or “Pretty Fly for a Wi-Fi” are in the right, but you get the idea. Instead of misleading people with your SSID, you want to think of your wireless network’s name as a shield against possible hacking attacks. In fact, it’s recommended that you don’t broadcast it at all if you can help it, but this isn’t always an option–especially for organizations that offer Wi-Fi to the public as part of their consumer obligation.

One website in particular highlights the importance of naming your Wi-Fi network something inconspicuous. A service called WiGLE collects information from wireless networks and compiles it in an online database that’s searchable. WiGLE also offers software solutions that can map, query, and update these databases. Among the uses for WiGLE are: educating the public, research projects, site surveys, journalism, analyzing wireless usage, and finding usable networks while on the go.

Knowing that a tool like this exists, should make you stop and ask several questions. If your wireless network’s data is being collected, is it at risk? Is it something that you should be worried about? How do you remove your business’s wireless network from WiGLE? Well, WiGLE has posted answers to all of these questions:

“If your network is in WiGLE and you don’t like it, we’ll take it out immediately, but you should look into making your network harder to detect AND more secure; remember that you’re the one bombarding passers-by with your signal. We aren’t affiliated directly with any particular community or interest (other than our own), but we applaud the efforts of the people who wrote the stumbling software that feeds our project, the people looking to use wireless in innovative ways, and especially the community of people who just dig wireless network access and dig sharing it.”

To learn more, you can access the website here.
What are your thoughts on WiGLE? Let us know in the comments, and be sure to reach out to us for help securing your company’s wireless network.

Contact Us

Are you confident in the security of your wireless network? Don’t hesitate to call us at (844) 493-0015 if you feel it’s time to audit one of your most targetable entry-points.

The next time you look at your device’s available Wi-Fi connections when in public, take a look at what some of the local connection names are. Chances are that you’ll see some names that match a nearby organization or family. Others might still be using the default SSID, like Linksys/Netgear-something-or-other. Others might get a little more creative. The latter example may have the right idea; using an obscure wireless network name is much more secure than naming your connection after what it’s associated with.

That’s not to say that those who have named their home Wi-Fi networks things like “FBI Surveillance Van 3” or “Pretty Fly for a Wi-Fi” are in the right, but you get the idea. Instead of misleading people with your SSID, you want to think of your wireless network’s name as a shield against possible hacking attacks. In fact, it’s recommended that you don’t broadcast it at all if you can help it, but this isn’t always an option–especially for organizations that offer Wi-Fi to the public as part of their consumer obligation.

One website in particular highlights the importance of naming your Wi-Fi network something inconspicuous. A service called WiGLE collects information from wireless networks and compiles it in an online database that’s searchable. WiGLE also offers software solutions that can map, query, and update these databases. Among the uses for WiGLE are: educating the public, research projects, site surveys, journalism, analyzing wireless usage, and finding usable networks while on the go.

Knowing that a tool like this exists, should make you stop and ask several questions. If your wireless network’s data is being collected, is it at risk? Is it something that you should be worried about? How do you remove your business’s wireless network from WiGLE? Well, WiGLE has posted answers to all of these questions:

“If your network is in WiGLE and you don’t like it, we’ll take it out immediately, but you should look into making your network harder to detect AND more secure; remember that you’re the one bombarding passers-by with your signal. We aren’t affiliated directly with any particular community or interest (other than our own), but we applaud the efforts of the people who wrote the stumbling software that feeds our project, the people looking to use wireless in innovative ways, and especially the community of people who just dig wireless network access and dig sharing it.”

To learn more, you can access the website here.
What are your thoughts on WiGLE? Let us know in the comments, and be sure to reach out to us for help securing your company’s wireless network.

Contact Us

Are you confident in the security of your wireless network? Don’t hesitate to call us at (844) 493-0015 if you feel it’s time to audit one of your most targetable entry-points.

Productivity Suffers Without a Cohesive IT Plan

There are right ways and wrong ways to do many things, and managing IT is no exception. Many businesses, especially small ones, are left susceptible to issues and vulnerabilities in their network. What’s worse, these are often networks that are supported by an IT “expert.”

Whether it’s due to budget constraints, a lack of workable time, or any other reason, companies frequently settle for substandard solutions when it comes to making changes to their IT. Oftentimes, they’ll try to bury their issues underneath a relatively updated infrastructure without doing anything to resolve the underlying problem. Either that, or they decide that they can fix the problem themselves, piecing together an unstable solution that almost works.

Observing this has only made us at JDL Group more dedicated to providing a real solution for businesses that resort to these DIY implementations.

Many business, most often small ones, have a few things in common. First, they all experience similar issues with their IT, and secondly, they are usually ill-prepared to deal with the repercussions of these issues. Furthermore, these businesses will frequently neglect their need for standard operating procedures for their employees to follow.

This only opens the business up to greater issues as the employees will resort to processes that they’re personally comfortable with to complete their responsibilities. In the end, the workforce is left in the uncomfortable position of desperately needing change, with the unwillingness to make any changes.

As a result, the already tricky business of running an SMB is only made more difficult. When issues persistently prevent your technology from serving its intended purpose, your employees will be rendered incapable of meeting their responsibilities by a situation that is out of their control.

Contact Us

JDL Group can help put control back into your hands with our variety of IT solutions. From our proactive monitoring and maintenance practices to our ability to block many distractions, we can apply a consistent solution to your entire network, unifying your IT so it will better serve your needs. Call us at (844) 493-0015 for more information.

There are right ways and wrong ways to do many things, and managing IT is no exception. Many businesses, especially small ones, are left susceptible to issues and vulnerabilities in their network. What’s worse, these are often networks that are supported by an IT “expert.”

Whether it’s due to budget constraints, a lack of workable time, or any other reason, companies frequently settle for substandard solutions when it comes to making changes to their IT. Oftentimes, they’ll try to bury their issues underneath a relatively updated infrastructure without doing anything to resolve the underlying problem. Either that, or they decide that they can fix the problem themselves, piecing together an unstable solution that almost works.

Observing this has only made us at JDL Group more dedicated to providing a real solution for businesses that resort to these DIY implementations.

Many business, most often small ones, have a few things in common. First, they all experience similar issues with their IT, and secondly, they are usually ill-prepared to deal with the repercussions of these issues. Furthermore, these businesses will frequently neglect their need for standard operating procedures for their employees to follow.

This only opens the business up to greater issues as the employees will resort to processes that they’re personally comfortable with to complete their responsibilities. In the end, the workforce is left in the uncomfortable position of desperately needing change, with the unwillingness to make any changes.

As a result, the already tricky business of running an SMB is only made more difficult. When issues persistently prevent your technology from serving its intended purpose, your employees will be rendered incapable of meeting their responsibilities by a situation that is out of their control.

Contact Us

JDL Group can help put control back into your hands with our variety of IT solutions. From our proactive monitoring and maintenance practices to our ability to block many distractions, we can apply a consistent solution to your entire network, unifying your IT so it will better serve your needs. Call us at (844) 493-0015 for more information.

Here’s a Cost-Effective Alternative to Onboarding Additional IT Staff

An internal IT department serves two primary purposes for businesses. The first is to keep an eye on your technology problems and resolve them. The second is to plan for the future and implement new strategies that will help your organization function more effectively. The problem for the average small business is that their IT department often doesn’t have the luxury of performing both of these tasks.

The root of the problem is that most IT departments are too busy dealing with technology support issues and requests from employees to innovate. Eventually, this lack of innovation could cost your business money.

Do You Know What You’re Paying Your IT Department For?

By definition, your IT department is supposed to plan methods for your business to improve its infrastructure through any means necessary. On the side, they are supposed to help your organization by providing technical support for your assets. By adhering to this model, your IT department should be able to find ways to improve your technology infrastructure, while providing technical assistance for those who need it. The problem is that, as technology becomes more complicated, the help demanded by employees increases.

While it might seem ideal to approach IT support with an internal IT department, it rarely works out. IT departments just don’t have as much time as they need to really work toward improving anything. Often times, these issues are either recurring or resolved simply by rebooting the system, which is a waste of your IT department’s time.

Is Your IT Department Taking Your Company Nowhere?

While your IT department struggles to keep up, your team will naturally need to make forward progress. However, when all they do is respond to problems without making progress in order to prevent them, it’s easy to overlook the fact that many of these problems can be prevented in the future with a little innovation in the present. Plus, when routine maintenance is foregone for the sake of solving short-term problems, you’ll lose out in the long-term due to decreased performance and security issues.

As you can see (perhaps even from your own experience), an in-house IT department is often more distracted by problems that aren’t even theirs to resolve, which pulls them away from work that could make your business better. As a result, many organizations seek to outsource the IT work of their IT department’s in order to make up lost time. This can include innovation, but more often than not, you’ll find that outsourcing routine IT tasks and technology support to be helpful to your company’s overall goals.

After all, your technicians were hired to innovate, so why not give them the opportunity to do so?

Contact Us

To learn more about outsourced IT, reach out to JDL Group. We can provide a help desk, network audits, and so many more valuable IT services that will help your organization improve efficiency. Call us today at (844) 493-0015.

An internal IT department serves two primary purposes for businesses. The first is to keep an eye on your technology problems and resolve them. The second is to plan for the future and implement new strategies that will help your organization function more effectively. The problem for the average small business is that their IT department often doesn’t have the luxury of performing both of these tasks.

The root of the problem is that most IT departments are too busy dealing with technology support issues and requests from employees to innovate. Eventually, this lack of innovation could cost your business money.

Do You Know What You’re Paying Your IT Department For?

By definition, your IT department is supposed to plan methods for your business to improve its infrastructure through any means necessary. On the side, they are supposed to help your organization by providing technical support for your assets. By adhering to this model, your IT department should be able to find ways to improve your technology infrastructure, while providing technical assistance for those who need it. The problem is that, as technology becomes more complicated, the help demanded by employees increases.

While it might seem ideal to approach IT support with an internal IT department, it rarely works out. IT departments just don’t have as much time as they need to really work toward improving anything. Often times, these issues are either recurring or resolved simply by rebooting the system, which is a waste of your IT department’s time.

Is Your IT Department Taking Your Company Nowhere?

While your IT department struggles to keep up, your team will naturally need to make forward progress. However, when all they do is respond to problems without making progress in order to prevent them, it’s easy to overlook the fact that many of these problems can be prevented in the future with a little innovation in the present. Plus, when routine maintenance is foregone for the sake of solving short-term problems, you’ll lose out in the long-term due to decreased performance and security issues.

As you can see (perhaps even from your own experience), an in-house IT department is often more distracted by problems that aren’t even theirs to resolve, which pulls them away from work that could make your business better. As a result, many organizations seek to outsource the IT work of their IT department’s in order to make up lost time. This can include innovation, but more often than not, you’ll find that outsourcing routine IT tasks and technology support to be helpful to your company’s overall goals.

After all, your technicians were hired to innovate, so why not give them the opportunity to do so?

Contact Us

To learn more about outsourced IT, reach out to JDL Group. We can provide a help desk, network audits, and so many more valuable IT services that will help your organization improve efficiency. Call us today at (844) 493-0015.

How Vizio Got Busted for Spying on Its Customers

What have you watched on TV lately? Actually, never mind; if you don’t want to tell us, we can just ask Vizio. Relax–we’re not actually going through with this, but the fact remains that 11 million owners of Vizio televisions had their viewing habits tracked by the manufacturer. Were you one of them?

A fine by the Federal Trade Commission, totalling $2.2 million, was issued to Vizio following its actions of collecting data on users. This data included what the televisions were displaying, regardless of what the input was; whether it was smart TV apps, DVD players, air broadcasts, the TV’s IP addresses, or cable boxes. Whatever the TV had on it, Vizio could gather the data and do with it as it pleased. A federal court ordered Vizio to delete any data that they collected before March 2016 because their customers were not told of the company’s data sharing practices.

To remedy this, Vizio now makes its data collection practices available through the TV’s settings. Also part of their settlement, Vizio now sends notifications directly to the user’s screen. Jerry Huang, Vizio’s General Counsel, issued a statement regarding the incident: “Instead, as the complaint notes, the practices challenged by the government related only to the use of viewing data in the ‘aggregate’ to create summary reports measuring viewing audiences or behaviors. Today, the FTC has made clear that all smart TV makers should get people’s consent before collecting and sharing television viewing information and Vizio now is leading the way.”

Of course, the question of what Vizio did with all of that data needs to be asked. Perhaps the company used the data to understand how customers were using its hardware, such as how frequently it was used and what kinds of devices were used in conjunction with it. This way, Vizio could use the data to better their products and make them more useful. Of course, that’s an optimistic view.

Another way that Vizio could have used this data is by collecting it to distribute to paying partners for marketing purposes. This type of data collection would be very lucrative for Vizio, a practice that could be difficult to ignore.

Was this collection of data a clear violation of generally-accepted ethics? That’s debatable, but the truth of the matter is that Vizio would have had a better time of it if they gave their customers the choice of being involved these data collection practices. If anything, it should make you consider how you’re using your own Internet-connected devices. You never know if and how they might be spying on you.

What are your thoughts on this development? Let us know in the comments, and be sure to subscribe to our blog.

Contact Us

Contact us today for all of your cyber security needs.

What have you watched on TV lately? Actually, never mind; if you don’t want to tell us, we can just ask Vizio. Relax–we’re not actually going through with this, but the fact remains that 11 million owners of Vizio televisions had their viewing habits tracked by the manufacturer. Were you one of them?

A fine by the Federal Trade Commission, totalling $2.2 million, was issued to Vizio following its actions of collecting data on users. This data included what the televisions were displaying, regardless of what the input was; whether it was smart TV apps, DVD players, air broadcasts, the TV’s IP addresses, or cable boxes. Whatever the TV had on it, Vizio could gather the data and do with it as it pleased. A federal court ordered Vizio to delete any data that they collected before March 2016 because their customers were not told of the company’s data sharing practices.

To remedy this, Vizio now makes its data collection practices available through the TV’s settings. Also part of their settlement, Vizio now sends notifications directly to the user’s screen. Jerry Huang, Vizio’s General Counsel, issued a statement regarding the incident: “Instead, as the complaint notes, the practices challenged by the government related only to the use of viewing data in the ‘aggregate’ to create summary reports measuring viewing audiences or behaviors. Today, the FTC has made clear that all smart TV makers should get people’s consent before collecting and sharing television viewing information and Vizio now is leading the way.”

Of course, the question of what Vizio did with all of that data needs to be asked. Perhaps the company used the data to understand how customers were using its hardware, such as how frequently it was used and what kinds of devices were used in conjunction with it. This way, Vizio could use the data to better their products and make them more useful. Of course, that’s an optimistic view.

Another way that Vizio could have used this data is by collecting it to distribute to paying partners for marketing purposes. This type of data collection would be very lucrative for Vizio, a practice that could be difficult to ignore.

Was this collection of data a clear violation of generally-accepted ethics? That’s debatable, but the truth of the matter is that Vizio would have had a better time of it if they gave their customers the choice of being involved these data collection practices. If anything, it should make you consider how you’re using your own Internet-connected devices. You never know if and how they might be spying on you.

What are your thoughts on this development? Let us know in the comments, and be sure to subscribe to our blog.

Contact Us

Contact us today for all of your cyber security needs.

Tip of the Week: Stuck Using a Public PC? Be Sure to Follow These 2 Privacy Tips

Full disclosure: we don’t recommend doing anything important, or really anything at all, on a public computer. However, we understand that sometimes life works out in an unideal fashion, and sometimes you can be stuck doing something you shouldn’t, and otherwise wouldn’t. Even in these cases, there are steps you can take to preserve your security.

Despite the explosion in mobile device connectivity, the use of public computers is still remarkably common. Unfortunately, the same remarks can’t be said about their relative security. These open devices tend to have few solutions in place–if any–especially when compared to the average privately-held device.

However, as we go through the steps you need to take while using a public computer, we will also go through some alternatives that you really should consider implementing before you find yourself in this risky situation.

Use a Private Browser

The default settings for most web browsers are designed, more or less, for a single user’s exclusive use. This is why your browser collects data like your history, what you’ve downloaded, and account credentials. It’s all done to make the user’s experience simpler–which, on a private machine, isn’t necessarily a bad thing.

However, these capabilities don’t just go away because more than one person uses the computer, and so if you enter some sensitive credentials, the next user may be able to access and utilize them as well. Using a private browser prevents you from leaving those digital footprints on the machine by having it “forget” what you were just using it to access.

Keep in mind, private browsers aren’t a cure-all when it comes to your online security. Even though the computer itself won’t have a record of your browsing, it doesn’t mean that private browsers wipe your trail from the Internet as well. In order to do that, there are other measures you’ll have to take.

Use a Virtual Private Network

Virtual Private Networks, or VPNs, are a step up from a private browser. Once a user logs in to their VPN, their IP address is effectively shielded from view, and their activity is processed through an encrypted virtual tunnel. Using proxy servers that span across the globe, your identity and location are shielded enough that you will never be the target of an opportunistic attack.

As far as price is concerned with a VPN, there are free options out there, as well as many very reasonably priced, paid varieties. Your VPN would need to be set up on your office network before you plan on using it from an outside location.

When it comes to doing business while travelling, it’s only natural that the urge is there to use whatever is available. However, if you must decide between productivity and security, it is much more prudent to prioritize security. After all, without your security, you may just find that your finished product has been tampered with or stolen.

On the topic of security, it cannot be said enough that using a public computer in any professional capacity is simply not a risk that is worth taking. There is simply no way that you may be sure that your data is absolutely safe.

Contact Us

JDL Group can help you maintain your security in situations like these. Give us a call at 973.607.2140 to learn more.

Full disclosure: we don’t recommend doing anything important, or really anything at all, on a public computer. However, we understand that sometimes life works out in an unideal fashion, and sometimes you can be stuck doing something you shouldn’t, and otherwise wouldn’t. Even in these cases, there are steps you can take to preserve your security.

Despite the explosion in mobile device connectivity, the use of public computers is still remarkably common. Unfortunately, the same remarks can’t be said about their relative security. These open devices tend to have few solutions in place–if any–especially when compared to the average privately-held device.

However, as we go through the steps you need to take while using a public computer, we will also go through some alternatives that you really should consider implementing before you find yourself in this risky situation.

Use a Private Browser

The default settings for most web browsers are designed, more or less, for a single user’s exclusive use. This is why your browser collects data like your history, what you’ve downloaded, and account credentials. It’s all done to make the user’s experience simpler–which, on a private machine, isn’t necessarily a bad thing.

However, these capabilities don’t just go away because more than one person uses the computer, and so if you enter some sensitive credentials, the next user may be able to access and utilize them as well. Using a private browser prevents you from leaving those digital footprints on the machine by having it “forget” what you were just using it to access.

Keep in mind, private browsers aren’t a cure-all when it comes to your online security. Even though the computer itself won’t have a record of your browsing, it doesn’t mean that private browsers wipe your trail from the Internet as well. In order to do that, there are other measures you’ll have to take.

Use a Virtual Private Network

Virtual Private Networks, or VPNs, are a step up from a private browser. Once a user logs in to their VPN, their IP address is effectively shielded from view, and their activity is processed through an encrypted virtual tunnel. Using proxy servers that span across the globe, your identity and location are shielded enough that you will never be the target of an opportunistic attack.

As far as price is concerned with a VPN, there are free options out there, as well as many very reasonably priced, paid varieties. Your VPN would need to be set up on your office network before you plan on using it from an outside location.

When it comes to doing business while travelling, it’s only natural that the urge is there to use whatever is available. However, if you must decide between productivity and security, it is much more prudent to prioritize security. After all, without your security, you may just find that your finished product has been tampered with or stolen.

On the topic of security, it cannot be said enough that using a public computer in any professional capacity is simply not a risk that is worth taking. There is simply no way that you may be sure that your data is absolutely safe.

Contact Us

JDL Group can help you maintain your security in situations like these. Give us a call at 973.607.2140 to learn more.

Worried About Identity Theft at Work? Follow These Tips for Peace of Mind

The Bureau of Justice estimated that five percent of the entire U.S. population were victimized by identity thieves, a total of 11.7 million people. While the methods of collecting the data that identity thieves need to commit their crime vary from dumpster diving for carelessly discarded documents, to email phishing scams, there is a particular target that can easily supply them with the data they will need: the workplace.

While many businesses must collect a lot of personal data from their clients for billing purposes, their employees are also made vulnerable if some of that data was to be absconded with. After all, in order to properly pay an employee for their work, an employer will need a lot of their personally identifiable information on record. As a result, a workplace becomes a high-value target for someone seeking the data necessary to complete fraudulent actions in someone else’s name and becomes the responsibility of the entire business to safeguard that data, for the sake of their employees and their clients.

To that end, every employee should be educated in the best practices for protecting a company’s trove of sensitive information, and policies need to be implemented and enforced to ensure that these best practices are followed. To get you started with securing your office, make sure these four best practices are followed by everyone associated with your company.

Don’t Leave Workstations Unattended

Computers need to be locked and only accessible by its user’s password. Otherwise, anyone (be it a less-than-trustworthy employee or someone off the street stumbling across an opportunity) could access that workstation and any company documents available to that employee.

Go Paperless

Identity thieves love paper trails. Whether it be copies of sensitive files that make their way to the trash, or even documents that get left lying around the office, the fact of the matter is that having paper copies of sensitive information only increases the risk that this information will get stolen. Going paperless is a way to minimize this risk entirely.

Train Employees to Know What Email Scams Looks Like

Scams targeting email inboxes are some of the top ways that identities are compromised. Therefore, in addition to having a good spam blocking solution in place, you’re going to want to make sure that every worker knows what an email scam looks like so they won’t fall for one. You may know how to spot an obvious email scam, like an unsolicited email requesting sensitive information, but how sure are you that your staff knows what a scam looks like as well?

Implement Enterprise-Level Security Solutions

Without proactive solutions in place to protect your company’s sensitive data, it could easily fall into the wrong hands if a hacker breached your network. Every business needs to have security tools in place like antivirus, firewalls, spam-blocking, and content filtering. Thankfully, a solution like a Unified Threat Management tool offers businesses an easy way to get this kind of comprehensive protection in one easy-to-implement package!

Of course, there are many other steps to take to prevent your workplace from becoming an identity thief’s jackpot. JDL Group can help advise you on the other steps your business needs to take in order to keep the identities it deals with properly protected.

Contact Us

Call us today at 1-(844)-493-0015 for more information on the steps you need to take to prevent identity theft.

The Bureau of Justice estimated that five percent of the entire U.S. population were victimized by identity thieves, a total of 11.7 million people. While the methods of collecting the data that identity thieves need to commit their crime vary from dumpster diving for carelessly discarded documents, to email phishing scams, there is a particular target that can easily supply them with the data they will need: the workplace.

While many businesses must collect a lot of personal data from their clients for billing purposes, their employees are also made vulnerable if some of that data was to be absconded with. After all, in order to properly pay an employee for their work, an employer will need a lot of their personally identifiable information on record. As a result, a workplace becomes a high-value target for someone seeking the data necessary to complete fraudulent actions in someone else’s name and becomes the responsibility of the entire business to safeguard that data, for the sake of their employees and their clients.

To that end, every employee should be educated in the best practices for protecting a company’s trove of sensitive information, and policies need to be implemented and enforced to ensure that these best practices are followed. To get you started with securing your office, make sure these four best practices are followed by everyone associated with your company.

Don’t Leave Workstations Unattended

Computers need to be locked and only accessible by its user’s password. Otherwise, anyone (be it a less-than-trustworthy employee or someone off the street stumbling across an opportunity) could access that workstation and any company documents available to that employee.

Go Paperless

Identity thieves love paper trails. Whether it be copies of sensitive files that make their way to the trash, or even documents that get left lying around the office, the fact of the matter is that having paper copies of sensitive information only increases the risk that this information will get stolen. Going paperless is a way to minimize this risk entirely.

Train Employees to Know What Email Scams Looks Like

Scams targeting email inboxes are some of the top ways that identities are compromised. Therefore, in addition to having a good spam blocking solution in place, you’re going to want to make sure that every worker knows what an email scam looks like so they won’t fall for one. You may know how to spot an obvious email scam, like an unsolicited email requesting sensitive information, but how sure are you that your staff knows what a scam looks like as well?

Implement Enterprise-Level Security Solutions

Without proactive solutions in place to protect your company’s sensitive data, it could easily fall into the wrong hands if a hacker breached your network. Every business needs to have security tools in place like antivirus, firewalls, spam-blocking, and content filtering. Thankfully, a solution like a Unified Threat Management tool offers businesses an easy way to get this kind of comprehensive protection in one easy-to-implement package!

Of course, there are many other steps to take to prevent your workplace from becoming an identity thief’s jackpot. JDL Group can help advise you on the other steps your business needs to take in order to keep the identities it deals with properly protected.

Contact Us

Call us today at 1-(844)-493-0015 for more information on the steps you need to take to prevent identity theft.

Let the 80/20 Rule Be Your Guide for IT Security

IT security is something that businesses of all shapes, sizes, and varieties have to be concerned about. You’ll be faced with the question of whether you have adequate security practices on a daily basis. For help with understanding why the smallest vulnerabilities often result in the most data loss, look no further than the 80/20 rule.

This rule, often called the Pareto Principle, is defined as such by Investopedia: “[the Pareto Principle] specifies an unequal relationship between inputs and outputs. The principle states that 20 percent of the invested input is responsible for 80 percent of the results obtained. Put another way, 80 percent of consequences stem from 20 percent of the causes.”

In other words, the Pareto Principle is a strategy that attempts to explain how you should delegate your organization’s security resources in order to maximize the security you get. In this case, you are using your assets to protect your network from online threats. However, you might realize that even if you search and search for network vulnerabilities, you won’t find all of them. There are simply too many threats out there to identify. Instead, you use the Pareto Principle to identify where you can do the most good for your organization’s network security.

This principle can also work in reverse; only 20 percent of the vulnerabilities on the Internet lead to 80 percent of the data loss. When you think about it, this makes sense. How often do you hear about major data breaches in which multiple vulnerabilities were exploited? Instead, it’s usually just one major hack that led to many compromised accounts.

Yet, the biggest part of effectively using the 80/20 rule is determining what your priorities should be, and which threats are the most dangerous. After all, if everything is a priority, then nothing can get done. This results in all-around subpar security that leaves large threats unchecked.

A penetration test can help JDL Group to find where your organization’s most important security flaws lie. We can locate and resolve your most critical security flaws through a process called Remote Monitoring and Management (RMM), which allows us to connect to your office’s technology solutions and issue the required patches and security updates without an on-site visit. In fact, most situations will only call for remote access, so you can save both time and money with an RMM tool.

In fact, there’s one solution that is capable of protecting the majority of your network without much effort at all. It’s called a Unified Threat Management solution, and it includes all of the major components of network security in one convenient package. With an enterprise-level firewall, antivirus, spam blocker, and content filter, you can know with certainty that one solution covers the majority of the challenges presented by network security.

With JDL Group’s managed IT services, you’re creating many opportunities for enhanced network security, improved network performance, and optimized operations.

Contact Us

To learn more about how we make technology work for you, reach out to us at 1-(844) 493-0015.

IT security is something that businesses of all shapes, sizes, and varieties have to be concerned about. You’ll be faced with the question of whether you have adequate security practices on a daily basis. For help with understanding why the smallest vulnerabilities often result in the most data loss, look no further than the 80/20 rule.

This rule, often called the Pareto Principle, is defined as such by Investopedia: “[the Pareto Principle] specifies an unequal relationship between inputs and outputs. The principle states that 20 percent of the invested input is responsible for 80 percent of the results obtained. Put another way, 80 percent of consequences stem from 20 percent of the causes.”

In other words, the Pareto Principle is a strategy that attempts to explain how you should delegate your organization’s security resources in order to maximize the security you get. In this case, you are using your assets to protect your network from online threats. However, you might realize that even if you search and search for network vulnerabilities, you won’t find all of them. There are simply too many threats out there to identify. Instead, you use the Pareto Principle to identify where you can do the most good for your organization’s network security.

This principle can also work in reverse; only 20 percent of the vulnerabilities on the Internet lead to 80 percent of the data loss. When you think about it, this makes sense. How often do you hear about major data breaches in which multiple vulnerabilities were exploited? Instead, it’s usually just one major hack that led to many compromised accounts.

Yet, the biggest part of effectively using the 80/20 rule is determining what your priorities should be, and which threats are the most dangerous. After all, if everything is a priority, then nothing can get done. This results in all-around subpar security that leaves large threats unchecked.

A penetration test can help JDL Group to find where your organization’s most important security flaws lie. We can locate and resolve your most critical security flaws through a process called Remote Monitoring and Management (RMM), which allows us to connect to your office’s technology solutions and issue the required patches and security updates without an on-site visit. In fact, most situations will only call for remote access, so you can save both time and money with an RMM tool.

In fact, there’s one solution that is capable of protecting the majority of your network without much effort at all. It’s called a Unified Threat Management solution, and it includes all of the major components of network security in one convenient package. With an enterprise-level firewall, antivirus, spam blocker, and content filter, you can know with certainty that one solution covers the majority of the challenges presented by network security.

With JDL Group’s managed IT services, you’re creating many opportunities for enhanced network security, improved network performance, and optimized operations.

Contact Us

To learn more about how we make technology work for you, reach out to us at 1-(844) 493-0015.