Hotels are Now The Hottest Ransomware Target

We have been working with the hospitality industry for quite some time. We’ve taken what we’ve learned and applied it to an industry we feel has been under-secured. Rightfully so. Now ransomware is targeting hospitality clients, from small privately-owned hotels and resorts to the biggest chains and names in the industry. Front desks, reservation systems, and even Wi-Fi is now under active attack for their valuable credit card information – and potentially even more valuable payoffs if the locked-down client pays.

Ransomware Prays on Unsecured Hospitality Networks

Nothing makes a more attractive target than a network that is filled with active and useful credit card information for current and past clients. Those credit cards can be compromised within a second’s notice, and then payment derived worldwide.

Also Beware Virtual Skimmers and Data Breaches

Some ransomware targets are no longer waking up the network, but instead are actively skimming the credit cards as they interact with the usually front desk machines.

What You Can Do to Increase Hotel Cybersecurity

We’ve been providing managed IT for the hospitality industry for many years, from wireless network installations to full cybersecurity. Here are some of the most common issues we encounter and what we suggest for solutions.

To our current hospitality clients: please contact us for further information and about upgrading your existing workstations and managed plans with us. To new hotels, resorts, and others in the hospitality industry looking for the best IT solutions to this problem: Triton Technologies can help. Reach out to us for a consultation.

How We Deal with Corporate Espionage and Data Breaches

What better way to beat your competition than to know what they are working on and then steal it? What am I talking about? Corporate espionage.

Corporate Espionage and Data Breaches

Corporate espionage takes many forms, but what we are seeing recently is a tremendous amount of businesses sending in – for lack of better words – spies to their competition and stealing their data. In the last four months, we have been finding with new and existing clients, employees – new hires, subcontractors, and even long-standing employees – being paid by that firm’s competitors to steal their data (which also triggers a potential data breach).

What Managed Service Providers are Seeing

As a managed provider we watch over your network, systems, data, security and more and that includes watching who has access to what and to what systems. Many times, we catch it blatantly happening, such as somebody’s trying to get a USB drive connected in, a tremendous amount of data going through the corporate databases, and/or emails that should not have been sent by employees.

What we’ve also been seeing is a rise in the demand for business owners to prevent these kinds of actions from occurring, while making it seamless within the network.

Implementing Sophos Intercept X and Reflexions

To help business owners keep their secrets, we have begun full-blown implementation of the Sophos Intercept X endpoint protection client. This endpoint client allows not only prevents viruses and malware, but also encrypts hard drives, provides DLP (data loss prevention), and more. It also allows it to seamlessly encrypt and decrypt files based on the local network. So an employee who is working on Word, Excel, and other types of documents can open and close a document or file with ease, but if they copy it to a flash drive, send by email, or use a filesharing service, the file will be encrypted the entire way through, making it useless to would-be spies.

Utilizing Sophos Reflexions, we can monitor all email traffic to and from a network, provide logs, evidence, and monitor who is communicating with the what business for your day-to-day operations. It has been fantastic and instrumental in helping multiple clients see where their leaks were.

Why We Recommend Sophos

Sophos has been a leader in DLP protection, firewalls, encryption, and endpoint management and we cannot say enough good things about them. Business owners who need to secure their intellectual property, their secrets, methodologies should look at implementing a Sophos-based infrastructure.

Here are Triton Technologies we recommend Sophos alongside procedures and managed IT services to improve your cyber security and prevent corporate espionage and data breaches. Want to learn how to get these systems seamlessly implemented at your business? Contact us today.

Security Risk: Why We Don’t Show Client Testimonials

No testimonials please.

If you have been around this website for any period of time, you’ll notice no testimonials. Why?

Testimonials are a source of pride for many but it is also a source of hacking and targets for their clients. You might be surprised to find out how much information a hacker can learn about a company through their testimonials.

Hackers Can Use Testimonials to Find Weaknesses

Every business does their own thing and does it slightly differently than the other people in the same field, IT services is no different. By analyzing what that person does and how that company does it a person could get into that client’s network and utilize their weaknesses get into their infrastructure.

So we don’t post any testimonials to our web page nor to our Facebook page. It is considered a medium risk when it comes to data security and compliance.

Once a hacker knows how the infrastructure is established and how the systems are setup that information could be used to penetrate and destroy that network.

Security Over Celebrity

In one of our previous blog posts, we posted about how a data breach at the source of an RMM service called Continuum caused havoc throughout the MSP world by giving them unfettered access to all the resources to all their MSPs.

That was bad and still continues to be bad for those affected clients.

You’ll never see a solicited post for a testimonial on our public pages. Think of us as the strong, silent type. Want to learn more? Contact us.

Data Breaches and Dropbox

Dropbox over 4 years ago had a data breach which exposed over 86 million users to hackers. The hackers could have access to the passwords for the accounts, encrypted and unencrypted. We look at data breaches and Dropbox, namely their failure on handling it.

It was 4 years ago. They are just making available the data now. That is a massive breach of trust. 4 years of your personal data exposed to the world and you not knowing about it. Only in August 2016 did Dropbox make users aware of the data breach, but what was even worse is how they handled it.

How They Handled the Data Breach

In most data breach situations, they make the users aware almost immediately upon learning about it, force users to change their passwords and almost always there is another layer of security added to prevent it from happening again.

This time around, no such luck.

At best, Dropbox advised users to change their passwords, but did not require it. This is terribly bad. Not only did they delay in the discovery of the breach, their remedy does nothing to prevent a back door from being implemented and all the data stolen before you’re even aware.

Triton’s Recommendation: Change Your File Sharer

Many businesses and personal users rely on file sharing services like Dropbox to transfer files and be able to access them on the go. The copy or deletion of these files in a data breach can not only be a setback, but can also become a real liability for companies transferring client data.

You have to be able to trust the service you use.

That is why Triton Technologies can no longer recommend Dropbox for your individual file sharing and mobile needs.

We recommend a product called Share Sync. Share Sync has proven to us how safe, secure and compliant it is with industry standards and laws.  If you do use Dropbox, uninstall it and switch away. Contact us to learn more about our recommendation, and other secure services available through managed IT providers.

Data Breach: Barbarians at the Gate

In the yesteryear of IT technology in order to have a data breach you needed to have incompetence and an angry person. Data networks were isolated or tightly controlled not because of security but because the technology to link them together is very complex and outside the budgets of most businesses.

Those years of safety by lack of access are gone, long gone.

Why Everyone Wants Your Data

Doctors, lawyers, tax offices and more are interconnected and they are looking for your data. A majority of businesses are on the internet in one form or the other. From basic email to full blown enterprises that live and die on the internet. These businesses and organizations collect your information: store it, use it, market to you or your business and generally keep it for very long periods of time. This type of information is not only valuable for their business but anyone who wants to steal that information for identity theft or to steal your banking information.

How They Get Into Your Network

When your computer is on the internet it is exposed. From your website to your router and or to your wifi, it is a vector to enter your network.

Many hackers use a broadsword when scanning a network looking for anything that responds. If it pings, it is alive and they will focus all their energy looking for weaknesses. Port scanning, exploit detection and exploitation, to man in the middle attacks to full on brute force attacks. What businesses need is a great firewall, excellent antivirus and someone to constantly look over their shoulder to make sure what they are doing is safe and secure.

That is why businesses need to monitor what they are doing, how they are doing it and what manner they do it in.