OneLogin, a single sign-on service that allows users to access multiple sites and applications using just one password confirmed on June 1st that its systems had been breached and login information had been exposed. According to the firm, this breach affects “all customers served by our US data centre” and the hackers had “the ability to decrypt encrypted data”1. This is the second time within the past year that the firm had its security breached.1
So, how can you protect your data from a breach? One way is to have two-factor authentication, which is a method used to confirm a user’s claimed identity by utilizing a combination of two different components, generally something you know with something you have. For example, when you withdraw money from an ATM, only the correct combination of a PIN (something you know) with the bank card (something you have), will grant the transaction to take place.
One of the safest ways to ensure your data is protected is to encrypt it before placing it in the Cloud or with a single sign-on provider, such as OneLogin. Provided your encryption key has not been generated from a simple password, your data will be protected from any breach to your provider, as the provider does not have the password to gain access to your information.
It is vital that one stays vigilant when it comes to protecting your passwords and data. Even the most difficult password can be deciphered if given enough time. Therefore, it is important to regularly change your passwords and ensure they are strong. We have more information on the Do’s and Don’ts of Password management on our blog.
For more information on password and security, connect with Bryley’s cybersecurity experts by calling us at 844.449.8770 or emailing us at ITExperts@Bryley.com.
https://www.bryley.com/wp-content/uploads/logo-340-300x79.png003mediawebhttps://www.bryley.com/wp-content/uploads/logo-340-300x79.png3mediaweb2017-06-05 11:00:472017-06-05 11:00:47What you need to know about the OneLogin Breach
Cloud computing is not just for large organizations. That’s a fact.
Many small businesses are migrating to the cloud and experiencing benefits that were never possible before. Cloud computing allows people access to a wide range of applications via the Internet. Prior to the advent of cloud computing, software had to be downloaded and installed on physical computers or servers in brick and mortar offices. Those days are gone.
Cloud-based applications and services can be accessed anytime from anywhere. All you need is a device with an Internet connection.
The time, effort and cost of managing your systems goes away
The cloud is effectively infinite in size; you need not worry about running out of capacity
Here are some top reasons why organizations are choosing the cloud…
Work from Anywhere. If you have an Internet connection, you can work. Most cloud services are accessible from any device. Organizations can now offer more flexible work schedules to their employees, thereby increasing productivity.
Disaster Recovery. Organizations of all sizes should be investing in robust disaster recovery. For smaller, budget-conscious organizations, cloud-based disaster recovery is ideal. It saves time and money by eliminating high, up-front costs, and internal IT teams are no longer tasked with the complexity of maintaining a best-in-class disaster recovery system.
No Hardware Costs. Cloud computing eliminates the high cost of hardware. You “pay as you go” using a subscription-based model that’s easier to budget.
Security. When your data is stored in the cloud, you can access it anytime from anywhere. You can even remotely wipe data from lost or stolen laptops so it doesn’t get into the wrong hands.
Automatic Software Updates. Servers are off-premise so you don’t have to worry about maintaining them. Software updates are performed as they’re released.
Flexibility. Cloud-based services are ideal for organizations with growing or fluctuating bandwidth demands. If your needs increase, it’s easy to scale up your cloud capacity. If you need to scale down, you can easily do that, too.
Collaboration. Employees can access, edit and share documents anytime from anywhere. Cloud-based file sharing apps are updated in real-time, giving everyone full visibility into current content. Prior to the cloud, workers had to send files back and forth as email attachments to be worked on by one user at a time. That method often led to conflicting document versions.
Greater visibility means improved collaboration, which ultimately translates into a better practices and a healthier bottom line. If you’re still relying on old methodologies, it’s time to move into the 21st century and explore new, reliable cloud-based options that will streamline the way you conduct your business.
For more information about cloud computing, or to inquire about Bryley’s full array of Managed IT Servicesand Managed Cloud Services, please contact us at 978.562.6077 or by email at ITExperts@Bryley.com. We’re here for you.
https://www.bryley.com/wp-content/uploads/logo-340-300x79.png00ABakerhttps://www.bryley.com/wp-content/uploads/logo-340-300x79.pngABaker2017-01-31 06:30:002018-07-11 11:58:07How and Why Is Cloud Computing Beneficial for Small and Medium Organizations?
Options – Switching Public Cloud platforms and Private Cloud compliance
Familiarity – Greater understanding leads to refinement in selections
Growth – Cloud tends to be the primary engine for IT growth
Benefits – Reduction in costs leads all other benefits
Options
Approximately 43% of companies using Public Cloud services that were surveyed in CompTIA’sTrends in Cloud Computing2 switched to a different Public Cloud platform (i.e.: from Google G Suite to Microsoft Office 365). Of these, 46% noted that this secondary migration was more difficult than the initial migration to the Cloud.
The top Public Cloud implementations – email, web presence, and business productivity suites – were used by 51%, 46%, and 45% of the survey respondents, respectively.
Familiarity
Most Cloud-using organizations have a one-to-five year history with Cloud services; they have been through the process before, which simplifies the selection and procurement of new options.
Cloud options, Public, Private, and Hybrid, also are better understood, leading to greater refinement in the cloud-selection process. However, Private Cloud is likely the least-understood option, often being used to refer to a hosted datacenter solution, which is becoming the norm.
Growth
The Gartner Group forecast Cloud revenues of $204B in 2016, a 16.5% growth over 2015.3 Gartner’s 2017 forecast is continued, double-digit growth of 17.3%.
Benefits
Of the CompTIA respondents, over 40% of all organization types – large, medium, and small – cite “Ability to cut costs” as the primary motivation in Cloud computing. Small and medium organizations were also likely to emphasize “Reduce capital expenditures” as a primary motivator.
https://www.bryley.com/wp-content/uploads/logo-340-300x79.png00Garin Livingstonehttps://www.bryley.com/wp-content/uploads/logo-340-300x79.pngGarin Livingstone2017-01-26 06:00:002017-02-09 11:39:21Brief Review of Cloud Trends in 2016 and Beyond
Cloud computing is the grouping of Internet-based computing resources to provide efficient, effective, agile access at a pre-defined price; it has been compared to a utility, where costs are metered against usage. (Visit Wikipedia’s definition.)
Organizations turning to the Cloud can select from these deployment options:
Public Cloud – Available to all paying users (public)
Private Cloud – Restricted to a single organization
Hybrid Cloud – A combination of Public and Private
A Public Cloud deployment is based on a publicly-available infrastructure like Microsoft Azure or Amazon Web Services (AWS); it could include a pre-configured service, like Microsoft Office 365 or Google Apps for Business, which are deployed on publicly-rendered networks at Microsoft and Google data centers respectively. Being public, they are also somewhat more vulnerable to outside intrusion.
A Private Cloud deployment can be internal or external, but is typically setup on separate infrastructure that is dedicated to one organization. For example; 911 providers (Verizon, AT&T, etc.) usually locate this service in dedicated, company-owned data centers. Private Cloud deployments require significant, upfront investment and lack some of the expandability of a Public Cloud.
A Hybrid Cloud contains characteristics of both Public Cloud and Private Cloudstructures; it is a binding of both environments to provide the best of both worlds.
For example; Bryley Systems’ Hosted Cloud Server is a Hybrid Cloud offering that is deployed on equipment owned and managed by Bryley Systems, but is located in a secure, professional, data-center environment with significant fail-over capabilities: The primary equipment is separate and secure, but the location provides the connectivity advantages of a Public Cloud facility.
Dennis McCafferty of CIO Insight, in his 9/30/2014 article “Pros and Cons of the Private Cloud”, states that many large organizations have deployed a Private Cloud, but even more have tried a Public Cloud deployment.
Advantages of Hybrid Cloud and Private Cloud include:
Greater security
Customized control
Resource provisioning
https://www.bryley.com/wp-content/uploads/logo-340-300x79.png00Garin Livingstonehttps://www.bryley.com/wp-content/uploads/logo-340-300x79.pngGarin Livingstone2015-03-12 08:00:002017-06-20 08:48:36Pros and Cons of Private Cloud versus Public Cloud
Many Cloud-based services fall into one of these categories:
Productivity suites – Applications that help you be more productive
Storage – Storing, retrieving, and synchronizing files in the Cloud
Backup and Recovery – Backing-up data and being able to recover it
Prevention – Prevent malware, typically spam and related components
Each category is represented below in its own section.
1. Productivity suites
Productivity suites
Probably the segment with the heaviest hitters, Microsoft and Google are battling for supremacy; Microsoft was late to the Cloud, but is ramping up nicely with its Cloud-services sales exceeding $1B/year. However, Google still owns this segment with an estimated 33% to 50% of Cloud-based, productivity-suite users, mostly on the strength of its free Google Apps and Google Apps for Education, but also with paid subscriptions to Google Apps for Business and Google Apps for Government.
Microsoft built Office 365 on its popular, desktop-based, Microsoft Office suite which includes Outlook, Word, Excel, PowerPoint, and other applications. (The current versions are Office 2003, Office 2007, Office 2010, and Office 2013.) Microsoft Office users will find Office 365 familiar since most versions include the Microsoft Office suite, which can be downloaded to your PC and to other compatible devices.
Office 365 consists of these primary components:
Exchange Online – Email, calendar, contacts, and tasks
SharePoint Online – Document collaboration and management
Lync Online – Online meetings with instant messaging and desktop sharing
Office Web Apps – Cloud versions of Word, Excel, PowerPoint, and OneNote
Most versions of Office 365 also include:
Office suite – Outlook, Word, Excel, PowerPoint, etc.
SkyDrive – Cloud storage of documents
Full-feature versions range from $96/user per year to $240/user per year. Microsoft now offers its E1 plan free to qualifying non-profit organizations.
Google Apps are, and always were, Cloud-based; they did not start as applications installed onto your computer. As such, they are easy to use and maintain and they work on a wide variety of devices, from PCs to tablets to smartphones. On the downside, due to this setup, they have some functionality and usage limitations when compared to Microsoft Office applications.
Google Apps for Business has a “one size fits all” approach; you get all the features at $50/user per year. Google Apps for Business includes:
Gmail – Email with Google-powered search
Calendar – Schedule meetings, share calendars, get reminders
Drive – Store files in the Cloud and send files to colleagues
Docs – Create, share, and work-on documents
Sheets – Manage spreadsheet data
Slides – Create presentations
Comparing Productivity Suites
Both Office 365 and Google Apps for Business provide desired applications that are somewhat easy to use; while Microsoft relies on its huge base of Office users to consider switching to Office 365, Google lures its users in with its free versions of Google Apps and Google Apps for Education and then provides a simple upgrade to the paid version of Google Apps for Business (or Google Apps for Government).
Basic reasons to choose Microsoft Office 365:
Users are familiar and comfortable with Microsoft Office interface
Multiple plan options exist to fit your needs and budget
Greater functionality within applications
Basic reasons to choose Google Apps for Business:
Relatively inexpensive with only one plan to select
Storage often comes in a free version with separate professional/business (paid) versions that includes advanced features. The basic premise is that your data is stored in the Cloud – hopefully in a secure manner with sufficient redundancy – is available from any location on any device, and is synchronized between devices.
Most free versions offer these minimum features:
At least 2Gb of storage with synchronization across multiple computers
Easy access from mobile devices and PCs via downloadable client software
Direct access to files through a web browser
File sharing with other users
However, you typically must upgrade to a paid version to receive these capabilities:
Access control – Define and control who can access what, where, and when
Additional storage – Purchase extra storage once your limit is exceeded
Auditing – Identify and record what files are stored where and by whom
Integration – Integrate with other platforms (i.e.: Active Directory)
Security – Enable advanced encryption and security techniques
Popular services (alphabetically) include:
Box – 10 Gb free storage with NetSkope’s second-highest rating
Dropbox – 2 Gb free storage with over 200 million subscribers
Google Drive – 15 Gb free storage shared with Gmail and Google+ Photo
SkyDrive – 7 Gb free storage and integrated within Microsoft Office apps
Box
Box (www.Box.com) is a Q3-2013 leader in Forrester’s “File Sync & Share Platforms”. It offers a free version, but is built for professional use with available integration to Active Directory and LDAP, security with rotating encryption keys, access control, and auditing.
According to Netskope’s review of Cloud-based applications, Box was the second highest-scoring Cloud application, coming in the number two spot on the NetSkope Q3-2013 Cloud Report. (Please visit Netskope’shttp://www.netskope.com/reports-infographics/netskope-cloud-report-q3-2013 for the complete report.)
My take: Box is the most-comprehensive offering, but a bit more complex due to its advanced features. It is a serious choice for those that value advanced features (access control, auditing, integration, etc.) and are willing to pay to get them.
Dropbox
With over 200 million users, Dropbox (www.Dropbox.com) claims market leadership. It is built upon Amazon’s S3 storage and is easy to use. The free version offers 2 Gb, but there is a professional (Dropbox Pro) version with greater functionality (and storage) and a business version (Dropbox for Business) that offers team collaboration. All three versions offer synchronization and file-sharing; the help screens are brief, useful, and entertaining.
My take: Dropbox is the easiest and most-fun to use, but it has the least amount of free storage and its paid plans are a bit more expensive than others.
Google Drive
Google offers Google Drive (www.GoogleDrive.com) as a stand-alone service or bundled within Google Apps. The free version offers 15 Gb with synchronization among devices and sharing among peers. It is a no-frills alternative with little glitz, just reliable storage at reasonable cost. It is the base of Google Apps.
My take: Google Drive has fewer doodads and the least amount of whimsy, but it is reliable and offers the greatest amount of free storage.
SkyDrive
Microsoft offers its free version of SkyDrive (www.SkyDrive.com) with seven Gb plus an additional three Gb for students. SkyDrive is an option in newer versions of Microsoft Office and integrates to Facebook, Twitter, LinkedIn, and Bing. You can also “fetch” files from your base computer via web-browser on a remote computer.
My take: SkyDrive offers the most for the least, although there is some buzz about slow synchronization between devices. Its “fetch” feature is unique among these alternatives and its integration within Microsoft Office is a killer feature.
3. Backup and Recovery
Backup and Recovery automatically copies files and folders to an offsite location at periodic intervals. It is similar to Storage, but is unique in that these files are held separately, unchanged, for the purpose of restoration (recovery) if the original files become unavailable. Backups are typically encrypted and are somewhat resistant to malicious attacks; however, if the original files were infected before the backup process begins, the backup files will also be infected.
Recovery is the reason for backups. The most common recovery scenarios:
A user changes a document and then wishes to retrieve the previous version.
Changes are saved to a template document, rather than creating a new file.
An upgrade to an application fails and corrupts its data files.
Access is needed to a deleted file.
Popular, Cloud-based, Backup and Recovery services include (alphabetically):
Carbonite – Extremely popular; starts at $59.99/year per device
Mozy – Also well-known with prices starting at $5.99/month for up to 50Gb
SOS Online Backup – Starts at $9.99/month for 100Gb; unlimited devices
SugarSync – More synchronization than backup starting at $7.49/month
Carbonite
Carbonite is automated, encrypted, and easy to use. It is available for home users, but includes business-oriented plans. Home-user plans are per-device; each device is priced at $59.99/year with unlimited backup. Business plans start at $299.99/year with an unlimited number of devices.
Mozy is a subsidiary of EMC, a Fortune 500 company in Hopkinton, MA. Like Carbonite, they offer both home and business packages.
There is a free version, but most MozyHome plans start at $5.99/month per device with up to 50Gb. The business option, MozyPro, starts at $19.99/month for unlimited devices up to 50Gb; $26.98/month with servers.
Plans from SOS Online Backup do not restrict the number of devices, but their base plan is restricted to a single user starting at $9.99/month. Plans that include unlimited devices and unlimited users start at $99.99/month and include monitoring, password encryption, and phone support.
SugarSync is more of a folder-synchronization service than a backup service; it synchronizes a folder across multiple devices. SugarSync is user-based with plans starting at $7.49/month per user; multi-user plans start at $55/month.
My take: Of these four options, we hear more about Carbonite and Mozy than SOS Online Backup or SugarSync. Although SugarSync is popular, it is not as good a backup and restore solution as the other three.
Mozy has the deepest pockets with a large corporate partner, but Carbonite has, at this time, greater momentum. The monitoring and telephone support included with SOS Online Backup makes it attractive.
Bryley Systems offers our Backup/Disaster Recovery (BU/DR) service for servers; it is a monitored, secure, service hosted within our data-center in Hudson, MA with onsite appliance included. Please visit www.Bryley.com for details.
4. Prevention
Prevention is a necessary evil; it can slow end-point performance (since these tools are using computing resources to constantly scan for problems), but it is critical in keeping end-users safe from external threats like spam, malware, and viruses. Cloud-oriented Prevention includes:
Email protection – Control spam plus encrypt and archive emails
End-point security – Secure end-user computers against attacks
Web filtering – Prevent unauthorized access to undesired websites
Email protection is wholly Cloud-based, but end-point security tools usually deploy an application onto the end-user computer while web filtering requires at least an adjustment to (ie: setup a proxy server), or an application installed on, the end-user computer. We’ll cover only Cloud-based, email protection in this article.
Key issues for email-protection options include:
Administration – Easy setup and enforcement
Effectiveness – Works reliably and consistently
End-user interface – Intuitive, secure, and easy-to-use
Granularity – Allows multi-level policies and permissions
GMS was one of the best products at an excellent price of $12/user per year. In 2013, Google discontinued GMS as a stand-alone service and bundled it within Google Apps. Former GMS clients will retain the $12 pricing for a period of time, but will eventually pay the Google Apps for Business price of $50/user per year.
Visit http://www.google.com/postini/ for details on this transition.
McAfee SaaS Email Prevention and Continuity (MEPC)
Intel is currently rebranding McAfee within Intel Security; no timeframe on the conversion, but the McAfee logo (a red “M” on a shield) will remain associated with these services.
MEPC prevents spam, but also includes Continuity, which allows end-users to retrieve and send email even if their email service is unavailable; once the email service becomes available, all emails received and sent via MEPC are then resynchronized with the email service. The price is $27/user per year.
Microsoft provides email protection and archiving within its Office 365 suite, but also offers it as a stand–alone service under EOP, although it is directed solely at Exchange-based email. In addition to spam and malware prevention, you can establish content and policy-based filtering to ensure outbound emails do not violate company standards. Price is $12/user per year.
Proofpoint Essentials Business is a comprehensive offering that classifies security threats and then manages against their intrusion. Outbound filtering, content filtering, and 14-day spooling are included; archiving is also available. Proofpoint Essentials Business starts at $26.40/user per year.
Symantec recently acquired MessageLabs spam filter and rebranded it within their Symantec.cloud services under Email Security.cloud. It protects against targeted attacks, malware, spam, and the like using proprietary Skeptic™ technologies. Content filtering is included; email encryption is available.
