Infinity Network Solutions has partnered with LiquidFiles. Our partnership allows us to provide a solution to send and receive large files securely, fast, that has ease of use, manageable, flexible and is brandable.

A perfect solution for any professional office that sends large, confidential files. Excellent, competitively priced alternative to paid programs such as Citrix, ShareFile and Dropbox.

Features and benefits of LiquidFiles:

• Send and Receive Unlimited File Size — LiquidFiles does not have the very common 2 Gb file size limit common in competing solutions and cloud services. LiquidFiles is limited only by the disk size you assign to it, enabling you to send anything from DVDs to massive CAD drawings without having to worry about file size limitations.
• Transfer Speeds— Running a system on your own network is always going to be faster than a cloud service. When sending multi-gigabyte files, the transfer time can easily be several hours less, being the difference of getting there before close of business today instead of first thing tomorrow morning, like an old-school courier delivery.
• Security — When something is installed in your own network, in your security perimeter, in your control, with your security configuration. It will always match your security requirements with no questions raised of who might also get access to your secret and sensitive data. With Infinity Network Solution’s partnership with LiquidFiles you will feel safe that your data is secure.
• Branding — You can make LiquidFiles look like a complete internal solution with your own logos, colour scheme and no LiquidFiles branding on anything that your users, customers or partner sees. Every user visible text string and all emails sent from the system is changeable to your liking. You will look like a pro.
• Self-Managing — LiquidFiles is built to be as easy to use as it can possibly be, and as self-managing as possible. All files sent have an expiration date and will be automatically deleted at the time of expiration. You can assign roles based on LDAP/Active Directory Group belongings and almost all settings are configured on a per group basis and so on. All of this is to make ongoing maintenance a breeze with as little ongoing configuration as possible, leaving more time for you to focus on other things.

As a LiquidFiles partner, Infinity Network Solutions enjoy partner pricing and support from LiquidFiles to integrate the solution into our client’s environments to ensure happy joint customers and an overall integrated security capability.

The post SEND AND RECEIVE LARGE FILES SECURELY appeared first on Infinity Network Solutions.

2018 – The Year Of Strong Data Protection?

Privacy is quickly becoming a bigger factor in companies’ sales, according to Cisco’s 2018 Privacy Benchmark Maturity. Privacy policies are longer just legalese meant to keep companies out of trouble, because if done wrong, many businesses risk losing sales from potential customers.

Over 65% of the companies questioned by Cisco have already admitted that data privacy concerns are delaying their sales process. Over 90% of the companies reported delays up to 20 weeks, while the average delay was 7.8 weeks.

A significant number reported delays between 50 to 100 weeks. This means the sales process can take at least 1-2 years longer simply because their customers don’t feel satisfied with the companies’ existing focus on privacy.

The delays don’t just mean that the customers will buy the products later than they would otherwise, because some of them end up either not buying the product at all or buying it from a competitor. Therefore, bad privacy policies can lead not just to lost sales but also to a loss of market share to competitors’ benefit.

The study shows that the longest sales delays happened in Latin America (an average delay of 15.4 weeks), Mexico (13 weeks), and Japan (12.1 weeks). The shortest delays were reported in China (2.8 weeks) and Russia (3.3 weeks).

In terms of industry, government and healthcare sales saw the biggest delays due to cybersecurity and privacy concerns.

Privacy-Immature Companies Most At Risk

The report also found that companies that didn’t take privacy too seriously were the most impacted by these delays. Cisco benchmarked the privacy-maturity of companies based on standards defined by the  American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA). These standards are defined as follows:

1.  Ad hoc — Privacy procedures or processes are generally informal, incomplete, and inconsistently applied.
2. Repeatable — Privacy procedures or processes exist; however, they are not fully documented and do not cover all relevant aspects.
3. Defined — Privacy procedures and processes are fully documented and implemented, and cover all relevant aspects.
4. Managed — Reviews are conducted to assess the effectiveness of the privacy controls in place.
5. Optimized — Regular review and feedback are used to ensure continuous improvement towards optimization of privacy processes

Companies that had a “defined” privacy procedures, saw a 70% improvement in sale processes compared to the companies that had “ad hoc” or informal and incomplete privacy procedures.

Privacy-Mature Companies Are More Secure

Companies that are privacy-mature are not only seeing much shorter sales processes, but are also more protected against data breaches. Only 39% of the privacy-mature companies saw losses of over $500,000 compared to the 74% of the privacy-immature companies. According to Cisco, the lower damages that privacy-mature companies see may also have something to do with them gathering less data than the immature companies.

As hackers become more sophisticated in breaking into large organizations, it may be a good idea for companies to treat customer data as more of a liability than an asset, at least data that isn’t required for the functioning of the product or service. Then, if a data breach does happen, at least the damage will be minimized and the companies won’t have to suffer as large of a hit to their public image.

Maersk Chair: Companies Need To Stop Being Naive About Cybersecurity

Recently, the giant shipping company Maersk suffered a devastating cyber attack through the NotPetya malware. After the attack, the company had to essentially replace its whole infrastructure and reinstall 45,000 PCs and 4,000 servers. This task, which the chair Jim Hagemann Snabe said would have normally taken six months, was performed in a record 10 days. However, even though getting rid of NotPetya from its large infrastructure took a relatively small amount of time, this single attack still ended-up costing the company $250-$300 million, part of which was due to losing 20% of the sales in that period.

At the World Economic Forum in Davos, Snabe said that this incident should be a significant “wake-up call” for every company out there, because it could be them next. He also talked about three important lessons that the company learned during this whole incident:

1. Cybersecurity needs to become their competitive advantage, and being mediocre like everyone else is no longer enough. This is a lesson he argued more companies should learn sooner rather than later.
2. Companies need to stop being naive about cybersecurity. Many companies will experience their own similar data breaches in the future if they don’t treat cybersecurity in a more proactive, rather than reactive way.
3. There is a need for a radical new and more secure infrastructure for the internet, as everything we do becomes more digitized, and thus more at risk of suffering cyber attacks.

This year may be the year when do get this wake-up call that cyber security and data privacy and protection is important not just for the customers who give their data away to the companies, but also for the companies themselves if they don’t want to lose sales of suffer major disruptions because of poor data protection procedures.

by Lucian Armasu January 26, 2018 at 10:10 AM – Source: Cisco

The post Cisco Report: Bad Privacy, Cybersecurity Procedures Causing Companies To Lose Sales appeared first on Infinity Network Solutions.

To varying degrees, the flaws affect processors found in virtually all computers and phones, and could allow an attacker to access data stored in a device’s memory that should typically remain private.

The researchers announced the discovery publicly this week — calling the two bugs Meltdown and Spectre — and warned the security of everything from passwords and encryption keys to documents and photos could be at risk.

‘One of the worst CPU bugs ever found’
But while the problem is serious, and an inherent part of how most modern computer processors are designed to function, there are already efforts to minimize the impact and help you get on with your life.

What do I need to do?

For most people, the same advice as usual applies: Make sure the applications and operating systems on your phones, laptops, and other devices are up to date.

If you’re using a Mac, iPhone, iPad, or Apple TV, Apple recently rolled out an update that attempts to mitigate the problem, with more fixes on the way, according to the company.

Google says the latest version of Android already contains the necessary fixes, while Microsoft pushed out an automatic update for Windows users Wednesday night.

Computers running Microsoft’s Windows operating system should automatically receive a software update designed to mitigate the Meltdown flaw disclosed by researchers this week.

PC users will also require a separate CPU update from whoever made their device (for example, Lenovo or HP). “By the end of next week, Intel expects to have issued updates for more than 90 percent of processor products introduced within the past five years,” the chipmaker said in a press release.

You’ll also want to update apps like your web browser and anti-virus software when they become available. Developers are beginning to roll out fixes to make it more difficult for sensitive user data to be accessed.

What are these updates trying to fix?

The two flaws let attackers access parts of a computer’s memory that they shouldn’t normally have access to, by abusing the way that computer processors are designed to handle information more quickly.

One of the flaws, called Meltdown, allowed the researchers to access data stored in the kernel — the core of a computer’s operating system, which runs in a protected part of a computer’s memory, and effectively watches over everything your computer does.

By design, applications can’t access the kernel, a protection that’s built into the hardware of the CPU itself. But the researchers found a way around that, giving them access to the kernel and, from there, any data stored in a computer’s memory — which could include everything from passwords to photos. This attack has only been found to work on processors made by Intel.

“The bug basically melts security boundaries which are normally enforced by the hardware,” the researchers wrote.

HOLIDAY SHOPPING

One of the software flaws identified by researchers only affects processors made by Intel, while the other affects AMD and Intel chips as well. The processors are found in virtually all modern phones, computers, and servers.

The other flaw, called Spectre, allowed researchers to target data that applications store in a computer’s memory directly (typically, applications can’t access the memory used by other applications).

It’s related to Meltdown, but differs in a number of ways that the researchers detail in a pair of technical papers. This attack was found to work on Intel, AMD, and even ARM processors, which are commonly used in mobile devices such as smartphones and tablets.

How would someone attack?

The same way that most other types of attacks work: by gaining access to your computer.

As such, the usual advice for dealing with malicious software applies here too. Install updates when they become available, and always scrutinize the apps you install, the files you open, and the links you click.

But everything will be fine now, right?

Sort of. While Meltdown can be patched, Spectre will be much more difficult to defend against long-term because of the way that CPUs are designed — and that’s worrying, because it’s the vulnerability that affects a far wider range of chips.

The researchers say any Spectre-specific software patches for applications, operating systems or CPUs should be considered stopgaps while more research takes place.

“As it is not easy to fix, it will haunt us for quite some time,” the researchers wrote.

All of the big cloud providers — Amazon, Google and Microsoft — say their systems have been updated to help prevent Meltdown-style attacks, but customers are being advised to patch their own systems as well.

Who’s most at risk?
Home users aren’t at any more risk than usual when new bugs and flaws are discovered, as long as you install your updates.

For cloud computing providers on the other hand, this is a nightmare scenario.

In the cloud, multiple customers typically share the resources of a more powerful computer by running their applications and services in a so-called virtual machines. However, the researchers warn Meltdown can be used to access data from beyond the virtual machine — data from the host computer, or even inside other customers’ virtual machines.

All of the big cloud providers — Amazon, Google and Microsoft — say their systems have been updated to prevent Meltdown-style attacks, but customers are being advised to patch their own systems as well.

Why do these issues even exist?  The researchers sum it up pretty nicely in one of their papers: “The vulnerabilities in this paper, as well as many others, arise from a longstanding focus in the technology industry on maximizing performance” — but at the expense of security.

In fact, the flaws detailed by researchers this week are so fundamental to the design of modern processors that the only way to truly prevent any attacks is for Intel, AMD and ARM to redesign their chips. In fact, the Software Engineering Institute’s Computer Emergency Response Team (CERT) was especially blunt in its proposed solution: Get a new CPU.

Of course, that’s not going to be practical for most people and businesses, and so hardware and software companies are attempting to mitigate the two flaws’ effects with software updates the best they can.

By Matthew Braga, CBC News Posted: Jan 04, 2018 4:11 PM ET

The post The device you’re using right now has a big security flaw — but you don’t have to panic appeared first on Infinity Network Solutions.

The post The 3 Organizing Principles of Digital Transformation appeared first on Infinity Network Solutions.

They remained a steady tactic used by cybercriminals throughout the first half of 2017, according to the Phishing Activity Trends Report recently released by the Anti-Phishing Working Group (APWG), an international coalition of industry, government, law enforcement and nongovernmental organizations.

In phishing attacks, scammers use fraudulent websites and false emails. Perpetrators attempt to steal personal data, most commonly passwords and credit card information.

The number of unique phishing email campaigns averaged around 98,000 per month in the first half of 2017, with a spike of 121,000 in March. The spike may have been tied to an upswing in the W-2 email phishing scam that the IRS warned about in February. The APWG report contained a number of interesting insights on phishing activity so far this year.

Those launching phishing attacks continued a years-long trend of focusing on only a few hundred companies at a time. This limited scope reflects the additional time and money needed to carry out a successful phishing attack.

Those organizations in the bullseye are attacked on a regular basis from every few weeks to every day, with a small group of firms being targeted more intermittently.

The Industries Targeted Most by Phishing

Among industries targeted by phishing cybercriminals, the payment industry was in the crosshairs 45 percent of the time, with the financial industry and Software as a Service/webmail industry filling out the top three at 16 percent and 15 percent, respectively.

This is a big upsurge in focus on the payment industry, which accounted for only 11 percent of phishing attacks in the fourth quarter of 2016, according to an earlier APWG report.

Attackers are increasingly using free hosting providers as one of the resources to build their campaigns, notes APWG contributor Crane Hassold, manager of threat intelligence for PhishLabs.

“These free hosts are not only easy and cheap to use, but they also allow threat actors to create subdomains spoofing a targeted brand, resulting in a more legitimate-looking phishing site,” Hassold says in the APWG report.

While the total numbers of free hosting-based attacks increased from 1,323 in January to 1,939 in June, the use of free hosting services continued to trend at about 10 percent of the total number of attacks each month.

APWG contributor Axur, a digital risk monitoring company located in Brazil, notes the heavy use of social media platforms such as Facebook, Instagram, LinkedIn and YouTube as phishing attack vectors in South America. Many of these attacks involve users being served up fake login pages that collect username and password information. These platforms accounted for about 39 percent of all phishing attacks among Latin American countries in the second quarter of 2017.

Alexander Slagg, Biz Tech, www.biztechmagazine.com

The post Why Phishing Attacks Persist Despite Increased Awareness appeared first on Infinity Network Solutions.