Imagine you came into work one morning, turned on your computer, and wasn’t able to access your company’s network. You may think the wifi is down or there’s a blip in the Ethernet, but then you start getting flooded with phone calls from other employees: They can’t access anything on their mobile phones, tablets, laptops … anything that requires connectivity to your company’s network. No matter what your IT team does, you’re still locked out of your network, servers, and applications.
This isn’t just any outage – it’s a Distributed Denial of Service cyberattack (DDoS), and it’s happening more and more frequently. You need to make sure you’re ready for it – otherwise you could face a tremendous disruption in business, lose money, and have to rebuild trust with your employees, customers, and clients.
DDoS attacks use junk data, usually sent from compromised machines or devices, to render a network, server, or application unavailable to legitimate users.
How can this happen? Increasingly, unsecured Internet of Things (IoT) devices such as video cameras are the source of this attack data. The more devices that are reliant on an internet connection, the easier it is becoming for bad actors to use these types of attacks to penetrate your IT environment and exploit your data. IoT isn’t going away – a recent study by PricewaterhouseCoopers (PwC) finds 63 percent of companies are planning to deploy IoT devices in the next year. IoT devices are estimated to grow from 20 billion last year to 51 billion by 2023.
You may think the answer is simple – secure IoT devices. The same PwC study also found that two-thirds of companies surveyed have an IoT security strategy in place or currently are implementing one to address the emerging risks of these devices. However, it isn’t so simple. The security mechanisms on IoT devices often are disabled by default, and security patches for the systems often are unused, allowing attackers to compromise them and use their collective bandwidth to steal your data. The distributed supply chain in which IoT devices are created and sold adds to the problem. There are three major players in IoT device manufacturing and selling:
Layer 1 is busy making the next chip, while Layer 2 is upgrading its product to work with the next chip. Maintaining older chips and products aren’t a priority. Even if you have a brand new smart watch, chances are the software components are four to five years old. The result is that hundreds of millions of devices are sitting on the Internet, unpatched and insecure. Hackers know this, and they’re working tirelessly to exploit this weakness and launch cyberattacks.
Despite the growing risk, the majority of attacks remain under the radar. Experts are finding that criminal DDoS attacks driven by extortion are coming to the fore once again. Hackers often contact businesses at a large scale and demand a bitcoin payment to prevent a DDoS. The majority of extortion attempts likely go unreported and uninvestigated. One trend fueling the rise of DDoS-extortion threats is the availability of DDoS-as-a-service. Cybercriminals rent their botnet to anyone willing to pay as little as a few dollars an hour, meaning no technical ability is required to launch attacks.
Lawmakers and regulators are trying to pressure companies to strengthen the IoT security. A bipartisan group of senators introduced a bill recently that would set security standards for IoT devices. In January, the Federal Trade Commission fined VTech Holdings Ltd. $650,000 for “failing to use reasonable and appropriate data measures” for an internet-connected toy.
As we’ve seen before, though, legislation and regulation take time to go into effect. Hackers aren’t waiting, and neither should you. How can you start to close the door on DDoS attacks on your enterprise?
First and foremost, you need to understand what’s critical to your business through a vulnerability assessment. Vulnerability assessments aren’t an opportunity to play the blame game. It’s an audit of what you have today in order to plan for a more secure tomorrow. Then, look for a managed security services provider like US Cloud which has endpoint security services that will ensure any device that is accessing your network won’t be susceptible to hackers trying to penetrate your enterprise’s defenses.
Using our next-generation anti-virus and activity recording for all your endpoints, US Cloud comprehensively monitors and protects your operating systems and infrastructure from cyberthreats. Contact US Cloud and get a quote today to ensure you’re not the next victim of a DDoS attack.
SharePoint is packed with features, and once you connect to the SharePoint Store or Office 365 you’ll see there’s a rich ecosystem with thousands of products. It’s been described as a 12 billion dollar ecosystem just a few years ago.
Here are nine free tools that could be useful as an administrator.
Contact the SharePoint experts at US Cloud for more SharePoint consulting, SharePoint support, SharePoint migration services, SharePoint dev … SharePoint Everything™.
US Cloud™ has been working with Microsoft for 20+ years (time flies when you’re having fun) and we’ve been able to provide a cost-effective alternative for their prospective Premier (or Unified) Support customers who need all-USA-based support and more cost-efficient support.
We’ve been hearing from a lot of folks lately that when they are asking Microsoft for help with SQL Server, System Center Configuration Manager (SCCM), System Center Operations Manager (SCOM), or when they want a Technical Account Manager (TAM), SAM, or Dedicated Support Engineer (DSE), Microsoft is only including that level of support with the purchase of a supersized amount of support hours.
If you don’t need that many hours, you are still forced to purchase that amount in order to get the specific support level needed.
US Cloud can customize a support strategy to provide exactly what you need. Whether that is a prepaid bank of support hours for a specific project, a more encompassing safety net to provide support for your entire Microsoft stack at an hourly rate, or a monthly subscription plan for support as a service, US Cloud’s expert, 24/7, all-USA-based Microsoft support is available on premises or in any cloud.
So, for example, if you’re looking for SCCM and SCOM help, but only need a fraction of the support hours that Microsoft is requiring you to purchase in order to get SCCM and SCOM support, US Cloud can provide a hourly rate for that project so that you get exactly the kind and exactly the amount of support you need.
Or, if you’re looking for a ‘in case of emergency break glass’ package of support for your Microsoft stack, but you don’t need the amount of hours Microsoft is requiring you to purchase in order to get a TAM or DSE, or you don’t need the amount of hours Microsoft is requiring you to purchase to ensure that your support tickets are not being outsourced overseas, US Cloud can provide a hourly rate for that level of coverage so that you can control support costs and get a better support experience.
Contact US Cloud to discuss your unique needs.
As we continue to grow, we’re thrilled to to bring on Jay Kladiva as the new Director of Managed Services.
Jay started Oct. 30 and oversees the managed IT services department, steering the company’s hub of operations as it continues to scale with the booming cloud and cybersecurity industry. He will grow internal knowledge bases, mentor staff, and help transform clients into promoters.
Jay previously worked for Energizer Holdings, Inc., where he spent the last 11 years working his way up from Application Development Manager, to Global Platform Services Manager, and then to Infrastructure Director. He managed the operating budget for all infrastructure and led teams responsible for server operations, data centers, networking, end-user computing, enterprise architecture, IT security, voice, and the service desk to support global manufacturing, business objectives and daily operations. Additionally, Jay was a key leader in the successful separation of Energizer into two publicly traded companies on an aggressive 14-month timeline.
Prior to his time at Energizer, Jay served as Senior Consultant, Technical Architect for Daugherty Business Solutions where he led the transition of the practice from VB/COM to .NET. He also has experience as the Manger, Systems Architecture at Arthur Andersen. Jay also worked at Quilogy and Halliburton early in his career.
Jay earned a bachelor’s degree in Engineering and a master’s degree in Engineering Management from Missouri University of Science and Technology.
Sister companies Fpweb.net and US Cyber Vault have rebranded as US Cloud™, a global managed cloud provider headquartered in St. Louis, Missouri.
With its 100 percent USA-based, 24/7 Cloud Keeper™ support, US Cloud helps companies start or continue their digital transformation by simplifying their infrastructure, unburdening their team, and protecting their brand. US Cloud’s technology with altitude™ services enable a multi-cloud hybrid IT and include cloud computing, management and security services.
Cloud computing services at US Cloud include Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Services (SaaS). Cloud servers and more traditional dedicated hosting and colocation are also available to bridge data center capacity expansion or retraction needs.
US Cloud’s management services cover public, hosted private and on-premises private clouds. More specifically, the architecture, integration and management of a multi-cloud hybrid IT environment is provided. US Cloud management services help customers identify what workloads and assets are best suited for a particular cloud and how to securely integrate them with the rest of the infrastructure.
US Cloud’s security services include risk assessment, architecture and managed services. Risk assessment services identify threats via penetration testing and network vulnerability discovery. Security architecture, implementation, and remediation services align technology, risk, and budget short-term while meeting long-term security roadmap goals. US Cloud managed security services rounds out the security portfolio by allowing a business to extend their security team or tools without the need to hire or buy hardware.
US Cloud technology partners include Microsoft, Google, IBM, Amazon, Cisco, Oracle, HPE, Salesforce, VMware, SAP, Dell, Palo Alto Networks and FireEye.
“In 2015, I wanted to build something special on top of what Fpweb and US Cyber Vault were all about – phenomenal customer service and protecting brands and data,” said the companies’ Founder and CEO Robert E. LaMear IV. “As the rush to cloud accelerates, so do all the problems. Hence US Cloud was born. But I soon realized I was missing the most important piece to build a new world-class organization, the people. I started a two-year national search to bring together the most brilliant and passionate technologists in the country. I’m excited and proud to report, mission accomplished.”
Founded in 1996, Fpweb has been the first to host every version of Microsoft SharePoint in the cloud and has managed 1.9 billion SharePoint logins since 1999. US Cloud will continue to provide Microsoft-based technology solutions as part of its services portfolio.
US Cyber Vault was launched in 2015 to build a cybersecurity container to protect a company’s data, brand, and reputation, while also trapping cyber criminals who attack the platform. US Cloud combines those next generation tools with USA-based cyberdefense experts to protect, detect, and respond to threats in real time.
US Cloud is focused on bringing enterprise-class strategy, support, and security to its clients’ cloud or on-premises environments. US Cloud is compliance ready for SSAE16, ITAR, HIPAA, PCI, SOX, NIST, and FedRAMP.
And for every $100 of new business spent with US Cloud, US Cloud donates $2 to charity: water, a non-profit organization bringing clean and safe drinking water to people in developing countries. 100 percent of the money is used to build clean water projects.