5 Steps For
Implementing A Successful HIPAA Compliance Plan

We’ve all heard about HIPAA compliance and
what we need to do to ensure our use of technology meets up-to-date
regulations. But with the healthcare industry continually evolving, this means that
rules and regulations are as well.

With these constant changes, every healthcare-related
organization must have a game plan in place to remain compliant. Here are five
ways to create, adjust, and implement a HIPAA Compliance Plan.

  1. Designate a Privacy and Security Officer –
    This can be your IT Managed Services Provider (MSP) or an employee who ensures
    your company remains compliant. This is a foundational building block for your
    compliance success. Hiring an individual or Managed IT Provider who has a track
    record of success is critical for HIPAA compliance.
  • Perform a Risk Assessment – This is an overall
    review of both macro and micro levels to ensure your electronic protected
    health information (ePHI) is secure. This is a mandatory aspect of any
    healthcare organization’s compliance endeavors. Not only is it mandatory, but
    it’s the foundation for implementing safeguards to better protect your
    organization.
  • Implement Policies and Procedures – You must
    provide your employees, and anyone who handles your sensitive information, a
    blueprint explaining the do's and don'ts when it comes to HIPAA compliance. Your
    blueprint must continuously be updated and adjusted as you implement your
    compliance planning. For example, encryption is necessary to protect electronic
    protected health information (ePHI). This is an extra layer of security,
    comparable to an unbreakable password. Other standard procedures like locking a
    laptop when it’s not in use should be included in your policies and procedures.
    There are other examples where policies and procedures will help ensure HIPAA
    compliance.
  • Train Your Employees – Security Awareness
    Training for your employees should be implemented to ensure everyone in the
    organization understands your policies and procedures.  The best plan in the world can be ruined by an
    employee who doesn't understand what they can or cannot, should or should not
    do.  Take the time to train them on best
    practices for handling sensitive information and what constitutes a HIPAA
    violation. This is also a mandatory aspect of HIPAA compliance.
  • Develop and Implement an Incident Response
    Plan – What if you’ve done everything that you should? Everything is in place –
    you’ve “checked all the boxes” but you still experience a breach?  Report it! — Have a plan in place to identify
    and respond to a threat. Once the source is identified, stopped, and
    documented, it must be reported. From this point on, you should have a prevention
    plan in place to ensure a breach doesn’t occur again.

What Can You
Take From This?

Healthcare organizations are exposed to daily
dangers and threats to their HIPAA compliance status. With the right plan in
place, you have a chance to protect your practice or business from security
threats and violations.

Create a HIPAA Compliance Plan, and most
importantly, train your employees about IT security best practices. Remember to
always report incidents and regularly evaluate your organization’s HIPAA
compliance regulations and practices to consistently improve your IT security
posture.

Sources:

https://www.nuemd.com/blog/5-steps-implementing-successful-hipaa-compliance-plan


Strengthen HIPAA Mobile Security Policies



Please prove you are human by selecting the Star.

.

Four Tips Choosing the Right HIPAA Compliant EHR



Please prove you are human by selecting the Flag.

.


For More Information

To expand on this series of blog posts, The way we do business is evolving and we have reached a tipping point! More and more businesses are doing services in the “cloud” then on-premise and that trend are likely to expand. So then that begs the question, why do I need I.T. people? Surely abc cloud company has its own I.T. staff and I can call them when I have a problem.It is true that many cloud-based companies in a way to entice you to come on board. They will claim that you can cut out your on-premise I.T. people for their experts. The truth is they can help you to an extent, you see they are an expert in their business and their software. Many take the position well it is cloud-based so all you need is a browser and the internet.
They fail to recognize:

  • Your environment may be unique
  • Your staff may be unique
  • The interaction you need with other software

Furthermore, they do not have a relationship with you or your organization. Your first interaction with the company is through the sales person whose job is to on board you. Ultimately when something fails outside the scope of their service and skills. Or they can not remotely solve your issues they will ask you to get an I.T. person
Underdog Computer and Network Support LLC, works with different companies. We work both in the cloud and on premise. We help you identify, plan and secure your environment. We help you connect all the pieces of your business together. And we provide a single point of contact. We provide a single solution not finger pointing.

Just about everything you do these days for business is “in the cloud”. From email and productivity suites like office 365 or google apps for work. To line of business applications. But did you know? If you read the fine print your data is not being backed up by the vendor. While they have huge data centers and redundant servers they may not ever lose your data. But the chances are still there. For instance, if you are using Office 365 for email, and one drive of SharePoint for storage. If you accidentally delete an email or a file gets deleted there is no way of getting that information back! Cloud to Cloud backup solutions are becoming more popular and

Underdog Computer and Network Support has the solution for you! Call Today or Click below to schedule us to call you!

Underdog Computer and Network Support. Helping small businesses frustrated with technology become more stable, productive and profitable. 570-634-5350.

Cyber Hygiene is Important for your Business's Overall Security

Oh hello there! I am currently taking care of some personal hygiene! That’s better, Hello this is Carmine Corridore of Underdog Computer and Network Support with another Video Blog! This week we will be talking about Cyber Hygiene!

Let’s Get Started!

Everyone understands what it means to use personal hygiene and why we do it. Let’s take a quick peak at Typhoid Mary

In the early 1900’s Mary Mallon worked as a cook for many wealthy NYC families. In 1906 she took a position with an Oyster Bay family and within 2 weeks 10 family members were hospitalized with Typhoid. She changed jobs and in three more households similar occurrences.

In late 1906 one of the families hired a Typhoid researcher named George Soper to investigate. What he discovered Mary Mallon was present at each and every outbreak from NYC all the way to Oyster Bay. She went on to infect several more people before she was captured and confined to quartantine for the rest of her lift.

It was discovered by washing hands with soap before touching and preparing food. Washing dishes with soap and water. Frequently bathing with soap and water and clean clothes were all ways to reduce the risk of typhoid. They developed personal hygiene habits that not only protected you from typhoid but lowered your risk of then spreading a virus that caused death to others.

How does that relate to Cyber Hygiene? Cyber Hygiene is a good practice to keeping your computer systems clean which will reduce the risk of you being hacked, getting Viruses and spreading viruses to others. So what is considered Good Cyber Hygiene?

  • Patched Systems, a system that has all their security updates, software holes patched, drivers up to date. Make it much harder for hackers to find a way into your system

  • Computer Monitoring and event monitoring – a consistent watching of logs and behaviors of your computer can help you predict when something is not normal

  • Next Gen Business Class Antivirus. Antivirus is good but it’s your fathers antivirus and most are signature based antivirus which is an old and ineffective way of staying secure. Next Gen Antivirus uses machine learning to predict when something is a virus

  • Next Gen Business Class firewalls. All firewalls are not made equally, there are consumer grade firewalls that are not built to handle sensitive business traffic. Next Gen firewalls like the antivirus uses machine learning and go hand in hand with the antivirus to predict unwanted traffic and thus turning it away

This is just a start to good cyber hygiene, if you are not an IT professional you can’t possibly dedicate the time necessary to making sure you have good cyber hygiene. This is not a once and done practice, it needs to be done constantly. You need to have a professional that understands and practices Good Cyber Hygiene.

I hear all the time; we have “throw away computers” everything we do is in the cloud so the computers don’t really do anything. That couldn’t be further from the truth. The fact is your computer is the weakest link. If your computer is not up to date with everything hackers can compromise your system get in and then have an open door to your cloud based system.

Furthermore if you have customer data or worst if you connect directly with customers system you are in fact opening them up to risk.

I just recently heard the story of the Target store crash. They determined the root cause of the problem was their HVAC vendor had a compromised system and when he connected to their network he infected them. He basically became Typhoid Mary!

 

Cyber Threats need to be taken seriously especially in the day of “Throw away computers” and cloud based systems. You need a Cyber Security Partner that not only understands but practices good Cyber Hygiene.

Underdog Computer and Network Support is such a partner and as the areas only Managed CIO we specialize in CyberSecurity.

Don’t be Typhoid Mary, call Underdog Today and Never Fear, We Fix I.T. Here!

The Future of Big Data and the Legal Industry

Is your Law Firm ready for the future?

There’s no doubt that Big Data, Data Mining, and Machine Learning have changed every industry on the planet. Recent political campaigns were won by experts who knew how to use all data available regarding key factors. Many were surprised to learn how certain types of information could guide a political campaign down the pathway to a big win.

Data analytics now used in many industries

Data analytics has been used in the field of sports for many years. This is perhaps one of the first industries to fully embrace this concept. All professional sports organizations use volumes of data to understand past performances of rival teams. They analyze every bit of the information available to discover a competing team’s weaknesses. Then they use that information to build an arsenal of both offensive and defensive strategies.

It’s natural that the legal profession would want to gain the upper hand in this same manner. And, that is exactly what’s taken place in the last few years. Now we have teams who are experts in both technology and the law. Using the most sophisticated tools available, they decipher every morsel of legal information, including trial outcomes, court decisions, witness testimony, precedents and much more. This gives their side the competitive advantage.

However, the issues that the legal system faces differ a great deal from those of other industries. A sports team analyzes things like various plays and the results of those actions. In the legal field, every trial generates huge amounts of data. From the trial transcripts to the expert witnesses, the sheer volume of data sets the legal field apart from most other industries.

How legal data differs

Last year, in the US alone, there were over 350,000 cases brought to court. And legal data is highly complex. It contains legal nuances that are hard to explain to most people, much less a computer program. Trial outcomes typically occur as a result of hard evidence, but sometimes they are a result of emotional juries. Since juries are made up of human beings, it’s very hard to predict with accuracy what they will do in any given situation. That’s the goal of trial science.

In the past, America has held very public trials for popular athletes accused of crimes like assault or even murder. All the evidence might point to the suspect being guilty. And yet, the jury had a previous emotional connection with the athlete because they enjoyed watching him play sports. Even with overwhelming evidence of guilt, the jury ruled that he was innocent.

How do you explain that type of irrational thinking to a computer? How will artificial intelligence deal with anomalies like this? These are just a few of the questions facing today’s data-driven attorneys. Though big data offers a world of opportunities, it also represents a substantial challenge even to the best legal researchers.

How to produce the richest data

Today’s legal technology experts are continuously adding new information to their databases. Every trial and verdict is a new piece of information that the AI will use to build its intelligence platform. In fact, millions of pieces of data are added daily to the repository. These massive blocks of data require high-speed processors. Much of this is accomplished using data-parsing technology.

This process cleans raw data, refines and enhances it, and structures the data so it offers maximum insight to users. For instance, one program allows searchers to look at the decisions specific judges made in the past. This helps them build a profile of that judge’s legal philosophies. With great accuracy, these programs can predict how a judge will rule in a certain type of court case. Imagine being able to know with some degree of certainty, how a judge might rule on a specific case before the trial even begins.

Endless possibilities

The possibilities this technology provides are endless and offer a wealth of valuable information to attorneys. As the future unfolds for the legal field, experts believe that advanced technology will be used in every part of the law.

Of course, today it’s being used primarily by legal teams that want to win cases. There are often substantial financial reasons for wanting to win a big case. Today’s attorneys understand that clients are looking for the best team of lawyers. They want to work with the brightest people–winners. But, there’s more than just money on the line; a law firm is building its reputation as well. They want to build their brand to the place where their name is a byword in the legal world.

Refining the legal world

These are natural reasons for wanting to win at anything. However, many experts believe the future of legal technology holds much more than this. They believe the legal field can evolve into a much more fair, accurate and profitable industry. As a society, we can begin to get things right when it comes to verdicts in big cases. We can move past the place where known murderers are freed over a technicality. This is not a pipe dream for many in the legal field, it’s a destiny that must be achieved for our legal system to continue moving forward.

Perfecting a complex legal system

From making new laws to enforcing old ones, data mining and machine learning have the potential to show us where our society’s legal system has failed in the past. We can clearly see what has worked and what hasn’t. We can use this knowledge to move forward in a better direction. Unfair laws could be changed, and unfair verdicts could be a thing of the past.

That’s the hope of every reputable attorney. Today, we may use data mining and AI to gain a better advantage in a trial. Tomorrow, we may use them to mold our legal system into a fine-tuned instrument that delivers correct verdicts every time, and at a third of the cost

Call Underdog Computer and Network Support LLC. Today for a No Strings Attached Business Technology Assessment. 570-634-5350










Not Feeling the Love from my Current IT ProviderBeing Billed Too Much for what they are providingJust an Honest Second OpinionWe Want you to take over our Service



Please prove you are human by selecting the Key.




Want to Know More?

Free E-Book Download Lawyers Guide to Preventing Technology Headaches

When Looking for Reliable I.T. Look for a Manged CIO

How Can You Find A Reliable IT Support Company That Will Customize Their Services To Meet Your Business Needs?

This isn’t a fairy tale. It’s a true story. 

 

Once upon a time, in a story that might sound awfully familiar, there was a business owner who wanted to find a trustworthy and reliable technology support provider. First, she tried this IT company.But they never returned her phone calls.

Then she tried another IT company.  But their prices were way too high.

 

Finally, she found an IT company that would customize their services especially for her business. And it was just right.  Now, what’s the moral of the story? Don’t put your trust in just any IT company. But, how do you begin your search?

 

How long have they been in business?  How large is their IT company?

 

Don’t use any company with less than three years of experience in the solutions you use. This will weed out a few right away.

 If it’s a small IT company, your business will probably be higher on their priority list, although, large IT companies can offer a broader base of experience and knowledge.  Their resources will be more expansive as well. It’s up to you to weigh the pros and cons here according to your organization’s requirements.  

What are their IT staff’s qualifications and certifications?

A reliable IT provider should have lots of info regarding the certifications their technicians hold. Why are certifications important?

According to CIO magazine, using certified professionals is beneficial to your business:

 

“44 percent of IT decision-makers say certifications result in employees performing work faster, 33 percent said it results in more efficiency when implementing systems and 23 percent say it helps deploy products and services faster with fewer errors.” 

 

If you use both Apple and Microsoft solutions, make sure they are certified on both. 

 

Also, ask if they provide continuing education for their techs. Do they attend industry events to update their skillsets?

 

Have they served businesses in your industry? Can they support the applications you use?

 

Ideally, your technology support provider should have experience in what you do. Find out if they’ve worked in industries and with businesses of the same size. Ask them for a reference list of customers from your industry to be sure.  If not, determine if the work they’ve performed for others may align with your needs.

 

Also, think about your employees, the type of work they do, and which applications they access in the typical workday. Can the IT company support these applications?

 

You may use specially-built applications to handle workflows. Your IT provider should understand how your business works, the technology you use, and be able to support it.

 

How will they help you grow your business with technology? Do they offer outsourced CIO services?

 

Ask how they’ll help to support your growth goals. Just as you have a one-year, three-year, or five-year business plan, they should provide strategic IT planning that aligns with your business objectives.

 

An Outsourced CIO will ensure that your technology meets your growing business demands. 

  • They will develop a thorough understanding of your company and technology infrastructure.
  • Offer suggestions for new IT solutions that can promote your success.
  • Develop an IT Strategic Plan that aligns with your goals and your budget.
  • Perform ongoing evaluations and performance metrics to ensure your business stays on track with your tactical technology plan.

 What kind of service can you expect? 

  • Do they offer 24/7 service with a live person on the other end of the phone, chat, or email?
  • Is their help desk staff qualified to address your issues right away?
  • Will they remotely monitor and maintain your IT system 24/7?
  • If they can’t fix your problems remotely, how long will it take for a technician to come to your site? Is this backed by a written Service Level Agreement?

What is and isn’t covered in their contract?

 

Do they provide fixed-fee services? What’s included? Find out what they don’t offer that you might require. 

 

Are there extra costs for services, and if so, how much are they? You deserve a reliable IT partner who will work to provide an IT system that’s secure, efficient, and increases your staff’s productivity.

 

What about cybersecurity? How will they protect your IT assets and data? 

  • Be sure they provide a layered cybersecurity solution to protect all of your computers and network from unauthorized access, malware, spam, viruses and other forms of cybercrime.
  • Will they provide Security Awareness Training for your employees to ensure they don’t fall victim to hackers and phishing emails?
  • Will they remotely monitor your network for security threats on a 24/7 basis, block these threats and eliminate them?
  • Do they provide vulnerability assessments?
  • If you are in healthcare, are they HIPAA compliant themselves? As a business associate, they must be. Will they provide HIPAA or other industry regulatory compliance support?
  • What about your mobile devices? Do they provide Mobile Device Management?

With the increase of more sophisticated cyber-attacks today, make sure you’re educated about cyber threats. Your IT company is responsible to ensure that you are armed with the best protection available to safeguard your data and IT infrastructure against cyber-crime.

 

Ask about Business Continuity and Disaster Recovery – and the Cloud

 

Do they provide a secure cloud-based backup service?  How often do they test the disaster recovery plan? Will they perform tests to estimate the recovery time and the impact of potential failure?  

 

Speaking of the Cloud, do they have Cloud Consultants on staff who can help you choose the right solutions for your business? Can they migrate your technology to the Cloud?

 

Finally, ask them how much everything will cost. 

Make sure their IT Service & Support Plans align with your budgetary requirements.  

If they won’t customize their services to meet your needs, the story’s not over yet.  Keep looking for the reliable IT Support Company that’s right for you.

Call Today 570-634-5350

Fill out the Form Below for a Free No Strings Business Technology Assessment​










Not Feeling the Love from my Current IT ProviderBeing Billed Too Much for what they are providingJust an Honest Second OpinionWe Want you to take over our Service



Please prove you are human by selecting the Key.




Want to Know More?


Top 3 Reasons to Replace Your Current IT Company


How To IT Budget

Email Wrapped in Bacon(Security)

Yes you are seeing this correctly it is Office 365 wrapped with Bacon. Why? Bacon makes everything better and here at Underdog, all our services are wrapped around security so what better way to illustrate this.

OK, Everyone knows you can buy Office 365 for roughly the same price where ever you go – the price is set by Microsoft. In fact you can purchase directly from Microsoft.

Then why don’t you do that? Well some places do those that do not want to deal with an I.T. company. But if you have ever tried to compare Microsoft plans you nearly go blind looking at all the fine print. So how do you know if you got the right plan for your business? Well if I want email I pick office 365 essentials, if I want desktop apps I can pick Office 365 Premium. If I want Email Security maybe I pick e3 or e1 or on and on and on and you get the Idea.

When starting Underdog Computer and Network Support my main goal was that every service we provide will be wrapped in security. Why? I don’t want my customers to choose a plan because it was cheaper and the reason it was cheaper was because it didn’t include any security options. The internet is a scary enough place already and everything we do these days involve the internet in some way. I want my clients protected! After 25+ years of doing this I hate the 12 am or 5 am panic calls.

We put together a pricing structure that is built around Office 365 Email. Even if you have Office 365 already or you have professional email addresses the @yourdomain.com) that is fine you can still take advantage of these packages. We can convert them over to our system. However if you are still doing business as @ptd.net @gmail.com @yahoo.com @comcast.net or any other public email provider. You should seriously consider changing. 

You can purchase these bundles in increments of 1 pack or 5 pack. So how does it work? If you have 15 employees you would purchase (3) 5 packs. This gives you 15 email addresses. If you have 16 employees you could purchase (4) 5 packs or (3) 5 packs and (1) 1 pack. We would advise you what is best for your business.

So what is included with your Business Bundle:

Professional Email addresses @yourdomain.com

1 Email Address for every user with unlimited aliases and groups

1 subscription to Microsoft Office which includes Outlook, Word, Excel, Powerpoint, Publisher, One Note and Access for every user

Ok so far that is not any different than anyone else offers. Here is where it gets interesting

We add email SPAM filtering both inbound and outbound

For added security 2 form authentication

Email Encryption (Email Encryption is when you want to send sensitive information such as bank account numbers and social security numbers etc. You encrypt with a special lock that only the intended recipient will have the key)

If that wasn’t enough we added Office Protect which includes security policies for email, monitoring and alerts of suspicious mailbox activity like logons or questionable messages being sent or received. If your email is being forwarded which is a sign of someone hijacking your email account.

Email Archiving, Web access so you can access your account from anywhere and also Mobile email so you can send and receive email from your phone with all the protections you get from a desktop. Remember I said all our services include security. This is no exception on top of the email security we have built in we are adding in desktop security. We have included Patch Management which applies critical and security updates to your computer 1 per user . We have included PC Antimalware/Antivirus and PC Remote Monitoring and Remote Remediation 1 per user. And to round it all off we have provided up to 1 GB shared space online and 1 GB of pooled backup space.

Ok so if you were to price this all out separately

Office 365 with Desktop Apps is $18.95

Office Protections which includes the monitoring and threat protection of the mailbox is $15.00

Total Protection Gold which includes Antimalware/Antivirus, Website Protections, Unlimited Remote Support is $50.00.

These items alone would come to $83.95 – for a single bundle its $65 23% savings and if you purchase the 5 pack bundle it is $50/user which is a 41% savings.

Call Today 570-634-5350 to get started!

 

Underdog Computer and Network Support – Never Fear, We Fix I.T. Here.
















Please prove you are human by selecting the Key.




We all like to save money in our homes. An entire industry revolves around the “Do It Yourselfer” the weekend warrior. Some of us are good at working on cars, we fix our own and as a favor for a pal and maybe a little cash we do it on the side. Lots of people have Side Gigs because they are better at certain things that aren’t their main vocation. Of course there are people who fix computers on the side. 

As Humans we must know when we are over our heads, when a particular project might need the touch of an expert. When it comes to businesses that rely heavy on computers you need to think twice when letting your cousins son work on your computer because “He built a gaming computer” or The guy who works for UPS during the day but moonlights working on computers because he knows a few things. 

I know on the surface computers appear to have gotten easier to work with. Everything has moved to the cloud, networks and networking has gotten a lot less complicated. The couldn’t be further from the truth. The fact is things have gotten more complicated and dangerous. There are more hackers, viruses, and cyber crimes then ever before. Every day you hear about a companies data breach. At the time of this writing Wells Fargo one of the biggest banks had a major outages. 

If you are saying well those are big businesses what does that have to do with my small business. Consider this Example. Small Fictitious company Jones and Sons a construction company with about 15 employees. Jones and Sons has a file server, uses cloud based emails and has 15 computers networked together and some networked printers. Jones Sr used to use a dedicated IT company for all their computer needs but since retiring and leaving the business to Jones Jr. they do a lot more themselves. Jones Jr grew up with computers so he knows a lot about them. He maintains the computer network. 

But now he is running the company and he doesn’t have a lot of time to put into the computers. But they seem to be running ok so he isn’t concerned. 

One day they get hit with a Crypto Virus which encrypts all their data! How did it happen, well their commercial grade firewall went bad so Jones Jr went to Staples and bought a residential firewall. All the commercial grade antivirus expired so he installed one of those free antivirus solutions(The ones that say it is illegal to install in businesses). 

Most of the computers are still windows xp “Because it doesn’t matter, all their stuff is in the cloud so these are just dumb machines” and the more modern computers are running the home version of the operating system and have never been patched. 

Ok what about backups? Someone has been swapping out the tapes everyday surely we can restore from those. NOPE, they havent been working in 3 years. All the financial data, documents are all gone.

For Jones and Sons the cost of downtime is going to be HUGE! Of course this is an exaggeration but it is not uncommon. 

Similarly there are business that still engage with I.T. companies on a Time and Material Basis(Break/Fix). They only call when somethings broken to get it fixed. While these companies are a bit smarter because they at least recognize they need a professional(sometimes) – they still waste time and money. Because they anticipate having a unexpected cost they try to do whatever they can to avoid it. They may have an “Internal I.T. person because they know more then everyone else” . Because they don’t have an ongoing relationship with an I.T. company it may take a while to get someone to respond meaning if the problem is effecting your entire business you are out of business until someone responds. 

Managed I.T. Services is more than paying a monthly fee. It is about letting you get back to the business of your business. Letting us handle your Technology. Your are an expert in what you do, we are an expert in Technology. 

  • Because you pay a monthly fee there are no unexpected costs.
  •  Because you have ongoing relationship downtime is actually reduced 
  • Because we have an active ongoing role in your business we can advise you on how to steer your technology
  • Reduce Downtime, Reduce Wasted Employees Time – Save Money!

Contact us Today for a Free No Strings Business Technology Assessment Valued at $950.00










Not Feeling the Love from my Current IT ProviderBeing Billed Too Much for what they are providingJust an Honest Second OpinionWe Want you to take over our Service



Please prove you are human by selecting the Tree.




Understand the Difference Between
Firewalls and Modems

Hello Everyone! Carmine Corridore of Underdog Computer and Network Support. Back with another Video Blog!

We will be discussing Firewalls, Routers and Modems, Let’s get started!

Ok so these days there is a big blur between Routers, Modems and Firewalls. Understandably so, Many ISP(Internet Service Providers) provide a modem with both router and firewall capabilities to make things easier for the end user. However, easier doesn’t mean safer. Let me explain.

In the early days of the Internet, the Modem was the interface or the handoff from your internet provider. It carried the signal from the provider and that was it. What you did with it from there was your responsibility.

The next device after the modem was the Router. Its job was to take the signal from the ISP in this case the modem and “ROUTE” the traffic to the local network translating to whatever language the local network could speak. Sometimes it would “Route” to multiple networks. It would then use rules setup to determine where and how the traffic is sent and received.

Ok so think of it this way, the road you live on is the internet. The driveway is your router. Your house then becomes the local network. Back in those days, your house would not have any doors or windows in other words no privacy. Therefore, everyone was able to see you and as a result, nothing was secure.

Firewall were created to provide a level of security similar to how industrial building firewalls prevent the spread of fire or damage to a building. A firewall added not only windows and doors but also curtains to your proverbial home. The role of the firewall has evolved but for the purpose of this video let just say firewalls at the basic level provide a masquerade of your network or NAT (network Address Translation). In using my original analogy. From the outside, all someone knows is your home address but it does not know which person inside the house is actually communicating. In addition, there are access rules for traffic inside going out and outside coming in. Most firewalls have restrictive ruleset coming in then they do going out.

Today the modern modem you get for your home or small business combines the modem, router and the most basic firewall component NAT. When ISP first started doing this, businesses were advised by their IT provider to purchase firewalls because it was understood they needed more than just masquerading how data was sent. Over the last few years I have seen a shift in this trend and many small business usually ones without a dedicated IT team will use what the ISP provided modem. It worries me because they are under a false sense of being secure.

For one I would never consider ISP modem a business class device. This device used for both residential users and commercial accounts and provides a simplicity level of setup that the nonprofessional can use. Because of this, many controls are hidden or not available to the end user. Many security risks like UPNP and WPS among them are open by default. The ability to remote operate your modem is open and EVERYONE KNOWS many times the default username and password for your modem!  In short, it is easy to compromise it.

Business Grade Firewalls have levels of controls you can granularly control what comes in and goes out of your network added services such as intrusion detection and prevention, application control and even antivirus are growing as key service of these devices.

Yes, it is true most modern computers come with software firewalls, the problem I have with them is simple. The software firewall is dependent on your computer operating in an uncompromised state. Meaning it has all the proper patches. You are free of malware and your system is running normally. We have all seen where a patch screws up a computer. Good time to compromise your firewall. You download a malware, good time to compromise your firewall.

With a hardware firewall, this is a bit harder to accomplish. Underdog Computer and Network Support provides quality services, patch management and business class firewalls to all our clients. Give me a call today 570-634-5350. Don’t forget to ask about our Network Assessment valued at $950.00 but is yours free. Remember Never Fear, We Fix I.T. Here!

I would like a Free Assessment of my Network, Here are my Details!










Not Feeling the Love from my Current IT ProviderBeing Billed Too Much for what they are providingJust an Honest Second OpinionWe Want you to take over our Service



Please prove you are human by selecting the Plane.




Bots turning your Computer into a Zombie

Hello Everyone! Carmine Corridore of Underdog Computer and Network Support! Back with another video blog. This week I will be teaching you about BOTS! Turning your computer into a Zombie! This is part 3 of my 3 part educational series on keeping safe on the internet.

Let’s get started!

BOTS! You may have heard of Bots before or this may be your first time but Bots are just as dangerous as malware and phishing if not more than because, it makes you unwillingly involved in criminal acts!

So what is a BOT? A bot is a piece of software that performs automated tasks by running scripts over the internet. It performs these simple and repetitive tasks much more quickly than a human sort of like a roBOT. I am sure this is where the term comes from. Most bots are harmless and crucial for making the internet useful like chat bots, auction bots, web crawlers or spiders. Like anything else, Bots can be “weaponized” or turned malignant and destructive when deployed by cyber criminals.

I am a history buff and I use history to see how something evolved.  You know the old saying if you don’t know your history you are doomed to repeat it. I love to look back and see how certain technology came to be and how it evolved in this case into something bad.

Some say Bots began all the way back with Greek Mythology. But we are not going that far back. Lets go to 1950’s.

In 1950, computer scientist and mathematician Alan Turing developed the Turing Test, also known as the imitation game It’s most primitive format required three players — A, B, and C.

Player A was a machine and player B was a human. Player C, also a human was the interrogator, by asking a series of questions would try to determine who the human was. However, there was a problem. At the time, databases were highly limited, and could therefore only store a certain amount of human phrases. That meant that the computer would eventually run out of answers to give Player C, eliminating the challenge and prematurely ending the test.

One of the most significant AI developments of the 1960s was the development of ELIZA — a bot, named in part for the Pygmalion character, whose purpose was to simulate a psychotherapist. Created in 1966 by MIT professor Joseph Weizenbaum, the technology was limited, to say the least, as was ELIZA’s vocabulary. AI continued advancing in the 80’s and 90’s but most of it for scientific and government focused.

In the 90’s the shift began towards the consumer market, if you remember some of the games from the 90’s Simon Says, I took a lickin from a chicken and others. Then in the late 90’s around 1996, Tamagotchi a computerized handheld pet hit the market, which required digital care to keep it alive.

As the internet became popular so did the use of bots. As I mentioned earlier you had internet bots called crawlers or spiders that went and “crawled” through a website and harvested all the links to categorize in a search directory(remember those).

So that doesn’t sound so bad, when did it go wrong? Remember I said earlier – Most bots are harmless and crucial for making the internet useful like chat bots, auction bots, web crawlers or spiders. Like anything else, Bots can be “weaponized” or turned malignant and destructive when deployed by cyber criminals. Something called the BOTNET was developed. What the heck is that? Botnets are nothing more than an army of infected computers, which grow by infecting other computers. How that happens is the reason this is part of my 3 part series. It happens through Trojan horses, infected emails, viruses, etc.. who controls them, how do they get their instructions?

So how does it work? First it starts with an infection generally called a Trojan horse. It is called a Trojan horse because it was let in by YOU! That’s right I said you. A free download from a website, Freeware installation of some software. Your reboot your computer and boom you are infected! Your antivirus usually does not pick it up because it is made to install before the av has a chance to start and is not smart enough to know it is a malicious program. Once on your computer it begins reporting to a C2C or a command to control center for instructions. That is it your computer is a zombie now reporting to a Botmaster for instructions and mindlessly infecting other computers. Most of the times you will not know it is happening it doesn’t take a super amount of resources to get done. Most of the times it is only when alerted by your ISP that a Honeypot has flagged your network.

A C2C is one way that a botnet is created a second way and most recent way is a peer to peer. So rather than each zombie communicating back to the botmaster, each computer becomes both the master and the slave, Woooo! Think Skynet! As you can imagine the Peer to Peer method is much harder to kill.

 

How to prevent! Prevention becomes 2 parts education 1 part technology and a good Technology Partner!

Underdog Computer and Network Support will educate you and your staff on good surfing habits and the warning signs. Using proven technology securing your network and making sure your computers are up to date with the latest patches. Our professionals have been doing this for 26 years. Give us a call today 570-634-5350 for a free review of your network. And….. Never Fear, We Fix I.T.

 

 

Hello Everyone! Carmine Corridore of Underdog Computer and Network Support! Back with another video blog. This week I will be teaching you about BOTS! Turning your computer into a Zombie! This is part 3 of my 3 part educational series on keeping safe on the internet.

Let’s get started!

BOTS! You may have heard of Bots before or this may be your first time but Bots are just as dangerous as malware and phishing if not more than because, it makes you unwillingly involved in criminal acts!

So what is a BOT? A bot is a piece of software that performs automated tasks by running scripts over the internet. It performs these simple and repetitive tasks much more quickly than a human sort of like a roBOT. I am sure this is where the term comes from. Most bots are harmless and crucial for making the internet useful like chat bots, auction bots, web crawlers or spiders. Like anything else, Bots can be “weaponized” or turned malignant and destructive when deployed by cyber criminals.

I am a history buff and I use history to see how something evolved.  You know the old saying if you don’t know your history you are doomed to repeat it. I love to look back and see how certain technology came to be and how it evolved in this case into something bad.

Some say Bots began all the way back with Greek Mythology. But we are not going that far back. Lets go to 1950’s.

In 1950, computer scientist and mathematician Alan Turing developed the Turing Test, also known as the imitation game It’s most primitive format required three players — A, B, and C.

Player A was a machine and player B was a human. Player C, also a human was the interrogator, by asking a series of questions would try to determine who the human was. However, there was a problem. At the time, databases were highly limited, and could therefore only store a certain amount of human phrases. That meant that the computer would eventually run out of answers to give Player C, eliminating the challenge and prematurely ending the test.

One of the most significant AI developments of the 1960s was the development of ELIZA — a bot, named in part for the Pygmalion character, whose purpose was to simulate a psychotherapist. Created in 1966 by MIT professor Joseph Weizenbaum, the technology was limited, to say the least, as was ELIZA’s vocabulary. AI continued advancing in the 80’s and 90’s but most of it for scientific and government focused.

In the 90’s the shift began towards the consumer market, if you remember some of the games from the 90’s Simon Says, I took a lickin from a chicken and others. Then in the late 90’s around 1996, Tamagotchi a computerized handheld pet hit the market, which required digital care to keep it alive.

As the internet became popular so did the use of bots. As I mentioned earlier you had internet bots called crawlers or spiders that went and “crawled” through a website and harvested all the links to categorize in a search directory(remember those).

So that doesn’t sound so bad, when did it go wrong? Remember I said earlier – Most bots are harmless and crucial for making the internet useful like chat bots, auction bots, web crawlers or spiders. Like anything else, Bots can be “weaponized” or turned malignant and destructive when deployed by cyber criminals. Something called the BOTNET was developed. What the heck is that? Botnets are nothing more than an army of infected computers, which grow by infecting other computers. How that happens is the reason this is part of my 3 part series. It happens through Trojan horses, infected emails, viruses, etc.. who controls them, how do they get their instructions?

So how does it work? First it starts with an infection generally called a Trojan horse. It is called a Trojan horse because it was let in by YOU! That’s right I said you. A free download from a website, Freeware installation of some software. Your reboot your computer and boom you are infected! Your antivirus usually does not pick it up because it is made to install before the av has a chance to start and is not smart enough to know it is a malicious program. Once on your computer it begins reporting to a C2C or a command to control center for instructions. That is it your computer is a zombie now reporting to a Botmaster for instructions and mindlessly infecting other computers. Most of the times you will not know it is happening it doesn’t take a super amount of resources to get done. Most of the times it is only when alerted by your ISP that a Honeypot has flagged your network.

A C2C is one way that a botnet is created a second way and most recent way is a peer to peer. So rather than each zombie communicating back to the botmaster, each computer becomes both the master and the slave, Woooo! Think Skynet! As you can imagine the Peer to Peer method is much harder to kill.

 

How to prevent! Prevention becomes 2 parts education 1 part technology and a good Technology Partner!

Underdog Computer and Network Support will educate you and your staff on good surfing habits and the warning signs. Using proven technology securing your network and making sure your computers are up to date with the latest patches. Our professionals have been doing this for 26 years. Give us a call today 570-634-5350 for a free review of your network. And….. Never Fear, We Fix I.T.