Skip to content Skip to content
Close
Search
Palitto Consulting Services
  • Home
  • About
    • Company Profile
    • Employment Opportunities
    • Employee Information
    • Community Involvement
    • Alliance Companies
    • Contact Us
  • Services
    • Hardware & Software Consulting
    • Custom Programming & Design
    • Business Consulting
    • LAN / WAN Networking
    • VoIP & Telephony Implementation
    • System & Data Security
    • Maximizing Mitel
  • News

data security

Dropbox is Not a Remote Access Solution: A COVID-19 Case Study

April 30, 2020 by Kevin Denee
Dropbox is not a remote access solution article feature

The Scenario in Brief

During this challenging time, we all have had to scramble to adjust to a new normal, both on a professional and personal level.

Here is an example of a company that was trying to find their own way to work remotely. This particular customer has a case management suite that links to Dropbox in the office. Their case files and templates link to the cloud, their Dropbox. Our client decided to give all their employees access to Dropbox through their personal home computers.

It was easy.

The employee can work from their home computer, make their edits on Dropbox, and it updates to their case management suite. When we dug deeper, we learned that the computers they are using are shared with other family members.

If ransomware got on this computer from a clicked email that would then infect the locally-stored Dropbox files. This would then sync up to the cloud because Dropbox would not know that the data is compromised. It just sees data. The original data would not be available and the new data would be encrypted and locked.

From a support side, we had servers being backed up in the office, as well as other important folders. The client thought they had a backup, but they did not realize that Dropbox was not being backed up.

Further, the client was not aware that Dropbox stores a local copy of its files on computers that are synced. This means these confidential case client files were available to other family members in the household. To make matters worse, if the machine got infected, the case studies would be readily available to bad actors.

The Solution

We ended up setting up a VPN solution for this client, which allowed them to remote into their desktops. This is a common and easy solution, which gives employees their work environment at home. They now log in to their work computer that already had Dropbox. We uninstalled Dropbox on the unsecured personal computers.

People have this belief that everything that is going to be out in the cloud is going to be safe. Sometimes it is not clear that this “cloud” is just a server sitting somewhere else. The reality is unless you invest in creating backups, or backing it up yourself, it is as susceptible as your hard drive getting ransomware.

Finally, Dropbox has an additional plan that allows data retention for the 30 days. We implemented this as an extra safety measure.

The Lesson

Companies are going to find quick methods to solve their problems. This case study was an easy solution to remote access and our client had no idea they exposed vulnerabilities and security holes. Nothing had gone wrong, so they thought they were safe.

It’s always wise to engage a consultant in cases like this. We were thankful we could help in this regard and prevent what could have been a bad situation.

Categories Technology and Business News Tags cloud, COVID-19, data protection, data security, remote access

Phishing Attacks on the Rise: How To Protect Your Business

February 20, 2020February 19, 2020 by Kevin Denee
Phishing Attacks on the Rise

An increasingly common cybercrime, phishing is the term for when criminals attempt to get users to provide them with sensitive information via the internet, or in the past, phone calls or letters. Phishers may send fake emails or construct bogus websites, hoping internet users will either make an online “transaction” or reply with personal details. Unfortunately, cyberattacks against businesses and individuals using phishing tactics have only increased over the years, and they show no sign of slowing down.

Phishing Statistics – Small Business at Risk

The 2019 Global State of Cybersecurity in Small and Medium-sized Businesses conducted by the Ponemon Institute LLC stated:

  • “In addition to tracking trends in cyberattacks and data breaches, this year’s study reveals how SMBs are unprepared to deal with risks created by third parties and the Internet of Things (IoT).”
  • “A key takeaway from this research is that over the past three years there has been a significant increase in SMBs experiencing a data breach as shown in Figure 1. In addition, 66 percent of respondents said their organization experienced a cyberattack in the past 12 months.”
  • “In the aftermath of these incidents, these companies spent an average of $1.2 million — an increase from $1.03 million in 2017 — because of damage or theft of IT assets and infrastructure. In addition, disruption to normal operations cost an average of $1.9 million, an increase from $1.21 million in 2017.”
  • “Phishing and web-based attacks are the top two cyberattacks. Seventy-two percent of respondents said that they have experienced at least one cyberattack.”

We highlight these findings, not to create unnecessary fear but to help educate. We hope we can help prevent this for all our clients! If you own a small business, here are some proven ways to protect yourself from phishers.

Never Provide Personal Information to an Untrustworthy Source

If you are like most people, you may be used to receiving important information and updates from your bank via email or text. There is nothing wrong with this, but unfortunately, phishers often pose as banks and other financial institutions to obtain personal information from consumers. Never send personal banking information to a “bank” via email or text. If you are unsure of a company’s website or email is authentic, don’t hesitate to contact them directly.

Be Wary of Emails from Unknown Parties

Emails from unfamiliar or unlisted addresses are often phishing lures capable of infecting your computer or phone with malware. Once you click the link to the email, the malware will install itself, usually without your knowledge, and may obtain any important information you enter into your computer or online.

Don’t Fall for Scare Tactics

Phishers often attempt to scare users into providing them with sensitive data by pretending to be government organizations or large companies. For example, a phisher may send a threatening email pretending to be the IRS or the CIA. Some phishers may even claim they already have access to your personal details or browsing history, which they will share with everyone else if you don’t provide the rest of your financial information. Do not respond to such threats.

How to Mitigate this Problem

Here at Palitto Consulting Services, we understand the importance of cyber security. There are three important steps you and your business should be taking:

  1. Two-factor authentication should be added to your email accounts
  2. Anti-spam and malware and anti-phishing filter software should be used
  3. Your team should receive some phish threat and security awareness training
If we haven’t had the discussion with you and your business, please contact us today to learn more about the services we can provide to protect your business.
Categories Technology and Business News Tags anti-phishing software, Cybersecurity, data security, phishing, security, two-factor authentication

PCS Engineers Gain Additional Certifications

February 13, 2020 by Kevin Denee
Sophos Security

At Palitto Consulting Services, we are always working hard to ensure that we offer our clients the best possible value. Part of that is a commitment to continual education. Our engineers and consultants regularly seek out conferences, training sessions and other learning opportunities. Recently, four of our engineers earned new certifications. These certifications both reflect our efforts to advance and give our clients the added comfort of knowing their systems are being worked on by the best in the business.

XG Firewall Certification

Team members Dan Allen, Mike Brumfield and David Virkler acquired the status of Sophos Certified Engineer for XG Firewall. This world-class firewall offers superior visibility, protection and incident response. By getting certified in applying and maintaining this firewall, our team will be able to help our clients secure their networks with best-of-breed protection.

Sophos Central

Ben Zelei received the status of Sophos Certified Engineer and Architect for Sophos Central. This unified console helps businesses more effectively apply and manage Sophos security products. The entire Sophos suite can help organizations with everything from detecting and preventing breaches to encrypting data. Attaining this certification will help Ben better serve the needs of our clients for network and core infrastructure security.

Palitto Consulting Services’ Dedication to Security

In the modern business world, security is a paramount concern. Cybercriminals are getting more advanced and learning new tricks. We know that our clients rely on our engineers to apply the best practices and top-quality tools to ensure their security. Our most recent Sophos certifications and other continued learning efforts play a major role in how we work to protect our clients’ networks.

Count on PCS for Your Security Needs

Whether you need a Sophos XG Firewall implementation, a full network security audit or any other technology consulting service, Palitto Consulting Services is always ready to serve our clients. Contact us today to learn what we can do for your business.

Categories Technology and Business News Tags ben zelei, certification, dan allen, data protection, data security, david virkler, education, mike brumfield, security, sophos Leave a comment

Learn About Cyber Security With Bryon Palitto of Palitto Consulting Services

December 13, 2019 by Kevin Denee
Cyber Security

Technology helps businesses become more efficient and connected, but it comes with downsides as well. Flaws in security can allow criminals to access important data, putting both companies and clients at risk. Cyber security is getting the attention of many businesses, but few know what to do.

Recognizing this issue, Bryon Palitto, CEO and founder of Palitto Consulting Services, has spoken on the topic at several venues over the course of 2019. Even if you can’t hear his presentation in person, you can learn about the most important points: why you’re a target, recent attacks and how to avoid becoming a victim.

Reasons Cyber Criminals Target Businesses

Bryon Palitto News Story PhotoCommercial enterprises have a wealth of data, even if they don’t know it. According to a recent survey, 54% – 68% of small businesses have personal customer information on file, including the following:

  • Billing addresses
  • Email addresses
  • Phone numbers

Online crooks can use this information to access accounts and potentially gain more critical data such as credit card numbers.

Businesses are also at risk for ransomware. These programs lock down systems so hackers can hold them hostage and demand ransom. In the end, cyber criminals are looking for power to force others to give them what they want.

Attacks You Should Know About

According to 2018 surveys, 67% of businesses were affected by attacks, making cyber security more important than ever. You may have heard of some of the biggest cases:

  • DDoS attack on Telegram Messenger
  • Stuffing attack on Dunkin’ Donuts
  • Hackers breach Citrix servers
  • Toyota data breach

Ways To Protect Yourself

Despite the dangers, there are ways to prevent breaches. First of all, you should hire professionals to do a risk assessment. This identifies weak areas in security protocol and systems, which you can then bolster.

You should also make sure all employees understand basic email security, password protocol and other relevant cyber security measures. Everyone is responsible for protecting a company, from the CEO to part-time workers.

Want to improve your security? Interested in Bryon speaking at your event? Palitto Consulting Services has been helping businesses protect their technology for over 20 years. For more information, give us a call at 330-335-7271 or contact us online.

Categories Technology and Business News Tags bryon palitto, cyber crime, cyber security, data protection, data security, Palitto Consulting Services, security Leave a comment

Joe Miller Completes Data Mining Course

January 25, 2018 by Kevin Denee
Joe Miller News Story Photo

Joe Miller recently completed the course, Data Mining, provided by the College of Engineering at Ohio State University. This course is one of four non-credit courses in the Certification in Practice of Data Analytics (CPDA) program. The course focused on introducing data mining fundamentals and algorithms, covering topics of distance/similarity measurement, anomaly detection, and association, classification, clustering and pattern algorithms.

Data is increasingly becoming more important for almost any type of business. Ginni Rometty, CEO of IBM, recently stated the following in an interview: “Most important, we believe that the basis of competitive advantage in the future will be data. As I’ve said before, data is the next natural resource” (“Don’t Try to Protect the Past,” Harvard Business Review, July-August 2017).

PCS helps businesses make intelligent use of technology. In that context, our team of professionals appreciate the opportunity to help in regards to a company’s data.

Categories Uncategorized Tags data, Data mining, data protection, data security, education, joe miller, Palitto Consulting Services, pcs staff, technology Leave a comment
Older posts
Page1 Page2 Page3 Next →

Recent Posts

  • “Aunt Kate” Retires after 17 Years at PCS
  • Trent Gasser Obtains Firewall Certification
  • Ben Zelei Speaks about Cyber Security on Podcast
  • Javan Miller Acquires Several Certifications
  • Palitto Consulting in Top 20 IT Services Firms in Northeast Ohio

Recent Comments

    Archives

    • November 2022
    • September 2022
    • August 2022
    • July 2022
    • June 2022
    • February 2022
    • January 2022
    • December 2021
    • November 2021
    • October 2021
    • September 2021
    • August 2021
    • June 2021
    • April 2021
    • March 2021
    • February 2021
    • January 2021
    • November 2020
    • October 2020
    • July 2020
    • June 2020
    • April 2020
    • March 2020
    • February 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • June 2019
    • April 2019
    • March 2019
    • February 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • September 2017
    • August 2017
    • May 2017
    • April 2017
    • December 2016
    • March 2016
    • January 2016
    • December 2015
    • November 2015
    • October 2015
    • July 2015
    • June 2015
    • May 2015
    • February 2015
    • November 2014
    • October 2014
    • July 2014
    • June 2014
    • March 2014
    • February 2014
    • January 2014
    • December 2013
    • October 2013
    • September 2013
    • August 2013
    • July 2013
    • June 2013
    • May 2013
    • April 2013
    • March 2013
    • February 2013
    • January 2013
    • December 2012
    • November 2012
    • October 2012
    • September 2012
    • August 2012
    • July 2012
    • June 2012
    • May 2012
    • April 2012
    • March 2012
    • February 2012
    • January 2012
    • December 2011
    • November 2011
    • October 2011
    • September 2011
    • August 2011
    • February 2011
    • January 2011
    • December 2010
    • November 2010
    • September 2010
    • July 2010
    • June 2010
    • March 2010
    • February 2010
    • January 2010
    • December 2009
    • October 2009
    • September 2009
    • August 2009
    • January 2008
    • August 2007
    • March 2007
    • January 2007
    • November 2006
    • September 2006
    • August 2006
    • July 2006
    • May 2006
    • March 2006
    • February 2006
    • January 2006
    • December 2005
    • October 2005
    • September 2005

    Categories

    • Technology and Business News
    • Uncategorized

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org

    Palitto Consulting Services

    150 Main Street
    Wadsworth, OH 44281
    P: 330.335.7271
    F: 330.335.7275
    Email Us
    Location Map

    Copyright © 2023 Palitto Consulting

    Content

    • Home
    • About
    • Services
    • News
    • Privacy Policy
    • Terms & Conditions
    • Maximizing Mitel

    Recent News

    • “Aunt Kate” Retires after 17 Years at PCS
    • Trent Gasser Obtains Firewall Certification
    • Ben Zelei Speaks about Cyber Security on Podcast
    • Javan Miller Acquires Several Certifications
    • Palitto Consulting in Top 20 IT Services Firms in Northeast Ohio
    Microsoft Gold Partner Logo International Association of Microsoft Channel Partners Logo Better Business Bureau Accredited Business Logo