Lanit Updates 1/2020

Happy New Year! (and decade)


Lot's of exciting things happening at Lanit but first I want to get back to basics. Lanit is a managed cloud service provider. What does that really mean? When you utilize cloud services you are basically moving your IT operations to a cloud provider facility and then remotely accessing them. This provides many additional benefits to your operations of which the majority of you have already realized but we aren't going to dive into those, if you need a reminder you can click here and get those additional details. A managed cloud provider takes it a step further and not only provides the facilities for cloud services but also manages your daily IT operations and needs. This article is to help realize the differences between cloud providers and options available so let's dive in! 


There are a ton of cloud options available. Almost every large technology company including computer manufacturers and software companies now has their own cloud services available but I want to focus on the two most known, Amazon (AWS) and Microsoft (Azure). These are two of the most popular cloud options and rightfully so. They provide easy configurations, support with on boarding, massive infrastructures that can be load balanced globally, and thousands of employees as just a few of their benefits. The issue becomes your specific configuration and use of their facilities. They have all of those resources to keep their cloud infrastructure up and running but when it comes down to it, you're still on your own when it comes to your data while using their facilities. It's up to you to back up regularly, secure your own data, manage your servers, upgrade your applications, troubleshoot issues, manage user accounts, licensing, email, etc. and that's where somebody like Lanit comes into play. 


Lanit owns it's own cloud facility as well as provides support and management for other cloud options such as Azure and AWS. Lanit's cloud service provides the flexibility that the others don't. Azure and AWS are a "boxed" solution and are so large that they set the rules with disregard to their smaller customers needs. Instead of scheduling downtime for maintenance with their customers, they tell you when they're taking downtime. If you have a special application that requires a certain operating system or database that's no longer supported they will give you a deadline to remove it. They regularly remove options and features that you may be using and require you to upgrade to it's replacement or find an alternative whether it fits your operations or not. With Lanit, it's all about the customer and their needs. We are as flexible as you need us to be and are large enough to serve yet small enough to care. 


 Lanit provides an extremely flexible and managed cloud service but also offers services for migration to Azure and AWS or a hybrid of Lanit/Azure, management of the operations after the migration is complete, and ongoing support for your server and applications needs while running in their cloud. So you can enjoy the same great support and customer service your accustomed to with Lanit while utilizing their cloud infrastructure. They provide a nice stable base infrastructure so much so that we have even integrated some of our facilities into Azure. Let us know if this is something you are interested in or have additional questions about and we would be happy to discuss it further. 
Picture

Introducing APEX ONE

Lanit will be introducing APEX ONE into our cloud facilities over the next few months as the next generation of end point and network security. This will not only enhance our current machine learning capability to stop zero day threats but will provide an automated response with instant virtual patching system wide. 


If you're interested in the more "geeky" info you can click here to read further. 
Picture

Passwords

Coming up with unique passwords can sometimes be a challenge and most of us have a tendency to do a small variant of the existing password. That's where password generators helps to make that decision for you by creating a unique password each time you need one.


The idea of a password generator is great however most of them create a password that's so horrendously complicated that they look like they could launch a nuclear attack with 16 random letters, numbers, and special characters you didn't even know existed. 


This is completely unnecessary. As long as you have a unique and random password then you are just as safe as the nuclear code version. Most compromised passwords are not guessed but are stolen so the complexity really doesn't matter and changing them regularly is more important than the password itself.


That's why we love DinoPass.com. Dinopass is easy to use, creates a unique, random, and easy to remember password and if you like can add a capital letter or special character to give it more flare. This takes care of the real needs for random passwords that needs to be changed often.  
Picture

Security Awareness 

Messaging/Smishing Attacks 


Overview

One of the most common ways cyber attackers attempt to trick or fool people is by scamming you in email attacks (often called phishing) or try to trick you with phone calls. However, as technology continues to advance bad guys are always trying new methods, to include tricking you with messaging technologies such as text messaging, iMessage/Facetime, WhatsApp, Slack or Skype. Here are some simple steps to protect yourself and spot / stop these common attacks.


What are Messaging Attacks?

Messaging attacks (sometimes called Smishing, a play on the word Phishing) are when cyber attackers use SMS, texting or messaging technologies to reach out to you and try to trick you into taking an action you should not take. Perhaps they want to fool you into clicking on a malicious link, or get you to call a phone number so they can get your banking information. Just like in traditional phishing email attacks, bad guys often play on your emotions to act. However, what makes messaging attacks so dangerous is that they often feel far more informal or personal than email, making it more likely you may fall victim. In addition, with messaging attacks there is less information and fewer clues for you to pick up on that something is wrong or suspicious. When you receive a message that seems odd or suspicious, start by asking yourself does this message make sense, why am I receiving it? Here are some of the most common clues of an attack.

  • A tremendous sense of urgency, when someone is attempting to rush you into taking an action.
  • Is this message asking for personal information, passwords or other sensitive information they should not have access to?
  • Does the message sound too good to be true? No you did not win the lottery, especially one you never entered.
  • A message that appears to come from a co-worker or friend’s account or phone number, but the wording does not sound like them. Their account may have been compromised and taken over by an attacker, or the attacker is attempting to pretend to be them, tricking you into taking an action.
  • If you get a message that makes you have a strong reaction, wait a moment and give yourself a chance to calm yourself and think it through before you respond.

Sometimes bad guys will even combine email and messaging attacks. For example, gift card scams can work this way. A cyber attacker will send you an urgent email pretending to be a friend or co-worker, then ask for your cell phone number. Then they can send repeated text messages, pressuring you to purchase gift cards. Once purchased, the attackers have you scratch off the code on the back of the cards and message a picture of the codes back to them. Another common attack urges you to “check out” a video or picture (“you won’t believe this!”). It appeals to your sense of curiosity. If the message looks like it is from someone you know, perhaps call the person on the phone to verify before you act.

If you get a message from an official organization that alarms you, check with them directly. For example, if you get a text message from your bank saying there is a problem with your bank account or credit card, contact your bank or credit card company directly by visiting their website or calling them directly using the phone number from the back of your bank card or credit card. Bear in mind that most government agencies, such as tax or law enforcement agencies, won’t contact you via text message.

When it comes to messaging attacks, you are your own best defense.
Made with