Monthly Archives: May 2016

Productivity in a Time of Endless Distractions

time online image

Employees have access to all kinds of digital distractions every minute of the day. So, businesses have to make a decision what is acceptable for Internet use when employees are on the clock. This decision can be hard. There are many who think of privacy issues, not wanting to deter human interaction, or who even have a “my managers watch over their employees so I leave it to them” thought. The only real problem is . . . it’s your business that will suffer if Internet-usage privileges are abused on a regular basis. Bandwidth slowdowns and productivity loss, not to mention increased malware risk, can have a substantial impact on your business. No matter which decision you make for your business, you still need to know what is happening to keep your company, your data, and your employees secure and productive.

You need visibility. If you keep up with our Wavecrest posts, we tend to emphasize this point a lot. Why? Because it is a crucial business tool for today’s digital workplace! You have to know what is happening in your business and on your network so you can make informed business decisions. In this particular case, you need visibility into employees’ time spent online.

Wavecrest Computing’s Time Online feature provides the time that a user spends on the Internet in a useful and informative format with easy-to-interpret charts. Find out which users spend the most time online, spot spikes, and analyze usage for productivity issues or potential bandwidth hogs. Each business is unique and your Internet-use policy should fit your specific business needs. Find the visibility necessary to keep productivity high and mission-critical operations running smoothly, with Cyfin and CyBlock solutions from Wavecrest Computing.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Have even more visibility with Wavecrest’s new comparison feature!

compare-contrastWavecrest is pleased to announce an informative new feature that is now included with the latest versions of CyBlock and Cyfin. Now you can compare Web activity trends in selected date ranges to find anomalies or spikes in usage, compare series activity by metric such as Visits, or view the percentage change in activity from the previous to the current period.

The more visibility you have into your company’s Web activity, the more informed your Web-use decisions are. Each business is unique–you make the decisions on what is acceptable or not! Determine these policies, add them to your enterprise Acceptable Use Policy, and proactively protect your business, your data, and your employees.

reportsDashboardTrendUsersCompare

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Potential Victims to Very Smart Thieves

cat paw stealing cookie

Employees need to know what their employers’ philosophy is behind technology. Does my employer want me to use whatever app I choose? Can I just store and share work information where it is most convenient for me? Will my employer listen when I explain how much my cloud app does to improve my workflow? If you as the employer listen, you could save your business from an incident or a serious breach.

It is amazing that the news is filled with data breach, data loss, ransomware, and spear phishing, and yet many businesses still think they are immune from an attack. If you are connected to the Internet, you are a highly susceptible victim. Do not take this to mean that you should not run your business with the highly efficient and collaborative tools that cloud services offer. It just means think and act to protect your enterprise assets and employees.

Let’s first cover where a major number of incidents start. Your enterprise weakness . . . the employee. It doesn’t matter if you have the best employees in the universe, they are human. Hackers perfect the way they attack; that is their job. They have become so good at what they do that good employees send out W-2s, transfer millions to banks in foreign countries, and hand out their logon credentials without question.

Now let’s talk about what you can do to help your employees to not become victims.

  • Educate them; make them a part of the process. Communicate. It is everyone’s fight.
  • Go ahead and make your most techy employee an honorary go-to person for others with questions.
  • Gain visibility with proactive monitoring tools. Trust me–this is not an employee privacy invasion. You need to know what is going on first; then make informed decisions.
  • Make sure there is a process in place for an employee who questions something. Make the process part of your Acceptable Use Policy (AUP).

And then the important basics we all know, but are worth repeating . . .

  • Back up regularly and make sure your recovery process is tried and true. Think ransomware attack recovery, so keep it where you can get to it but others can’t.
  • Patch – There is no longer an option to do updates. Many are for security, so just do it and do it consistently. It’s patch management, not patch whenever.
  • Passwords – Maintain, manage, and get creative. Use a password manager if needed.
  • Off-boarding – Make sure to purge all credentials for ex-employees or contractors. How do you know if they are still there? Monitor!!
  • Layered security – Get a firewall, but don’t expect all-in-one add-ons to be impressive. For example, don’t expect the firewall Web-use reporting feature to provide comprehensive and interactive reporting capability. Invest in the solution that means serious employee Web-use reporting business–no more wishy-washy reports that are useless.

Think and act to protect your enterprise assets and employees. Take some time to communicate with your employees about the exploits that they may fall prey to. It is not their fault; they are not an “insider threat” but a potential victim to very smart thieves.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

CyBlock/Cyfin Release 9.2.3 Now Available

In Release 9.2.3, you will find several enhancements in the new version of CyBlock and Cyfin. In CyBlock Appliance, logon accounts can now be created for additional administrators as well as managers, allowing managers to generate their own reports. With the Logon Account feature, new account users will receive an e-mail with logon information. They can then log on with their logon name or e-mail address. This applies to CyBlock Software and Cyfin as well.

In Cyfin, many improvements have been made to log file configurations, such as adding new log file configurations, removing log file configurations that are no longer shipped with the product, improving the performance of log database configurations, and attempting to match all existing configurations when analyzing log files.

Other enhancements include updates to the Dashboard trend charts, Time Online metric, Visit Filter, memory settings, and Wavecrest root certificate. The enhancements are highlighted below.

  • Logon Accounts in CyBlock Appliance. The following features have been added:
    • You now have the ability to add, modify, and delete logon accounts for administrators and managers (operator accounts) for reporting purposes.
    • Go to User Management – Logon Accounts – Add to create a logon account.
      • You may create an account using Active Directory authentication if an Active Directory configuration exists in the product.
      • An e-mail is sent to the account user indicating that the account was created and providing logon information.
      • If the logon account was not created with Active Directory, a temporary password is provided which needs to be changed after the initial logon, before the product can be used.
      • Users can log on with their assigned logon name or e-mail address, or network credentials if you are using Active Directory.
    • Go to User Management – Logon Accounts – Modify to modify previously established logon accounts.
      • If the Generate New Password option is selected, a Password Reset e-mail is sent to the user with a temporary password. The user will also receive a Password Changed e-mail after changing the password.
      • If the e-mail address is changed in the logon account, the user will receive the Account Created e-mail with new logon information.
    • Go to User Management – Logon Accounts – Delete to delete previously established logon accounts.
  • Log File Configurations in Cyfin. The following features have been added:
    • On the Data Management – Log Data Source – Setup screen, in the Type of Log File drop-down box, the following log file configurations have been added:
      • Fortigate 5.0
      • McAfee SaaS CSV (No Time Zone)
      • McAfee SaaS CSV (Time Zone)
      • SonicWALL Syslog
      • Symantec Cloud
      • WatchGuard Syslog*
      • WatchGuard Syslog (HTTP)*
      • WatchGuard Syslog (HTTPS)*
      • ZScaler CSV

      * For more information, see Selecting WatchGuard Log File Configurations in Cyfin.

    • In the Type of Log File drop-down box, log file configurations have been removed as they are no longer shipped with the product. However, existing configurations will continue to work. If the removed log file configurations are needed, contact Technical Support.
  • Dashboard Trend Chart Comparisons. The following features have been added:
    • In the trend charts, you can now compare the Web traffic for a predefined date range with a previous period to detect any anomalies in Web activity.
    • The predefined date range is shown as a line series, and the equivalent previous period is shown as a filled series.
    • A Tooltip shows activity by metric, such as Visits, as well as the percentage change in activity from the previous to the current period.
  • Dashboard Time Online Metric. The Time Online metric has been added to the Top Users and Trend Users Dashboard charts. Time Online is an approximation of the time that a user spends on the Internet, based on the time stamps from Internet requests made as the user browses Web sites, the average number of minutes for reading a specific Web site, and the time spent reading the last Web site before the end of the browse session.
  • Visit Filter. The Visit Filter is now enabled by default when upgrading the product or installing a new version. The default time period is set to 3 seconds.
  • Memory Settings. For new installations, the default memory setting is now 512 MB. For optimal performance, it is recommended that you choose the setting that is approximately half of your available memory (RAM).
  • Wavecrest Root Certificate. The root certificate has been updated to be more secure and to reduce errors or warning prompts. Existing customers will need to install the new certificate. For installation instructions, see Wavecrest Certificate Installation Guide.

There are also a number of corrections in this release. To see the full release notes for your product, visit our Web site or knowledge base. You can upgrade to the latest release by going to the Help – Check for Updates screen in your product.

For additional assistance, please feel free to contact us.

Feeling neglected? Let’s fix that.

article-5-photo

It seems the newly named Forcepoint has finally settled into the company they planned since the Raytheon acquisition of Websense. As a Websense customer before the acquisition, are you feeling a bit neglected now? In this new corporate culture, are you finding it difficult to get a hold of technical support or that customer service is not there when you need them? Could it be that their focus is more on the larger Raytheon cyber security customer base than on their Websense customers? Whichever the case, your business is the one that suffers. Stop spending your precious time on working through multiple levels of bureaucracy to get what you need.

Wavecrest has comprehensive, agile, and reliable solutions for your employee Web-use security and analytics needs, ranging from software and hardware deployments to cloud and hybrid deployments. No matter your business size, industry, or distributed workforce, Wavecrest has a solution for you.

Retaining a positive SMB mentality, the Wavecrest team believes strongly in one-on-one communication with prospects, customers, and partners. When you reach out to us, we have a human being on the other end of the line that knows the product well, communicates well, and will take the extra step to get your enterprise and employees secure. You don’t have to go through automated calls, ticketing, or several levels of technical support to reach the person with the knowledge you need.

Leave the government contractor-level pricing, contractual terms, and confusion behind. Don’t remain just a ticket number. Let Wavecrest focus on your business and your specific requirements. Talk to us today.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Your Employees and Their 917 Different Cloud Apps. Are You a Sitting Duck?

targeted duckEvery day someone in your company is using a cloud app. Actually, it is probably more like every minute. Let’s not go into the personal versus work devices on the company network, or whether it is Facebook or Dropbox they are using. Those details don’t really tend to matter when the access allowed is for your own business to decide. It is about the sheer number of cloud services and apps in use in the enterprise today, the visibility in knowing what they are, and the many employees who are left out of the conversation.

We hear managers talk about how it can’t happen to them. They have the best employees, and the discussion is unnecessary. It is already understood–they would NEVER do that! Or our favorite–big brother–the need to let your employees know you really trust them and respect their privacy by allowing them to do what they think they need to do on their own. But that’s not going to protect your business when malware hits or a breach happens . . . and the chances of these happening to you are growing exponentially every day, especially when you are not communicating security issues with your employees.

With all the headlines being about Shadow IT, malware, data loss, intrusions, and ransomware, you would think it would be a common workplace discussion. But based on some recent surveys, companies aren’t saying much internally.

Some numbers that may surprise you. What percentage of employees:

  • Have not been told the right way to download/use cloud applications: almost 60%
  • Have not been told risks of downloading cloud apps without IT’s knowledge: just under 40%
  • Have not been told how to transfer and store corporate data securely: over 40% !!!!

To keep things in perspective–studies are showing that on average, enterprises have 917 different cloud apps in use!

This is not a respect for privacy issue. It’s a security issue, for your business and for your employees! Keeping them in the dark does not show them respect or protect them, it makes them victims before anything even happens.

As technology gets stronger, we as individuals have more decisions on what we use to make our lives, including work, more efficient. But if you do not educate and communicate regularly about cyber threats with your employees, have real visibility into their Web usage, or have a clear, agile Acceptable Use Policy (AUP), you are basically a sitting duck.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

 

*Stats based on surveys from Softchoice and Netskope.