Author Archives: admin

Always question the “all-in-one solution” solution.

camperized-wagon

Surveys and statistics still tell us that one of the most important things a business can do is see what is going on within their business. In the past, a business owner or manager could visually see productivity, equipment misuse, or when they were vandalized. Now we rely on digital devices and clouds to handle so much of how our business is run that it is impossible to rely on hands-on owners or managers to see any issues.

When you did your security research, you were most likely reminded that one device or solution will not solve everything. The main takeaway from those reminders–be leery of the product that says it will. Most businesses, big or small, need layers of solutions to truly protect their assets. The problem that is now arising is that big box companies are selling what they like to call an all-in-one solution. This is a fallacy. One solution is not going to cover all your threats from outside or inside the company. They may offer some version of a lot of different things, but we all know that businesses have focused goals. For many of the larger companies, it is to sell large hardware packages such as a firewall that comes with add-ons.

Okay, so we should all know . . . you need a firewall! But when they tell you to give up your focused URL filtering reports because they have one built-in, think twice before you sign on thinking you are getting the same capabilities. They do not specialize in these included or add-on features. The feature they provide will give you a minimal amount of dry, flat, and unresponsive tools. Yes, you have their firewall and that is a good thing, but question whether you can really use what they provide for the security beyond firewall functionality. Today, security is not just about the firewall.

Things to always check for when reviewing included or add-on solutions:

  • Drill-down, forensic-level reporting detail.
  • Interactive features by user, group, category, etc.
  • Manager portal to get managers the information then need without having to schedule time for IT.
  • Comprehensive and current URL categories, including designated cloud services.

Do not believe you have to settle for what is included in your all-in-one package. Wavecrest Computing’s advanced employee Web-use monitoring & analytics solution, Cyfin, will provide clear, detailed, and interactive reporting with automatic log file analysis and detection to work with virtually any gateway device and log file format including Palo Alto, Check Point, Forcepoint (Websense), SonicWALL, WatchGuard, and more.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Think defense.

ransom

Ransomware has the annoying characteristic of sneaking up on you. If you aren’t prepared, you may as well pay the ransom. Why? Because being prepared for loss of data is not at all difficult. First off–think old school . . . BACK UP, BACK UP, and BACK UP! This first very important step is that simple.

Think about what you do on your devices today, professionally or personally. We now live our lives in this digital environment. It is likely your use of technology has increased, even in the past year. This puts all of us at risk. Not just on our desktops either. Wired.com reports “these days ransomware doesn’t just affect desktop machines or laptops; it also targets mobile phones. Last week news broke of a piece of ransomware in the wild masquerading as a porn app. The so-called Porn Droid app targets Android users and allows attackers to lock the phone and change its PIN number while demanding a $500 ransom from victims to regain access.” Not many people could function today without access to their phones. Businesses are becoming more and more friendly to mobile devices as well. All this data floating around just makes it more appealing to hackers.

Where do we go from here? Back . . . back to backing up. Get that portable hard drive back out, dust it off, and use it. Yup . . . I did say that. Back it all up. Of course, for businesses it is more complex (and critical). But that is what cloud storage services are for. My only recommendation when it comes to off-site backups? Use more than one service. This way if anything does happen to your access to one backup, you will still have access to another. Inserting stern warning here: Do not store your passwords on your devices or in your backups unencrypted. If a hacker can access and lock up your systems, then he can find your passwords and have a go at them as well, including access to your backups.

Protect your business. Train your employees about new threats and monitor what is happening. Information is a gold mine–get visibility to see where your employees are going and then make some decisions that can protect your business. Ransomware can hit you through just a link in an e-mail. Make sure you have a solution in place that will help stop access to malicious Web sites.

We need to rethink the way we operate. It is just a shift, and if you just do it now, then you won’t be alarmed when you do get hit. Sadly, chances of a business being victimized by cybercrime are becoming more and more likely. Be prepared. And please, don’t let them win. The Internet has opened up so many opportunities for us and generations to come. Singapore is a perfect example of letting hackers win. They are moving to shut down Internet access for government computers, “from May next year and affect about 100,000 computers in use in the public service in the city-state, local media said.” (Reuters)

Do you think giving up Internet access will solve cybercrime?

We can help you find a better way.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Productivity in a Time of Endless Distractions

time online image

Employees have access to all kinds of digital distractions every minute of the day. So, businesses have to make a decision what is acceptable for Internet use when employees are on the clock. This decision can be hard. There are many who think of privacy issues, not wanting to deter human interaction, or who even have a “my managers watch over their employees so I leave it to them” thought. The only real problem is . . . it’s your business that will suffer if Internet-usage privileges are abused on a regular basis. Bandwidth slowdowns and productivity loss, not to mention increased malware risk, can have a substantial impact on your business. No matter which decision you make for your business, you still need to know what is happening to keep your company, your data, and your employees secure and productive.

You need visibility. If you keep up with our Wavecrest posts, we tend to emphasize this point a lot. Why? Because it is a crucial business tool for today’s digital workplace! You have to know what is happening in your business and on your network so you can make informed business decisions. In this particular case, you need visibility into employees’ time spent online.

Wavecrest Computing’s Time Online feature provides the time that a user spends on the Internet in a useful and informative format with easy-to-interpret charts. Find out which users spend the most time online, spot spikes, and analyze usage for productivity issues or potential bandwidth hogs. Each business is unique and your Internet-use policy should fit your specific business needs. Find the visibility necessary to keep productivity high and mission-critical operations running smoothly, with Cyfin and CyBlock solutions from Wavecrest Computing.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Have even more visibility with Wavecrest’s new comparison feature!

compare-contrastWavecrest is pleased to announce an informative new feature that is now included with the latest versions of CyBlock and Cyfin. Now you can compare Web activity trends in selected date ranges to find anomalies or spikes in usage, compare series activity by metric such as Visits, or view the percentage change in activity from the previous to the current period.

The more visibility you have into your company’s Web activity, the more informed your Web-use decisions are. Each business is unique–you make the decisions on what is acceptable or not! Determine these policies, add them to your enterprise Acceptable Use Policy, and proactively protect your business, your data, and your employees.

reportsDashboardTrendUsersCompare

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Potential Victims to Very Smart Thieves

cat paw stealing cookie

Employees need to know what their employers’ philosophy is behind technology. Does my employer want me to use whatever app I choose? Can I just store and share work information where it is most convenient for me? Will my employer listen when I explain how much my cloud app does to improve my workflow? If you as the employer listen, you could save your business from an incident or a serious breach.

It is amazing that the news is filled with data breach, data loss, ransomware, and spear phishing, and yet many businesses still think they are immune from an attack. If you are connected to the Internet, you are a highly susceptible victim. Do not take this to mean that you should not run your business with the highly efficient and collaborative tools that cloud services offer. It just means think and act to protect your enterprise assets and employees.

Let’s first cover where a major number of incidents start. Your enterprise weakness . . . the employee. It doesn’t matter if you have the best employees in the universe, they are human. Hackers perfect the way they attack; that is their job. They have become so good at what they do that good employees send out W-2s, transfer millions to banks in foreign countries, and hand out their logon credentials without question.

Now let’s talk about what you can do to help your employees to not become victims.

  • Educate them; make them a part of the process. Communicate. It is everyone’s fight.
  • Go ahead and make your most techy employee an honorary go-to person for others with questions.
  • Gain visibility with proactive monitoring tools. Trust me–this is not an employee privacy invasion. You need to know what is going on first; then make informed decisions.
  • Make sure there is a process in place for an employee who questions something. Make the process part of your Acceptable Use Policy (AUP).

And then the important basics we all know, but are worth repeating . . .

  • Back up regularly and make sure your recovery process is tried and true. Think ransomware attack recovery, so keep it where you can get to it but others can’t.
  • Patch – There is no longer an option to do updates. Many are for security, so just do it and do it consistently. It’s patch management, not patch whenever.
  • Passwords – Maintain, manage, and get creative. Use a password manager if needed.
  • Off-boarding – Make sure to purge all credentials for ex-employees or contractors. How do you know if they are still there? Monitor!!
  • Layered security – Get a firewall, but don’t expect all-in-one add-ons to be impressive. For example, don’t expect the firewall Web-use reporting feature to provide comprehensive and interactive reporting capability. Invest in the solution that means serious employee Web-use reporting business–no more wishy-washy reports that are useless.

Think and act to protect your enterprise assets and employees. Take some time to communicate with your employees about the exploits that they may fall prey to. It is not their fault; they are not an “insider threat” but a potential victim to very smart thieves.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Feeling neglected? Let’s fix that.

article-5-photo

It seems the newly named Forcepoint has finally settled into the company they planned since the Raytheon acquisition of Websense. As a Websense customer before the acquisition, are you feeling a bit neglected now? In this new corporate culture, are you finding it difficult to get a hold of technical support or that customer service is not there when you need them? Could it be that their focus is more on the larger Raytheon cyber security customer base than on their Websense customers? Whichever the case, your business is the one that suffers. Stop spending your precious time on working through multiple levels of bureaucracy to get what you need.

Wavecrest has comprehensive, agile, and reliable solutions for your employee Web-use security and analytics needs, ranging from software and hardware deployments to cloud and hybrid deployments. No matter your business size, industry, or distributed workforce, Wavecrest has a solution for you.

Retaining a positive SMB mentality, the Wavecrest team believes strongly in one-on-one communication with prospects, customers, and partners. When you reach out to us, we have a human being on the other end of the line that knows the product well, communicates well, and will take the extra step to get your enterprise and employees secure. You don’t have to go through automated calls, ticketing, or several levels of technical support to reach the person with the knowledge you need.

Leave the government contractor-level pricing, contractual terms, and confusion behind. Don’t remain just a ticket number. Let Wavecrest focus on your business and your specific requirements. Talk to us today.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Your Employees and Their 917 Different Cloud Apps. Are You a Sitting Duck?

targeted duckEvery day someone in your company is using a cloud app. Actually, it is probably more like every minute. Let’s not go into the personal versus work devices on the company network, or whether it is Facebook or Dropbox they are using. Those details don’t really tend to matter when the access allowed is for your own business to decide. It is about the sheer number of cloud services and apps in use in the enterprise today, the visibility in knowing what they are, and the many employees who are left out of the conversation.

We hear managers talk about how it can’t happen to them. They have the best employees, and the discussion is unnecessary. It is already understood–they would NEVER do that! Or our favorite–big brother–the need to let your employees know you really trust them and respect their privacy by allowing them to do what they think they need to do on their own. But that’s not going to protect your business when malware hits or a breach happens . . . and the chances of these happening to you are growing exponentially every day, especially when you are not communicating security issues with your employees.

With all the headlines being about Shadow IT, malware, data loss, intrusions, and ransomware, you would think it would be a common workplace discussion. But based on some recent surveys, companies aren’t saying much internally.

Some numbers that may surprise you. What percentage of employees:

  • Have not been told the right way to download/use cloud applications: almost 60%
  • Have not been told risks of downloading cloud apps without IT’s knowledge: just under 40%
  • Have not been told how to transfer and store corporate data securely: over 40% !!!!

To keep things in perspective–studies are showing that on average, enterprises have 917 different cloud apps in use!

This is not a respect for privacy issue. It’s a security issue, for your business and for your employees! Keeping them in the dark does not show them respect or protect them, it makes them victims before anything even happens.

As technology gets stronger, we as individuals have more decisions on what we use to make our lives, including work, more efficient. But if you do not educate and communicate regularly about cyber threats with your employees, have real visibility into their Web usage, or have a clear, agile Acceptable Use Policy (AUP), you are basically a sitting duck.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

 

*Stats based on surveys from Softchoice and Netskope.

Do You Have the Necessary Enterprise Cloud Services Visibility?

img_cloud_computingToday, cloud services are the way businesses run. Collaboration among employees, file sharing, data storage, and even accounting are accomplished via cloud services. There are very few businesses left that use absolutely no cloud services. It is just a fact that we all live in a world with data spread out everywhere, at speeds we could not even fathom ten years ago. Hence, the concept of Shadow IT, Shadow Data, and Shadow IoT (Internet of Things) are becoming more commonplace terms. All of these are basically variations on employees using services and devices outside of their IT department’s knowledge. What does it all mean when running your business? Two questions . . . do you know what cloud services are being used and where your data is going?

Visibility . . . a key element for enterprise security. Knowing what cloud services your users are accessing is detailed visibility that a business can’t live without. Unsanctioned cloud applications and services can expose the company’s network and data security to a long list of serious threats. The IT department knows managers want the Web-usage visibility too . . . without the rest of the “visual noise” and meaningless information (to them, at least). They want detail on what employees are doing with cloud services, and they want it easily accessible, interactive, understandable, and meaningful.

It is time to take a good look at what’s being used to monitor and control your employees’ cloud services usage. Make sure you have a Cloud Access Security Broker (CASB) solution that gives you the critical cloud services management tools you need. Learn more about how to Detect, Analyze, and Manage Cloud Services in the Enterprise.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

 

Let the games begin!

ball

Once again, it is time for some basketball! Every year at this time, bandwidth hogs, productivity losses, and malware catch our eye. But the business world has become more accepting of personal device use and personal time on corporate devices. It is up to each business to design an Acceptable Use Policy (AUP) that works for them. So as this year brings on the games we wait all year to watch, taking a look at what we should expect for March Madness viewing numbers and working in some refresher employee training are key to making it through the season.

Watching March Madness on mobile devices was big last year but no matter the device, your network has the potential to get bogged down or pick up malware. Just check out these NCAA viewing stats from 2015:

  • 2015 set all-time records with 80.7 million live video streams and 17.8 million hours of live video consumption.
  • Record-setting live video streams were up 17 percent over 2014, with hours of live video consumption up 19 percent vs. 2014.
  • Mobile consumption also surged with live video streams and hours of live video consumption both up 20 percent over 2014.

Now is the time to prepare for even higher amounts of viewing this year. Whether game watching at work is acceptable at your company or not, your business still needs to function smoothly. Make sure you have bandwidth management in place and be proactive on the distribution of these resources. Set bandwidth usage thresholds so that game watching does not freeze up mission-critical operations. If you don’t have a bandwidth management solution in place that allows you to set multiple thresholds with alerts, it should be something to seriously consider. Even during normal business days, you can have bandwidth hog issues that could affect critical business operations.

Malware tends to spike during March Madness as well. Random clicking can be devastating to your business. Make sure you have protections in place. Refresh your employees on your current AUP, remind them about phishing techniques and ads that are almost too enticing not to click, and be proactive by having a comprehensive solution in place that blocks access to malicious URLs.

Prepare to secure and protect your network and mission-critical operations before the games begin, and March Madness season will be enjoyable for everyone!

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Wavecrest Continues to be a Valued GSA-Approved Vendor

Contract_Holder_StarMark

 

Wavecrest Computing has once again been awarded a renewal for a GSA Contract. Our first award was in 2000, and now we are proud to be renewed all the way to 2021!

Since 1996, Wavecrest Computing has been a global leader in employee Web-access security and Web-use monitoring and analytics solutions, with scalable filtering and reporting analysis, forensic data tools, and products designed to enable organizations with today’s distributed workforce to successfully address cyber threats.

Our clients include:

  • National Archives
  • Superior Court of California
  • U.S. Computer Emergency Readiness Team (Homeland Security)
  • U.S. Department of Veterans Affairs
  • Florida Department of Health
  • New York City Department of Buildings
  • Georgia Department of Transportation
  • Defense Logistics Agency
  • U.S. Department of Justice
  • National Ground Intelligence Center
  • U.S. Army

Wavecrest’s CyBlock and Cyfin solutions are built with today’s unique business in mind, offering comprehensive cloud services management and visibility into Shadow IT and insider threats, as well addressing legal liability, workforce productivity, and Web security threats such as malware and phishing attempts. We offer multiple deployments that include Cloud Access Security Broker (CASB), Cloud, Hybrid, Software, and Hardware deployments that fit any business type or size. Wavecrest Computing is headquartered in Melbourne, Florida, U.S.A.

For more information on the company, products, and partners, visit https://www.wavecrest.net or follow us on LinkedIn, Facebook, and Twitter.