Show cyber threats who is boss in 2018.

Wednesday, January 24th, 2018

Last year went by so fast. In between everyone’s normal busy schedule, most of us had to deal with natural disasters of some kind. For us at Wavecrest, it was Hurricane Irma as well as an above average rainy season. For others, it was Harvey and Maria, as well as fires, flooding,  earthquakes, remnants of storms causing wind damage–the list last year seems to be endless.

2017 also brought on some notable cyber events with the Equifax breach as one of the top incidents. 2017 was definitely a year for the books. You may have also noticed a shift in the business digital threat protection messaging. We at Wavecrest noticed . . . because it shifted to what we have always focused on. People.

People are a big part of the cyber threats that take place in businesses. No matter how automated things are, there is always the aspect of human interaction–human vulnerability. Humans inherently have vulnerabilities. It’s not a fault of one individual over another; it’s not about how good your employees are. There is a point where a business owner, manager, or decision-maker has to come to terms with managing Web use for the sake of the business over “my employees wouldn’t do that” or “I trust everyone working for me.” It may be true that you have the most trustworthy employees, but mistakes happen . . . even to the best of us. Cyber criminals focus on the easiest route first to gain access to your systems. Many times this is the employee, or human, vulnerability.

So . . . the new year is here. What can be done to improve managing employee Web use? The key is to make sure you pay attention to the human endpoint because it is not always about a failure in the actual technology. The firewall is great but if you have a weakness with an authorized user, the hacker will get past the firewall. Defend the human endpoint.

Consider these as a starting point and build on each or all!

  • MONITOR YOUR EMPLOYEES’ WEB USE! Sorry. It had to be said. If you do not know what is happening, you will not be able to know why, when, or where it happened. And you will not be able to make an informed decision on how to stop it from happening again. Remember that many times the human error that allowed for a breach may have been habitual or reactive so the employee’s memory of how it happened may not be very clear. Make sure to have visibility into the actual Web activity.
  • Analytics. Really another part of monitoring but noted separately due its importance and the flexibility of what you should be able to view and analyze. Find a Web activity solution that allows you to see relevant, drill-down data when you need it. Trends, customizable charts, by user or group, and real-time information on activity and bandwidth use are all things you should be able to analyze easily. All will allow you to expose abnormalities in user activity, identify potential insider threat behavior, flag possible legal liability issues, assess trends for data breach exposure, and observe patterns for lost productivity.
    • Hits versus Visits. This one deserves a sub-bullet. Make sure the Web-use management solution you choose has clearly defined Hits vs. Visits. Hits consist of unsolicited traffic, such as ads, and are not a reliable tracking metric on its own. Visits give you uncluttered, relevant Web activity detail based on user clicks and are a critical component to understanding human behavior. The last thing you want to do is try and sift through a bunch of data that is not even really relevant to the employee’s actual Web activity.

  • Filter. Yup . . . another suggestion that has the “but my employees are awesome” stigma to it. BUT let me just remind you that this is something that will provide another layer of security from phishing, malicious Web links, and data loss. I got your synapses firing now, don’t I! Filtering allows you to block or restrict URL link clicks that an employee may not be aware are malicious. Hackers have become increasingly precise in how things look. Very convincing e-mails and Web links are not rare anymore; they are commonplace. It is not really all about making sure your employee isn’t streaming YouTube all day. Although that should be managed as well, it should all be under your control. Allow it, don’t allow it, throttle it, or open it all up. The solution you choose should allow you to do it all, in your own customizable way.

The point is that the human endpoint is still a leading way threats get into your network. It may be through phishing, a malicious ad, or use of a unsanctioned cloud application, or it may even be a human error such as the delay of updating software. Whatever the issue, you have to be as proactive as possible to protect your network. Educate your employees continuously, have a comprehensive Web activity solution in place, make sure your Acceptable Use Policy is current, make sure patch management is an active process, and hug your IT people regularly because they are usually some of the busiest and stressed people in your organization.

Here is to showing the cyber criminals who is boss in 2018! Happy New Year!

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Offering guest Wi-Fi is expected. Securing your guest Wi-Fi is required.

Wednesday, August 10th, 2016

Family-hotel-wifi-690x300

The family vacation–everything is packed. One suitcase for each family member, and one suitcase for all the devices! Of course your hotel offers guest Wi-Fi!

In the hospitality industry, offering guests Wi-Fi access has become expected. In fact, Hotel Chatter reported 94% of people cite Wi-Fi as the most important amenity, and 38% of those say no Wi-Fi is a deal-breaker and will book elsewhere!

Unfortunately, what happens on your guest Wi-Fi network can put your whole enterprise at risk, including all your other guests. A lagging Internet connection issue can frustrate and damage your relationship with customers, situations such as compliance issues or legal liabilities can damage your brand, and data loss due to malware from the guest network can cause enormous headaches from losing guests’ trust to financial damages and lawsuits.

Protect your business and guests with a strong enterprise Web security gateway with guest Wi-Fi protection, CyBlock Appliance. With your personalized captive portal message and your guests’ simple acceptance of your published Acceptable Use Policy, CyBlock Appliance guest network protection will allow you to:

  • Secure guests’ Web usage while on your network, no matter what device they are using.
  • Filter inappropriate or legal liability sites.
  • Restrict guests’ time online.
  • Run informative reports on their HTTP and HTTPS traffic.
  • Track and throttle bandwidth usage, and more.

All of this, without any noticeable delay in your guests’ Web browsing or work!

CyBlock Appliance is advanced threat protection hardware that includes tools to manage guest Wi-Fi, reduce the risk of Web-borne threats such as malware and ransomware, avoid bandwidth slowdown, and more.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit http://www.wavecrest.net.

Wavecrest Computing Provides the Best All-around Customer Experience in the Web Security and Web-use Forensic Markets

Friday, March 7th, 2014

Wavecrest Computing is the recognized leader in the Web security and Web-use forensic markets. We directly address our clients’ needs with over 17 years of experience developing and supporting Web Security and forensic solutions. We believe delivering the highest quality product at the industry’s most competitive pricing is fundamental to our success. Wavecrest is also proud to provide the best in-house, U.S. based technical support in the industry. Our customers know that they will receive courteous, personalized attention when they speak with our knowledgeable and skilled personnel. We are committed to making sure each and every customer has a successful experience using our products.

A long-standing customer, Karleen Carlson of Van Diest Supply Company, agrees. “When I seek out a company to provide a product or service, I want it all — a great product, a great price, a salesperson that is responsive and treats me like I am their only customer, and technical support that is intelligent, easy to access, and easy to understand. Wavecrest meets all of these criteria. We have used Cyfin, CyBlock ISA, CyBlock Software and CyBlock Cloud. Each of these products met our needs at a fraction of the cost of what the competitors are offering. Any pre-sales questions we had were answered promptly, and the Wavecrest technical support ranks in the top 5% of all technical support I have worked with in 29 years of being in IT.”

We know you will end up agreeing as well that ‘The Wavecrest Way’ is the right way. To gain a fuller understanding of Wavecrest’s product selection, we invite you to contact us personally or to take a moment to visit our Web site and download a product for a free evaluation. Our Technical Support Services are here to help throughout the evaluation process.

New User Interface Now Available in CyBlock/Cyfin Release 9.0.4

Monday, March 3rd, 2014

We are excited to announce the availability of a major release with a redesigned user interface and enhanced functionality in our products – CyBlock Software, CyBlock Appliance, and Cyfin. Some of the highlights of the enhancements are listed below within the new menu structure.

  • Rebranding
    • CyBlock Proxy has been renamed to CyBlock Software, and Cyfin Reporter to Cyfin.
    • Product version numbers have been consolidated, and all products now have the same version number.
  • Logon
    • A more secure logon is available. After logging on with the default password, you will be required to change your password on the Change Your Password screen. If you forget your password, a “Forgot password” link is available to reset your password to the default.
  • Menu Structure
    • Web Management (CyBlock). In this menu, you will find the Filtering features, such as Control Web Categories, Web Content, and Web Search, and Web Blocking Message. Bandwidth Management and the Client Download and Install screen for CyBlock Appliance are also in this menu.
      • You can now customize your blocking message using a Message Editor embedded in the interface. Previously, your HTML file would have to be modified outside the product. A Restore Default button allows you to revert to the Wavecrest default blocking message.
    • Data Management. This menu covers the screens for setting up, viewing, and revalidating log file data. The screens for enabling and configuring settings for the Report Database are in this menu as well as the screens for importing, viewing, and deleting the data.
    • User Management. This menu covers all aspects of managing users including adding groups and IDs, setting up and importing users from Active Directory, importing users from a text file, adding administrator and operator logon accounts, and authentication.
      • The Change Your Password screen lets you change your password at any time and requires your password to meet certain criteria.
    • Categorization. This menu contains all screens associated with the Wavecrest URL List including changing the location, downloading the list, checking the categories of URLs, adding custom categories, and selecting categories to display on reports.
    • Real-Time Monitors (CyBlock). In this menu, you will find the protocol (CyBlock Appliance), Web, and bandwidth monitors.
      • The Real-Time Web Monitor includes new options to display authentication challenge (407) requests and wrapped URLs. The settings and controls are now also available in a toolbar and can be changed while the monitor is gathering data in real time.
    • Reports (CyBlock Software and Cyfin). This menu covers running Dashboard Top and Trend charts, creating different types of reports, and viewing sample reports. The ability to customize or schedule a report has been consolidated with creating a report giving you a streamlined way to manage reports.
      • The Dashboard Top Coached Report is now available in CyBlock Appliance.
    • System Status. This menu covers system information that is intended for administrators’ use, such as server status and information, filter status (CyBlock), job queue, and policy reports.
      • New screens allow you to see array communication messages, dates and times of the URL List and product updates, product event errors and messages, and profiling information. The event and profiling logs are used by Technical Support for troubleshooting purposes.
    • Settings. In this menu, you will find those features that usually require a one-time setup, such as license information, product admin e-mail address, PAC file, SSL certificates, SSL inspection, array setup, memory settings, and report options.
      • (CyBlock Appliance) The Web Redirects screen allows you to redirect HTTP traffic from port 80 to port 8080 and also exclude IP addresses from being redirected.
    • Help.  Along with product documentation, Support screens, and contact information, the Help menu now contains the Category Descriptions and Check for Product Updates screens.

To see the full release notes for your product, visit our Support Web site. You can download the latest release by going to the Administration – Product Update screen in your Cyfin or CyBlock product.

For additional assistance, please contact us.

What’s Hogging Your Company’s Bandwidth? Causes for Slow Network Speed this Holiday.

Friday, December 2nd, 2011

If you haven’t noticed, online holiday shopping lasts well beyond Cyber Monday.  According to a ComScore report, after the 2010 holiday shopping season, more than 85% of Americans online visited a retail site in December of last year.  Employees shopping online at work are likely causing critical applications, like Voice over IP (VoIP) and video conferencing, to perform poorly if at all.  The last thing you and your company need is network latency or slowdowns due to non-work related online activity.  Many of our clients are seeing a spike in bandwidth usage from shopping websites and have quickly taken measures to filter browsing to that category.  Which sites consumed the most bandwidth for your company this month?  Determine what factors are impacting your network speed before you decide to purchase more bandwidth – an expense that could be avoided with the right tools and a bit of discipline.

With 19 different types of highly customizable employee Web-use reports, Cyfin Reporter offer insights as to which types of traffic consume the maximum volume throughout the workday.  Monitor, filter, and report over 500 million Web pages in 74 categories and set throttling thresholds for sites that are slowing your company’s Internet speed with CyBlock Proxy.  Now is the time to address your poor network performance, slow applications, and bandwidth congestion.

We’re so sure you’ll benefit from our solutions that we offer a free 30-day product trial. Both products provide quantified data to help IT personnel keep track of bandwidth utilization by users as well as by type of usage (appropriate versus not so appropriate). After you’ve downloaded our products, take advantage of the User Comparison Trend Chart to detect unexpected spikes that could indicate excessive bandwidth or Web use.  Then review your Top Sites Bandwidth Chart (example seen below) and find out which ten sites are consuming the most bandwidth or had the most hits or visits for the time period you specify.

Top Sites Bandwidth Chart

 

Top Sites Bandwidth Chart for both Cyfin and CyBlock

Online Holiday Shopping Can Cost Your Business More Than Time

Tuesday, November 22nd, 2011

Online Shopping Risks

Cyber Monday is no more – in an uncertain economy, post-Thanksgiving online holiday shopping has increased since coined in 2005 and now lasts for one month with more than 50% of all online spending taking place during working hours1.  What does this mean for your business?  A large decrease in employee productivity, a boost in bandwidth consumption, and one of the most popular times for cybercriminals to attack your secure data.

Lost productivity can mean big bucks for your company, reducing employee output to a mere 60%2.  A survey by CareerBuilder states that more than half of the 4,000 respondents polled intend on shopping online while at work with one third of those planning for more than one hour each day, in addition to the two typical hours daily already reported by respondents (time excludes lunch hour and scheduled breaks).  If you do not have a Web-use policy or Internet Acceptable Use Policy (AUP) in place, one is necessary to help report, monitor, and prevent employee Internet abuse in addition to protecting your company from legal liability.

Downloading malware is another risk as employees use the Internet for personal reasons. Spyware and malicious code are big threats to company networks as they can consume bandwidth and compromise security.  Recent studies show that company networks are being infected with spyware and malicious code most often through employees surfing the Web; with the holidays increasing that risk, these threats make it imperative for companies to enforce an AUP to protect their networks. Wavecrest Computing suggests that companies monitor and/or filter employee Web use in order to better protect themselves from security threats. In addition to the inherent risks associated with hacking your online security – loss of company reputation, destruction of company data, and the downtime employees face while systems are restored – the costs to mitigate attacks are extraordinary and rising each year.  This year, U.S. companies are expected to spend more than triple the costs spent in 20063.

To ensure these threats do not happen to your company this holiday season, run through our checklist and remember to check it twice!

  • Install all applicable system and program updates to avoid malware from infiltrating any system frailty that could have easily been patched with an update.
  • Create a Web usage policy and clearly communicate it to your employees.
  • Be cautious prior to clicking on links to different websites particularly those found on social networking sites as they’re often a hotspot for malware.
  • Avoid the use of pirated / illegal software as many contain malware.
  • Never open email attachments from unknown senders and make sure to scan attachments you do decide to download.
  • Make steps to consistently back up your computer in the case that malware wipes your hard drive clean.
  • Monitor servers and security devices 24x7x365 for security issues and require preventative actions be taken on security threats in real time – this is where we come in!

CyBlock can be set up to block Web access by categories and by hour so employees can access shopping sites on their lunch break or after hours. This approach can help sustain morale while minimizing the risks associated with online shopping.  With Cyfin, you can monitor employees’ Web use to ensure that Web-use policies are followed or that unwanted spyware or malware is not downloaded as a result.  Let us guide you to a safer, more reliable, robust security solution with exceptional support at an unbeatable price!

Sources:

1http://blog.comscore.com/2011/11/cyber_monday_work_computers.html

2 http://www.wavecrest.net/editorial/costsavings.html

3http://money.cnn.com/galleries/2011/technology/1107/gallery.cyber_security_costs/index.html?iid=EL

 

More Cyber Monday Shopping Expected This Year

Wednesday, November 26th, 2008

Cyber Monday is just around the corner, and this year, almost 84 percent of online retailers are planning Cyber Monday promotions.  Cyber Monday takes place the first Monday after Thanksgiving (December 1), i.e., the first day employees are back to work.  Last year, Americans made hundreds of online purchases and spent $733 million on Cyber Monday.

This year will not be any different, and in fact, more shoppers will probably be looking for online deals on Cyber Monday.  A survey conducted by BIGresearch found that 70 percent of young adults 18-34 with Internet access will shop at work.

Cyber Monday shopping and holiday shopping are huge productivity wasters for businesses.  Wavecrest’s products can help you block online shopping at work.  You can monitor and/or filter Web use with your Cyfin or CyBlock product by category, e.g., shopping, entertainment, sports, etc.  Wavecrest’s CyBlock products also allow you to block Web access by hour so that you can allow employees to access shopping sites on their lunch break or after hours.

2008 Summer Olympics: Bandwidth and Productivity Concerns for Businesses

Tuesday, August 5th, 2008

The start of the 2008 Summer Olympic Games are right around the corner, and this year, NBC plans to stream 2,200 hours of live events on NBCOlympics.com.  This may cause several network problems and productivity losses for businesses. To give you an idea of how much bandwidth a video can eat up, an episode of “The Simpsons” uses about 25,000 kb.  This can cause major problems when you multiply that by several employees at one time. 

Whether you’re concerned about productivity, bandwidth or both, your CyBlock or Cyfin application can be used to help you filter and/or track Web access the NBC Olympics site. The site http://www.nbcolympics.com is included in the category Sports but can also be filtered or monitored separately by placing it in a custom category if you don’t want to block the entire Sports category.  Or, you can choose to just block video from the Web site by placing the URL http://www.nbcolympics.com/video/index.html in a custom category.  Dont’ forget that you can also use the hourly blocking option if you want to allow employees access to the site during lunch and after hours.

To use custom categories, simply go to Advanced Settings – Category Setup – Edit URLs.  Simply select the custom category you’d like to use, and type in the URL(s) you’d like to filter or monitor.  For Cyfin users and those that decide to just monitor Web use of NBCOlympics.com, you can run a Category Audit Report on the Custom Category that you created to track that site.

Finding System Information for CyBlock or Cyfin

Friday, July 18th, 2008

There’s a quick and easy way to get system and configuration information on your CyBlock or Cyfin product.  Just go to Help – System Information – Server Information on your product’s menu, and it will take you to the Server Information screen, which gives you the:

  • License Information
  • Number of Data Configurations (CyBlock ISA and Cyfin Reporter)
  • Install Directory Path
  • Communication Port
  • Memory Usage
  • URL List Configuration
  • Email Configuration


You will also find your various directory configurations on this screen for your Scheduler Directory, Email Reports and more.  This is a great screen to check out to find out how much available memory you have, if the URL list is properly configured, and where your configuration files are located.