Published January 20, 2023
New River Computing recently hosted a panel discussion on security and cyber liability featuring the following panelists:
The panel was moderated by Jeff Nosenzo - Vice President of Brown Insurance.
If you missed out on the panel or want to revisit it, you can check it out in the video above!
Published December 15, 2022
As of November 28, 2022, PHP 7.4 is now past EOL (end of life) and is no longer receiving security support. So, what does this mean to you?
If you're a client whose website is hosted directly through New River Computing, no action is needed. All of NRC's hosted websites were updated to PHP 8.1 prior to the EOL date for PHP 7.4.
If your website is hosted through a 3rd party, New River Computing recommends reaching out to your hosting provider to confirm that your PHP version has been updated to a supported version (8.0 or higher).
If you are an NRC client and don't know whether your website is hosted through NRC or a third party, or you have any other questions about PHP 7.4 reaching EOL, feel free to reach out to us.
Published November 10, 2022
Even the smallest businesses are finding that online threats such as cybercriminals and data brokers are a real threat, making infrastructure security something businesses must invest in if they want to minimize their material risk. Infrastructure security refers to the layers of defense on your computers, network, and cloud services. It is also important to note that ongoing cybersecurity training is as important, if not more so, than the technical safeguards such as antivirus.
If your business hasn’t invested in cybersecurity yet, you’re putting your reputation at risk. Here are three ways you can make cybersecurity a priority to keep your business safe from online threats.
One of the main reasons online threats are able to penetrate a business’s security system is because of unrestricted access to computers on internal networks. Cybercriminals take advantage of these poorly secured computer networks to steal data, create persistent threats, and extort cash. Research by Kaspersky Labs found that average cost of a single breach thanks to ransomware, poor password hygiene and other factors is around $101,000 for small and mid-sized businesses.
The best way to avoid a breach is by making sure that each employee uses their own account and unique, complex passwords. Your company should also set up appropriate levels of access for employees so that only employees that need access to more important financial records, client information, or intellectual property can access that information. Also critical: Use multifactor authentication wherever possible.
Just like schools run fire drills, IT service providers should run simulated phishing and cyberattacks to keep companies and employees on their toes. Your business should engage with cybersecurity companies for vulnerability testing, in which professionals will attempt to find ways to access to your networks, computers, and cloud services.
It's important to keep software up to date so that it effectively defends against new threats. If you fail to keep your operating systems and applications updated, you’re running a huge risk. It’s like leaving your home or car unlocked: someone can walk in at any moment. There are new vulnerabilities being discovered every day, and your systems need to be up to date to fight against emerging threats.
Taking the time and effort to make cybersecurity a priority is the best way to ensure your businesses' online security. New River Computing offers an advanced security solution, Guardian Fortress to help reduce your company's material risk. Please contact us if you want to take the next step in your cybersecurity endeavors.
Published February 05, 2021
Many recent news reports have come out regarding a massive hack of the Solarwinds Orion IT asset management system. This compromise is unprecedented in scale and reach, and the fallout from it will reverberate throughout the IT industry for years.
Solarwinds Orion is one of many IT asset management systems (New River Computing uses one called Connectwise Automate). This software is great for managing a large number of IT systems, with the ability to provide security updates, monitoring, and many other functions from a single console, with the click of a mouse. These abilities make it an ideal target for a malicious actor – By owning a software system such as this, the bad actor in turn owns every company or agency that uses the software.
Solarwinds Orion was hacked from the inside, most likely because of poor security practices at the Solarwinds company. Once the hackers had the ability to change the Orion software, they added backdoor code to it that was then distributed to Orion customers, allowing the bad actors access to every network that uses this management tool.
Starting in March, as many as 18,000 companies and government agencies downloaded the malicious software – 425 of the Fortune 500 companies, 10 top US telecoms, the Pentagon, Departments of State and Treasury, and many others. This malicious backdoor software remained undetected for months, allowing the bad actors access to the infected network resources, data, and almost anything on a network that you can imagine. The backdoor code is so stealthy that many organizations may not ever know that they were compromised.
The attack was almost certainly perpetrated by a government – Russia, China, and the US all have the capabilities to achieve an attack like this, as well as many other state actors. This attack will have long lasting impacts, taking years to clean up, and changing IT management behavior.
Luckily, New River Computing did not use any Solarwinds software, and so we and our clients were not affected by this attack. Early in 2020, however, New River Computing looked around and realized that security was the top priority for our internal resources. The IT industry as a whole has spent the last few years improving efficiency of and driving down costs for rigorous asset management. But Security has been lagging behind, as evidenced by this attack. New River Computing will be spending 2021 and beyond improving access to top-notch security tools and techniques.
Please feel free to reach out if you have any questions.
Published March 19, 2018
OneDrive has just gotten better with the addition of "OneDrive Files On-Demand." This is a great feature that I'm extremely excited about and love using. It allows you to see your entire OneDrive, and access all the files and folders you store there, directly from File Explorer. However, this functionality used to be standard in Windows 8 (then called "Place Holders"), but for whatever reason and without warning, Microsoft took it away from us and in its place implemented a selective folder sync capability which was nowhere even close to comparable.
Now that it’s back, this new version, called Files On-Demand, Microsoft claims to have fixed all the issues that apparently plagued Place Holders (though I never experienced them) and it’s supposed to work better and faster than ever.
Here's how to get started:
If you're a OneDrive user (if not, you should be!), there's no good reason not to be using this feature. So, do yourself a favor and start using it now!