With the gravitation towards all things cloud, understanding the role a global network plays in all layers of connectivity is crucial, especialy for the financial sector where firms rely on low-latency and seamless access to counterparties across the globe.
So, as we often like to do here on the Hedge IT blog, we turned to the experts.
Mike Abbey is the vice president of network services here at Eze Castle Integration. He joined the company in 1999 and is currently responsible for ECINet, our global carrier class network platform. Mike also provides design consulting and best practice audits on fault tolerance and scalable optical, Ethernet, and IP-based networks, from single and multi-site domestic networks to multi-site, global deployments. He is a graduate of Binghamton University.
Q. Mike, what are you hearing from clients regarding networking and Internet services?
A. To be honest, most hedge fund managers don’t have the time – and don’t necessarily want – to grapple with the complicated intricacies of securing and maintaining an enterprise-class network or Internet service. That’s where my team and I come in. We help simplify this process for our clients using Eze Castle’s ECINet global private network.
After scouring the Internet, here’s a list of why we think some people are getting excited for the return of this ‘old school’ device.
The following article originally appeared in HFMWeek's Cyber Compliance Focus.
It’s not enough to have strong security policies. And it’s not enough to have robust technologies in place to ward off cyber threats. In truth, it’s not even enough to have both of these.
An effective cybersecurity program, rather, can only be achieved through a consistent and comprehensive strategy that touches layers across the entirety of the organization – from perimeter security and access control to policy enforcement and employee training. Without each of these building blocks, the effectiveness of a cyber risk management program is crippled at best.
And today’s standards for cybersecurity are increasing rapidly.
We educate our clients all the time about how to keep their organizations secure and mitigate against insider and outsider threats. But one area of security often overlooked is that of the home office – and the home itself on a larger scale. With new technologies constantly being released – and many of today’s devices linked via the Internet of Things (IoT) – the likelihood of being hacked or having private information stolen also increases.
Emerging ‘smart’ technologies such as Amazon’s Echo and Google Home are making their way into many homes, making it simple to find for users to stay up-to-date on the latest news, ask for directions, or hear tomorrow’s weather forecast. The Echo’s voice assistant, Alexa, for example, can complete advanced tasks such as turning on lights and changing the temperature of your home.
But what if these technologies are jeopardizing the inherent privacy of your own home? Let’s take a look into the future.
Public Wi-Fi networks are incredibly convenient and can be a great resource for airport layovers, coffee shop meetings or lengthy train commutes, but alongside convenience are a host of unnecessary risks. On open, unsecure networks, information is generally unencrypted, meaning with the use of a wireless network analyzer, it’s fairly easy to see what others are up to. What attackers try to do is intercept the communication between your computer and the computer you are sending information to so that they can gather useful information. A hacker, for instance, can see what webpages you’ve visited and what credentials you’ve entered into forms.
Common attacks that occur on public Wi-Fi include:
Man-in-the-middle attacks (MITM)
Attackers will set up their own network between your computer and the computer you are connecting to so that all the information you enter is first routed through their device.
As we prepare our turkeys for Thanksgiving and retail stores of all shapes and sizes prepare their inventory for Black Friday and Cyber Monday sales, cyber criminals are preparing their attacks. Your inboxes are likely already flooded with the newest and most popular deals for this holiday season, but while we all prepare to shop til we drop, it is important to practice safe computing practices while you are out-of-office and in the stores.
Here are some popular scams to watch out for this holiday shopping season:
Phishing emails pose one of the biggest threats to shoppers during the holiday season. Cyber criminals may be spoofing retailer emails with blowout deals on the best toys for your family, and one click on a spoofed email could result in malware or a virus installed on your computer. Another email spoof could appear to be from one of your frequently visited retail sites and ask you to enter personal information to either confirm a purchase or verify payment. To avoid handing your sensitive information over to hackers, be sure to check the sender and any links in emails before opening or taking action on any suspicious emails.
Email isn't the only way hackers can spread the season's "hottest deals". Another new scam being used to gather banking and payment information is phishing texts. Your phone will receive a fake text message asking to verify a payment due to irregular activity. The text will provide you with a number to call and secure your account. Once you call this number you will be asked to verify your home address and social security number for identification. Amidst the flurry of your Black Friday or Cyber Monday shopping spree, you could get tripped up and provide a hacker with all of the information that he/she needs to steal your identity, access your financials or worse.
The Internet of Things (IoT) is what allows us to connect all of our devices to the Internet - these devices that we use every day to make our lives easier, more efficient and, most of the time, safer. IoT devices can be usually be monitored or controlled from a remote location. For example, we use baby monitors and cameras to watch over our kids and houses, apps to control the temperature and lights in our homes, and webcams chat with long-distance friends or conduct business meetings and interviews. Although there are enormous benefits to streamlining and connecting these devices across both business and personal settings, the Internet of Things can also pose a real threat to the security posture of both an individual and an organization.
Like the recent DDoS attack which brought down major sites such as Twitter, Reddit and Netflix, sophisticated hackers can take advantage of these everyday IoT devices to gain access to networks and sensitive information. For example, hackers can release malicious malware onto the Internet that looks for vulnerable devices, including IoT devices. Once a device or devices are detected, the malware is then able to get into the network and cause disruptions, potentially leading to users losing control of functionality, shutting down of websites, or theft of information.
One concern is that when developers design IoT devices, they often overlook the software needed to protect consumers. In many cases, they may be more concerned with functionality, design and the value said device will bring to users. IoT devices are easy to attack because they usually connect to the Internet by default and use stock code from open source software. Developers also can’t assume that consumers know the risks they face when using IoT devices. While robust security features, such as firewalls, can't truly be installed within IoT devices themselves, in the future designers need to pay closer attention to security to prevent devices from becoming easy targets.
Last month, BlackBerry introduced its final smartphone to the market, signifying the company’s strategic shift to focus on software. While Apple’s iPhones and Google’s Android devices continue to dominate the market, BlackBerry will finally pull back and remove itself from the competitive device landscape.
And while its last entrant to the race, the DTEK60, has much to offer in terms of encryption technology and security software, the outlook remains grim. To many, this has, perhaps, signaled the beginning of the end for BlackBerry. Thus, we take a glance back at what was once a hugely successful enterprise:
September 1996 – Research in Motion/RIM introduces its Inter@ctive Pager 900, a two-way paging device.
January 1999 – The first device with the name “BlackBerry”, the BlackBerry 850, hits the market as an email pager.
June 1999 – BlackBerry Enterprise Server (BES) is released for general availability. BES, at its height, was the de facto operating software solution for enterprise handheld communications.
With October being cybersecurity awareness month it is an important time to ensure your firm and employees are aware of and using best practices, and security policies and procedures. Risk mitigation is needed to protect both the firm and its employees from savvy hackers and attacks. Data breaches continue to wreak havoc on businesses, and the cost is continuously rising. According to the Ponemon Institute, the total average cost of a data breach is now $4 million, up from $3.8 million in 2015. Hackers have everything to gain while your firm bears reputational and operational harm.
While companywide policies should reflect long-range expectations and corporate best practices, they should also include tactical recommendations that employees can follow to ensure they are complying with the company’s overall risk strategy. To get started here are just a few pieces of advice we offer our investment firm clients and remember to not only inform employees on what to do, but also what not to do.
The new Apple iOS version 10, that was released today, delivers some cool new features but before jumping in we recommend you review the following upgrade steps.
Here’s why. As with any major update, there can be risks associated with early adoption until issues are uncovered and Apple has the time to debug and fix them. Eze Castle Integration has learned of some significant potential issues including risk of data loss due to incompatibilities with mobile device management (MDM) applications.
So here’s a critical to-do list before starting the iOS 10 upgrade.
FIRST - BACKUP
Backup your device. Always take a backup before updating your device.
1. The best way to do this is via WiFi at night when the device is also plugged into a power source (computer or electrical outlet). iCloud will back up your device on its own if configured correctly and provided you have enough storage. To ensure this is occurring, launch the Settings App -> iCloud -> Backup and see what it says next to “Last Backup:”. If it only states a time, then it means it backed up today and no further action is needed. If it says a date, you can back up the device by clicking “Back Up Now”. (Note: WiFi is required to back up this way). If this fails, you can back up to iTunes (see next bullet) or clients can call ECI’s Help Desk for assistance.
2. Alternatively, you can backup using iTunes. Plug the device into a computer, launch iTunes, right-click on your device and click “Back Up.”
Manually backup passwords. Ensure you know your iCloud passwords, iTunes Store password, email passwords and any other critical passwords. Write them down and test them. Then safely and securely discard that information. As a best practice, there are secure password storage applications available through the App Store.
Copy anything you can’t live without. Backup anything (i.e. photos) that you cannot live without. Do so in a way that you can verify the backup easily. One option is enabling iCloud Photo Library so you can access copies of your photos on all your other iOS devices.