Blog
  • Register

Subscribe to our blog

CTN Blog

CTN Solutions has been serving the greater Philadelphia area since 1997, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Your Business May Be Most Vulnerable from the Inside

Your Business May Be Most Vulnerable from the Inside

It can be easy, with all the threats covered in the news, to assume that the biggest dangers to your business all come from the outside. This is a dangerous mistake, as there are plenty of vulnerabilities that originate from within your organization, making it easier for outside threats to penetrate. Below, we’ll review some of the biggest internal dangers that your business may face.

0 Comments
Continue reading

Tech Term: Zero-Day

Tech Term: Zero-Day

You might hear the term “zero-day” when discussing security threats, but do you know what they actually are? A zero-day threat is arguably one of the most devastating and dangerous security issues your business could face. If you’re not prepared, this could be the end of it.

0 Comments
Continue reading

Uber Demonstrates the Importance of Disclosing a Data Breach

Uber Demonstrates the Importance of Disclosing a Data Breach

If your business was breached, would it be better to keep it a secret, or should you disclose it to your clients? Uber has proven that trying to hide it is a mistake, and a costly one at that.

0 Comments
Continue reading

Is Election Technology Solid or Simply Antiquated

Is Election Technology Solid or Simply Antiquated

Election Day in the United States is coming up quickly, on November 6th. It doesn’t matter what your thoughts or opinions on U.S. politics are--the fact remains that millions of Americans will be using the technology available at polling places to cast their ballots, and if this technology isn’t secured properly, the integrity of the voting system will be at risk.

0 Comments
Continue reading

Looking Back at This Year’s Cybersecurity Issues

Looking Back at This Year’s Cybersecurity Issues

Every business in operation today needs to have some kind of comprehensive network security. Simply put, there are too many threats that can come in through an Internet connection for them to continue doing otherwise. The past year provides plenty of anecdotal proof of this fact.

0 Comments
Continue reading

Monitoring Pros and Cons

Monitoring Pros and Cons

Dealing with other people, whether in the office or a home environment, can often be troublesome. There is always a case of someone trying to be better than someone else, or trying to take advantage of their naiveté. There are solutions out there that make it easier than ever to help keep your home and business safe. Here are some of the best out there.

0 Comments
Continue reading

Want to Keep Your “Personal” Browsing a Secret? Scam Says: Pay Up!

Want to Keep Your “Personal” Browsing a Secret? Scam Says: Pay Up!

A new email scam is making its rounds and it has a lot of people concerned with just how much a hacker can peer into one’s private life. How would you react if a stranger emailed you saying they had inappropriate webcam footage of you?

0 Comments
Continue reading

Reexamining Meltdown and Spectre

Reexamining Meltdown and Spectre

It’s been about a year and a half since the Meltdown and Spectre exploits became publicly known. While patches and updates were administered to reduce their threat, they continue to linger on in a less serious capacity. Of course, this doesn’t mean that the threat has entirely been neutered. You still want to know what these threats do and whether or not you’re safe from them.

0 Comments
Continue reading

Tip of the Week: Better Understand BYOD

Tip of the Week: Better Understand BYOD

There are a lot of benefits to implementing a Bring Your Own Device policy for your business. First, people can use the devices that they’ve purchased, and have grown accustomed to, for work. Moreover, many times they can access company information with easy-to-use mobile apps, providing more opportunities to be productive. In fact, many organizations that install a BYOD policy see the majority of their workforce work more, which creates more opportunities for revenue growth, and ultimately, higher profitability.

0 Comments
Continue reading

Are You Ready to Adapt to Network Security Changes?

Are You Ready to Adapt to Network Security Changes?

Humankind has always adapted and improved technology to make life easier, starting all the way back at fire and the wheel. Nowadays, our approach to making life easier through technology is centered around productivity and security. If we can accomplish more than before, in the same amount of time, without worrying that it will be stolen, we’re happy.


This, in addition to the growing assortment of threats there are to business networks, is why network security is projected to continue its growth and development in the near future. Here, we’ve compiled a few predictions for how this growth and development will take shape.

Prediction 1: Penetration testing will happen more often than ever, thanks to A.I. and automation.
Penetration testing is an invaluable process, as it allows you to identify weak points in your network security that your staff may have missed. By hiring an external third party, you make it much more likely that errors and oversights made by your internal staff are noticed. The trade-offs: not only is it a time-intensive process, it can be expensive enough that it can only be justifiably run once a year, if that.

However, this may not be the case for much longer. The integration of new technologies, like artificial intelligence and automation, have made it so that both of these trade-offs have less and less effect on the frequency of penetration testing. This is a good thing, because the rate at which new technology is being integrated into the office is rising. Penetration testing is to be run more often to ensure network security.

Prediction 2: Unified policies will appear that bridge between public and private clouds.
Cloud technology has been advancing, with both private cloud solutions and public cloud solutions proving useful for so many applications. This has led to a widespread move to leverage both to accomplish different aspects of business goals and strategies in adopting what is called a hybrid cloud solution. However, one shortcoming of hybrid clouds is that there aren't any real means of consolidating security policies to simplify management as a part of a larger system.

Once again, this may soon change. It is anticipated that multi-cloud management platforms will be able to synchronize private clouds and those provided to the public through a single control panel, greatly simplifying the cloud management process.

Prediction 3: Endpoint security will be more on point.
It should come as no surprise that the greatest internal threat to your security is your own team and their devices. Using social engineering and leveraging the notoriously unreliable security of consumer devices, cybercriminals are often able to access your network through the employees who use it. While many companies have taken steps to minimize the efficacy of these methods, there hasn’t really been a single, unified solution, making security measures extra time-consuming to manage.

This last point is most likely to change in the near future, as businesses will want a security solution that is leaner, more efficient, and is only one thing to be managed. It is likely that we’ll see these kinds of network security solutions start to take shape and be put to use.

In order to remain secure, you need to adapt to meet the threats that are constantly developing. CTN can help. Reach out to us at (610) 828-5500 for more information.

0 Comments
Continue reading

WARNING: A New Zero-Day Threat is On the Loose

WARNING: A New Zero-Day Threat is On the Loose

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.


Before we start making Internet Explorer jokes, we want to mention that there is nothing funny about online threats--particularly those that haven’t been addressed yet by the developers. This newly discovered zero-day threat is called the “Double Kill” Internet Explorer vulnerability. Unfortunately, the Chinese developers who discovered this vulnerability--a computer security company called Qihoo--have been quiet about the details regarding the double-kill IE bug. It’s also difficult to tell if your organization is under threat, as they aren’t revealing any of the warning signs of such an attack.

The only thing known for sure about this threat is that it takes root by using Word documents. It’s likely that this is done through email attachments as well, as email is a major method of transporting threats of all kinds. When the document is opened up, Internet Explorer is opened in the background via some kind of shellcode that downloads an executable file. The vulnerability does all this without showing anything of note to the user, making it a difficult threat to identify, but the effects are well-known. Apparently, the downloaded executable file installs a Trojan horse malware on the user’s device which creates a backdoor into the system.

There are a lot more unknowns than anything else with this vulnerability, though. In particular, professionals aren’t sure if all Word documents are affected by this vulnerability, or if the threat even needs Microsoft Office in order to function as intended. It’s not even known what role Internet Explorer plays in the attack, or if the documents that can trigger this attack are identifiable. All we can tell you is that you need to keep security best practices in mind to keep these kinds of zero-day threats from becoming a problem for your organization.

To start, you should never download an unexpected file from an unexpected sender. This can come in the form of a resume, receipt, or other online document. You can never know for sure what you’re actually downloading, as criminals have been able to spoof email addresses to a dangerous degree in recent years. Just be cautious about everything you can, and augment caution with powerful security tools that can identify potential risks before they become major problems.

To get started with network security, reach out to CTN at (610) 828-5500.

0 Comments
Continue reading

Email Security Basics

Email Security Basics

Email is a modern classic as far as business solutions are concerned, and you’d be hard-pressed to find an office that didn’t use it in some capacity or another. However, because email is so popular, it has become a favorite attack vector of malicious users. Fortunately, there are some basic practices that will help keep your email account secure and your communications private.


Follow Password Guidelines
As you might imagine, one of the most important, basic ways that you can lock down your email account is to ensure that your password is sufficiently strong. Too often, breach statistics (and similar data sets) reveal that passwords are still overwhelmingly insecure. Pet names, birthdates, anniversaries, and favorite sports teams are used as passwords far more than they should be. Some minimal social engineering could very easily provide someone with access to an email account.

To counter this, avoid the temptation to resort to formulaic, easy-to-guess password systems, for instance, smushing your alma mater’s mascot together with the number of your childhood home. Again, these password conventions are the first things that a cybercriminal will try to get into your email account. Instead, do your best to rely on an as-random-as-possible string of numbers and letters, creating a different one for each of your accounts. This will ensure that your passwords are as strong as possible with the added benefit of protecting the rest of your accounts if one of your passwords is discovered.

Of course, for the sake of pragmatism, is it totally realistic to remember a completely random string of alphanumeric characters for everything that requires a password? For many, it isn’t. That’s why many resort to using, rather than a password, a passphrase. A passphrase takes a sentence memorable to the individual and turns it into a mnemonic device. So, a fan of films by Rob Reiner could take a line from one of his works and create a password from it, like “uRdBS” or “HFSTC” from The Princess Bride, or “UCHTT” from A Few Good Men.

Avoid the Unknown
Once you’ve accessed your email, there are a few ways that you can avoid putting yourself at risk. One very important way is to avoid the links in email unless you have verified that they do, in fact, go to (and come from) where they appear.

First, where will the included link direct you? Links can be tricky things, which makes them a favorite of cybercriminals to use in emails. If the link is attached to text, you should hover over it and peek at the status bar that pops up before clicking on it. While the text might say that it brings you to the sender’s official webpage, the link could very well actually direct you to a domain that uploads a virus into your system. If the status bar says that you will be directed to someplace that doesn’t look quite right, skip the link.

You also shouldn’t blindly open an email that hasn’t come from a known or verified source, and even that can now be dangerous. There is a tactic that can be used to great effect as a way to snare even the most cybersecurity-mindful targets called email spoofing. As its name suggests, email spoofing is the act of forging an email’s header so that it appears to have come from someone else, likely someone trusted enough that the email will be opened, interacted with, and read.

As a result, it is best to verify the email with the cited sender whenever possible, through a different means of communication. Whether that means a quick phone call or instant message before you open the email, it is better to be safe than it is to be sorry.

What are some other ways that you keep your email from becoming a security risk? Share them in the comments, and make sure you take a moment and subscribe to this blog!

0 Comments
Continue reading

A Ransomware Cyberattack Struck Atlanta, Georgia

A Ransomware Cyberattack Struck Atlanta, Georgia

Ransomware doesn’t discriminate with its targets, as the city of Atlanta, Georgia now knows so painfully well. The city became the target of a ransomware attack that crippled many of its critical system workflows. The municipal government suffered from one of the most advanced and sustained attacks in recent memory.

0 Comments
Continue reading

FREE Printout: IT Security End-User Checklist

FREE Printout: IT Security End-User Checklist

This guide was created so that business owners, office managers, and IT departments can provide it as an educational resource to showcase some of the most basic IT security practices that can be implemented in your workplace. We recommend printing this out and handing it out to your staff for maximum results.


Your work is important, but so is staying safe and sound. By working together, we can protect this business.

Avoid Sharing Confidential Information

  • Don’t give out company or customer information to unsolicited emails or phone calls.
  • Hackers can be very convincing and have many tricks up their sleeves. Always be wary of suspicious activity, especially in regard to confidential or sensitive information.
  • Never email usernames and passwords to anyone--not even yourself.
  • Be cautious of suspicious messages that come from sources like PayPal, Amazon, or a bank.

Use Strong Passwords

  • Don’t use the same password for multiple accounts.
  • Use complex passwords that contain both upper and lower-case letters, numbers, and symbols.
  • Don’t include personally identifiable information in your passwords.

Don’t Access Sensitive Information on Unprotected Devices

  • You shouldn’t expect hotels and cafes to have secure wireless connections. Never access sensitive information from public computers or devices, as others could also access it.
  • Malware could potentially allow onlookers to steal information like usernames, passwords, and credit card information from your unsecured devices.
  • Ask your IT department about installing a VPN on your device for maximum security.

Don’t Leave Sensitive Information Lying Around

  • Avoid recording passwords on sticky notes.
  • Shred or destroy documents that contain sensitive information.
  • Always lock your devices before moving away from them.
  • On a Windows device, use the Windows key + L to quickly lock your computer.
  • Keep small devices like phones, hard drives, and flash drives close at hand, especially while traveling.

Report Suspicious Activity to IT

  • We can fix things quickly if we know about them. This keeps the issue from becoming a bigger problem.
  • If you lose a device, like a smartphone or laptop, report it to us immediately.

Note: If you have a service agreement with CTN that includes end-user support, please reach out to us at the provided phone number and email address to put in support tickets:

Phone: (610) 828-5500
Email:

0 Comments
Continue reading

Tech Term: Opening the Spam Folder

Tech Term: Opening the Spam Folder

Spam is a tricky subject to talk about, as it seems everyone has a different definition for it. Yet, most have come to the conclusion that spam is a bad thing. For today’s Tech Term, we delve deep into the different kinds of spam out there, as well as theorize about the origin of the term.


Why Spam?
Spam can lead to a considerable amount of wasted time and assets, as well as provide a convenient medium of transportation for threats like malware and viruses. So why is it named after spam, everyone’s favorite canned lunch meat? One theory claims that the folks over at the University of Southern California’s computer lab named it after spam for some unknown reason--perhaps they simply thought it was a funny analogy to make.

The more accepted theory is that spam comes from the Monty Python song. Both the song and spam messages have a lot in common, being both highly repetitive and offering no real substance.

Where Spam Came From
It’s not clear from where spam messages first came. Some believe that spam messages first became a thing on March 31st, 1993. A Usenet user named Richard Depew accidentally posted 200 of the same message to a newsgroup. These messages were then called spam by another user, and Depew used the term in his apology, cementing its terminology.

Another theory regarding the name spam comes from multi-user dungeons, or MUDs, which were a type of chat room named after the role-playing game Dungeons and Dragons. These users would fill these chat rooms with a large quantity of unwanted content. Even the MUDers, as they were called, coined these junk messages spam.

There are two other theories related to spam involving Bitnet Relay, a 1980s chat system, and TRS-80, another use of the aforementioned Monty Python song to annoy users.

Types of Spam
Below, you’ll find the various types of spam that you could potentially encounter:

  • Email spam: Email spam messages are likely the most recognizable form of spam. Spam emails contain all sorts of junk that can make navigating your inbox a complete nightmare. Thankfully, there are regulations put into place that keep spam out of inboxes to an extent, but you can always integrate better solutions and software to augment the sorting of spam emails.
  • Texting spam: In much the same way, texting spam is a way to get unwanted messages through to people. It’s interesting to note that emergency texts don’t constitute spam. Similar to how email spam works, the CAN-SPAM Act also applies to text spam.
  • Comment spam: Comment spam is a bit different in nature from the previous two types. You may have noticed some comments that seem unwanted or “spammy” in nature, such as those advertising the selling of products or simply off-topic.

As always, you don’t want to be dealing with spam carelessly. If your business could use assistance preparing for spam, contact CTN for (610) 828-5500.

0 Comments
Continue reading

Where There’s Data Loss, There’s Trouble

Where There’s Data Loss, There’s Trouble

Data loss can have lasting effects upon your business, usually measured in lost productivity and capital. In other words, data loss is often measured by the cost required to retrieve, restore, and/or repair its effects. Of course, this is only the beginning of how data loss can impact your operations.


Data Loss Implies More than Just Lost Data
While there is no denying that, when considered alone, data loss is a critical blow to your business, there are additional effects that that can be more problematic. First and foremost, you have your employees to consider.

You’d be hard-pressed to find a task in business operations today that didn’t require data in some way, shape, or form. Considering this, try to calculate a rough estimate of the impact that a critical bit of data being lost would cause. This is dependent upon what kind of data was lost. If the data belonged to a client, the sensitivity of the data would be important to consider. There’s even an online tool available to help establish if an incident has gone over the parameters outlined in your agreement.

Furthermore, the value of data factors into other considerations as well, that may not immediately come to mind during a data loss event.

Other Concerns, Regarding Customer Confidence
Never mind losing the data for a moment - what happens to the customers whose data you’ve lost?

First, let’s consider how you would likely react if a business you had entrusted your data with suddenly came to you explaining that your data was just gone. How would you react?

There are many factors that ensure that your contacts will find out, as well. Many industries are beholden by law to inform their business associates that their data has been breached. These legal requirements are also influenced by the state one does business in, what data is stored, even how the data loss took place.

As a result, you could easily find yourself struggling with a public relations nightmare, further impacting the confidence of your customers and clients.

To prevent this all from happening, you need to have the right solutions in place. CTN can deploy a comprehensive backup and disaster recovery solution. To get started, give us a call at (610) 828-5500.

0 Comments
Continue reading

BYOD is Only Helpful If the Devices Are Secure

BYOD is Only Helpful If the Devices Are Secure

Mobile devices are so common nowadays that your employees will bring multiple devices to the office on a regular basis. Little do they know that everything they bring with them, from their Fitbit to their laptop, poses a security threat. Of course, the threat level depends on each individual device type. But the point stands that the less you do about mobile device security now, the more danger your organization will be in, down the road.


There is a very simple rule that you can use to gauge how vulnerable your business infrastructure is to mobile devices. The more devices that have access to a network and its contents, the more likely it is that you’ll be putting it in danger. If you aren’t careful about which information is accessed by certain users and devices, then you could expose your business to considerable risk. Therefore, it’s critical that you put measures into place before the worst happens.

It all starts by implementing a Bring Your Own Device (BYOD) strategy, which aims to improve the way that your business manages mobile devices without sacrificing data security in the process. Here are some of the most common features of a BYOD policy:

Blacklisting and Whitelisting Apps
Any apps that you download to your device have to be secure. Generally speaking, most apps that you will download should be safe for your company to use, but there are others out there that have only malicious intentions. Naturally, you’ll want your devices to be equipped with whitelisting and blacklisting capabilities so that you can control what types of apps are found on company devices. The theory here is that you can prevent hacking attacks and data leaks by preventing malicious apps from installing on the devices in the first place.

Remote Wiping
What happens when a device is lost? You might have a lot to worry about, or you might not. It depends on where the device has been lost. If you misplaced it in your office or home, perhaps you can locate it. If you leave it on the train, there’s no telling who will find it. Perhaps a good Samaritan will return the device, but chances are that it will be exploited by its new owner, be it someone who just wants a new device, or a hacker intent on stealing as much data from the device as possible. Remotely wiping the device allows you to maintain the integrity of your infrastructure and its data, even in a worst-case scenario.

A BYOD policy is an incredibly important aspect of a modern technology infrastructure. Do you have one? CTN can help you implement all of the best solutions to secure your mobile devices. To learn more, reach out to us at (610) 828-5500.

0 Comments
Continue reading

Do You Know What to Do When Involved in Identity Theft?

Do You Know What to Do When Involved in Identity Theft?

The unfortunate truth of increased technology use is that there is a corresponding increase in the potential for cybercrime, more specifically identity theft, to strike the workplace. The question is, what can you do to help prevent it, and how should you react to it, should it strike?

0 Comments
Continue reading

Tech Term: What Does “Encryption” Mean?

Tech Term: What Does “Encryption” Mean?

Email is a solution that needs to be protected, lest you expose important information to any onlookers while messages are in transit. Encryption is one of the key ways you can make sure that your messages are safe, but email hasn’t always used this method to secure messages. In fact, it wasn’t until recently that encryption became a staple of the major email providers.


Why Encryption Matters
It’s important to keep in mind that email communications are not always private. Depending on whether or not the email provider offers encryption can potentially expose important information found within the message. The reason you need encryption is simply because you never want to expose this information to outside viewers under any circumstances. You would be doing your company a disservice, and potentially even be in violation of data privacy regulations, depending on your industry.

Either way, our point is that encryption is necessary if you want to avoid the ugly side of the Internet. This includes hackers of all kinds, who would stop at nothing to get past your business’s protections and steal information of value. It’s up to you to put measures in place to stop them in their tracks--before it’s too late.

How Email Encryption Works
Imagine for a moment that your emails are locked in a box. This box remains locked the second that it leaves your organization, and it will stay that way until it is received by someone who has the key. In this case, the recipient will have the key, and the box would be unlocked once it is received by them. In the event that the box is intercepted before it reaches its destination, whoever claims it will not be able to view its contents.

The important thing to remember about encryption is that it needs to be an infrastructure-wide implementation. You can’t encrypt only messages that contain sensitive information, as this can potentially make you an even bigger target in the eyes of hackers. Therefore, you need to ensure that your encryption solution is all-encompassing so as to eliminate any risk associated with email security.

Does your business need email encryption? CTN can help by implementing an enterprise-level email encryption solution that takes into account all of your business needs. We can also provide other types of email security tools, including spam protection that limits exposure to dangerous entities. To learn more, reach out to us at (610) 828-5500.

0 Comments
Continue reading

Could Your Favorite App Infect Your Device?

Could Your Favorite App Infect Your Device?

When considering solutions to help ensure your business’s IT security, mobile devices often go overlooked. This makes sense. For most of the time the telephone has existed, it has been attached to a wall, only capable of transmitting sound. However, now that phones are palm-sized computers carried in our pockets, keeping them safe from cyberthreats has a new importance.


Part of maintaining security on a mobile device is to protect it from picking up viruses, which means that you need to have a mobile antivirus solution installed. Of course, Google has released its own internal safeguard, called Play Protect, that is supposed to catch malicious apps and updates. By scanning everything that is uploaded to the Play Store, and again before it is installed on each device, Play Protect’s job is to catch malware and other threats before a user’s device is exposed to these nefarious programs.

The trouble is, Play Protect isn’t very good at its job.

When the industry average for real-time malware detection rates is 94.8 percent, and rises to 96.9 percent over four weeks, it isn’t a good sign if your rates are 48.5 percent and 66.3 percent, respectively.

Fortunately, there are antivirus apps available for download with prevention rates that are above-average, many of them free. Many are similar to Play Protect in that they serve as a comprehensive mobile security suite. While the benefits certainly balance out any of the downsides that these apps have, it helps to know the possible downside.

For instance, some antivirus apps (like Avast Mobile Security and McAfee Mobile Security) are supported by ads, which many users may find to be annoying. Norton Security Antivirus doesn’t block a user from visiting a malicious website, but it does allow a user to remotely lock a lost phone via text message.

When so much business can be completed through a mobile device, you owe it to yourself, your employees, and your clients to make sure your mobile devices are well managed, and are as secure as possible. CTN Solutions can help implement the security solutions, including mobile antivirus, that keep your business safely productive. Reach out to us at (610) 828-5500 for more information.

0 Comments
Continue reading

Mobile? Grab this Article!

QR Code

Latest News & Events

Drew was pleased to present a gift of financial assistance to the Joy of Life program in Sarajevo, Bosnia on behalf of his non-profit ABLE (American Balkan Leadership Enterprise) and my company CTN Solutions. Unfortunately in many countries...

Latest Blog

Whether it’s RFID sensors, mobile devices, or commercial goods, the Internet of Things (IOT) is an exponentially expanding industry. Which makes us think, “What can we expect in the near future for IOT?” Today, we will answer this very ques...

Contact Us

Learn more about what CTN can do for your business.

Call us today
(610) 828-5500

610 Sentry Parkway
Suite 110
Blue Bell, Pennsylvania 19422