Blog
  • Register

Subscribe to our blog

CTN Blog

CTN Solutions has been serving the greater Philadelphia area since 1997, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Network Security is Crucial for Every Organization

Network Security is Crucial for Every Organization

Avoiding risk is important for every business. Nowadays, with technology being an omnipresent element in most businesses, technology-based risks have grown in concert. As a result, the modern business owner and IT administrators need to understand the new risks and how to proactively work toward avoiding (or mitigating) them.

0 Comments
Continue reading

Cybercrime’s Evolution and the Potential Blockchain Shield

Cybercrime’s Evolution and the Potential Blockchain Shield

Cybercrime has morphed over the past decade or so. With unbreakable encryption making breaking directly into a network all but impossible, phishing, Distributed Denial of Service (DDoS) attacks, and other methods of indirect hacking have become en vogue. As a result, software companies are looking in some strange places to find building blocks for intrusion mitigation. One interesting emerging technology being used for this purpose is blockchain.

0 Comments
Continue reading

How to Secure Data Using Passwords

How to Secure Data Using Passwords

All that stands between hackers and your accounts’ data, be it personal information or sensitive business info, is a measly string of characters that may (or may not) be complex enough to thwart their attacks. We’re talking about your passwords, and for many businesses, they are the only thing protecting important data. We’ll walk you through how to make sure your passwords are as complex as possible, as well as instruct you on how to implement additional security features to keep your data locked down.

0 Comments
Continue reading

4 Decisions You’ll Make About Your IT

4 Decisions You’ll Make About Your IT

Today we will be covering some of the most important parts of your IT’s decision making that will need to be addressed, questions and concerns included, especially in regard to business-critical functions.

0 Comments
Continue reading

Ransomware Shuts Down Doctors' Office - Is Your Business Protected?

Ransomware Shuts Down Doctors' Office - Is Your Business Protected?

Let me ask you a question. Let’s say that you’re about one year from your projected retirement, when a ransomware attack encrypts all of your files. What do you do? Pack it in and retire early? This is precisely the situation that the practitioners of Brookside ENT & Hearing Services of Battle Creek, Michigan, have found themselves in, and it may not be over yet.

0 Comments
Continue reading

Do and Don'ts of Managing Your Passwords

Do and Don'ts of Managing Your Passwords

Password security is a tricky part of running a business. After all, it’s not just dealing with your own password, but those of the many employees all throughout your organization. In times like this, it’s helpful to provide them with a list of how to make the best passwords possible. Here are a couple of examples for what to do, as well as what you shouldn’t do, when building a proper password.

0 Comments
Continue reading

Tip of the Week: Improving Some Cybersecurity Basics

Tip of the Week: Improving Some Cybersecurity Basics

What are your chances of being hacked, or targeted by some kind of cyberattack? I hate to tell you this, but they’re probably a lot higher than you might think.

0 Comments
Continue reading

Your Business May Be Most Vulnerable from the Inside

Your Business May Be Most Vulnerable from the Inside

It can be easy, with all the threats covered in the news, to assume that the biggest dangers to your business all come from the outside. This is a dangerous mistake, as there are plenty of vulnerabilities that originate from within your organization, making it easier for outside threats to penetrate. Below, we’ll review some of the biggest internal dangers that your business may face.

0 Comments
Continue reading

Looking Back at This Year’s Cybersecurity Issues

Looking Back at This Year’s Cybersecurity Issues

Every business in operation today needs to have some kind of comprehensive network security. Simply put, there are too many threats that can come in through an Internet connection for them to continue doing otherwise. The past year provides plenty of anecdotal proof of this fact.

0 Comments
Continue reading

Security Threats and Defensive Measures You Can Take

Security Threats and Defensive Measures You Can Take

Network security for small businesses is far from simple. There are countless threats out there that want to see your business fall, and it only takes one to see this come to fruition. Unless you take action now to protect your organization, you risk the future of your business. But what is it that businesses need to protect from, and what measures are out there that can accomplish this feat?

0 Comments
Continue reading

Are You Ready to Adapt to Network Security Changes?

Are You Ready to Adapt to Network Security Changes?

Humankind has always adapted and improved technology to make life easier, starting all the way back at fire and the wheel. Nowadays, our approach to making life easier through technology is centered around productivity and security. If we can accomplish more than before, in the same amount of time, without worrying that it will be stolen, we’re happy.


This, in addition to the growing assortment of threats there are to business networks, is why network security is projected to continue its growth and development in the near future. Here, we’ve compiled a few predictions for how this growth and development will take shape.

Prediction 1: Penetration testing will happen more often than ever, thanks to A.I. and automation.
Penetration testing is an invaluable process, as it allows you to identify weak points in your network security that your staff may have missed. By hiring an external third party, you make it much more likely that errors and oversights made by your internal staff are noticed. The trade-offs: not only is it a time-intensive process, it can be expensive enough that it can only be justifiably run once a year, if that.

However, this may not be the case for much longer. The integration of new technologies, like artificial intelligence and automation, have made it so that both of these trade-offs have less and less effect on the frequency of penetration testing. This is a good thing, because the rate at which new technology is being integrated into the office is rising. Penetration testing is to be run more often to ensure network security.

Prediction 2: Unified policies will appear that bridge between public and private clouds.
Cloud technology has been advancing, with both private cloud solutions and public cloud solutions proving useful for so many applications. This has led to a widespread move to leverage both to accomplish different aspects of business goals and strategies in adopting what is called a hybrid cloud solution. However, one shortcoming of hybrid clouds is that there aren't any real means of consolidating security policies to simplify management as a part of a larger system.

Once again, this may soon change. It is anticipated that multi-cloud management platforms will be able to synchronize private clouds and those provided to the public through a single control panel, greatly simplifying the cloud management process.

Prediction 3: Endpoint security will be more on point.
It should come as no surprise that the greatest internal threat to your security is your own team and their devices. Using social engineering and leveraging the notoriously unreliable security of consumer devices, cybercriminals are often able to access your network through the employees who use it. While many companies have taken steps to minimize the efficacy of these methods, there hasn’t really been a single, unified solution, making security measures extra time-consuming to manage.

This last point is most likely to change in the near future, as businesses will want a security solution that is leaner, more efficient, and is only one thing to be managed. It is likely that we’ll see these kinds of network security solutions start to take shape and be put to use.

In order to remain secure, you need to adapt to meet the threats that are constantly developing. CTN can help. Reach out to us at (610) 828-5500 for more information.

0 Comments
Continue reading

FREE Printout: IT Security End-User Checklist

FREE Printout: IT Security End-User Checklist

This guide was created so that business owners, office managers, and IT departments can provide it as an educational resource to showcase some of the most basic IT security practices that can be implemented in your workplace. We recommend printing this out and handing it out to your staff for maximum results.


Your work is important, but so is staying safe and sound. By working together, we can protect this business.

Avoid Sharing Confidential Information

  • Don’t give out company or customer information to unsolicited emails or phone calls.
  • Hackers can be very convincing and have many tricks up their sleeves. Always be wary of suspicious activity, especially in regard to confidential or sensitive information.
  • Never email usernames and passwords to anyone--not even yourself.
  • Be cautious of suspicious messages that come from sources like PayPal, Amazon, or a bank.

Use Strong Passwords

  • Don’t use the same password for multiple accounts.
  • Use complex passwords that contain both upper and lower-case letters, numbers, and symbols.
  • Don’t include personally identifiable information in your passwords.

Don’t Access Sensitive Information on Unprotected Devices

  • You shouldn’t expect hotels and cafes to have secure wireless connections. Never access sensitive information from public computers or devices, as others could also access it.
  • Malware could potentially allow onlookers to steal information like usernames, passwords, and credit card information from your unsecured devices.
  • Ask your IT department about installing a VPN on your device for maximum security.

Don’t Leave Sensitive Information Lying Around

  • Avoid recording passwords on sticky notes.
  • Shred or destroy documents that contain sensitive information.
  • Always lock your devices before moving away from them.
  • On a Windows device, use the Windows key + L to quickly lock your computer.
  • Keep small devices like phones, hard drives, and flash drives close at hand, especially while traveling.

Report Suspicious Activity to IT

  • We can fix things quickly if we know about them. This keeps the issue from becoming a bigger problem.
  • If you lose a device, like a smartphone or laptop, report it to us immediately.

Note: If you have a service agreement with CTN that includes end-user support, please reach out to us at the provided phone number and email address to put in support tickets:

Phone: (610) 828-5500
Email:

0 Comments
Continue reading

Tip of the Week: How to Protect Yourself from Invoice Impersonation

Tip of the Week: How to Protect Yourself from Invoice Impersonation

As cybercriminals become increasingly sophisticated in their methods of attack, it is important that your staff--the ones on the front lines--are educated to spot these attempts and know what to do if one is encountered.


Unfortunately, the increased sophistication of these attacks have made them harder to spot and resultantly, harder to avoid. This has led to a rise in the use of an attack vector known as an invoice impersonation attack. When utilizing these attacks, a cybercriminal will send a message under an assumed name (often one that belongs to a regular contact) that includes an invoice number and a link, presumably to download the invoice.

However, rather than downloading the invoice, as expected, the target of an attack will discover that they have actually downloaded some malware. This is often how ransomware is introduced into a system.

Warning Signs
To avoid falling victim to an invoice impersonation attack--or any form of email phishing or fraud--your users should know to keep their eyes out for any warning signs.

Messages containing a payment request and link
One of the bigger security issues with the concept of email is the fact that most users can only take it on good faith that the message comes from the person it appears to have. There is no voice to identify as someone else’s, and no handwriting to compare to the actual person’s.

Therefore, if an email comes from someone with a request for payments to be made, with a link to what is claimed to be a payment portal, don’t click. You might have just dodged a ransomware program delivered via a phishing attempt.

How to Protect Your Business (with the Help of Your Employees)
Phishing attacks, including invoice impersonation attacks, rely on their target to trust the content enough to not question if the sender is who they say they are. As such, they can be avoided with a little mindfulness on the part of your employees.

Make sure your employees know to keep an eye out for risk factors. Requiring regular training sessions as well as testing their cybersecurity mindfulness will help to keep awareness alive and well among your staff members.

Furthermore, you should have updated spam filters and malware blockers installed to help minimize the risk that these messages even make it to your staff in the first place. This is where CTN Solutions can help.

If you’re interested in the solutions we have that can help make cyberthreats a non-issue, give us a call at (610) 828-5500.

0 Comments
Continue reading

There are New Ways to Secure Your Data

There are New Ways to Secure Your Data

Security is an aspect of running a business that absolutely cannot be ignored, regardless of whether or not you see it as a considerable issue in the near future. The fact remains that your organization will always be at risk unless you take actions to keep it safe today. By taking advantage of some of the latest and greatest security tools on the market, you’ll be able to protect not only from the basic threats, but more advanced ones as well.

0 Comments
Continue reading

Data Security Has to Be A Priority For Your Organization

Data Security Has to Be A Priority For Your Organization

Since January 1st of this year, there have been over 10 million personal information records lost or stolen each day. Odds are that you, or someone you know, has had records compromised by a data breach. Individuals and businesses, who never received notification that their records were included in a breach, assume that they are not at risk of identity theft or unauthorized account usage. Unfortunately for them, that is not always the case.


The fact is that there is a significant chance that your personal or non-public business information has been compromised in some way. However, the company that lost your information was not legally obligated to make you aware of the event. For your own benefit, understanding what your rights are when it comes to data breach laws is the first step in protecting your data. For example, do you know what information is considered ‘personal’? Are there ways that your data could have been lost or stolen but the offending entity was not compelled by law to notify you for some reason? The answer is yes.

Legal Definitions of Personal Information
Each state has its own laws and policies regarding data breaches and notification requirements. However, there is a consensus on the basics of what elements, or combination of elements, constitutes as ‘personal information’ in the eyes of the law. At a minimum, personal information includes:

  1. First name or first initial and last name
                        AND
  2. One or more of the following elements: social security number, driver’s license, or state ID number, financial account numbers.

As mentioned, this does make up the foundation of most secular legislation on data breaches. Many states go a step further, and consider account information requiring a pin or password as having been compromised, if the required pin or password was included with the record that was stolen. That is, if the use of a debit card requires a pin for a transaction, you will not be notified of the data loss unless both your debit card number and the pin are accessed.

A few of the more progressive states, like North Carolina and Nebraska, include biometrics and fingerprint information as part of their definition of personal information. Similarly, some states, like Missouri have more specific, detailed laws, limiting the legal maneuverability that comes with ambiguity in statutes.

Even though laws regarding the majority of health and medical information and data policies are covered under the United States’ federally mandated Health Insurance Portability and Accountability Act (HIPAA), a few states do include health-related information in their definition of personal information.

One more thing that the some of the state laws address is that, once a relatively high number of records have been stolen, the information holders must also notify consumer reporting agencies in addition to the Attorney Generals of all states that have affected residents. The number of records lost that trigger reporting to a consumer reporting agency tend to number between 1,000 and 5,000.

When it comes to sectoral legislation, the current statutes are, in general, skewed in favor of protecting the corporate information holder, as opposed to the individuals who have their information compromised.

  • Encryption: In many states, there is specific language that if the personal information was redacted or encrypted at the time of the unauthorized access, then no breach or loss of data has occurred. The laws do not address the policy and notification standards for encryption that is broke post-theft.
  • Questionable Non-Personal Information: Depending on the state, some questionable information might be included as non-personal information. For example, the last four digits of your social security number may not be counted as personal information, despite the quantity of accounts that require you to confirm these four digits before making changes to your account.
  • Good-faith Acquisitions: Nearly every state lists ‘good faith acquisitions’ as exemptions to the data breach laws. A ‘good faith acquisition’ is defined a data loss event where the recipient of the personal information in question is employed internally or with a trusted vendor or partner - and is therefore not likely to be misused or further exposed. It’s important to note that businesses are not required to notify anyone in the event that the data breach meets ‘good faith’ requirements.
  • Risk of Harm Analysis: About half of the United States has laws to allow the information-holding entity to run a ‘Risk of Harm’ analysis to determine the likelihood that the personal information compromised will be abused or used in unauthorized transactions by the parties that have obtained it, or may obtain it, in the future. If the risk of harm is found to be minimal, then they are not required to notify the state's attorney general, nor do they need to notify the parties whose personal information was lost.

For most small and medium-sized businesses, a data breach has the potential be catastrophic. Working with CTN Solutions, we can help you take proactive data and network security measures and significantly reduce the chance that your network will fall victim to cybercriminals. Contact us at (610) 828-5500.

0 Comments
Continue reading

October is Cybersecurity Awareness Month

October is Cybersecurity Awareness Month

Cybercrime is the fastest growing criminal activity in the world. From the largest enterprise to the individual, it can affect anyone, anywhere. To help ensure the cybersecurity of American citizens and their businesses, the Department of Homeland Security (DHS), United States Computer Emergency Readiness Team (CERT), the Federal Bureau of Investigation (FBI) and other agencies work together every October to raise awareness about the threats people face online through a series of educational events and activities.

0 Comments
Continue reading

Who Needs To Be Involved In Network Security? Simple: Everyone

Who Needs To Be Involved In Network Security? Simple: Everyone

Network security is an important part of keeping both your business and your staff away from online threats, but it’s not enough to implement the best, most comprehensive solutions on the market. There are a surprising number of facets to network security, and in order to optimize protection against online threats, you’ll need to know all of them. Thankfully, you don’t have to do this alone.


By educating your staff on how to act under precarious situations, you’re giving them valuable knowledge that can help them protect your business, even when management isn’t watching. First, let’s examine the role that your business’ IT department plays in its security. You can then augment security with both employee education and outsourced assistance.

Your Internal IT Department
Your IT department is generally your first line of defense against threats to your business infrastructure. They monitor your network for any signs of danger, as well as install patches and security updates to eliminate known problems on your network. But what if you don’t have an IT department? Small businesses often forego an internal IT department for the sake of saving a few bucks, or simply because they can’t afford it in the first place. In this situation, your employees end up doing most of the technology maintenance, but this can be a dangerous gamble. Who knows if their maintenance is performed correctly? Plus, it’s just more time that’s taken away from productive employees.

Your Employees
Even with an internal IT department and security solutions, your technology can only handle so much. Training your employees on how to identify dangerous situations can help you prevent them from doing something foolish, like downloading the wrong attachment or clicking on the wrong link. Furthermore, educate them on proper password protocol and ensure that they use complex passwords at every opportunity. This includes using both upper and lower-case letters, numbers, and symbols. Also, be sure to inform your employees of how to identify suspicious messages, and above all else, encourage them to tell IT about anything that looks out of place.

What You Do
Even without an internal IT department, there are ways for you to get more done with the limited resources at your disposal. Instead of going out of your way to do all the IT work yourself, use the assets that you would spend in labor on this and use them to acquire outsourced work. Often, it’s much cheaper than hiring an in-house IT department, and you get the assistance of trained IT professionals without dipping into your limited time and resources. It’s the best way to approach IT, as your internal team can focus on their jobs without the interruption of technology troubles.

Does your business need IT security? CTN Solutions can help. To learn more, reach out to us at (610) 828-5500.

0 Comments
Continue reading

When It Comes To Your IT, There's No Such Thing As A Dumb Question!

When It Comes To Your IT, There's No Such Thing As A Dumb Question!

Especially with so many people claiming to be tech-savvy, asking a question about IT can be a bit nerve wracking. Because of this hesitation, many people don’t ask because they fear that their questions might be foolish. For example, an 'updated operating system' is a term that is tossed around by IT professionals, and even some not-so-professionals.

0 Comments
Continue reading

Tip of the Week: 12 Security Rules Every PC User Should Follow

Tip of the Week: 12 Security Rules Every PC User Should Follow

While you are probably spending a fair amount of time thinking about your business’ security, can you confidently say the same about those that you’ve employed? Unfortunately, your workers may not put much thought into network security. This could very possibly lead to some severe issues potentially harming your business operations.

0 Comments
Continue reading

Why You Should Be Skeptical of USB Devices

Why You Should Be Skeptical of USB Devices

USB technology is widely-used and you’d be hard-pressed to find an organization that doesn’t utilize USB devices in some way, shape, or form. However, these devices often harbor unexpected threats that could put the security of your entire infrastructure in jeopardy. All it takes is one infected device to compromise your network. Do you know where your USB devices have been?


Since USBs are prized for their portability, they can be used for a myriad of purposes. USB flash drives or hard disk drives can be used to transport files, both compactly or in bulk. Many keyboards and computer mouses operate with USB technology these days. That’s not even mentioning the plethora of USB dongles that are used to connect other devices to your computer.

Now, imagine this scenario. An employee finds a USB drive on the ground and, curious to find out what’s on it, plugs it into their company-issued workstation. They might do this to make sure that good technology isn’t just left lying around, or maybe their curiosity just got the best of them. Either way, the files on the device could contain executable malware that can threaten your business. In many cases, the user might not even be aware that malware has been installed on the computer, and it can spread viruses, or install trojans that allow for remote access at a later date.

In fact, there’s been a recent report from May 2016 of a $10 USB device that’s capable of logging keystrokes on wireless Microsoft keyboards and transmitting the signals over a wireless frequency. Whitehat hacker Samy Kamkar built it out of a USB phone charger, which is so commonplace these days that nobody would think twice about seeing it plugged into the wall of your office. The threat of these types of devices is so significant that the FBI saw fit to issue a statement warning professionals of their dangers. While no attacks have been found in the wild, it’s still best to take the warning to heart and apply it to your own cyber security practices.

The root of the problem--the theft of data before it reaches its destination--extends well beyond Microsoft wireless keyboards, too. Any wireless device that sends signals that aren’t encrypted could potentially be intercepted by hackers using similar techniques. This method can be used to harvest data that could lead to the theft of personally identifiable information, login credentials, or financial credentials. It’s not unlike a hacker intercepting data over an unsecured wireless Internet connection.

Is your business prepared to handle these outside-the-box threats? All it takes is one mistake to expose your company’s data to those who would do it harm. In instances like this, you should make a policy that any and all devices your employees want to use should first go through your organization’s security protocol. This will help ensure that the devices are not threats to your critical infrastructure. Emphasize that your organization should only be using encrypted data storage devices whenever possible, and you can’t go wrong.

For more information about how to keep your business safe, contact us at (610) 828-5500.

0 Comments
Continue reading

Mobile? Grab this Article!

QR Code

Latest News & Events

CTN is proud to announce the launch of our new website at www.ctnsolutions.com. Be sure to check out our 6 key service areas where we have highlighted specific services we offer. And don’t forgot to subscribe to our BLOG that provides helpf...

Latest Blog

As you company grows, you will need to invest a good deal of the revenue that you take in to keep operations from falling into complacency. In order to get a good idea what investments would be most advantageous, doing a proactive ROI analy...

Contact Us

Learn more about what CTN can do for your business.

Call us today
(610) 828-5500

610 Sentry Parkway
Suite 110
Blue Bell, Pennsylvania 19422