What is Synology NAS?
NAS (Network Attached Storage) is a data storage device that connects to your home or office network and allows multiple people to easily store, share, and protect files and other data. By integrating hardware and software, Synology NAS delivers a fine tuned, hassle free performance. Extensive compatibility with hard drives and peripheral devices, such as network cameras, routers, or DLNA devices, allows for easy integration into your environment. Synology NAS is designed with security, redundancy and easy maintenance in mind. Homes and business can take advantage of solutions of all sizes, ranging from single driver server to rackmount models that are expandable over one petabyte.
In the past it was quite an easy decision for an expanding business deploy a windows server, but with the advancement of Network Attached Storage devices the decision is no longer clear cut. These devices now contain very sophisticated operating systems of their own. Not only can you share data but you can install apps. These apps provide you with increased functionality. For example, you can use your Synology device as a DVR base station for your security system. You can also install apps on your mobile devices that will allow you to access your data from anywhere. Synology devices can host VPN connections, websites and much more. With all this functionality and a cost that’s much less expensive than a traditional server.
Synology lets you consolidate multiple services onto a single device
Use the NAS for your video surveillance
Store, organize, and stream your photos, movies, and TV shows
Run your website from the NAS and use database software like MariaDB
Virtualization and lab use test out VMs and run Docker containers then scale up for business
Connect other devices on a VPN running on the NAS
Deploy your own LDAP and single-sign on services via our applications
Synology has security features that protect your business with encryption/HIPAA compliance
VPN support-Connect to or act as the VPN server
Secure protocols –HTTPS, SFTP/FTPS, SSH
Built-in customizable firewall
Set custom ports for all applications
Security Advisor Tool –Audit NAS security
Two-Factor Authentication [one-time code]
Synology NAS devices are becoming more powerful, small businesses are seeing the benefits of utilizing Synology NAS devices. Customized Computer Services, Inc (CCSI) has helped many of our clients implement Synology for their business. For more information on how Synology can benefit your business contact us at (817) 459-4000.
What is Synology NAS?
Remote desktop access (RDP) is one of the most common and easiest ways to access computers and servers on your network. For businesses with remote users, this is a common practice, but most are unaware of the security risks this opens them up to. Even those who are aware of the risks often still choose the ease and cost savings that RDP provides. So, what is RDP and what makes it such a security risk? Simply put, RDP is a tool to remotely connect and control a PC or server on a network. By default, RDP uses the port 3389. Leaving this port open means that attackers can find and then launch a ‘brute force’ attack. Sending 1000s of random usernames and passwords at the server until they are in. Once they are on the system there is no end to the damage they can cause. From viruses to Ransomware, costing tens of thousands of dollars in damage if not more. Even if attackers do not make their way in, you and your business can still feel the impact. These brute force attacks hit your server with thousands of failed login attempts which can slow performance and productivity to a crawl. While there are some workarounds to better secure yourself against these kinds of attacks; changing port numbers or using third party software to detect and mitigate the effects of brute force attacks. We at CCSI believe the best option is to remove the problem all together.
CCSI has been migrating it’s clients to the more secure and more reliable use of VPN’s. VPN (or Virtual Private Network) creates an encrypted ‘tunnel’ into the network making it so that RDP ports will no longer need to be opened on the firewall. No open ports means there is nothing for attackers to attempt to force their way in to.
Recent ransomware attacks like Wanna and Petya have spread largely unchecked through corporate networks in recent months, extorting money to restore your data and regain control of your computers. CCSI has informed our customers in the past and some have experienced the pain of Ransomware. These attacks have not stopped and the measures CCSI has taken to detect and stop these types of attacks have been successful in reducing the consequences when such an attack occurs. For a better understanding of what it is your up against, let’s break down how the hackers are infiltrating your systems, to begin with, and some recommendations to beef up the security by utilizing technologies you already have or steering you in the right direction of what to get.
HOW HACKERS PIN-POINT AND LAUNCH RANSOMWARE
Finding and exploiting a business is not determined by the size or success of a business, hackers don’t use their crazy good tech skills to research businesses annual revenue as a measure to determine that your business will be a good one to hack because it makes lots of money. Although, very successful fortune 500 companies have fallen victim to ransomware attacks it was not because of their success no, no. Hole in the wall pizzeria’s, mom and pop trophy shops, start up’s, all the way to government agencies, multi-national corporations and county hospitals have all been targeted not because of their net worth but because of weak points in your network’s security/firewall are what these guys look for but simply because they could “walk” right in.
So, how do they find these weak points? Although there’s a myriad of ways hackers make their way into and infect a network the most common are:
Remote Access to Servers and Workstations:
Even though remote access to your servers and workstations, to work from home or elsewhere, is a must, we highly recommend closing remote desktop access directly from the internet. As hackers have been able to crack passwords and log into networks, they then manually run the ransomware executables directly on servers and in some cases workstations CCSI is recommending that anyone who needs remote access to servers or desktops be required to use a VPN client to connect to their office network, then they can establish a remote desktop connection to servers or desktops in a safe and secure environment. This will add an extra step to make these connections but the security this gives is well worth the extra step.
Everyone knows we need firewalls but, as any good network admin will tell you, owning a firewall isn’t the same as getting the most out of your firewall. Your security posture has to adapt continuously to deal with the ever-shifting threat landscape and the emergence of new threats like advanced, worm-like ransomware. Modern firewalls are purpose-built to defend against these kinds of attacks, but they need to be given an opportunity to do their job. There are multiple methods of entry from a hackers standpoint these few currently being the most used:
- The “Over-Seas I.P.” Method: An American based company with multiple locations across the U.S. but has hosted backup services that originate in Russia. We are able to tell that an IP address is originating from Russia due to the placement of the octets (the first 3 numbers) in the I.P. address, no different than an area code. Firewalls are intelligent enough (with the correct upgrades/abilities) to constantly compare and identify where an IP address is coming from and the option to exclude or accept IP ranges for certain locations. So in this instance, we would set a rule that I.P. addresses trying to gain access can be from the certain geo-locations of where the business is located in the U.S> and the specific geo-location of the hosted backup services in Russia. All other I.P.’s are excluded. In order to avoid the overseas hackers being granted ANY type of access to the network, you need this feature enabled assuming your existing firewalls has the feature/capability.
- Common File Malware: While Wanna and Petya spread like worms, many ransomware variants leverage social engineering tricks through phishing email attacks, spam, or web downloads to gain entry to your network through more conventional means. These attacks often start as cleverly crafted malware lurking in common files like Microsoft Office documents, PDFs, or executables such as updates for common trusted applications. Hackers have become very effective at making these files seem benign or obfuscating the malware to get past traditional signature-based antivirus detection. As a result of this new breed of file-based malware, sandboxing technology has become an essential security layer at your network perimeter. Fortunately, cloud-based sandboxing typically doesn’t require any additional hardware or software deployment – it simply identifies suspect files at the gateway and sends them to a safe sandboxing infrastructure in the cloud to detonate active content and monitor the behavior over time. It can be extremely effective at blocking unknown threats like new ransomware attacks before they enter the network.
Best Practices for Firewall and Network Configuration:
It’s important to keep in mind that IPS, sandboxing and all other protection the firewall provides is only effective against traffic that is actually traversing the firewall and where suitable enforcement and protection policies are being applied to the firewall rules governing that traffic. So with that in mind, follow these best practices for preventing the spread of worm-like attacks on your network.
- Ensure you have the right protection: Including a modern high-performance nextgen firewall IPS engine and sandboxing solution.
- Reduce the surface area of attack; as much as possible by thoroughly reviewing and revisiting all port-forwarding rules to eliminate any non-essential open ports. Every open port represents a potential opening in your network. Where possible, use VPN to access resources on the internal network from outside rather than port-forwarding.
- Be sure to properly secure any open ports; by applying suitable IPS protection to the rules governing that traffic
- Apply sandboxing to web and email traffic; to ensure all suspicious active files coming in through web downloads and as email attachments are being suitably analyzed for malicious behavior before they get onto your network.
- Minimize the risk of lateral movement; within the network by segmenting LANs into smaller, isolated zones or VLANs that are secured and connected together by the firewall. Be sure to apply suitable IPS policies to rules governing the traffic traversing these LAN segments to prevent exploits, worms, and bots from spreading between LAN segments.
- Automatically isolate infected systems: When an infection hits, it’s important that your IT security solution be able to quickly identify compromised systems and automatically isolate them until they can be cleaned up (either automatically or through manual intervention)
Importance of Firewall Performance:
Ransomware, botnets, and other advanced attacks will often work their way through your entire IT infrastructure. A firewall that includes all the technology needed to help protect your organization from the latest attacks is well worth the investment considering the level of protection and security it provides. Upgrading to newer technology is expensive, the reason being mostly the amount of processing required to constantly compare lists of accepted and blocked I.P.’s while performing its other huge task list. This doesn’t mean that you need to rip out or replace your existing firewall and purchase the top of the line one right now. A lot of firewalls come with features capable of the requirements needed to take the proper security steps for protection but just aren’t utilized. If the feature isn’t actively available check to see if there’s an upgrade or patch. If these still don’t cover the needs, contact your CCSI account manager for a full rundown of your existing firewalls capabilities or options to implementing a firewall with the protection your business needs at a price you can afford.
CCSI’s New Partner for Business Communication Solutions
As an SMB ourselves, CCSI understands the issues unreliable phone systems cause and with so many available options, how do you choose the best system and know you’re getting a great price? We’ve been there. And, although we’re eager to partner with value-driven vendors, few make the cut. Back in 2016, after years of issues with an outdated phone system, we chose and implemented a new communication solution through Sangoma. With 18+ months of hassle-free, improved communications and actual cost reduction, CCSI agrees that Sangoma delivers the industry’s highest quality, IP business phone solution. We’re so impressed with our results that we decided to partner with Sangoma and extend the same quality and cost saving benefits to our own customers.
WHO IS SANGOMA?
Sangoma has more than 30 years of IP communications experience and is a dominant industry leader in hardware and software enabling VoIP systems for telecom and datacom applications. With an abundance of standard features, cost savings, strategically thought out capabilities to grow with your business and adapt with the technology as it continually advances AND comprehensive 1-year warranties, it’s a clear, easy and affordable choice. Everything you need to customize the ideal communications solution to fit your needs is readily available. Whether you’re an SMB looking to deploy a cost-effective, scalable phone system or a large enterprise requiring more advanced capabilities, there is a solution for you.
Enterprise Level Business Communication Solutions at Entry Level Costs – Endless Options and Elementary Implementation. – CCSI Staff
Being that we are an actual tried and true Sangoma IP Phones user, we are able to extend our experience and give a true list of benefits. Here are some of the actual benefits we’ve received since making the switch…
Ease of Deployment – Supports DHCP provisioning and/or PnP provisioning, which is very useful in tightly locked down networks such as our own. Also supports redirection service for remote staff which is very beneficial as it allows phones to be automatically provisioned as soon as they are plugged into an internet connection regardless of their location in the world.
Security – Built-in security mechanisms and monitoring as Sangoma is aware of the growing vulnerability of toll fraud caused because many IP phone vendors simply rely on MAC address validation, which means hackers can pretend to be that phone and create toll fraud and cost your business a lot of money.
Maintenance – As businesses grow or consolidate, new employees arrive or change roles, resulting in the need for IP phone settings to be constantly updated. Sangoma IP phones can be quickly provisioned from a central location so that the administrator can eliminate the requirement for traveling onsite. This is beneficial when adding new employees to a group or adding an entire department and groups of phones. Also, the ability to quickly validate phone settings and update firmware and security on a global and granular level
Feature Rich – Just one of the many features we’ve utilized is PhoneApps, it allows users to control functions and settings directly from the screen of their phone. Apps conducive to increased productivity as they’re user need specific (I.E.: the Presence app to quickly change their availability across all their endpoints and the Login/Logout app to jump from any phone in the office or other locations on their network, instantly pulling in all preferences and custom settings) PhoneApps are included with all Sangoma IP Phones and connect seamlessly with your FreePBX or PBXact phone system.
Cost Reductions – In place of copper wires, VoIP providers use an Internet connection to send phone calls. With traditional telephone service, phone calls are made up of analog data which need to be sent over physical copper wire connections. This requires a fairly complex national telephone infrastructure so that packets of analog data can travel from phone to phone.With VoIP, your phone calls are made up of digital data. It’s easy to send digital data over a long distance without losing any call quality entirely over the Internet. Your VoIP provider uses connections between Internet protocols to transmit the data. This is a cheap and easy mechanism for transporting data, which means that VoIP providers are able to pass their savings on and our bill is has been cut into over 3/4 of what it once was!
End User Control – Unique web-based dashboard for every user. This eliminates the need to contact IT to configure or enable features, freeing up more of their time and also allows our business manager features like checking call queue stats or changing time conditions. Users are empowered to manage and control their own features by logging into UCP from any internet capable device and have access to things such as:
- Voicemail: listening, delete, voicemail-to-email, and recording voicemail greetings
- Follow-me: enable/disable and add phone numbers
- Conference: Create unlimited conference rooms, manage live attendee, and administrator level conference room features
- Presence: manage your presence across all your devices
- Device management: customize the applications and features of your desk phone
- WebRTC phone to make/receive calls and SMS with your colleagues…and the list goes on
WANT TO KNOW MORE?
As a tried and true customer ourselves and through becoming a partner, CCSI has been trained and became well versed in Sangoma technologies hardware solutions and best-suited solutions specific to your business environment. As a partner, we are privy to pricing not attainable by the general consumer. For more information on how to get in on the savings and pricing or how to make the switch to VoIP/ upgrade an existing communications solution, contact a CCSI account manager today!
No matter what your business, data is your most valuable asset. Losing years’ worth of accumulated customer information, financial records, in-house processes and procedures, accounting, sales, and marketing materials…etc. WOULD cause long-term damage to your company. Fact is, 60% of businesses are forced to close their doors outside of 6 months after catastrophic data loss.
Still, the most commonly practiced, onsite data backup isn’t much of a solution at all these days. Not only is it subject to human error more often than most business technology components, it’s also more easily corrupted or destroyed, and at greater risk of theft or compromise. So, how do we protect the critical data that keeps a business alive and ensure the processes we have in place will keep you protected and secure? The answer is cloud backup solutions. Not only is it the more reliable option available but the benefits far outweigh any “risk” or disadvantages.
The main purpose of backing up your data is the ability to roll back and access your archives in the event of local hardware failure. To do business today, you need the confidence of knowing that in the case of catastrophe, your data will be protected and available. By backing up your information in the cloud, you have the perfect destination for your archives. Your files will be at once everywhere; no longer dependent on any single computer or server.
The cloud is also remarkably affordable. It has the advantage of requiring no physical location that you’ll need to handle maintaining on your own. A competent IT provider will keep you connected and can manage your data remotely without too much hassle.
BENEFITS OF CLOUD-BASED BACKUPS
1) TIERED COST VALUE ALIGNMENT
You know those files from years ago that you never look at but hold onto just in case because that one document in a file from 2013 could be your saving grace? Yeah, we all do. Truth is a bulk of your data loses value over time, but it is a necessary evil. Thankfully, someone thought it makes sense that the resources invested in maintaining archives should diminish commensurately and came up with “backup lifecycle management.” This allows you to align your data access needs with the costs involved since you’re able to assign different accessibility statuses to different sections of your archives.
2) SAVINGS AND SCALABILITY
Maintaining low costs is a prominent goal for any business. One of the major benefits of cloud-based backups is that there are no upfront costs associated with increasing your storage and backup capacity as needed. The use of cloud services provides a low-cost, monthly fee solution for data protection and with decreasing cost per GB as volumes grow. Your company can scale up your capacity at a moment’s notice and all at a predictable cost structure, this can be more economical in the long term, which ultimately helps your company reduce costs.
3) UTILIZES EXISTING INFRASTRUCTURE
Cloud-based backups seamlessly integrate with infrastructure that is already in place. No need to purchase new hardware, your existing computer network is all you need in terms of hardware. Your backup and potential recovery is as simple as a download and doesn’t require any expensive additional equipment. Once the backup is complete, it stores the encrypted files at an offsite data center. The entire process takes advantage of cloud technology without requiring any additional expenses.
4) DATA SECURITY
Data security has to be a top priority for everyone in your organization and keeping your critical work files protected is an essential function. With cloud-based backups, 2 copies are transmitted, encrypted and stored in external data centers and off-site. Only authorized users are granted access to the data, greatly reducing the risk your business is exposed to.
Cloud data is stored on multiple disks, at multiple sites specially designed for security and durability of data. Data backup and recovery is a straightforward and speedy process, almost as fast as you can communicate with your provider can the task be completed. It’s important to understand how much bandwidth is available to you though as this will impact the speed and the amount of data you are backing up; which should be measured too. With such high reliability, your employees will be able to focus on their work without worrying about accidentally deleting important files.
6) ELIMINATES TAPE AND AUTOMATED
Backups can now be scheduled or started manually and can be performed at any time with a single click, changing the way businesses protect themselves. Both cloud and tape backup can be an automated process-With tape backup, it relies on the actual tape for reliability, even the best backup plan is vulnerable to:
- Theft/Loss- stored copies are vulnerable to all who access where it is stored and it can easily be misplaced or categorized
- Damage- Susceptible to any number of things from fires, floods, condensation/humidity…etc.
- Expensive- The cost for tapes are not cheap and many are needed, also the time taken away from the employee required to do the backup
- Poor tape quality- It happens quite frequently and only portions of data, if any, can be recovered
Cloud, on the other hand, can backup without disturbing the user and allows them to select how much or how little to restore and do it without engineers’ help. Once your data is backed up in the cloud for the first time, you determine the settings you want for automated backup times, and all of your company’s data is synced without you needing to do anything further. What this means for your company is having the ability to ensure data protection, reduce downtime and limit lost productivity. Files can be recovered instantly and authorized users have remote access to it at all times.
KEEP YOUR BUSINESS GUARDED WITH THE BEST BACKUP SOLUTION
It’s no secret that a company would struggle to survive if it lost all critical data necessary to operations. Even if your business survives such a loss, there are increasingly large financial implications associated with downtime as a result of data loss. Not to mention the hit your businesses reputation would take. While this makes a clear case for the benefits of cloud, the best choice depends on your situation – you may even need hybrid cloud: a mix of the two. If you would like more information and to speak with the experts to find out what is best for your business, contact CCSI today to discover how we can help your organization take advantage of cloud-based technology solutions.
Productivity is a great word that people love to use, however, in the real world, productivity can be summed up in a simple question: Can I do my job easier or not? Microsoft has invested heavily trying to make the user and administrator experiences of Office 365 as easy and simple as possible. If you are thinking about moving your business to Office 365, here are some pretty persuasive reasons why you should.
Office 365 Offers Easy and Seamless Integration with Other Solutions: The tools you already know, use and rely on for your workflow can seamlessly integrate into Office 365. The list of programs and tools that perform well with Office 365 is extensive and includes common solutions like Word, Excel, Outlook, and PowerPoint. Office 365 makes it easy to standardize your file formats and to ensure that everyone on your team can open, access and use the pieces you create.
Mobile, on the Go Access, is Easy with Office 365: Mobile use is at an all-time high and your team uses smartphones, tablets, and other devices to stay connected and perform tasks, even when they are not in the office. Microsoft Office 365 allows your team to open and process documents, access contacts and calendar information and send emails from any connected device. Office 365 works with both PC and Mac and with Android, iPhone and even Blackberry devices.
This mobility allows you and your team to work from home, while you are traveling or from virtually anywhere you can get a connection. Whether you are heading to a trade show, calling on clients or taking a much-needed day off, you connect in an instant to get the information you need to serve customers or support your team.
Office 365 Enhances Communication and Collaboration: It’s easier than ever before to collaborate with your team and for your workers to share and access information. A password-protected portal can be established that allows your team to quickly access the documentation or files then need – and more than one person can access and work on a piece at a time. Once work is complete, progress is tracked and noted so that anyone in the group can quickly determine what has been done and what still needs to be completed.
Collaboration and communication are about more than just opening, editing and sharing documents; Office 365 also supports robust, large-scale storage and sharing and even online meetings.
Intuitive, Easy and Accessible: Unlike some other programs or packages, Office is free of jargon and very user-friendly. It has an intuitive, easy to learn dashboard that is standardized between applications. Even those in your group that are not particularly tech savvy can get up to speed quickly and become efficient users of this flexible suite of tools.
You do not need an on-site IT team to handle Office 365 issues and no one on your team needs to attend any kind of special certification to actually use this software.
Security and Safety Provide Peace of Mind: Microsoft has a robust and proactive security team and Office 365 receives their full attention. In many cases, the company has recognized vulnerabilities and released patches well before a publicized ransomware or malware attack. By identifying risk and possibilities for exploitation early, Microsoft has a long history of taking aggressive action to prevent you from being victimized by cybercriminals. In an ever-changing, ever-evolving landscape, regular patches and updates are a must; you’re far more likely to be victimized if you use a system that is regularly protected and up-to-date.
Security is about more than updates; Office 365 features the same robust systems used by Microsoft and some of the biggest brands to protect networks, documents, and even email. With built-in scanning capabilities, your Office 365 suite can scan your email around the clock and alert you to any suspicious software or attempts to hack your systems.
Office 365 was designed with reliability in mind and Microsoft does more than the promise they’ll be online; they offer a 99.9% uptime guarantee via a financially backed SLA (Service Level Agreement) to provide peach of mind about availability.
Flexible, Scalable Solutions: With a simple pay-as-you-go pricing setup and plenty of flexible options, you can start small and scale at your own pace. You don’t have to pay for more than you’ll use or begin to feel restricted as you grow. For new businesses experiencing growth, this flexibility ensures cost effectiveness. Since you can scale up as needed, your team can continue to work with the tools they are familiar with as you grow, you don’t have to change to a new system or adapt to new tools.
From cost efficiency and scalability to the peace of mind that comes from working with Microsoft, Office 365 has plenty to offer the enterprises of all sizes. Interested in Office 365 and want to learn exactly what it can do for you? Contact CCSI (817) 459-4000 ext: 28; we understand the power of this suite of tools and know just how much it can help your business grow.