{"id":15764,"date":"2014-10-08T13:40:49","date_gmt":"2014-10-08T17:40:49","guid":{"rendered":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed.html"},"modified":"2014-10-08T13:40:49","modified_gmt":"2014-10-08T17:40:49","slug":"it-experts-vital-security-issues-not-always-simple-need-to-be-addressed","status":"publish","type":"post","link":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/","title":{"rendered":"IT Experts: Vital Security Issues Are Not Always Simple, But Need To Be Addressed"},"content":{"rendered":"
\n
\"markshaw.jpg\"\n<\/div>\n
Mark Shaw, founder and president of Stored Technology Services (StoredTech)\n<\/div>\n<\/div>\n

Computer system security lapses periodically
\nmake headlines, causing serious problems
\nfor those whose systems have been violated. It
\nshould make all businesses take notice.
\nBut local IT experts say that while the ramifications
\ncan be severe, steps can be taken to
\nsee it doesn’t happen.<\/p>\n

Alex T. Silverstein, president of Unified
\nDigital Group LLC in Ballston Spa, noted
\nthat “every business that retains electronic
\nrecords of any kind should consider whether
\nor not portions of those records need to be
\nencrypted.”<\/p>\n

“We hear about the hacking and theft of
\ncredit cards every night on the news,” said
\nMark Shaw, founder and president of Stored
\nTechnology Services (StoredTech). “For the
\nsmall business owners like us, there are a
\nnumber of lessons to learn from these events.”
\nHe stressed that an upcoming issue involving
\nMicrosoft servers needs to be addressed soon.<\/p>\n

Jared Humiston, president of Adirondack
\nTechnical Solutions, said security needs to
\nbe thought of in layers and businesses should
\nconsider that approach.
\nEach expert provided the Saratoga Business
\nJournal with some advice.<\/p>\n

Shaw on Secure Servers<\/strong>:<\/p>\n

While it’s pretty clear that these attacks
\nwere coordinated against targets like large
\ncorporations there are takeaways for all of us.
\nWhat is the largest item for security coming up for many businesses? There is an easy answer.<\/p>\n

Microsoft is focusing on security for its
\nServer 2003 operating system. This is going end-of-life July 14, 2015, which means that
\nservers in many environments will need to
\nbe replaced and migrated to a newer version.
\nMicrosoft will no longer provide updates or
\nfix security flaws exposed after that date. In
\nessence the servers are sitting ducks.<\/p>\n

While Windows XP dying made a splash this
\nyear, this issue is even larger. Servers are the
\nbackbone of many networks and if they are not
\nupgraded, everything from files, applications
\nand more could be compromised and used by
\nthose looking to breach a company’s security.<\/p>\n

The single largest event for many businesses
\nis this end-of-life for the core of their
\nnetworks. Upgrading or replacing a server
\noperating system requires more than just
\nbuying a new version and installing it. There
\nare a number of things to consider:<\/p>\n

Can your hardware handle the upgrade? If
\nyou have a server that is five-plus years old,
\ndoes it have the horsepower to run the new
\noperating system? Server 2003 would run with
\nmuch lower requirements then the new 2012
\nR2 editions.<\/p>\n

Is your server under warranty? Older servers
\nwill be out of coverage and it becomes a
\nbusiness decision to continue to utilize hardware
\nthat cannot easily be repaired.<\/p>\n

Will all your applications work on the new
\noperating system? Often applications like
\nQuickbooks need to be upgraded to the latest
\nversion. If this is not planned for it can cause
\na slowdown in the upgrade path and increase
\nunexpected costs.<\/p>\n

What other functions does that server provide?
\nDoes it run the company’s printers? Does
\nit allow users to connect remotely? Does it run
\nthe email services for the company? Defining
\nthese items and addressing how they will work
\nmoving forward is fundamental to a successful
\ninstall of a new server and operating system.<\/p>\n

Upgrading an operating system on your
\nhome computer is far less intensive than the
\nupgrade of an operating system on a server.
\nLooking at these issues can make the process
\na lot less painful.<\/p>\n

This is just one of many things that will
\nhelp ensure that a company is protected, other
\nitems like proper virus protection, firewalls,
\nVPN’s, policies, mobile device management,
\nweb security, and more will make the environment
\nless prone to vulnerabilities. Discussing
\nWindows Server 2003 going end of life, should
\nbe on every company’s road map for 2015, and
\nthe time to plan for that is now.<\/p>\n

Humiston, Layering Security<\/strong>:<\/p>\n

\n
\"tech\n<\/div>\n
Jared Humiston, president, Adirondack Technical Solutions\n<\/div>\n<\/div>\n

As a solutions oriented company with a
\nfocus on security, we have seen cyber crime
\nreach an all-time high in recent years. In many
\ncases, small business owners that do not work
\nwith a security focused IT firm find out how
\nvulnerable their data is when it is too late.<\/p>\n

The damage done from a cyber-attack could
\nprove catastrophic for a business. We have
\nseen the negative results of cyber-attacks on
\nsome of the larger companies. These companies
\nhave taken losses in the tens of millions
\nof dollars and have lost the public’s confidence,
\nfurther increasing the damage done to their
\norganization.<\/p>\n

Security needs to be thought of in layers.
\nA simple password that you change every 90
\ndays is not enough. Those layers should go
\nbeyond the out of the box virus protection and
\nfirewalls. Companies also need to consider
\nhow their employees are using their technology
\nin and out of the office and include social
\nengineering into their security policy.<\/p>\n

These policies should be reviewed and
\nupdated on an annual basis to ensure they are
\ncurrent. Security should be an organizational
\neffort with the sole goal of improving the company’s
\nsecurity posture and protecting their
\ndata and their client’s data.<\/p>\n

Technology is ever changing and your
\norganization should be prepared for change.<\/p>\n

Cloud computing, electronic purchasing and
\nmillions of mobile devices have increased the
\nnumber of targets for cyber criminals. It is
\nrecommended that companies with high-risk
\ndata or that may fall in a regulated industry,
\nhave annual risk assessments and vulnerability
\nassessments completed to make sure
\nthe improvements made to your environment
\nthroughout the year have not opened up new
\nholes in which you can be exploited.<\/p>\n

We encourage these businesses to contact
\ntheir local IT Service provider for the proper
\nguidance in implementing a security program
\nin their organization.<\/p>\n

\n
\"alex-silverstein\n<\/div>\n
Alex T. Silverstein, president, Unified Digital Group LLC, Ballston Spa\n<\/div>\n<\/div>\n

Silverstein on Encryption<\/strong>:<\/p>\n

A company can incur significant financial
\nand legal penalties if any personal, financial,
\nor other sensitive information is exposed to
\nunauthorized parties.<\/p>\n

In layperson’s terms, encryption is the process
\nby which clear text, that is, data stored
\nin its original, unmodified state, is rendered
\nunreadable by humans and, more importantly,
\nun-hackable (in most cases) by sophisticated
\ncomputer programs designed to steal that
\ninformation.<\/p>\n

Encryption is performed by running
\nspecialized, mathematical programming
\nalgorithms that manipulate your clear text,
\nresulting in protected cypher text. If you are
\nnot a programmer or database administrator,
\nyou will most likely need to hire one to accomplish
\nthis task for you.<\/p>\n

Most strong forms of encryption usually
\nwork by way of a pair of digital keys, known
\nas a public and private key. Your public key
\nis used to encrypt your data. You can share
\nthis key with anyone who needs to create
\nencrypted data for you. Your public key cannot
\nbe used to decrypt (that is, to un-encrypt)
\nyour data. Only the private key can be used
\nto perform decryption; therefore, you should
\nnever share it with any unauthorized parties.<\/p>\n

If your institution is in the habit of storing
\nsensitive information in clear text in a database,
\nspreadsheet, or other electronic format, it is up
\nto you, as a principal of the company, to take
\naction as soon as possible. The cost of hiring
\na professional to perform data encryption is
\nsurprisingly low (since it is a common task), the
\nreduction of risk is immediate, and your return
\non investment exceedingly high.<\/p>\n","protected":false},"excerpt":{"rendered":"

Mark Shaw, founder and president of Stored Technology Services (StoredTech) Computer system security lapses periodically make headlines, causing serious problems for those whose systems have been violated. It should make all businesses take notice. But local IT experts say…<\/p>\n","protected":false},"author":121,"featured_media":20313,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[38],"tags":[57],"yoast_head":"\r\nIT Experts: Vital Security Issues Are Not Always Simple, But Need To Be Addressed - Saratoga Business Journal<\/title>\r\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\r\n<link rel=\"canonical\" href=\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/\" \/>\r\n<meta property=\"og:locale\" content=\"en_US\" \/>\r\n<meta property=\"og:type\" content=\"article\" \/>\r\n<meta property=\"og:title\" content=\"IT Experts: Vital Security Issues Are Not Always Simple, But Need To Be Addressed - Saratoga Business Journal\" \/>\r\n<meta property=\"og:description\" content=\"Mark Shaw, founder and president of Stored Technology Services (StoredTech) Computer system security lapses periodically make headlines, causing serious problems for those whose systems have been violated. It should make all businesses take notice. But local IT experts say...\" \/>\r\n<meta property=\"og:url\" content=\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/\" \/>\r\n<meta property=\"og:site_name\" content=\"Saratoga Business Journal\" \/>\r\n<meta property=\"article:published_time\" content=\"2014-10-08T17:40:49+00:00\" \/>\r\n<meta property=\"og:image\" content=\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/wp-content\/uploads\/sites\/48\/2014\/10\/markshaw.jpg\" \/>\r\n\t<meta property=\"og:image:width\" content=\"172\" \/>\r\n\t<meta property=\"og:image:height\" content=\"210\" \/>\r\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\r\n<meta name=\"author\" content=\"Saratoga Business Journal\" \/>\r\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\r\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Saratoga Business Journal\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\r\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/\",\"url\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/\",\"name\":\"IT Experts: Vital Security Issues Are Not Always Simple, But Need To Be Addressed - Saratoga Business Journal\",\"isPartOf\":{\"@id\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/#website\"},\"datePublished\":\"2014-10-08T17:40:49+00:00\",\"dateModified\":\"2014-10-08T17:40:49+00:00\",\"author\":{\"@id\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/#\/schema\/person\/ddf5fd6df8c43505ff3a5fb93e64871d\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"IT Experts: Vital Security Issues Are Not Always Simple, But Need To Be Addressed\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/#website\",\"url\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/\",\"name\":\"Saratoga Business Journal\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/#\/schema\/person\/ddf5fd6df8c43505ff3a5fb93e64871d\",\"name\":\"Saratoga Business Journal\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/2c854d5e50c70dc686bfc980524ca4f5?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/2c854d5e50c70dc686bfc980524ca4f5?s=96&d=mm&r=g\",\"caption\":\"Saratoga Business Journal\"},\"sameAs\":[\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/\"],\"url\":\"https:\/\/www.saratoga.com\/saratogabusinessjournal\/author\/saratogabusinessjournal\/\"}]}<\/script>\r\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"IT Experts: Vital Security Issues Are Not Always Simple, But Need To Be Addressed - Saratoga Business Journal","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/","og_locale":"en_US","og_type":"article","og_title":"IT Experts: Vital Security Issues Are Not Always Simple, But Need To Be Addressed - Saratoga Business Journal","og_description":"Mark Shaw, founder and president of Stored Technology Services (StoredTech) Computer system security lapses periodically make headlines, causing serious problems for those whose systems have been violated. It should make all businesses take notice. But local IT experts say...","og_url":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/","og_site_name":"Saratoga Business Journal","article_published_time":"2014-10-08T17:40:49+00:00","og_image":[{"width":172,"height":210,"url":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/wp-content\/uploads\/sites\/48\/2014\/10\/markshaw.jpg","type":"image\/jpeg"}],"author":"Saratoga Business Journal","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Saratoga Business Journal","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/","url":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/","name":"IT Experts: Vital Security Issues Are Not Always Simple, But Need To Be Addressed - Saratoga Business Journal","isPartOf":{"@id":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/#website"},"datePublished":"2014-10-08T17:40:49+00:00","dateModified":"2014-10-08T17:40:49+00:00","author":{"@id":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/#\/schema\/person\/ddf5fd6df8c43505ff3a5fb93e64871d"},"breadcrumb":{"@id":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/2014\/10\/it-experts-vital-security-issues-not-always-simple-need-to-be-addressed\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/"},{"@type":"ListItem","position":2,"name":"IT Experts: Vital Security Issues Are Not Always Simple, But Need To Be Addressed"}]},{"@type":"WebSite","@id":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/#website","url":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/","name":"Saratoga Business Journal","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/#\/schema\/person\/ddf5fd6df8c43505ff3a5fb93e64871d","name":"Saratoga Business Journal","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/2c854d5e50c70dc686bfc980524ca4f5?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2c854d5e50c70dc686bfc980524ca4f5?s=96&d=mm&r=g","caption":"Saratoga Business Journal"},"sameAs":["https:\/\/www.saratoga.com\/saratogabusinessjournal\/"],"url":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/author\/saratogabusinessjournal\/"}]}},"_links":{"self":[{"href":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/wp-json\/wp\/v2\/posts\/15764"}],"collection":[{"href":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/wp-json\/wp\/v2\/users\/121"}],"replies":[{"embeddable":true,"href":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/wp-json\/wp\/v2\/comments?post=15764"}],"version-history":[{"count":0,"href":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/wp-json\/wp\/v2\/posts\/15764\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/wp-json\/wp\/v2\/media\/20313"}],"wp:attachment":[{"href":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/wp-json\/wp\/v2\/media?parent=15764"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/wp-json\/wp\/v2\/categories?post=15764"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.saratoga.com\/saratogabusinessjournal\/wp-json\/wp\/v2\/tags?post=15764"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}