Author: Poppy Lamb

SD-WAN vs MPLS – What’s the difference in ‘legal’ terms?

In today’s fast-paced legal environment, where you have staff working from multiple locations and remotely, users aren’t worried about what type of Wide Area Network (WAN) they’re using – but just whether they can access systems and data when they need to and at the highest speeds. It doesn’t matter if they’re accessing systems through your head office, a datacentre or via the cloud; your network needs to deliver the right systems and apps at the right time, to the right people. And without delays or dropouts.

So, which solution offers the best ROI? 

As a result of this high demand and the growing need for networked business-critical systems, today’s WANs are becoming stressed beyond capacity. Consequently, networking teams are looking to expand network capabilities by implementing technologies such as Multiprotocol Label Switching (MPLS) and Software-Defined Wide Area Network (SD-WAN) solutions… But which solution will allow your business to get the best return on your network optimisation investment, and how do you select the right one?

What is MPLS?

MPLS is often implemented on high-performance networks. In the debate against which is better, MPLS or SD-WAN, MPLS has one notable advantage: its ability to deliver packets reliably and provide a high QoS (Quality of Service). This is a significant benefit for businesses that rely on real-time protocols such as VoIP, virtual desktops and video conferencing as these systems are able to operate without loss of signal or quality over an MPLS framework. MPLS also allows for the creation of CoS/QoS buckets that ensure traffic with a higher priority is delivered with a lower probability of packet loss.

So, how does MPLS work and why is it so reliable? MPLS works in a similar way to network routers and switches and uses packet-forwarding labels that determine how and when data will be forwarded. Each packet is assigned a label which separates it from other traffic on the WAN. When there are many users on a shared network using a large number of high-demand apps, this traffic predictability can be a big plus.

However, MPLS does come with one major caveat; bandwidth cost. This is becoming an increasing issue for organisations that eat bandwidth like there is no tomorrow, and who must pay the price to keep their systems running efficiently.

What is SD-WAN?

As the cost of MPLS continues to rise, organisations have started to look for better and more affordable alternatives. SD-WAN is the perfect solution for businesses that want a more open, flexible, cheaper and cloud-based WAN.

The benefits of SD-WAN speak for themselves. The most notable ones being scalability, global availability, visibility, advanced controls and high performance. It is also extremely quick to put into place and can be increased and reduced as and when required.

However, SD-WAN’s biggest advantage for many organisations is its cost factor, especially when compared to MPLS. Generally, the more SD-WAN you use the cheaper it gets and it can be upgraded easily without making any changes to the network or infrastructure.

Security is another huge selling-point of SD-WAN; perfect for a legal business that needs to ensure it chooses a network system that integrates performance, security, orchestration and policy in one solution. SD-WAN unifies secure connectivity while also offering end-to-end encryption both across the WAN and over the internet.

Which is Right For Your Business?

When it comes to agility, flexibility, scalability and cost, SD-WAN is a worthy winner for the legal sector and fast becoming the preferred choice for many firms. However, for organisations with specific connectivity requirements that depend on the quality of real-time protocols such as VoIP, an MPLS solution may be the right choice.

Forcepoint’s Secure Enterprise SD-WAN addresses the challenges faced by today’s modern law firms by cutting networking costs without compromising performance, agility or security. NETprotocol’s solution combines the latest SD-WAN technology and allows you to scale your network with ease, and access cloud-based apps and enterprise systems securely and efficiently.

To see how SD-WAN is benefitting other law firms, watch the WEBINAR below:

StorageCraft Make Top 5 in Cloud Backup Enablers List

If your business is dependent on accessing data, you will know how critical it has become to have an effective backup solution in place. The risk of losing access to customer or financial data and critical business applications can no longer be justfied.

As a result, we have seen a huge rise in the number of clients taking up cloud-based backup solutions over recent years. However with many new technology vendors entering the sector – and some being more credible than others – it is difficult to know where to start when sourcing the best solution for your needs?

A recent report has named the Top 25 Cloud Backup Enablers for 2019 noting that ‘the companies which have gained a strong foothold in the industry are not all so similar.’ They found each vendor offers distinctive features and services with some being pure ‘enablers’, others being available only through the channel (resellers) and some being accessible through both options.

Technology vendors were assessed on a number of factors, such as technology, features, ease of use, dedication to MSPs, channel, revenue structure, reputation, support, price entry point, value, and corporate culture of the companies. So which, if any would suit your organisation’s needs?

Ranking as 5th in the list (see left), StorageCraft serves many of NETprotocol’s legal clients with its infinite scale-out storage architecture and award-winning backup and disaster recovery products. “With this technology, we can provide a single-cross-platform solution that protects a mixed, hybrid environment, ensuring IT systems and data are fully protected and always available. StorageCraft ensures you will avoid any data loss and can recover your systems in just minutes,” explains Mike Batters, Technical Director and Founder at NETprotocol.

Below is StorageCraft’s summary which is included in the full report – available here on www.storagenewsletter.com >>

Ranking No 5: StorageCraft

“Utah-based StorageCraft predominantly operates through its channel partners (VARs and MSPs), but also sells its cloud-based storage services directly to the customer; supporting its partners in increasing the reach of the business; sharing success while acknowledging that the success of its partners is indeed a benchmark for its own success. The different flavours of the ShadowProtect software have won several industry awards for its fast and accurate backup, reliable DR, secure data protection and is considered the gold standard for system migration for Windows Desktops and servers. The products have the proven capacity to lower costs; reduce downtime; improve security; ensure stability and integrate the remote and mobile systems with the enterprise network.”

More information on StorageCraft’s backup and DR solution, can be found here >>

Or alternatively if you require further advice on backup and DR options to suit your business needs, contact us on:

How Easy Are Your Passwords To Hack?

As we usher in the New Year, it’s as good a time as any to think about password security. Is it time to refresh those stale and potentially leaked passwords you’ve been hanging on to for so long? Possibly. December 2018 saw yet another huge data breach, this time at question-and-answer site Quora, with over 100 million user passwords said to have been leaked. If you haven’t already followed our advice for beating holiday season cybercriminals, let us offer you another opportunity to push yourself in the right direction!

How Criminals Get Your Password

Password theft can occur in multiple ways, from phishing attacks and keylogging to shoulder surfing and mass data breaches like the Quora one mentioned above. In the case of a data breach, plain text password dumps are the dream ticket for cybercriminals, but even hashed passwords dumps like the Quora breach are of great value. A hash of a password isn’t directly reversible — there’s no way to take the hash and decode it — but hashes are determinate. That means the hash for any given string like a password will always produce the same hash. If this wasn’t so, hashes wouldn’t be much good for security purposes. Thus, the sha256 for “hello world” will always produce

a948904f2f0f479b8f8197694b30184b0d2ed1c1cd2a1ec0fb85d299a192a447

Given that determinacy, password crackers can build hash tables of common words and known passwords and then check those against the hashes revealed in data dumps.

If criminals find the hash for say, 123456 in the data dump, then they can easily search their tables for that hash and find it belongs to the most popular password used for the last 6 years in a row! That password hash, and millions of others generated from plain-text dumps and password cracking utilities, is sure to be in every cracker’s look-up tables.

Signs of a Weak Password

There’s a bunch of tell-tale signs that you’re using a password that can easily be cracked, but beware of online services that claim to test your password strength. They’re not all entirely reliable. For example, a study in 2017 found that

the password password$1 is deemed “Very Weak” by Dropbox, “Weak” by Apple, “Fair” by Google and “Very Strong” by Yahoo!

Earlier work concluded much the same thing, with Twitter and FedEx serving up very different conclusions to Dropbox and Google about password strength of the same password string:

The explanation for these differences revolves around two competing demands on good password choice: security versus usability. Password strength meters typically try to make a compromise between what makes something difficult to crack with what makes something memorable enough to be usable. Studies have shown that when employers try to enforce uncrackable passwords on staff, it can have a negative impact on productivity. As a result, many employees try to circumvent restrictive workplace password policies. Also:

For e-commerce sites like eBay, portals like Yahoo! and order accepting sites like Kaspersky, usability is very crucial because every login event is a revenue opportunity. Anything that undermines user experience impairs the success of the business. So they tend to have less restrictive password policies.

While password strength meters may at least provide one indication of password vulnerability – a sign that a password is weak shouldn’t be ignored – there’s also a number of things you can check to help avoid creating a weak password.

Here’s 7 signs of a weak password:

1. Your password is widely used by others

Every year SplashData compile a list of the worst (i.e., most common) passwords. Here’s their top 25 for 2018; make sure yours isn’t in it!

1     123456    (Rank unchanged from last year)
2     password    (Unchanged)
3     123456789 (Up 3)
4     12345678 (Down 1)
5     12345 (Unchanged)
6     111111 (New)
7     1234567 (Up 1)
8     sunshine (New)
9     qwerty (Down 5)
10    iloveyou (Unchanged)
11    princess (New)
12    admin (Down 1)
13    welcome (Down 1)
14    666666 (New)
15    abc123 (Unchanged)
16    football (Down 7)
17    123123 (Unchanged)
18    monkey (Down 5)
19    654321 (New)
20    !@#$%^&* (New)
21    charlie (New)
22    aa123456 (New)
23    donald (New)
24    password1 (New)
25    qwerty123 (New)

2. Your password is a superhero, plus a number

Batman, Spiderman, Supergirl and friends may be cool in some contexts, but not in passwords. Think of every superhero in popular culture, add some iconic movie characters like Neo and Trinity from the Matrix, Mr Spock and Captain Kirk from Star Trek, and you’ve still only got a couple of thousand words for hackers to add to their hash tables.

Ah, of course, but you added a number to it for extra security, right? In an analysis of over 10 million leaked passwords, nearly half a million were found to end with a number between 0 and 99.

a decent password cracker can very easily append a number, or several thousand, to its dictionary of words or brute-force approach

Regex to test for this and similar patterns are simple for hackers to construct and take only seconds to crack.

3. Your password contains your birthdate

Birthdates are one of the things many naive users will instantly think of when creating a password, as it’s the simplest thing for almost everybody to remember. Unfortunately, it’s also information that is easily discovered by bad actors. Many social media sites will require or encourage users to input their birthdate, and who doesn’t like getting lots of birthday cheers on Facebook?

Hackers, of course, know this and they know how to find this data. It’s also a trend that seems common among younger users, so a guess of the present year minus anything between 13 and 30 years is another easy pattern for password crackers to test.

4. You’re too cool to care!

In 2018, “whatever”, “blahblah” and “trustno1” were the 91st, 66th and 79th most popular passwords, respectively. Being original is incredibly hard, and password attackers are ready for society’s disenchanted!

5. Your password is a word backwards

This, too, isn’t as original as many people naively suppose. Reversing a word doesn’t improve the security of a bad password in the slightest, since it’s the easiest thing for a hacker to do in one line of code in almost every scripting and programming language ever invented.

6. Your password is a keyboard pattern

What do the following random-looking passwords have in common, aside from being easily crackable?

  • 1q2w3e
  • 1qaz2wsx
  • zxcvbnm
  • !@#$%^&*

Well, two things, actually. First, they are all in the top 100 most commonly used passwords for 2018; secondly, they are all based on keyboard patterns.

7. Your password is too short

What’s a good password length that will be both secure and memorable? Anything less than 10 characters is easy to crack. A 6-character password drawn from a 74-character characterset (upper & lower case, numerals and special characters) can be cracked in 0.16 seconds:

And surprisingly, shorter isn’t necessarily more memorable. There are ways to remember even the longest passwords. Compare this difficult-to-remember 12 character string:

l7aHPQ9-*=[9)(

with this lengthy passphrase, which contains all the same special characters:

NotInA(1)Month=[31-Days]Of*Sundays*

A passphrase of 35 characters is far less likely to get brute-forced in anyone-round-here’s lifetime!

Passwords The Right Way

Avoiding these common pitfalls will help reduce your chances of having your passwords cracked if they are hoovered up in some mass data breach during 2019 or later. However, user-created passwords are always going to be prone to predictability, and hackers have the best tool for parsing predictable human-created data: computers that can run automated scripts!

The only sure way to defeat cracking attempts is to have a password with maximum entropy that is unique to each site. Our advice is use a good password manager to both create and manage passwords and, wherever available, turn on 2FA or similar authenticator protocols.

On top of that, don’t forget to change your passwords on a regular basis. With passwords responsible for protecting some of your most vital assets, what could be a better resolution to start New Year 2019?

Like this article? Follow us on LinkedIn or Twitter to see the content we post.

28th December 2018 | Categories: Education, Endpoint Security, Legal IT, Security

Five Tips: Beat the Cyber-Criminals This Xmas

The festive spirit isn’t the only thing that’s infectious as the 2018 holiday season approaches. It’s typically the time of year when we see an uptick in cybertheft. With online spending expected to further increase on 2017 figures, this xmas is a mouth-watering proposition for criminals.

With retailers swamping inboxes with millions of promotional emails, and hungry shoppers desperately looking for great buys, it’s the perfect time to slip phishing emails and malicious links into the flood of traffic entering your business.

If you’re one of the millions of businesses with staff who intend to shop online this holiday season, make sure you’ve taken all the appropriate precautions before they get started. Whether they’re shopping from their laptop or mobile, workstation or tablet, here’s five essential things you need to do before they start buying.

1. Update Your Kit

If you’re not using “the latest and greatest” version of your OS and software, you’re leaving open security holes that have not only been patched by the vendors since your last update, but which have been published and are therefore known to criminals by now as well. Hackers study security fixes made by vendors and then go looking for devices that haven’t been patched by users. So, first check your OS for any updates, and then take an inventory of any software your staff might use for online shopping purposes. Web browsers, banking apps, shopping apps, and password managers all need to be on the latest available version.

2. Refresh Your Passwords

Nobody likes changing their passwords – all that new muscle memory to learn! But the start of the holiday season is the best time to do it, for two reasons. First, fingers will find it easier to learn these new taps as they’ll likely be exercising password routines more than usual during this time of year. Second, online password dumps have become so common that if passwords haven’t been refreshed since last Holiday season, there’s a good chance they’re already floating around in some database for sale on the Dark Web by now.

Your staff should be using a password manager and a secure password generator. Their pet’s name and birthday do not fall into the category of “secure”! Reversing their name or phone number aren’t going to cut it either, and don’t even consider patterns like “superman99” and “batmanOO7” or using the word “love” anywhere in a password! The cyber criminals are way ahead of you!

3. Add Additional Authentication Layers

Wherever available, opt-in to two-factor (2FA) and similar authentication layers which make it more difficult for breaches to occur. On top of the extra security step when you log in, you will typically receive a message whenever your account is accessed.  This can help alert hacking attempts sooner rather than later. Some sites and services allow the use of OTPs (one-time passwords), which usually expire after a short time. These may be sent via email, text or through a dedicated security app like Google’s Authenticator if you’re using Gmail or other Google services.

Always take the opportunity to register for these extra protections when offered. Check account settings with major providers like Google, Microsoft Live and Apple iCloud to turn on two-factor authentication if you haven’t done so already.

4. Ensure Websites are the Real Deal

Fake websites are becoming harder to spot, and hackers have got very good at cloning commercial sites to the point where they are almost indistinguishable from the real thing. Look for the little padlock to the left of the URL in a browser’s address bar, and click it to view details about a site’s security. Note that the color of the padlock signifies different things. Here’s Microsoft’s explanation for Edge:

“While a grey lock means that the website is encrypted and verified, a green lock means that Microsoft Edge considers the website more likely to be authentic. That’s because it’s using an Extended Validation (EV) certificate, which requires a more rigorous identity verification process.”

If your business users access the latest version of Chrome, the browser will now warn you about sites that are using the older insecure HTTP protocol and outdated certificates. Heed the warnings. For Safari users, in the browser’s Advanced Preferences, be sure to check the “Show full website address” box for the smart search field to see at a glance the real address that you land on.

5. Stay Off Public Wifi

Of course, we all access the internet on the move nowadays, escpecially at this time of the year when we’ve got a long christmas list to get through, or simply need to check the balance of a bank account?

Don’t, however, be tempted to take up that free Wifi offer that comes with your cappuccino. Sure, the site you connect to might be encrypted, but that doesn’t stop snoopers on a public network from gathering information about bank details and items you’re looking to buy. That might be just what they need for a targeted spear-phishing attack. Worse, if the hotspot itself is infected or malicious, you could be subjected to a man-in-the-middle attack or be tricked into downloading malware.

When browsing on the move, stick to your cell provider and link your laptop or tablet to your phone’s personal hotspot service if available.

Conclusion

We all need to exercise safe browsing and computing practices throughout the year, but if you haven’t started yet, the holiday shopping season is the right time to begin! By encouraging your staff to employ the tips we’ve outlined above, you will be a more difficult target and reduce the chances of becoming yet another victim on the stats sheet.

For enterprise security, check out SentinelOne and see why Fortune 500 companies are switching from their traditional solutions. Or contact NETprotocol today to ensure your systems and users are secure from cyber criminals.

26th November 2018 | Categories: Endpoint Security, Security

NETprotocol receive Top Innovation Award from Extreme

As Extreme Networks approaches $1 billion of revenue following its recent acquisitions of Brocade Data Center Networking and Avaya Networking amongst others, we were eager to hear the nominations of their new Extreme Networks Global Partner Awards to be presented at the Global Partner Summit 2018.

The event brought together over 500 global partners at the Hilton in Prague on 23rd October this year and was attended by NETprotocol’s Managing Director, Paul Walker and Commercial Director Matt Widdowson. A worthwhile trip as we now know, it was an absolute privelege for NETprotocol to accept the title of ‘Innovation Partner of the Year 2018’.

The awards celebrate and recognise the ‘ingenuity and exceptional achievements’ of Extreme Networks’ partners in the past year.

With such a long-standing relationship, NETprotocol was Extreme Networks’ first UK partner and were recognised this year ‘for significant growth of 433% in 2018, as well as for the incredible support network they have provided to their clients.’

“This has been a fantastic year which has seen NETprotocol’s partnership with Extreme Networks going from strength to strength. We have improved in so many ways and this is thanks to our amazing team of people,” comments Paul Walker, Managing Director at NETprotocol.

Extreme’s recent proposition reform, which enables partners like NETprotocol to create tailored networking solutions led by the customer in order to optimise network efficiency and security, whilst fitting with indivudual budgetary constraints, has worked to the advantage of our legal and education clients throughout the UK.

NETprotocol regard this award as a great privilege and anticipate an even more successful year in 2019!

1st November 2018 | Categories: Education, Legal IT, Managed Services, NETprotocol News, Networking

Forcepoint NGFW has done it again… NSS Labs* Report 2018

Confirmed to offer the leading combination of enterprise security and affordability, NSS Labs’ latest NGFW Test Industry Analyst Report published in 2018 rates Forcepoint’s Next Generation Firewall (NGFW) the ‘highest security efficacy’ score out of all 10 vendors involved, for 3rd time in a row.

Achieving the highest overall rating ‘RECOMMENDED’, NETprotocol is proud to be partnering a vendor which has achieved a perfect record since NSS Labs began testing next gen’ firewalls six years ago.

Despite this year being the most difficult yet, including 39% more evasion tests than last year, Forcepoint was able to maintain their No.1 rating for security efficacy and stopped 99.7% of all attacks and blocked 100% evasions.

“If staying secure is a priority – as it is for our trusted legal clients – you can’t get better than this,” confirms Technical Director, Mike Batters from NETprotocol.

“The Forcepoint 2105 had the highest security effectiveness in the NSS Labs 2018 NGFW Group Test,” verified CEO Vikram Phatak at NSS Labs, “and its throughput was rated even higher than Forcepoint’s claimed performance.”

The throughput measured by NSS Labs outperformed even Forcepoint’s own published rates, achieving 102% for unencrypted traffic and 148% for SSL/TLS traffic:

So how does Forcepoint deliver this unsurpassed security performance?

To find out, download the FREE REPORT and view the full test analysis from NSS Labs below:

*NSS Labs is the leading independent, third-party assessment that tests network security products under real-world conditions. For more information click here: https://www.nsslabs.com/ 


9th October 2018 | Categories: Firewalls, forcepoint, Network Security, Security

Ransomware Study – Quantify Your Risk of an Attack

A year on from the crippling WannaCry and NotPetya attacks, ransomware continues to be one of the most prevalent cyber threats facing law firms today.

Latest independent research carried out by Vanson Bourne and commissioned by No.1 Next Gen Endpoint Security vendor, SentinelOne reveals some interesting statistics. These should help you quantify the risk of a ransomware attack disabling your organisation and decide on next steps for how to mitigate these in future.

One to highlight is the cost of ransomware to an individual business which from the responses of 500 IT Security professionals, this has been calculated at an average of £591,000 per organisation. Given that 56% of firms surveyed had been hit in the last 12 months (which is just over a 1 in 2 chance), it’s clear that every IT security professional needs to be accounting for ransomware in their budget… But how much is realistic?

There’s one thing for sure, if you’re prepared you won’t be paying out the sums of money this survey has found other firms are. A solution which NETprotocol recommends to our legal clients and believes is perfectly placed to keep your systems safe, is the SentinelOne Endpoint Protection Platform (EPP). This unifies prevention, detection, and response in a single, purpose-built agent powered by machine learning and automation.

Most traditaional antivirus solutions are no longer capable of detecting the sophisticated strains of ransomware that are being released daily, however SentinelOne’s Next Gen solution will identify attacks in real-time and mitigate any damage, by containing the infection and rolling back the compromised endpoints.

Having read the Ransomware Research Survey with interest, co-founder and technical director at NETprotocol, Mike Batters explains;

“Beyond the industry leading protection delivered by SentinelOne EPP, the lightweight engine does not slow systems or user experience, whilst the forensic level logging and deep visibility provide administrators with instant analytics on both user and software behaviours, which can be built in to GDPR audit procedures. SentinelOne EPP is far more than just a Next Gen Anti-Malware solution and is rapidly becoming a go-to solution for many different end point scenarios.”

To view the full results of the Ransomware Research Report, click here >>

Or to watch SentinelOne in action, click here >>

23rd August 2018 | Categories: Endpoint Security, Free Trials & Offers, Legal IT, Security

NSS LABS REPORT – Leading Next-Gen Endpoint Protection

100% Block Ratings Online and Offline

NSS Labs, Inc is one of the most trusted sources for independent guidance on cybersecurity solutions and services. Founded in 1991, NSS Labs’ exhaustive tests assess the security effectiveness and total cost of ownership for products the length and breadth of the industry, from web browser security to endpoint protection.

Armed with a security harness of £30m – the industry’s largest and a dedicated team of security engineers with more than two million hours of experience between them, NSS Labs’ tests are considered one of the most reliable sources in the industry.

The in-depth information provided by NSS Labs’ reports is relied on by CISOs, Chief Security Architects, SOC and Threat Analysts, and information security professionals at leading organisations around the world.

Key Findings – SentinelOne Next-Gen Endpoint Protection

  • Achieved a 97.7% security effectiveness score, designating it one of the highest scores in the test
  • Blocked 100% of malware delivered using HTTP
  • 100% of malware delivered using email
  • 100% block rate of evasions
  • 100% of malware delivered via documents and scripts
  • Recorded a 0% false positive rate, correctly identifying and allowing benign content to run
  • 100% of malware delivered via an offline mechanism
  • Excelled among market leaders in low total cost of ownership

25th July 2018 | Categories: Endpoint Security, IT Research, Legal IT, Security

WEBINAR: Your last line of defence against Ransomware

Does your storage have built in back-up and high performance recovery to safeguard your IT systems and data from the next wave of ransomware? If your answer is ‘no’, this webinar is for you.

Building a defence strategy which incorporates various layers of protection is the only way you can mitigate the risks that new strains of ransomware attacks pose to your organisation. To safeguard your business from both the monetary loss and damage to your reputation which come with being hit by cyber-criminals, a robust back-up and recovery solution which is integrated with your storage will be well worth the investment.

Watch this WEBINAR to understand:

  • How Ransomware works & gets through security
  • How to mitigate the risks of an attack
  • The benefits of integrated storage and backup

<<< 1 2 >>