Tag Archive for: biz

Security Checks Drive Consulting Biz for Briteskies

/in


June 14, 2021

Alex Woodie

With high-profile ransomware attacks becoming the norm and calls for a federal cybersecurity department gaining steam, there’s a distinct uneasiness when it comes to the security of corporate computer systems. That uptick in awareness is helping to drive business for Briteskies, the Cleveland, Ohio-based IT consultancy that has made IBM i security a cornerstone of its business.

Briteskies was founded in 2000 primarily as a JD Edwards specialist for organizations in the Great Lakes region. Over the years, the company has expanded into other niches, including Magento e-commerce systems, custom RPG development, and computer security.

The market for IBM i security services, in particular, was underserved, according to Bill Onion, managing director at Briteskies. “We identified a long time ago that infosec was growing,” Onion tells IT Jungle. “We were looking at that saying, well nobody is paying attention to the IBM i.”

The company has five employees who are dedicated to providing IBM i security services, including conducting security assessments of IBM i installations and remediating the problems it finds.

“Generally, that was kind of okay [that people were not paying attention to the IBM i], but it’s getting more and more to where it’s not,” Onion said. “There’s still a lot of folks that think that because it’s an IBM i server, it’s presumed safe. They think they don’t need to worry about that.”

Briteskies brings all sorts of tools to bear on its IBM i security engagements, most of which are with its clients in the Midwest, but some that are as far as Texas and California. It leans on automated assessment tools from HelpSystems and the new VERIFi offering from iTech Solutions that we wrote about in February.

ALLOutSecurity, which develops JD Edwards-specific auditing tools, is another Briteskies partner. It also works with local Cleveland-based backup and disaster recovery (DR) firm, UCG Technologies, to help prepare customers for ransomware attacks, as well as DXR Security, Carol Woodbury’s new security firm, on penetration testing…

Source…

Five free steps to become a secure small biz

/in


Late nights, early mornings, and working over weekends; familiar phrases for the small business owner, solo operator, and freelancer. So why should such a busy person cut into their limited time to improve their cyber security?

Because businesses across Australia experiencing every day how a business email compromise or ransomware cyber attack can unravel those countless hours in a fell swoop.

You cannot entirely outsource cyber security. The fundamental defences that spell the difference between a failed attack and a ruined business are the responsibility of everyone.

Fortunately, the tools and methods to achieving great cyber defence have never been easier. And you don’t need to spend a cent. Below are your greatest threats and the defences you can implement to knock them out.

Business email compromise

Small business owners often wait on invoices. Clear deadlines, gentle reminders, and terser emails are standard fare for getting paid. So they may not sweat it when funds fail to materialise after a client’s promise to pay. But business owners and now individual consumers are finding their payments funnelled into the bank accounts of cyber criminals.

These attacks, known as business email compromise (BEC), work in different ways but are typically centred on your email inbox.

How it works: The method of accessing inboxes varies but a common starting point for crims is to try to log in with stolen email and password logins that are found in massive databases compiled from security breaches.

Logging in like this works when people reuse passwords across apps and services. A business owner who reuses the same password for their business email account and their indoor plant fancier’s forum is in peril should the forum be hacked and the password copied into an online database.

Cyber criminals could search the database for a business’ email address and, if they find a hit, use the corresponding password to try to log into the business’ email account.

Criminals engaged in BEC have a few options once inside an inbox. A common tactic is to manipulate invoices by setting various mail rules that can redirect incoming and outgoing emails that contain invoices to folders. Setting…

Source…