DarkWeb Scan. What is that?

Is your companies data already sold on the dark web?

The dark web, as the name suggest, is the hidden, dark side, of the Internet. Often behind cryptic addresses and only reachable via vast encrypted networks lays a world of political forums, questionable images, sites who’s members seek privacy as well as outright criminal marketplaces where people happily trade guns, drugs and stolen items as well as information.

When businesses are being compromised, their data often is being offered to the highest bidder on dark web auctions or sold in bulk for a fee. Many businesses find out that their network had been hacked, with help of information, obtained on the dark web, where it had been up for sale for weeks or months. If they would have known, preventive measures, would have prevented the disaster.

Do you know if your data is already being traded on the dark web? Passwords and personal information of employees are the most commonly traded items.

Recently former Nassau county chief information officer and now private Cybersecurity expert Ed Eisenstein, has introduced a sophisticated monthly service that scans the dark web continuously for hints, that point towards your business and alerts you immediately once compromising information is being found. This service, available for less than 35 cents per day, is a must have in the tool belt of every security aware business and should be the minimum line of awareness that is being build. For more information check: https://www.unatechnical.com

The top 5 continuity planning tips for SMBs

Count-On-450x280Hard-drives, power sources, operating systems, backup drives, they all will fail. Be it a mechanical error, virus infection , malicious actor, all the way to completely automated and large scale hacks – every system goes down! Otherwise it would reach the statistically near impossible 100% up-time mark.

Knowing this, thorough planning is a must. This area of IT is called “continuity” planning. Having measures in place that ensure that business can continue as usual as quickly as possible after a catastrophic IT event that will certainly hit every business at some point. Always be aware that the statistical chance that nothing will ever happen is near 0.

Ed Eisenstein, former Chief Information Officer of Nassau county shares his top continuity tips. Today Ed is founder of a New York based Cybersecurity and IT services firm, serving hundreds of businesses in different verticals. As homeland security instructor and former liaison officer for the FBI his insights are a great guideline.

Here are his top 5 tips:

1. Identify all critical or vital business components. This includes location, power, people, data systems, banking, etc. (he uses checklists for his clients)

2. Identify critical information and contacts. This includes easily accessible emergency contact information as well as critical banking and online system access information

3. Create a written action plan. A business continuity plan and disaster recovery effort that is realistic and doable and becomes part of the company culture that everyone is aware of.

4. Set realistic recovery objectives. What is needed and in what timeline for the business to continue and ultimately not fail due to a disaster situation.

5. Test the plan and keep it up to date. A realistic continuity plan is based on keeping the information and workflow up to date. The best course of action is to keep it as current as possible or at least make it an annual review process.

If you are interested in learning about those strategies and how to implement them, you can reach Ed Eisenstein at https://www.unatechnical.com/

UNA – A Full Service IT Company

United network associates is a full service IT company called a managed service. UNA Provides high-level IT engineers as well as a customer service oriented IT help desk service.  The deep understanding of infrastructure and security sets UNA apart from the competition.

UNA has the experience to help clients with a strategic plan to take full advantage of the technology in your operation. With even a little bit of UNA planning help, clients gain significantly more efficiency when implementing technology correctly.

Professional IT Solutions come with high level cybersecurity services. Versed in network vulnerability assessments and penetration tests, UNA provides a cost effective monitoring services where network analysis tools are configured to closely inspect and report errors on critical network infrastructure, servers, software or devices.

Engineers and support staff react to these alerts and proactively engage equipment and third party vendors to regain normal operations from system failure or cyber-attacks.

At UNA, the president and senior consultant has enterprise experience as cio for nassau county for 8 years serving as senior technology executive and policy maker, reporting to the county executive.

The senior network engineer has 19 years of professional senior technical experience supporting enterprises in manufacturing, logistics and distribution.

Help desk and technical Support technicians are friendly and helpful and will remote into your computer quickly to resolve your problem.  Fast on-site support is offered when remote assistance cannot be established.  YOUR downtime is our problem.

All remote sessions are securely connected and all remote sessions are recorded.

UNA works with a large pool of partners to provide a comprehensive technology solution to businesses and local governments.  UNA has relationships with many technology services that assist when clients have specific needs.

Current partnerships such as with Microsoft, Sonicwall, Cisco, Amazon bring superior products to UNA clients that are highly reliable and effective.

UNA has operated in long island since the mid 90’s and understand the local business community as well as its governments.

Available for questions.  ed@unatechnical.com

Comparing Private and Public Sector IT Culture

Information Technology culture in government compared to private sector is quite different, here is how.

I have spent 23 years in the IT industry as a vendor and consultant.  My experience led me to be director of Rent-A-PC, Inc. a national trade-show IT service and then CIO for Nassau County for 8 years.  I own a technology consultancy called United Network Associates, Inc. (UNA) , that was started in June of 2000 where I serve as IT strategist and senior technology adviser for the corporation.

The one thing that continues to differentiate IT in corporate compared to government is the SILO effect.  This is an amazing situation that takes some time getting used to.  Coming from Corporate business and understanding the IT behaviors in the private sector it took me about a year to understand and accept the differences in the behaviors.

In the Private sector, an IT engineer has the ability to span their knowledge in many directions.  Based on the technology investment that company has made the IT engineer will adapt and learn the necessary tools and skills to operate and master the administration of that new technology.  Whether it is a new mobile platform, a new server system, a new Wi-Fi brand or new Networking system to secure cyberthreats, that private sector IT engineer will dig their heels in and adapt to that new system.  I have to mention that businesses that have tapped into the effect of creating a culture of learning in their companies, the IT engineer will flourish and advance quickly in cross technology understanding as well as have a grasp of the impact a new system will have on the organization.  An IT engineer in a company will have cross communication with other members of the IT organization to maximize their effect on the company.  It is common to find IT engineers in enterprises with significant cross technology understanding.  Specifically, in networking and server technologies, app development and database administration, desktop support and help desk. Today’s corporate IT Server engineer will have the ability and experience to administer networks and databases.  In the corporate world, a database administrator will have the ability to understand and have experience in software development.  In a company, the help desk technician will also be trained and perform as a Desktop technician and be versed in both services.

I have found an opposite culture in Government Information Technology Services.  Since the tradition of Civil Service and the methodology of hiring is based on hiring for a specific task, the cross-technology experience is lost.  Civil Service is the standards in hiring for government employees and was created and designed to thwart the possibility of government officials in hiring their friends and family.  The unfortunate effect of this hiring method is that each IT technician or engineer is hired for a specific task only.  Once that IT person is hired into that position, that technician is assigned work only in that category.  The job specifications must be very specific because of the legal issues over years in contractors taking work away from union staff.  The other effect is to deter politicians from recommending friends and family into that position without them having direct knowledge of the work.

Once that IT person is embedded into that position, that person tends to protect their knowledge and create their own silo to get that part done.

The effect for me was that when I needed to implement a new technology, it would take a manager from each discipline to be part of their planning meetings.  Each manager of each category would have to weigh in and agree to the time line and implementation details for each and every project or task.  This behavior causes IT projects to take significantly longer to complete.

During my 8-year tenure as CIO, I spent significant time in trying to correct this situation by re-configuring the IT tiles for Nassau County and allowing a broader scope of work to be done by the entry level positions.  This began to create a learning culture where technicians that started in the entry level titles were able to do all IT work including networking, help desk, software design and database work.

A Significant leadership effort must be made for government to adopt to the culture of an IT organization in a corporate enterprise.  Until this is tackled appropriately, and civil service law is modernized to adapt to the changing world of technology, government IT will continue to have very long implementation cycles and trouble modernizing to current standards.

Ed Eisenstein, ed@unatechnical.com