.

info@trestlenetworks.com

802.1ax is coming...

...but will it be a WiFi difference-maker? Or is it chock full of powerful features with limited real-world use? Check out this great blog post by our trusted partner Mojo Networks, describing 802.1ax's key features, including uplink MU-MIMO, a big upgrade over 802.1ac's downlink MU-MIMO only. And like for 802.11ac, don't rush to get your business the first shiny 802.1ax APs. Get guidance from pros before you take the leap.

At Trestle Networks, we work with our Mojo-powered Managed WiFi customers to always fit the right APs at the right time to their unique needs. Contact me to learn more and sign up for trestleNEWS to receive these daily posts.

Wifi-1-icon.png

Don't End Up Like Under Armour

Could a data breach get your business facing a potential class action lawsuit?

That's exactly where Under Armour is now. Read about how this ubiquitous brand exposed usernames and email addresses of MyFitnessPal users. And potentially much, much more.

At Trestle Networks, our Managed Security and Managed WiFi solutions secure each customer's infrastructure, delivering PCI compliance and 24x7 protection against disastrous data breaches. Contact me to learn more and visit trestleNEWS at www.trestlenetworks.com to see these daily posts.

lawsuit-filed-in-wake-under-armour-data-breach-showcase_image-1-a-11051.jpg

Protect Your Business (From Those You Trust).

Read all about the September 2017 data breach that hit Coca-Cola, exposing 8,000 employees' personal data. How'd it happen? A former employee simply walked out the door with an external hard drive. 

Q: Do you take the security of your physical assets and data more seriously than Coke did? 

Sure hope so.

At Trestle Networks, we work closely with our Managed Security and Managed WiFi (powered by Mojo Networks) customers to secure their infrastructure and lockdown access to sensitive data, while ensuring 24x7 PCI DSS 3.2 compliance. Contact me to learn more and visit www.trestlenetworks.com today.

Cola.jpg

Do You Have WiFi Superpowers?

In the minds of your corporate and guest WiFi users, are you an IT superhero? Or are you the villain? Check this fun animation by our trusted partner, Mojo Networks. With the power of Cognitive WiFi in your hands, you're definitely going to save the day!

At Trestle Networks, we work closely with our Managed WiFi (powered by Mojo Networks, Inc.) customers to deliver top performance, powerful analytics and industry-best security. Contact me to learn more and visit trestleNEWS at www.trestlenetworks.com to see these daily posts.

 
unnamed-3.png
 
 
 

Goodbye, Apple Airports

I missed this bittersweet WiFi news last month. Apple is officially discontinuing its Airport base stations. My long-since home office Airport Express -- replaced by amazing Mojo Networks' C-130 tri-radio access points -- now lives on as a handy little RF beacon when performing WiFi site surveys.

Speaking of moving on... Is your enterprise WiFi way overdue for an overhaul? At Trestle Networks, we work with our Managed WiFi (powered by Mojo Networks) customers to deliver top performance, powerful analytics and industry-best security. Contact us to learn more and visit trestleNEWS to see these daily posts.

MC414.jpeg

When Mantis Attack

How vulnerable are your business' mobile and desktop devices? Read all about the Roaming Mantis malware that's using compromised routers and DNS hijacking to launch sophisticated phishing attacks on users, smartphone crypto mining and worse.

At Trestle Networks, we work together with our Managed Security and Managed WiFi (powered by Mojo Networks) customers to secure their infrastructure, reducing vulnerability to compromise and attacks like Roaming Mantis. Contact us to learn more and subscribe to trestleNEWS to see these daily posts.

roaming-mantis-malware-featured.jpg

Don't Get Doppelganged. It's Expensive.

Have your heard about this particularly nasty ransomware, SynAck, that relies on the awesomely named "Process Doppelgänging technique"? It's sneaky. It's expensive ($3,000 to decrypt your system) when you're infected. It's one more reminder to properly protect your business. 

At Trestle Networks, we work together with our Managed Security and Managed WiFi (powered by Mojo Networks) customers to secure their infrastructure and address known security vulnerabilities, including ransomware. Contact me to learn more and subscribe to trestleNEWS to see these daily posts.

synac-ransomware-featured.jpg

Like Bob Slydell in "Office Space"... they fixed the glitch.

Read about this security screw-up by Twitter that potentially exposed -- thankfully only in an internal log -- the plaintext passwords of 330 million users. 

Were you prompted by Twitter tonight to change your password? While you're at it, be sure to enable multi-factor authentication too, if you haven't already.

At Trestle Networks, we work closely with our Managed Security and Managed WiFi (powered by Mojo Networks) customers to be secure their credentials and enforce multi-factor authentication, a PCI DSS 3.2 requirement. Contact me to learn more and subscribe to trestleNEWS to see these daily posts.

Twitter_Mobile-680x400.png

IoIT (Internet of Insecure Things)

The key quote from this article: “A lot of the manufacturing behind IoT devices today feels like the Gold Rush… everyone wants to get there in a hurry,” 

When you're in a hurry, sloppy cybersecurity is painfully easy, making #IoT risks very real, thanks to weak (sometimes hard-coded) default credentials and wide-open Internet access. 

Will your IoT devices become solidiers in the next Mirai-style botnet attack?   

At Trestle Networks, we work closely with our Managed Security and Managed WiFi (powered by Mojo Networks) customers to 24x7 monitor and protect their infrastructure against both external attacks. Contact me to learn more and subscribe to trestleNEWS to receive these daily posts.

IoT_Illustration-680x390.png

Touch Without Touch

You hands are wet. You try to unlock your phone via fingerprint on the home button. FAIL. That's an annoying downside of capacitive scanner technology (on top of spreading germs via touch sensors shared among multiple users).

In what could be a future replacement, read about a French company's new touchless authentication sensor that relies on 3D modeling.

Whether hit-or-miss finger scanners, bleeding-edge tech or trusted OTP, make MFA (multi-factor authentication) mandatory for controlling user access to your critical business systems.

touch-id-icon.png

The world's biggest known DDoS attack... so far.

Peaking at 1.35Tbps, the pounding of GitHub was truly massive, at more than 2x the peak traffic rate of 2016's Mirai attack. That said, GitHub did a solid job at incident response, including quickly shifting all their traffic Akamai, then dropping the hammer on a several bad traffic sources.

How ready is your business infrastructure -- from distributed SMBs to large data center environments -- for the next attack? Also, how will you respond if your critical SaaS apps are impacted, like a Dyn DNS-style outage?

36830593-2ae2cf98-1cd9-11e8-944d-dde6248ac0e5.png

AI and Eyes

Are eyes the windows into your soul? Very deep and possibly true... But they may also be vital tools in your health monitoring. See what Alphabet's Google and Verify Life Sciences are detecting via a deep-learning algorithm and your retinas.

AI-driven analysis of the spiderweb of retina blood vessels is helping detect abnormally high cholesterol levels, elevated blood pressure and more.

Like image recognition, enterprise-class security monitoring is about knowing what to look for, quick identification of those abnormalities and rapid response.

retina-age-related-macular-degeneration-600x538.png

Intel and 32 Lawsuits

While Intel’s Spectre and Meltdown security flaws were the bloodiest of black eyes, the tech titan’s response has been that much worse.

Patches that none other than Linus Torvalds called “insane” and did more harm than good...

Suspicion of insider trading in advance of their public announcement of the flaws...

And now 32 lawsuits.

When your business is hit with a major security incident (self-inflicted or not), will you respond better than Intel? Do you have the right people and processes in place, ready to take action? For starters, at least don't dig yourself a deeper hole.

2000px-Intel-logo.svg.png

Casually Bypassing TSA...

A quick thought on my trip this morning through Denver's TSA "security theater". 

Have you seen this happen?  A male traveler was stopped upon exit from our line's full-body scanner. For whatever reason, he then received a pat down and other attention from multiple TSA officers. In response to the line delay, another officer waived at least 6 other travelers -- including myself -- through the old-school metal detectors instead, skipping both a full-body pat down or scan ("deep inspection").

This (I hope) non-malicious "denial of service" triggered a casual bypass of TSA's perimeter security, simply keep the line moving. Wondering how many times this happens daily at airports, coast-to-coast? Might bad actors take advantage of this bypass, use it as a "smoke screen" for their real attacks? Oh boy...safe travels...

In your business, are you guilty of cutting security corners to complete a project, quickly close a ticket or simply get network traffic moving? 

When A Gap Isn't a Gap...

You believed air gaps and Faraday cages are bulletproof ways to isolate sensitive systems and data from attackers? 

Wrong. Read all about the attacks documented by Ben-Gurion University -- one awesomely named "Magneto" -- that exploit the low-frequency magnetic radiation of CPUs to transfer data. 

The Geek Factor is sky high with this one. I want to validate it in my under-construction Faraday cage pictured below (hardware courtesy of Home Depot). 

Are your business systems and mission-critical data as secure as you think?

faraday-1.jpg

Data Breaches On the rise

It wasn't just media hype. Data breaches (at least the known ones) jumped 44.7% in 2017, according to a thorough year-end review.

Here are few nasty numbers to impressing your friends at parties:

  • 1,579 total breaches
  • 158 million Social Security numbers exposed
  • 20% of the breaches resulted in exposing credit/debit card numbers

My quick math says almost 30% of breaches are due the sloppiness and malice employees and other "trusted" personnel. External hackers get big headlines, but how closely are you looking within?

itrc-breaches-sector-2017.jpg

Friday Is Prime Time For Goofing Off...

... but try not to infect your employer with malware. According to this article and the referenced Kasperksy post, the average Europe and US employee spend 30% of their work hours on anything but work, often resulting in security breaches.

My favorite attack method is "Watering Hole" that aims to infect a site popular among company's employees (like a partner business or similar government agency) and then trick users into clicking malicious pop-ups. 

Are bored employees at the office (or remote) more reckless with security than those off-the-clock? I'd bet many have a false sense of cybersecurity when at work and so are less careful what they click.

At Trestle Networks, we work closely with our Managed Security and Managed WiFi (powered by Mojo Networks) customers to 24x7 monitor and protect their infrastructure against both external attacks and careless employees. Contact me to learn more and subscribe to trestleNEWS to see these daily posts.

6dda99fd-9c27-43cd-9f8d-67307fdc3a17.jpg

2FA? MFA? Just Do It.

How many Gmail users have enabled two-factor authentication?

Less than 10%. A quick show of hands... Are you on the secure side of that statistic?

The overall two-factor (or multi-factor auth) adoption rate is still a paltry 28% as of November 2017, per Dark Reading. I'm a longtime Google Authenticator user, one of many slick options (including Authy and less-secure SMS). Don't keep putting it off. Enable 2FA/MFA on your personal accounts and mandate it for all business apps. And for Google G Suite, don't forget to securely store backup codes in case your phone is ever MIA...

At Trestle Networks, we work closely with our Managed Security and Managed WiFi customers to harden credentials and enforce multi-factor authentication, a PCI DSS 3.2 requirement. Contact me to learn more and subscribe to trestleNEWS to read these daily posts.

google-logo-810x298_c.png

How Do You Choose An SD-WAN Platform?

Do you need a Swiss Army Knife or a specialized tool that best meets a specific need?

What's the right decision? Your choice depends on a mountain of factors, including rapidly changing requirements, existing security/routing/switching infrastructure and even the crazy whims of company execs. Believe me, it ain't an easy call.

That said, I'm becoming a fan of some specialists thriving in the Thunderdome-ish SD-WAN market, including Bigleaf Networks. Appreciating Bigleaf's tight focus on the core SD-WAN values, from real-time biz apps (VOIP, RDP, Citrix and others) protection to truly no-nonsense "plug-and-play".

Put aside all the SD-WAN hype. If your choice achieves just these two things (along with less trouble tickets from angry users), job well done. And since Bigleaf snagged millions more in funding last week, guessing they'll be around for a while...

At Trestle Networks, we understand the in's and out's of the SD-WAN revolution and guide our customers to the solution that fits their unique business needs. Contact me to learn more and subscribe to trestleNEWS to see these daily posts.

bigleaf12.png

Endoscopes Aren't Just For Doctors and Plumbers...

Read all about the Ploutus.D malware that'll "jackpot" an ATM (emptying all its cash) and is now spreading from Mexico to the US. Criminal gangs, posing as ATM technicians and armed with endoscopic cameras, are accessing the ATM internals to deploy Ploutus.D, per a Secret Service warning posted by Brian Krebs over the weekend.

Like phony ATM technicians, bad actors will find the weak points in your business-critical infrastructure through phishing attempts, compromising weak login credentials and other methods. How secure are you and who's watching 24x7 for the bad guys?

At Trestle Networks, we work closely with our Managed Security and Managed WiFi customers to lockdown and 24x7 monitor their infrastructure against attacks and ensure PCI v3.2 compliance. Contact me to learn more and subscribe to trestleNEWS to see these daily posts.

Trestle Networks is an Equal Opportunity Employer. Trestle Networks ensures nondiscrimination in all programs and activities in accordance with all applicable Federal, State and local laws. Trademark 2013 - 2018 Trestle Networks LLC and its licensors. All rights reserved.