In July News:

 
On The Calendar & What's New With Us If you're new to our newsletter and you'd like to subscribe, let us know. July at The Fulcrum Group
  • If you are a business owner and considering selling your organization in the near future, you'll want to come with us to Globe Life Park in Arlington for some great information (and an exciting night of baseball) at B2BCFO's "Optimizing The Value of Your Business" Event.  This event happens Tuesday afternoon, July 28th. Sign up here!
Subscribing to our blog and following us on social media is a great way to stay aware of events that pop up, best security practices, new alerts and other information for business owners and IT Managers. Quick links to our social media pages are accessible right from our website and in every monthly newsletter email you receive from us!  
What is meant by Next Gen Firewall?What Is Meant By "Next-Gen" Firewall? The term next-generation firewall is not well defined, so it's worth clarifying a little before we proceed.  Traditional or legacy firewalls typically only provided static firewall protection and VPN secure remote access.  In today’s complex world of IT security, that’s no longer enough. Put simply, a next-generation firewall offers more protection than a traditional firewall as it can look inside content, rather than just blocking based on sources and destination. A useful analogy is the postal service. A traditional firewall just looks at the address on the envelope and uses simple rules to decide what's permitted. A next-gen firewall can look inside the envelope to check it also doesn't contain dangerous content. Likewise, it can have smarter rules so you can say "block all known dodgy addresses" rather than having to explicitly state "don’t allow mail from Joe the scammer at number 23 Spam Lane." The great thing about these smart rules is that you can transfer the responsibility for keeping an updated list of dodgy addresses to your firewall vendor rather than maintaining them manually yourself. The firewall is your gatekeeper, your first line of defense, shielding you from the bad stuff on the outside world of the internet. It stops unsolicited traffic from accessing your network and only allows responses to traffic originating from the inside back through. When firewalls first came into use, it meant thinking about port numbers, like port 25 for email and port 80 for web traffic. But those port numbers were arbitrarily assigned to be well-known places where we can look for certain services. Today's firewalls are no longer just barriers with a few holes drilled through them, as Naked Security writer Chester Wisniewski pointed out in a recent article called "There is no inside – How to get the most from your firewall":  They are intelligent gatekeepers, more like the border patrol of a nation. Neither side is really inside or out, rather one area and another. You want the ability to do email scanning, to catch bad things coming in like links to malicious websites, boobytrapped attachments, or phishing emails that trick users into divulging information about themselves like their passwords. Yet you can also see if there is suspicious email going out, and that tells you if bots are on your network that need to be cleaned up. Bots borrow your computing capacity to send spam - a single infected laptop can send as much as 5 million emails per week, as our SophosLabs researchers found. You have a second chance to catch people on the way out and block a lot of attacks, because they rely on being able to get out again to ask for instructions - whether to send out another 5 million spams, or perhaps to download another type of malware like CryptoLocker.  CryptoLocker will seek out all the files on the computer and connected drives, scramble them with uncrackable encryption and then demand a ransom. CryptoLocker also relies on being able to use public-private key encryption to lock your files – a good firewall can catch it when it's going out to ask for the keys to encrypt them in a way that only the crooks can reverse. But it's possible that the crooks could get around your firewall rule preventing certain traffic from going out by running a mail server on port 80 so it will look like web traffic. Next-generation firewalls look at not what these packets claim to be but at what's really inside of them to see if there’s anything malicious. A next-gen firewall will see if this is actually web traffic, because if it's impersonating something it's not, we might not want to let this go out.  Rules also authenticate who is actually doing the communicating, so you can allow Paul to connect to a website of a customer, but not go to his Facebook page to watch a cat video. Different rules for different groups of people can help prioritizing bandwidth for corporate applications while stopping bandwidth sapping video streaming. Focusing on inside and out is not enough, however. You need to have more firewalls inside of your network - so if your website gets compromised, or if there's a compromised laptop inside the network, the attacker with access to your public-facing web server can't also get to your mail server or customer database.  As pointed out by the well-regarded Verizon data breach report, a lack of internal segmentation is regularly cited as a contributing factor in many data breaches. Next-generation firewalls can also boost your defenses by adding packet filtering between servers and additional defenses such as intrusion prevention systems (IPS) and web application firewalls (WAF). Configuring smart filtering features of this sort is more complex than simply enabling or blocking network traffic by IP address or port number. Different protocols, and different applications using the same protocol, need different sorts of scrutiny. A one-policy-fits-all network approach isn't going to serve you well.  But, even though it's not as easy as clicking accept or deny against a list of port numbers, the trend toward feature consolidation onto a single appliance can help. Delivering packet filtering, intrusion prevention, web application protection, load balancing, virtual private networks (VPN) for users, Wi-Fi management and more on a single box, a good next-gen firewall can give you the defense in depth you need. Firewalls Demystified Reach out to your Account Manager to see if you could benefit from the additional layers of security provided by a next generation firewall.      
 
How To Engage The Fulcrum Group For A Security Assessment

Last month the IT world was focused on Internet Security Awareness and The Fulcrum Group took part in helping spread awareness of cyber security issues by sharing several important articles with you.

Our IT security experts have specific procedures and methods we use to help you analyze your IT security posture - where you stand currently, risks to your technology investments and how to plan out your network's future smartly.

Here's how to go about engaging with The Fulcrum Group to put a plan in motion:

1)    Reach out to your account manager to discuss your security assessment needs.  One of the things we'll want to know is what is the business driver?  Compliance, suspected intrusion, or something else?

2)   Complete our Security Assessment Pre-Flight Questionnaire. Your focused and thoughtful responses help us better understand your needs and requirements.

3)   Based on your Security Assessment Pre-Flight Questionnaire responses, your Account Manager will put together a Security Assessment proposal for you, and will review our proposal with you.

4)   Once you approve the proposal, your Account Manager will reach out to you to discuss the schedule of your Security Assessment.

5)   The Fulcrum Group performs your Security Assessment.  Upon completion, The Fulcrum Group will compile an Executive Summary, detailed report, and punch list.

6)   Your Fulcrum Group Account Manager will review the Executive Summary and Punch List with you, and assist you in determining a course of action for remediating any security vulnerabilities discovered. This is an assessment summary tailored to concerns from an Executive viewpoint, and related task list to follow the project through to completion.


SPOTlight On: Scott ChadwickThe Fulcrum Group - Dallas Fort Worth IT Experts One of Fulcrum Group's newest tech team members, Windows Engineer, Scott Chadwick, wants you to know 3 fun facts about him: 1.  He's unafraid of multi-tasking.  One of Scott's favorite things about working with Fulcrum is all the varied things he gets to do.  We're sure glad he appreciates that! 2.  He's been playing guitar since age 16 - roughly 27 years. 3. Our clients are treated to Scott's gregarious personality and nearly 20 years IT experience.  Scott definitely injects a fun shot of energy into the daily grind - welcome, Scott!  
 
  Tech TipTech Tips from The Fulcrum Group, Dallas Fort Worth IT Managed Services Providers: How To Clear A Ton of Storage Space On Your iPhone Clear out all the random vacation pics, downloaded music, podcasts and videos you put on your smartphone so you can enjoy the rest of summer with tons of fresh storage!Here's the step-by-step:
  1. Check your storage space – go to Settings/General/Usage/Manage storage
  2. Delete whole apps (individually) from the storage menu OR delete apps one by one from the home screen.
  3. Delete podcasts and music, tv shows & movies, photos and videos (and clear recently deleted photos and videos too)
  4. Disable Photo Stream and duplicate HDR images. Go to Settings/Photos/Camera/My Photo Stream/Keep Normal Photo.
  5. Delete messages & entire message threads.
If you're a more visual learner, you might prefer Business Insider's quick how-to video on how to do this.    
 
  Did You Know...DocuSign The Fulcrum Group Dallas Fort Worth IT Experts Did you know The Fulcrum Group offers document delivery solutions for businesses?  Documents can be signed, delivered and managed in a few simple clicks with DocuSign. Find out more from your Fulcrum Account Manager today!