Too many companies have outdated firewalls, limited security features and weak policies on data security
By Craig S. Gunderson
LEWISTON — At a recent South Portland cybersecurity forum hosted by U.S. Sen. Angus King and the Maine State Chamber, one CEO confessed that her company was “ignorant” about protecting itself against cybercrime.
It is a comment I hear frequently. The CEO who made this confession – a savvy manufacturing executive – is in good company. Too many organizations have outdated firewalls, limited security features and weak company-wide policies regarding data security. And that just scratches the surface.
The threat of some foreign entity trying to access your server, or some college scammer hacking into your system late at night, are examples we romanticize. The fact is, hackers are everywhere and indiscriminate, and often attack using sophisticated processes.
What’s worse, successful cyberattacks and compromised cybersecurity often result from internal sloppiness.
According to the IT security software company Tripwire, over 60 percent of security events are the result of an inside attack. And around 80 percent are from insiders who unintentionally compromised their company’s security. In these cases, it could be poor password settings, or employees were granted access when they shouldn’t have been.
But cybersecurity is part of a much larger issue of business continuity and data security planning. For almost all companies, a prolonged period of downtime without access to critical applications and data can have dire consequences.
Here’s a list of critical questions that organizations – small, medium or large – need to consider so their management can sleep better at night:
• Do you have a disaster recovery plan? If you do, congratulations, but be sure you test it regularly with close-to-real-life scenarios on how to handle power outages, cyberattacks, system failures, human errors and natural disasters. If you don’t, start planning now.
• Is your server room a disaster waiting to happen? In the case of most businesses that use a server room for their servers, redundant cooling isn’t an option. If you are relying only on your air conditioner to keep your server rooms cool, you can run into big problems if your AC fails. If the heat levels aren’t monitored by your team 24/7 or controlled through an automated cooling process, there’s no way of knowing if your server room is overheating.
• How do you handle an electricity failure? Consider having an uninterruptible power supply – an alternate battery backup system – or a generator. And plan for what happens when you need more fuel for that generator if an outage lasts more than a few days.
• Do you have a firewall? If you do, but it’s a couple of years old, you may as well not have one. An estimated 51 percent of organizations have a firewall that is over 3 years old, leaving them vulnerable to attack. New threats require protection from up-to-date, next-generation firewall technology.
• What about data security and password protection? Do you encrypt sensitive data? Do you password protect your files and establish unique usernames and passwords that must regularly change? Sure, it’s a nuisance to remember new passwords, but it’s much more painful to lose data in a successful hack.
• Do you have data backup and recovery? Companies should follow the 3-2-1 rule. You should have three copies of your data (one primary and two backups). They should be on two types of media (storage hardware), and you should have at least one of your copies in the cloud.
• How is your company protecting itself from data being lost or stolen off laptops or other devices? Many companies have faced significant PR backlash and expensive lawsuits simply because an employee had sensitive data on their laptop, which was stolen or compromised.
One solution that ensures security compliance is a virtual desktop solution in the cloud. Virtual desktops exist on a secure infrastructure inside a cloud provider’s data center, not on an individual device. This means that data is kept secure in the cloud at all times, and a lost laptop becomes a relatively minor equipment loss rather than a potentially serious data compromise.
With so many security threats circling the Web, it’s more critical than ever to implement reliable security measures. Like most criminals, hackers tend to be lazy, and look for easy, unguarded targets. Let’s at least make hackers work hard and give up on attacking your data.
— Originally published in the Press Herald
ABOUT THE AUTHOR
Craig S. Gunderson is president and CEO of
Oxford Networks in Lewiston
Dear Oxford Networks Customer:
Oxford Networks is taking precautionary steps to ensure our preparedness for the predicted arrival of Hurricane Joaquin, which may become Tropical Storm Joaquin by the time it reaches New England on Tuesday October 6th. We will remain staffed throughout the weather event to respond to any issues that arise.
The Oxford Networks Operations team has prepared for this event by performing the following actions:
• Ensuring all fuel reserves for emergency power systems are at capacity
• Ensuring availability for fuel delivery during the event
• Generators and UPS systems have been tested to ensure they are performing properly
• Our staff will remain on standby to respond to any network issue that could occur
• Vendors have been placed on standby to guarantee readiness
Our Network Operations Center will be operating as normal during the event and will closely monitor the impact of the storm on our network. We will remain available to serve our clients throughout the storm event at 1-800-520-9911.
(LEWISTON, ME) — Oxford Networks and Pereion Solutions are proud to announce the availability of IBM Tealeaf CX hosted in Oxford Networks’ Brunswick, Maine, data center.
IBM Tealeaf CX is the leading customer experience analytics solution in the marketplace. Tealeaf provides valuable insight into web and mobile customer interactions. Historically, Tealeaf has been primarily deployed in a traditional on-premises model. By working together and taking advantage of recent cloud capabilities within IBM Tealeaf, Pereion Solutions and Oxford Networks are able to provide Tealeaf CX hosted in the cloud.
“This is a unique offering in the market today, enabling companies to rapidly deploy full function Tealeaf in a virtualized and managed cloud environment,” said Ron Shink, Chief Technology Officer, Oxford Networks. “Ultimately, this solution enables customers to increase conversion rates and grow revenue with an accelerated ROI.”
Pereion Solutions is a Tealeaf Managed Service Provider, IBM Business Partner, and Oxford Networks Channel Partner. Pereion Solutions provides marketing and sales solutions, including consulting services around qualitative and quantitative digital analytics to improve customer experience. Pereion partners with IBM to provide implementation, deployment, and consulting services around IBM Tealeaf & IBM Digital Analytics. Pereion also provides channel consulting and marketing services to technology companies, including Managed Service Providers (MSP) & IT Solutions Providers.
Oxford Networks is an award-winning technology solutions provider based in Lewiston, Maine. With a fiber optic network backbone spanning from Bangor to Boston, and high-security data centers located in Brunswick and Bangor, Maine, and two in Portsmouth, New Hampshire, Oxford Networks provides end-to-end technology solutions for companies in New England and beyond.
Oxford Networks recently announced a merger with New Hampshire-based BayRing Communications. The combined companies’ services and products include data center services, managed IT services, voice, Internet, and carrier services. For more information, visit www.oxfordnetworks.com.
For Immediate Release
September 1, 2015
• The merger creates the largest competitive telecommunications provider headquartered in Northern New England
• The new organization operates approximately 2,000 route miles of high-capacity fiber optic network providing access to nearly 50,000 commercial buildings, four data centers, and direct access to all other major hub data centers throughout Maine, New Hampshire and Massachusetts
• The merger doubles the new organization’s revenue streams
• It creates one of Northern New England’s industry leaders in business Voice over IP and hosted PBX
• Both entities will keep their respective names for the time being
Portsmouth, New Hampshire, Lewiston, Maine – Oxford Networks and BayRing Communications have received state and federal approval to merge, creating the largest competitive telecommunications provider headquartered in Northern New England.
The new organization operates approximately 2,000 route miles of high-capacity fiber optic network providing access to nearly 50,000 commercial buildings, four robust SOC 2 (Service Organization Control) data centers, and direct access to all other major hub data centers throughout Maine, New Hampshire and Massachusetts.
The companies jointly announced plans to merge back in June, but were required to gain approval from state and federal regulators. The Maine Public Utilities Commission approved the merger in late August. Since Oxford Networks and BayRing are telecom companies, the proposed merger also had to be approved by the Federal Communications Commission.
The merger provides a sound strategic fit for both organizations, as Oxford has a solid footprint in Maine, while BayRing has a strong market presence in Southern Maine, New Hampshire and Massachusetts.
The combination of Oxford Networks and BayRing enables both companies to leverage their strengths, including expanding their fiber optic network footprint, increasing the number of data centers it operates, and offering a robust platform of products to enhance services to their existing client base and continue growth throughout New England and beyond.
“We are excited to have this merger approved to begin a new era for both organizations,” explained Craig Gunderson, Oxford Networks’ CEO. “This merger creates a more competitive organization providing customers with greater choices and more solutions. Our customers benefit from two strong organizations that enjoy a solid reputation in their respective markets.
“As I retire from BayRing, I am fully confident that the organization is in good hands with the combined entities of Oxford Networks and BayRing Communications creating a better, stronger organization,” said BayRing Communications’ outgoing President Ben Thayer. “Both organizations share a similar work ethic and a culture that strives to excel for our clients.”
The merger effectively doubles the new organization’s revenue streams. It also creates one of Northern New England’s industry leaders in business Voice over IP and hosted Private Branch Exchange (PBX), telephone systems commonly used in many businesses. For the time being, both entities will keep their respective names since they have recognition and brand equity in their markets, and major operations will continue in Portsmouth and Lewiston offices.
“This merger continues Oxford Networks’ mission to create a worldclass telecommunications, IT solutions and cloud services company that is a dominant player in New England and beyond,” said Ted Mocarski, Novacap partner and Chairman of Oxford Networks’ Board. “These two organizations complement each other in so many ways — ranging from their similar history as telephone companies to their evolution as cloud and data center service providers — yet operate in different markets and niches. We’re confident that the new entity will capitalize on each organization’s similarities and unique strengths.”
BayRing was the first competitive local exchange carrier authorized in New Hampshire and Maine and has been a premier provider of telecom and data center services in New England for over 17 years. Headquartered in Portsmouth, New Hampshire, BayRing owns a proprietary high capacity fiber network that envelops southern New Hampshire and extends from Portland into metro Boston. Additionally, BayRing operates two data centers in Portsmouth, New Hampshire. BayRing’s experience, combined with its extensive network and data center assets, enable BayRing to provide mission critical phone, internet and data center services. For more information, visit www.bayring.com.
Oxford Networks is an award-winning technology solutions provider based in Lewiston, Maine. With a fiber optic network backbone spanning from Bangor to Boston, and high-security data centers located in Brunswick and Bangor, Maine, Oxford Networks provides end-to-end technology solutions for companies in New England and beyond.
The combined companies’ services and products include: Data Center Services, Managed IT Services, Voice, Internet, and Carrier Services. For more information, visit www.oxfordnetworks.com.
Click map to see larger version
E.J. Prescott is a leading provider of water, sewer, drain and gas products headquartered in Gardiner, Maine. They are committed to providing customers and vendors quality service and innovative technology through the creative talents and abilities of their employees.
Learn more about EJP and Oxford Networks HighAvailability Disaster Recovery solution here:
Oxford Networks is a proud supporter of the 2014 Central Maine Heartwalk. Team Oxford Networks exceeded its goal of $2500 and raised a total of $2,920.00, coming in 3rd place overall for total team fund raising. The employees of Oxford Networks both walked in and donated money through the company Wednesday Jeans Day program to support this important organization.
The goal of the American Heart Association’s Heart Walk is to promote physical activity to build healthier lives, free of cardiovascular diseases and stroke. For more information about the American Heart Association visit www.heart.org
Todd DeWitt serves as the VP of Engineering and Chief Security Officer for Oxford Networks. Primarily, his role in Engineering is to lead the team that designs and builds all aspects of the network and the network services for Oxford Networks.
As CSO, DeWitt is responsible for the organization’s security posture, both physical and digital. This includes managing the development and implementation of policy, procedure, standards, and guidelines to ensure the security, availability, and confidentiality of all Oxford Networks systems.
DeWitt joined Oxford Networks in 1999 as the Network Administrator. In 2000, he was promoted to General Manager of Internet Services and tasked with finding technology that would propel Oxford Networks from a traditional “Telephone Company” into an Internet Services company. In 2001, Oxford Networks took two pioneering steps that would define the company as it today; building physical network outside of it’s incumbent territory and deploying that network as Fiber-to-the-Premise.
DeWitt resides in Auburn with his wife Lorna and has two children – Aaron and Emily. Todd is an avid long distance runner and Triathlete.
On September 24, 2014, Oxford Networks became aware of a vulnerability in the GNU Bash shell. This vulnerability may allow an attacker to inject commands into a Bash shell, depending on how the shell is invoked. The Bash shell may be invoked by a number of processes including, but not limited to, telnet, SSH, DHCP, and scripts hosted on web servers. Oxford Networks took immediate action to identify and mitigate all vulnerabilities within our network. At this time, all critical systems are patched or supportive documentation has been provided from vendors. Should you have further questions, please contact our Technical Assistance at 1.866.948.2999.