The capacity to tap into enormous volumes of data to enable real-time, intelligent decision-making is of crucial importance for any smart building. Builders need a dependable and adaptable communications infrastructure that can serve both current and future use cases. Security is paramount to all digital technologies as traditional WiFi deployment architecture has become vulnerable. Builders and contractors must consider addressing these constraints to improve the experience of residents using WiFi in smart buildings.

Constraints over deploying WiFi in smart buildings: -

1. Leave no blind-spot - Someone might require network access in lobbies, meeting rooms, and other common areas. Physical security management teams increasingly require comprehensive coverage. Wireless IoT sensors could be deployed at elevator shafts, maintenance rooms, roofs, & parking garages. 
   
2. Cabling and installation - Twisted pair cabling improves the WiFi 6 and 6E performance. Category 6A cable should be installed as PoE (Power over Ethernet) devices get more complex, and frequently require more power to function. Ensure safe delivery of high electric watt supply to WiFi APs (Access Points), UHD (Ultra-HD) security cameras, IoT sensors, and PoEs.
   
3. Antenna and Radar - Antenna types such as yagi, panel, and parabolic are better alternatives for coverage and performance in regions with concrete or plaster walls or huge metal machinery. The interior-exterior environment such as office spaces, atriums, parking garages, maintenance, or engineering floors often decides the type of antenna to be deployed. WiFi access points with built-in antennas must be created for conventional office area deployments. This will bypass the physical obstacles such as drywall, cubicle barriers, office-grade doors, and glass panes.
4. Network subnetting - Strict WiFi access controls must be implemented by employing micro-segmentation to mitigate malware outbreaks and service disruptions. LPWAN (Low-Power-Wide-Area Networks) provides ease of deployment, and ultra-low power consumption is required to scale with low-computing, battery-operated IoT sensor devices. LPWAN system requires a single base station to link thousands of scattered endpoints across the building utilizing the basic star topology. LPWAN utilizes sub-GHz frequencies. This helps to avoid excessive interference from old wireless systems functioning in the building at 2.4 GHz range. This ensures long-term network dependability. At the end of the day, the robustness and reliability of your WiFi systems will determine whether your smart building architecture succeeds or fails.

The range of smart building applications is enormous, and it's developing all the time. As a result, in order to take advantage of everything that this transition has to offer, both existing broadband networks and future low-power IoT connections will need to coexist in the wireless architecture.

WiFi deployment in smart buildings helps in: -

1. Occupancy and damage detection - Integrating different systems over WiFi in smart buildings can help in regulation of safe distance measure and sanitation operations. It can also detect faults in time and prevent avoidable maintenance and energy expenditures.
2. HVAC and access control systems - Smart building systems can reduce utility expenditures, carbon emissions and increase tenant satisfaction by installing AI-enabled HVAC (Heating Ventilation and Air Conditioning) systems. Smoke detectors, window/door sensors, intrusion, and fire alarm systems can also integrate with HVAC and the system can identify irregularities proactively to resolve them early on.
3. Monitoring of the environment & consumables - Smart building systems can monitor IAQ (Indoor Air Quality) conditions to enhance the health, comfort, and well-being of building occupants and to lower the risk of respiratory complaints. The WiFi enabled system can also monitor in real-time how much hand sanitizer, soap, paper towels, and toilet paper is being used in the building. To guarantee timely refills and the health and safety of tenants, receive notifications when products are running short.

Centex Technologies provide IT and networking solutions for establishments. For more information on deployment of WiFi for smart buildings, call Centex Technologies at (972) 375 - 9654.

What Is Multi-Cloud?

Multi-cloud means utilization of two or more public cloud service providers to serve the needs of IT services and infrastructure of an organization. The organizations may choose the best services from different cloud service providers based on multiple factors such as cost, technical requirements, geographic availability, security, etc. A simple example is where an organization uses one cloud service provider for development/test, one for disaster recovery, and another to process business analytics data.

Alternatively, an organization may leverage multiple public clouds in combination with private cloud deployments and traditional on-premise infrastructure.

What Is The Purpose Of Multi-Cloud Approach?

Here are the reasons why an organization should adopt a multi-cloud approach:

• Overcoming Data Gravity: Data gravity refers to the idea that it is difficult to move or migrate large data sets and thus, it is important to store the data in proximity with applications and services used to analyze them. Using a cloud-attached storage solution that connects to multiple clouds simultaneously can help in overcoming data gravity. Efficient solutions help in reducing latency by hosting data in close proximity to cloud data centers.
• Optimizing Work Loads: Every cloud service provider offers its own set of physical infrastructure components and application services, while releasing new features on a regular basis. Thus, no cloud service provider can provide cost-optimized services. By adopting multi-cloud approach, organizations have an option to select most suitable provider for every workload leading to enhanced application performance.
• Avoiding Vendor Lock-In: Vendor lock-in refers to a situation where it becomes difficult for an organization to transfer its business away from one service provider to another service provider or back to on-premise infrastructure. However, by adopting multi-cloud approach, an organization has the flexibility to transfer its application to any cloud service provider which allows the organization to take advantage of new technologies.
• Additional Benefits: Multi-cloud approach serves the purpose of enhancing disaster recovery capabilities, meeting regulatory compliance, curbing shadow IT, elevating application performance, etc.

How To Monitor Multi-Cloud Strategy?

• Use monitoring tools designed specifically for multi-cloud environment.
• Leverage a configuration management database.
• Adopt a mechanism that can sense, analyze, adapt, and visualize to help admins resolve outages.
• Use monitoring tools that support automation.

For more information on implementation of multi-cloud for organization, call Centex Technologies at (972) 375 - 9654.    

View Full Image

Zero-Day also mentioned as 0-Day indicates that the vendor or developer has very recently got to know about that flaw. Since the hackers have exploited the flaw before developers can discover & patch it, the Vendor has Zero Days to fix it. Some meaningful terms to understand 0-Day better:

1. 0-Day Vulnerability is discovered by hackers before the developers and hence they cannot be patched. However, developers can implement and notify workaround techniques to temporarily address it.
2. 0-Day Exploits are the TTPs (Tactics-Techniques-Procedures) used by hackers to attack IT infrastructure.
3. 0-Day Attack involves using 0-Day Exploit targetting 0-Day Vulnerability inflicting damage to IT resources.

Cybercriminals and hacktivists with malicious intentions such as espionage and theft, financial gains, cyber warfare, service disruption, and likewise usually carry out such 0-Day attacks. Its victims could be anyone and everyone across the globe ranging from an individual to an organization and even a nation-state. Operating systems and software applications, hardware and firmware, IoT (Internet of Things) devices, household appliances, automobiles are the usual targets. Attacks carried out against potentially valuable targets such as MNCs (Multi-National Companies), government and intelligence agencies, or VVIPs (Very Very Important Persons) are targeted 0-Day attacks. Vulnerable systems-servers or applications and hardware are the usual victims of non-targeted 0-Day attacks. Sometimes the LEAs (Law Enforcement Agencies) are unable to comprehend the collateral damage caused by attackers.

Zero-Day exploits are considered the ultimate cyber weapon to inflict heavy and often irreparable damage. Poor cybersecurity hygiene, ignorance & lethargy of security professionals, inadequate budgets, skill gaps in the availability of skilled and qualified cybersecurity workforce are some of the reasons behind getting victimized by a 0-Day vulnerability. When victims get to know about a 0-Day vulnerability in their environment, it is often too late to mitigate them. The course of action is to either accept the risk and threats of attack(s) or shut down the crucial components/facilities of their operations and services.

So, how would you try to protect yourself, as much as possible, from getting affected by the 0-Day exploits?

Prevention is however almost impossible for 0-Day vulnerabilities but detection and mitigation strategies are still relevant here. 4 proactive and protective best practices might help you and your firm stay resilient against most 0-Day attacks: -

1. Educate and be aware against social engineering: Employees and business partners need to understand the bigger picture of business risk. Everyone must take moral ownership to keep the business services and daily operations safe & secure in their individual capacities. User awareness training must be conducted to prevent the staff from getting targeted by social engineering attacks. 
2. Implement 2FA / MFA with biometrics: Deploy 2FA (2-Factor Authentication) and MFA (Multi-Factor Authentication) along with biometric locks will keep unauthorized users or hackers at bay. It is advised to periodically change the credentials used to access the various digital resources across your organization. Modify and update the vendor-supplied default security configuration to customize as per the business requirements. 
3. Strict ACL (Access Control List): Be vigilant when you grant any user the read and/or write access or elevate their privileges from user to admin and likewise. Grant or assign the privileges or access on a Need-to-Know basis only.! Deploying an appropriate IAM (Identity and Access Management) plan prevents accidental information modification from unauthorized employees. It also limits the scope of access for hackers having stolen the employees’ credentials. Implement a systematic de-provisioning process for employees leaving the company so their access to the IT systems, applications, and data is curtailed. Revoking the access rights of someone who has left the organization is very much a crucial security responsibility that must be completed on the LWD (Last Working Day) & not get delayed. 
4. Depth-in-defense & defense-in-depth approches: Maintaining your organization’s credibility in the market is very important. Comply with various regulatory standards & frameworks to protect highly sensitive business information. The in-house SOC (Security Operations Center) team can monitor the real-time activities of users, services, and applications in your IT environment. Alternatively, to facilitate inadequate budgets & lack of resources, you can hire an MSSP (Managed Security Service Provider). They help you to outsource your security logging & monitoring requirements. They prevent, detect, analyze, & mitigate security risks, threats, vulnerabilities, & incidents for your business. Protect your data & devices with various security solutions such as NGAVs (Next-Gen Anti-Virus), DLP (Data Loss Prevention), XDR (Extended Detection and Response), Honeypot, and likewise. Training and securing your users and employees would give hackers a hard time targeting your IT infrastructure with 0-Day vulnerabilities. 

Centex Technologies provides a variety of cybersecurity solutions to companies. For a free audit of your enterprise's IT systems, call (855) 375-9654.

The BEC (Business Email Compromise) attack is a scam that usually targets corporates that conduct wire transfers to overseas suppliers. They target official email accounts of executives and high-level employees working in administration or finance departments. Such email addresses, involved with conducting wire transfer payments are either spoofed or compromised through keyloggers or phishing attacks. Corporations lose hundreds of thousands of their revenue every year via these fraudulent transfers.

Attackers in the BEC, also known as the Man-in-the-Email scam, rely on social engineering tactics. They trick the employees and executives working in non-tech roles. They usually impersonate employees from the board of directors/management, or executives who are authorized to do wire transfers. Additionally, fraudsters also research and closely monitor their potential target victims, their organizational movements, and likewise.

Security Professionals in any organization usually encounter these 5 types of BEC scams:

1. Fraud invoice: Firms with overseas suppliers are targeted wherein attackers impersonate suppliers requesting fund transfers for payments to account(s) owned by fraudsters.
2. Executive fraud: Attackers impersonating executives send the email(s) to finance, administration, or procurement department employees requesting them to transfer money to account(s) that the hackers’ control.
3. Account compromise: Executive(s) or employees’ email account(s) are hacked to request invoice payments to vendors or clients listed in their email contacts.
4. Attorney impersonation: Attackers impersonate any person from the legal team or from any legal firm in charge of important and urgent matters regarding your organization.
5. PII theft: PII (Personally Identifiable Information) of employees and tax-related statements in possession of the HR department are harvested to carry out future targeted attacks on potential individual victims.

GreatHorn, a cloud email security provider, released a BEC landscape report in 2021 that is based on information provided by 270 IT and cybersecurity professionals. 30% of them confirmed receiving 50% of malicious links in emails while a similar number of participants from the BFSI sector revealed being a victim of spear-phishing attacks. 35% of organizations disclosed that BEC attacks account for 50%+ of their incidents while a similar percentage of firms encounter spear-phishing emails on a weekly basis. Half of the professionals have dealt with a security incident in the past 12 months where every 1 out of 4 companies received at least 76% of the malware they detected via email. Usually, these email(s) do not contain any malicious links or attachments, hence they easily evade traditional as well as advanced security solutions deployed. BEC attacks are becoming more expensive than ransomware and are usually unbeatable.

 How would you protect yourself from getting tricked by these cyber fraudsters? 

1. Check the source of email including the domain name from where it has been sent.
2. Be alert to see anything suspicious regarding payment requests over emails.
3. Protect email systems with advanced software capable of tracking spam and filtering out emails.
4. Don’t make presumptions over the email, always confirm the wire transfer requests with the sender over a phone call or a video call.
5. When in doubt, contact cybersecurity teams in your organizations as you encounter such emails in your inbox.
6. By training the employee staff, executives, partners, clients, and customers in end-user security awareness. This can help detect and prevent being a victim of BEC attacks.

For cybersecurity and IT solutions for business, contact Centex Technologies at (972) 375 - 9654

Fuzzing is a software testing technique which is used to find implementation bugs that can be hacked by using malformed/semi-malformed data injection in an automated fashion. The data injection consists of different permutations of data that are fed into target program until one of these permutations reveals a vulnerability that can be exploited by the cyber criminals.

A fuzzer may try different combinations of attacks on:

• Numbers (signed or unsigned integers, floats, etc.)
• Characters (urls, command line inputs, etc.)
• Metadata (user input text such as id3 tag)
• Pure Binary Sequences

The most common approach for a fuzzing attack is to define a list of ‘fuzz vectors’ (known to be dangerous values) for each type and inject these vectors or their recombination into the program.

Here is a list of common fuzz vectors:

• For Integers: Zero, possibly negative or very big numbers
• For Chars: Escaped, interpretable characters / instructions (ex: For SQL Requests, quotes / commands…)
• For Binary: Random ones
• For Chars: Escaped, interpretable characters / instructions (ex: For SQL Requests, quotes / commands…)

Types Of Fuzzing Attacks:

Application Fuzzing: A web application fuzzer tests for buffer overflow conditions, error handling issues, boundary checks, and parameter format checks. Irrespective of the type of system to be fuzzed, the attack vectors are in it’s Input or Output system. Attack vectors for a desktop app are:

• The UI (testing all the buttons sequences / text inputs)
• The command-line options
• The import/export capabilities

In case of a web app, attack vectors can be found in urls, forms, user-generated content, RPC requests, etc.

Protocol Fuzzing: To launch a protocol fuzzing attack, a fuzzer sends forged packets to the tested application and eventually acts as a proxy to modify requests sent to the server and replay them to find a vulnerability.

File Format Fuzzing: In a file format fuzzing attack, the fuzzer generates multiple malformed samples and opens them in a sequence. When the program crashes, the sample is kept for further investigation. Using a file format fuzzing attack, hackers can attack-

• The Parser Layer (Container Layer): These attacks target file format constraints, structure, conventions, field sizes, flags, etc.
• The Codec/Application Layer: These are lower-level attacks which aim at the program’s deep rooted information.

Centex Technologies provide complete IT security solution to clients. For more information, contact Centex Technologies at (972) 375 - 9654.              

View Full Image

Voice over Internet Protocol or VoIP is also known as IP Telephony. It is a method of delivering voice communications and multimedia messages over Internet Protocol networks. The technology converts the voice signals into digital signals allowing the user to make a call directly from a computer, VoIP phone, smartphone or any other digital device with an internet connection and VoIP application.

Switching to a VoIP telecommunication system offers an array of benefits for businesses:

• Low Cost-Per-Call: A VoIP telecommunication system converts the communication data into packets and sends it over the IP network as opposed to the traditional telephonic communication channels. In case of traditional methods, calls are placed using phone lines which means a line is taken up by two callers. Since there is a limit to number of phone lines, the calls are expensive, specifically if they are long distance. On the other hand, in case of VoIP, the use of office internet connection to relay communication data makes domestic as well as international calls cheaper.
• Service Mobility: In case of traditional phone system, a line that runs to a business is assigned its own phone number. This results in limited mobility as user is required to remember right codes for accessing the messages sent to that phone number (when receiving messages on a separate device outside the office). However, VoIP system eliminates the physical limitations and the users can move freely as per the business requirements and avail the communication services on any device equipped with an internet connection and the VoIP application.
• Efficient Client Interaction: Business needs may require employees to travel which may result in missing important client calls or communications, if using traditional phone systems that are wired to the employee desk inside the office. On the contrary, when using a VoIP system, employees can choose where the call rings and how. For example, the system settings can be made in a way that first few rings are sent to the office. If the employee doesn’t answer, further rings can be forwarded to another device, say a mobile phone or laptop. This helps employees to attend important calls irrespective of their location which improves the efficiency of client interactions.
• Multi-Functionality: VoIP systems offer an array of additional communication services like instant messaging, presence status, teleconferencing, video conferencing, etc. The systems also allow the users to receive voicemail and faxes over their email. These services enhance the efficiency of business communication within and across the teams.

For more information on why a business needs VoIP, call Centex Technologies at (972) 375 - 9654.          

Wireless networks have grown a lot from the first generation (1G) to 4G/LTE networks that offer faster speeds. Now, the stage is being set for 5G that will connect a large number of new devices and sensors with future communication technologies while introducing new capabilities and services.

But with great transformation come great risks! Some security professionals are warning that 5G will also empower the hackers with speed and capabilities to launch high-speed malicious activity across larger number of devices in a short span. A survey indicates that approximately 73% of security professionals have shown high to medium concern on potential impact of 5G on cyber security.

Professionals indicate that 5G will introduce new vulnerabilities in:

• Supply Chain: 5G supply chain will be at risk of vulnerabilities such as malicious software and hardware, counterfeit components, and poor designs, manufacturing processes and maintenance procedures.
• Deployment: 5G is expected to use more information and communication technology components, so improperly deployment, configuration or management of equipment and networks may be at risk of disruption & manipulation.
• Network Security: Since 5G builds upon previous generations, it may be expected to carry forward legacy vulnerabilities such as DDoS attacks, etc.

In lieu of potential 5G risks and vulnerabilities, here are some ways to help you manage 5G security challenges:

• Prioritize Security: Organizations with security-first mindset are prepared to adopt 5G and other emerging technologies. But, also focus on your customers and in case they don’t have a culture that prioritizes security, help them adopt solutions and services that cover all the aspects of cyber security including incident response strategy.
• Deploy Standards-Based Devices: Organizations should focus on helping their customers and employees choose IoT devices that are embedded with in-built security features and meet established industry standards for security. It is important to make sure that the devices are capable of offering protection, detection, and mitigation.
• Adopt Virtualization: A large number of connected devices paired with the speed of 5G can act as a perfect playground for hackers and compound the security issues. Organizations can consider introducing virtualized security controls to help their customers in applying security policies across their environment at a quick speed, while employing automated remediation to help mitigate threats.
• Combine Threat Intelligence With AI: New capabilities of 5G will introduce new types of vulnerabilities and attacks. Organizations should infuse threat intelligence with AI or Machine Learning to immediately identify, detect and response at the point of attack.
• Zero-Trust: Organizations should implement zero-trust security policies. It includes verifying everything including user login, data access, incoming data, outgoing data, access requests, etc. without any exceptions.

5G can be used to garner business growth and profits, provided appropriate security measures are adopted.

At Centex Technologies, we educate our clients on the security challenges of 5G and required measures. To know more, call Centex Technologies at (972) 375 - 9654.

View Full Image