CoNetrix Technology opened its first satellite office in Midland, Texas to better serve its existing customers and extend services to businesses in the surrounding areas. CoNetrix Technology, a subsidiary of CoNetrix, LLC, opened its first satellite office in Midland, Texas to satisfy the needs of the company's growing customer base. CoNetrix Technology provides computer network support, IT managed services, and private cloud hosting for businesses. By adding an office in Midland, Texas, CoNetrix Technology is better positioned to serve its existing customers and extend services to businesses in Midland/Odessa and the surrounding communities.

Tandem, a subsidiary of CoNetrix, is inviting users to explore their new website—https://tandem.app. With a fresh look, the new marketing website offers customers a better user-experience and a new way to connect to Tandem while learning more about the software. 

The May 2019 Microsoft patch releases included an update for a very high-risk vulnerability (CVE-2019-0708, aka BlueKeep) that affects Windows XP, Windows 7, Server 2003, Server 2008, and Server 2008 R2. This vulnerability allows an unauthenticated attacker (or malware) to remotely execute code on the vulnerable system. It is considered as VERY high risk, particularly for systems with Remote Desktop Protocol (RDP, port 3389) directly exposed to the Internet. However if a system inside the network is compromised it could easily spread to other PC's and servers because RDP is enabled by default.

What is the FSSCC Cybersecurity Profile? The FSSCC Cybersecurity Profile was published on October 25, 2018 by the Financial Services Sector Coordinating Council (FSSCC). The FSSCC is a private entity comprised of 70 members from financial services organizations. Their cybersecurity profile has multiple tiers, which allow users to answer a scalable set of questions. This scaling is designed to provide an expedited assessment of the user's organization's cybersecurity preparedness.

Cybersecurity budgets for financial institutions are continuing to increase in an effort to keep pace with advances in technology. CoNetrix conducted a survey to gain insights into cybersecurity and how institutions are using their funds to support their cybersecurity program. 

On April 2, 2019, the Federal Deposit Insurance Corporation (FDIC) released a new financial institution letter (FIL-19-2019) called "Technology Service Provider Contracts." Why was this guidance published? When FIL-19-2019 was published, it had been five years, almost to the date, since the last vendor management guidance was released by the FDIC (see FIL-13-2014, published on April 7, 2014). Presumably, it was a good time for a reminder about vendor management expectations.

For many financial institutions, Business Continuity Plan (BCP) tests are easy to identify and trivial to document as senior management is familiar with the concept and the tests occur on a fairly frequent basis, either because they are scheduled in advance or because Internet/phone/power outages happen to every business at some point. When it comes to the Incident Response Plan (IRP) tests, however, the situation is not so clear. Whether this is because the FFIEC actually includes Incident Response Testing as part of the Business Continuity Planning Booklet or because, like things that happen in Vegas, incidents aren't spoken of after they occur. Additionally, it may depend on who you ask and if there's any resulting reputational damage, just to make things even muddier.

On April 24th, CoNetrix released their inaugural report, The State of Cybersecurity in the Financial Institution Industry. In order to understand the industry better, CoNetrix distributed a 44-question survey to individuals of financial institutions. The survey remained open from November 1, 2018 through January 31, 2019. At the end of that timeframe, CoNetrix received 243 completed survey responses.

In the course of my work, I find myself visiting several financial institutions throughout the year. Although these institutions vary in size and complexity, many of them share several common deficiencies. Some of the prevalent security mistakes listed in this article may be resolved with relatively simple implementations, but others can take more substantial amounts of time and user training to remediate. Fixing these five deficiencies would greatly help to improve the security of any institution.

Many businesses and financial institutions have seen an increase in the number of employee-owned devices over the past few years. Employees are using these devices to access email, download files, launch a remote desktop, or use a Virtual Private Network (VPN) connection for a remote "on network" experience.

Microsoft has been emphasizing Office 365 subscription services since the public introduction in 2011. As a result, the popularity of these services has grown to over 155 million active users as of October 2018, and is gaining new users at over 3 million seats per month. With this growth, on-going marketing, and the increasing acceptance of public cloud services, many businesses and financial institutions are starting to look at Office 365.

CoNetrix has met all the criteria to become a Cisco Express Specialization Partner in the USA. By achieving the Express Specialization, CoNetrix has proven they have the ability to provide sophisticated, value-added Cisco solutions through their in-depth sales capabilities, technology skills and service offerings.