So aside from my basic roles in technology the last twenty years (wow, has it been that long?) I've always had a passion for trading markets. Over the years I've traded your basic stocks, buying and selling as well as traded options for hedging entry and exit points, purchased tons of mutual funds, and had fun analyzing markets. These days you'll typically just catch me trading S&P futures for it's simplicity and get in get out dynamics. I love it. But my passion has brought me into the world of crypto currency exchange full throttle. There is no other market in the world that's as volatile with gains this high and drops this low. It's a day traders paradise if they know what they're doing.

I've never seen so many people able to take 1000% gains in less than a week as I do in these markets. I've left some comments on LinkedIn regarding blockchain technology and how it's disrupting well over 60+ industries and that number is going up daily. I've invested significantly in some of these particular areas as well as new forms of these currencies in general. Many business leaders and investors like Richard Branson, owner of Virgin and Ashton Kutcher actor and investor both like bitcoin.....a lot. This also includes the Winklevoss twins (Facebook co-founders) who own upwards of well over 800 million dollars in bitcoin assets.

But bitcoin is just one small part of the blockchain movement. The vast majority of everything flooding into this particular tech space now comes from the Ethereum network which allows for smart contract technology that are peer to peer which allow people to create contracts simply and easily with companies like Etherparty, and have these contracts automatically execute the parameters within them. Think about a mortgage. They're all done in paper and held by multiple entities. Your bank has a copy (hopefully), a title company, and yourself along with possible county recorder/clerk's office etc., the list goes on. How many mortgages got lost or misplaced during the great recession of 2008? How many people never had to pay on them again because the entity stating they had the document(s) could not produce proof? None of that would ever happen again using smart contracts. Once the information is entered and written onto the blockchain within the confines of the DApp writing it, it's there forever. It can't be edited, it can't be changed or modified in any way. That contract would automatically execute someone's mortgage payments and on the day it was paid off in full, would transfer complete ownership to the property owner. It would always be available and there would never be issues of lost or misplaced mortgages or incorrect parameters of the contract. Now think of how many industries a smart contract could disrupt. 

There's also the inception of the ERC20 crytpo token which brings about a multitude of payment processes within these DApps written on this incredible Ethereum network. Sometimes the token has a completely different purpose. One example is the marijuana industry. This is a cash only industry because on the federal level, it's still technically illegal and considered a schedule 1 drug. Despite the politics and opinions involved with that scenario, dispensaries are popping up all over the country for either medical reasons or recreational. The owners of these businesses are in pretty dangerous circumstances seeing they have to keep large amounts of money in safes and probably have to carry a gun with them everywhere they go so as not to become the victim of a robbery. This is also why you'll see armed security hired to protect these places. Now imagine a DApp (application written on top of ethereum) that can use these crypto tokens as a form of temporary currency for transactions (remember, they're not technically accepting dollars) and then once it reaches the merchant through the app on someone's phone, is immediately exchanged for USD in real time on that person's own debit card designed and built for that DApp which they can then use anywhere that accepts debit/credit cards. Customers can now use debit and credit card transactions to buy their marijuana which is a multi-billion dollar industry and the merchant is able to actually receive fiat currency or crypto tokens for it on a card or in an account, without having to store stacks of bills in a safe to accomplish this. And it's completely legal and banks don't have to get involved and have their license pulled by the federal government. Coincidentally the company in this example is a firm called Greenmed. Crytographic currencies are going to change EVERYTHING.

There are currently incredible possibilities going on right now. ICO's (Initial Coin Offerings) are pulling in record crowdfunding money in the billions of dollars. Sites like Icoalerts.com and coinmarketcap.com all track these things with numbers and breakdowns. It's such a massive, massive space with incredible market caps, many have already become millionaires or are well on their way. I just marvel at the size and scope of what's going on right now.  Like I often times say, those who don't somehow get involved in blockchain technology will be kicking themselves in the next few years. These things are going to change the world. 

So this is a relatively older story but I still wanted the metrics on my site to link to something regarding it. With all the "infotainment" now being embedded into our new vehicles there has yet again been a sacrifice in security for the aim of convenience. In vehicle wi-fi hotspots have been introduced into newer vehicles as well as wireless charging, doppler radar overlay, the list goes on. Of course with certain manufacturers these really cool features have been implemented without looking into backend security. Yes readers, your new fancy car now has an IP address...on the internet. What hackers can do with that IP address is downright scary, continue reading.

The story I'm going to link to isn't as terrifying as the title of this article makes it out to be. At least in regards to the driver himself. He was well aware that the attack was going to take place, he just didn't know how or when exactly it would happen. However even after knowing that an attack would take place he does in fact become somewhat fearful of exactly how little control he had in the given situation. Imagine driving on the interstate and all of a sudden all the dials and switches in your vehicle are no longer under your control. Your air conditioning begins blasting you at full power through your vents and seat. Your windshield wipers turn on, your hazards, your radio station and scariest of all, your brakes are no longer under your control.

This was a MAJOR oversight by Jeep when they released their Grand Cherokee a while back. Apparently they didn't feel the need to hire any security engineers to oversee the implementation of their in vehicle technology and suffered a massive blow to public opinion on how they do things. People saw, both in video and written articles just how insecure their vehicles are and how easily they can be compromised. All of the newer vehicles on the road are run by computer systems. Some of those computer systems have a ton of security holes in them. When those holes are breached, you can very literally lose control over your entire vehicle and what it's doing on the road.

Here's that story, and although not super current, still bears repeating:

Gilded Pendulum has recently just partnered with ZeroOutages and now we're really excited to offer many of our business customers depending on the types of circuits you have, next-generation internet circuit monitoring!  This means that we can now monitor our client's internet circuits and be alerted of any outages or network issues that may happen at any given moment. With this tool we can offer the following additional services to our valuable clients behind the scenes:

• 24/7 network monitoring via a highly secure and redundant global data center

• Emailed status alerts from an unlimited number of businesses (we can monitor all of our clients simultaneously)

• Complete visibility of customer networks via next-generation technology

• Circuit status up/down monitoring

• Metric reporting with real-time graphs and charts

• Geolocation information for mapping each customer

No other master agent offers this suite of powerful tools so that we can be instantly alerted to any network downtime our clients may face. Our powerful partners have made this possible and we're now extending this service to any clients who would like the additional peace of mind knowing we're keeping tabs on the services we've personally sourced for them, in addition to their own providers and carriers. This now makes us act as a small scale network operation center for your business and will work with any carrier service we sell.

Even more premium services may be added to this valuable tool in the future. This is just another way we try to better service those that matter most to us, our customers.

So it's been a while since I've written a new article so today I thought I'd talk about app permissions. You know, when you go to your apple or google play store and download that cool new app you heard about or update to the most current version from your social network? Yeah, those apps. Some people tend to be a bit paranoid and carefully inspect what that app is asking for permission to access, but many others don't even pay attention. Below is an older image of what facebook use to ask for permission to access on your phones:

Look at that, three pages of permissions from one application used to interact with your facebook contacts. In technical terms this is the equivalent of becoming an "administrator" on your smartphone. These are the things you need to pay attention to. Would I install this app on my phone? Absolutely not, granted I'm not a facebook user to begin with and this is part of the reason why. But there's other more curious things out there as well. Have you ever downloaded one of those nifty flashlight apps for your phone? Did you ever check the permissions it asked for before you downloaded it? I was getting ready to grab one myself one day and noticed that it was asking me for access to my wi-fi connections and SMS messages along with full network access. Um, what? Why? Well I flagged the app and a week or two later it no longer existed. There is ZERO reason an app that does nothing more than to turn a light on or off on your phone needs access to networks, text messaging, and antennas. None.

Remember, guard your information and guard your identities online. Don't give random pieces of software permission to access things it has no earthly reason to access. Lines of code can be malicious and sometimes those lines of code are able to fall through the cracks of even the toughest app store policing.  And read those user reviews! People are often very honest about their experiences with technology and hold nothing back. Use that to your advantage, they may bring up topics about the application that you never even thought of.

Stay safe. Stay secure.

-Dominic

Have you ever heard this term before? It's relatively new and has really only been used the last 5 years or so. What is the internet of things? Well, with the inception of wireless networks, both public and private being a normal mainstay in today's technological landscape, more and more devices are now being able to be connected to your wireless network at home. Refrigerators, washing machines, dryers, home climate controls, security systems, and even the very cars we drive each day, can all be compromised. These things are constantly broadcasting to the internet delivering you weather conditions, flight itineraries, package deliveries, software updates, recipes, music, and they're everywhere....and that's the problem.

With all this connectivity in our daily lives, information is everywhere. We have powerful computers in our pockets in the form of smartphones and tablets that can retrieve information for us in mere seconds. But how safe is it to have all these things in our home connected to the web? Most people probably don't think that having their fancy new Samsung refrigerator with the small LCD display connected to their wireless network is that big of a threat, and truth be told it probably isn't. I don't hear about hackers taking control of people's refrigerators and turning the temperature up so all of their food spoils. What I have seen is smart tv's by the same manufacturer having severe security holes in their software that have allowed random people online to watch them in their home on that television's camera. Nobody really thinks about how something like putting their pretty flat screen TV on the web being a serious detriment to their privacy but obviously it is. A criminal can find out a lot about a family by watching them every single day unbeknownst to them.

You see, the companies that offer us all these really cool conveniences powered by the web are typically only thinking about the service their offering to the customer. Again, the convenience. What they rarely take into account is the actual security risks involved if someone other than the owner of that product is able to take control of it. This is what happens when we have so many random devices on the internet aka "the internet of things." Having all this modern technology around to make our lives easier is great, but it comes at a cost. If it's not the manufacturer selling your information at a hefty sum to advertisers or other entities, it's the lack of security in the software ultimately costing you your privacy and in some cases even your personal security. A smart thing to ask yourself in today's digital world is, "Just because this device can connect to the internet and tell me things I'd like to know, is it really even necessary? Or is this just a novelty?" Most of the time it’s simply a novelty and something to show your friends. “Hey, look what this thing can do!” The only way to truly know 100% if a certain piece of software or even hardware is safe and secure is if you built it yourself, and even then, it's real easy to miss something. Ask a developer/software engineer how many holes they have to constantly plug in their own code and see what they tell you.

At the end of the day if you're connected, you're at risk. The key to staying safe and secure is to constantly be thinking about how you can mitigate your exposure to it. Ask yourself what that device knows about you. Does it know your home address? Does it know your credit card number? Does it use encryption? It's really easy for a would be attacker to figure out a lot about you by just tiny pieces of information. From whether or not you're married, have children, what kind of car you drive, to what the name of the family pet is. As always, I urge everyone to be careful with their information and guard it like the priceless item it is. Don't get lured into sacrificing personal information and security for simple convenience and the cool factor when guests come over. I can assure you as sure as I write this, it's absolutely not worth it.

Now think about how many businesses might be doing this and exposing their assets without even realizing it. 

This is my formal wake-up call to businesses who still don't feel the need to protect their networks from foreign intrusion. The main issue I'm finding after many discussions with other people in this industry is that they quite simply don't want to pay the extra money for something that they believe is of minimal risk. Because they've not yet suffered any type of breach on their network, loss of data, or service interruptions they feel it's not a worthy avenue to pursue.

Here's the thing, you're looking at it the wrong way. Businesses are simply examining the practice of security as nothing more than a cost expenditure on a spreadsheet that they feel they can't afford or don't need to justify spending. Well, you do, and here's why. Don't look at it as if you're just spending money on something invisible, you're not. You're spending money to protect the integrity of your business. You're also spending that money to protect your customer's personal and financial information that you're storing electronically. And lastly you're protecting the long tradition of fine services, products, and excellence your organization is known for. It's a symbolic gesture to the clients who trust you to do business with them safely in a digital world, and it will actually help protect them and you. Even if they have identity theft protection, most protection companies only promise to help them sort it out for one year. If that information is floating around the internet, it will never go away. Once it's out in the ether, there's no retrieving it, and they're going to blame the company responsible for allowing it's theft.

You couldn't pay me enough to be the CEO of Sony Studios right now. That corporation is the quintessential example of what can happen to a million dollar company that's been in business since 1946 in Japan, and since 1960 when Sony of America was established. That's almost 70 years of establishing their brand, quality, and products to the world and that trust was wiped away in a weekend. Between the vitriolic emails that went back and forth, to social security numbers of past employees and entertainers, I assure you Sony is in extremely poor standing with the world right now. They are a company that hasn't taken security seriously, since forever, and it's come back to bite them numerous times in the past few years. They chose not to protect their data, their clients, or their tradition of excellence.

So with all the above being said, how much would you pay to protect your company's trust, integrity and excellence with the world? Because at the end of the day, that's exactly what you're paying for and you would probably be surprised at how inexpensive it is to setup some basic protections. Nothing is unhackable as I've said before, but it looks ten times better for a company that has taken the subject of security seriously and implemented some solutions to protect as much as they could if they ever are attacked. When your clients find out that you instead chose to do nothing, I assure you, they won't be your clients for much longer. You may even find yourself out of business and out of a job due to the aftermath. THIS is how we must look at the issue of security. Not as some invisible cost on a balance sheet that should net us profits, but as the tax we must pay to do business in the ever evolving digital landscape.

I mostly talk about things of a technological nature here, well, that's really ALL I talk about as it is the focus of this blog. But it's not often we see in detail how technology is capable of impacting lives on a very dramatic scale in both human and animal recipients. I run across a lot of things on the internet regarding these types of things and one of those things is a lot of people's fear of the unknown. It's a natural human cognitive response, but we should always strive to understand something and educate ourselves on it's purpose than to immediately condemn it out of fear. In this instance I'm referring to 3D printing. It goes without saying that people are going to explore this newer technology to see exactly what it's capable of doing. It is our basic human curiosity to do so. 

Sometimes that curiosity pays off in a big way. 3D printing is opening the door to amazing possibilities in prosthetics, tools, and other tangible objects. Nasa just emailed a wrench to the international spacestation! We can literally email someone the blueprints to a particular item and then "print" them so to speak to serve their intended purpose on the fly. This doesn't invoke any feelings of fear from me, but instead opens another avenue of dynamic creation and excitement. That same excitement exists with nanomachines in my techy mind. But here is a great example of how something like a 3D printed image changed a life in someone's canine companion and how this will pave the way to many other life-changing experiences for many others in our own species. Imagine a human being able to walk for the first time. Run for the first time. Climb for the first time. Mobility is coming, and it will be affordable in the future to everyone.

It was recently discovered that the Sony and Microsoft DDoS attack on their gaming networks this past holiday season was done by taking over consumer routers used in the home. The routers that were turned into zombie-fied botnets (A botnet is a network of hijacked devices that are taken over maliciously and without the owner's knowledge to attack other entities through the internet by various means) and then in turn were used to access every other device that was connected to it. Once access was given through some not so sophisticated malware, those devices were used to send massive network traffic to Sony and Microsoft. The ONLY reason they were able to do this was because a script was running that targeted the default user name and password on their routers that people never bothered to change after hooking up their wi-fi at home.

Yeah, seriously. People that chose not even to password protect their home network were used as pawns in one of the most massive DDoS attacks in history. And here's the rub, most have absolutely no idea this even happened on their own home network and they still don't know. The one they use to do all of their online banking and access other personal data online with. The network they feel safest on because it's their own. Even when I am home on a password protected AES encrypted network (even though our devices can't use true 256 bit encryption for the most part) I use best method security practices. I use a VPN when online that encrypts my traffic and sends it through a proxy network. Depending on where I'm going online that particular day I might even use a copy of TAILS I have running on a USB thumb drive to boot into. I take precautions because I know what's happening out there. I know what's happening to businesses and I see how even our home networks are being breached and taken control of. It's a simple thing. When you buy a new router for your home, change the username and password as the most basic form of protection. When you turn your wi-fi on, password protect that as well. Use uppercase, lowercase, symbols, and numbers in your passwords so basic passphrase crackers can't retrieve your information as easily. Make up words. Use the "@" symbol for the letter "a." Use an "!" for the number 1, be creative. It's certainly not a 100% failsafe but it's far better than having your password be "password."

In today's digital world, it's up to us and us alone to keep ourselves protected as much as possible when online. This is even more true in our own homes. Sadly, as with most things, few people pay attention or even care until they actually have to. The above attack is now being sold online in exchange for bitcoin (from 180 seconds to 8 hour long attacks) and it's still using these hijacked devices the owners don't even know about. Stay safe out there and keep secure in 2015!

#OperationLockdown

I've discussed in length  many of the digital perils businesses face in today's world. We all know that if you don't have a web presence you don't exist. The web has grown to be a vital part of how we live today. Whether it be through helpful apps on our phones that help to get us places, how we manage our finances, or simply staying in touch with friends and family, it plays some pivotal role in our lives. Many of the tools and software we use today wouldn't be near as great as it is if it wasn't for hackers. These people have an outstanding mindset because they consistently think outside the box. They constantly ask themselves, "What if I could make this do this instead of just this." Or "If I can see the code that was written for this, I can make it even more powerful by doing this." In fact computers and videogames wouldn't even exist today if someone didn't tinker with something else to see inputs from one device projected onto a monitor. Thanks Homebrew!

Gilded Pendulum is a company that celebrates technology and the pioneers who create it. We know that just because someone is able to masterfully manipulate lines of code, that doesn't automatically make them a criminal or give them bad intentions. Quite the opposite. In learning how certain things work and function internally, new technology transcends to the open market. Stronger, faster, and more secure hardware and software become available for people and companies to use because someone looked at them and said, "What if...?"

In light of everything that's going on currently with the significant amount of breaches in companies like Sony, Home Depot, Target, Best Buy, Chick-Fil-A, JP Morgan Chase, Staples, Microsoft, the list goes on and on, we felt the need to mention that not everyone capable of destruction online uses their intelligence and skill to pursue those ends. Some may start out that way due to their age and curiosity, but many end up on our side in the end. Many choose to do battle with their white hats against the black hats. When it comes to criminal hackers, a company should never aim to beat them once and for all, things change far too quickly for that. Instead it should be an endless stalemate on the side of the hacker, never truly being able to attain what they want or to gain access to your network. Easier said than done.  It's a never ending war fought through various means but there are plenty of brilliant people out there on the side of the regular folks and the companies trusted with sensitive data. Look for the people that work behind a company name and logo who make this their daily mission.

Need help finding them? Gilded can help.

It's not something I'm willing to do. I have worked for some companies earlier in my career that shall remain nameless, and those particular organizations were perfectly fine with supporting horrible solutions they didn't even install themselves for the almighty dollar. I recall one client of one of these companies calling me every week screaming at me because his VoIP solution that was an "as seen on TV" magic jack, consistently failed all the time. No seriously, the company I worked for decided to support this ridiculous implementation to collect money from him every month, and we the support staff were stuck dealing with it every time it broke. We didn't even have access to their infrastructure, they were just making us google the fix, providing there even was one! Instead of the customer actually purchasing a reputable, reliable product for his business, he bought something he saw on TV around 2 am in the morning as a viable substitute for a 50+ office phone and fax solution. To this day I'm still surprised it even worked 10% of the time.

There's a reason IT professionals and consultants exist. It's so that their clients don't shoot themselves in the foot like the gentleman in the above story did. It's also to alleviate companies supporting a product they would never use themselves just to collect payment from a customer. There's a lot of unsavory practices out there and I didn't stay at that particular company very long as I felt it would reflect poorly on my integrity as a professional. Gilded Pendulum was cut from a different cloth and I'm not going to recommend rag tag solutions that are destined to fail my clients. I'm already saving them money through my network of solution providers simply by allowing me to facilitate their contracts and negotiations. If they want a solution that is extremely easy on their wallet but is going to constantly be down due to it's lackluster quality or infrastructure, I'm going to advise against it. Companies don't need to purchase top of the line, state-of-the-art products to stay in business, far from it. But they do need a solution that is going to work when they need it to. And monthly it's really just a little bit more to implement something reliable instead of a fly-by-night company's solution to your needs. In today's digital landscape, businesses are built and destroyed by the choices they make. Your customers can fire everyone in your company, from the CEO on down, by simply choosing to shop elsewhere. Sam Walton said that and it's even more true today. It's not worth making the same mistakes as so many others, (I've seen it happen a lot) and I promise to keep your business moving forward the right way at a great price. You've got enough headaches to deal with, don't let your technology be one of them.

I mean, lets just cut to the chase right? I've already explained what an aggregate carrier firm is, but why should businesses actually choose our firm when procuring their IT and carrier services? Aside from having contacts at every major carrier and great partnerships with IT service companies, the bottom line is that we send tens of thousands to hundreds of thousands of dollars to these companies monthly or annually depending on who we're talking about. They make a lot of money dealing with our agents and interconnects nationwide and it could be said that we tend to get some special attention when asking for proposals. That attention also extends to when we may have to call on behalf of a customer who might be having an issue with their infrastructure or services. At the end of the day, they love doing business with us because we increase their customer base exponentially, regardless of who our clients choose to have as their service provider. And keep in mind, this isn't just with your basic telecom carrier, this is also consistent with our cloud providers, data center providers, and disaster recovery solutions.

This is our business. Just like your company will typically move volume on whatever your specialty or focus may be, our affiliates move massive volume to providers. So when you choose to work with us,  you're working with a company that pushes capital dynamically to those who will be providing you services in the future. Just that simple benefit alone outweighs anything a small or medium business could hope to attain on their own. That's really all there is to it, there's no great mystery as to how we achieve what we achieve. Let us use our contacts and our industry reputation as a master agent to get you the deal and prices you deserve. We've built our entire business on servicing your's. And the absolute best thing about that? You typically save thousands a year when we get you these deals depending on the scope of your organization. Not bad.

Don't go it alone, we get the deals we get for a reason. Let us get a great one for you.

At Gilded Pendulum, we have a social networking presence, but that's really about as far as it goes. We're a tech firm, and ergo we know how technology works. We know what it's doing behind the scenes and we know the dangers inherent therein. Whether you're an individual or a business entity like us, at the end of the day we're just part of a gigantic data cluster. With the current internet landscape, (I'm referring to the clearnet) free services are in the business of removing your privacy in exchange to become a part of the network. Privacy policies are more in place to remove your privacy, then protect it. Terms of use spell out in legaleeze how this is done, but it's so convoluted I don't know anyone that actually reads them. How do free companies like Facebook, Google, and Twitter rake in billions of dollars a year? Well, it is true that they do sell certain services for people that buy them, but they're getting rich off of having millions of people's personal information stored in their database. Retailers and other companies purchase this information for their own personal demographic of possible customers, the owners of the database make a killing , and you already agreed to it in the terms of service . But that's not all.

TOTAL. INFORMATION. AWARENESS.

Since the passing of the patriot act, the government has gone to great lengths to collect every single piece of data that passes through the clearnet. The clearnet is what the majority of people use. It includes sites like google, facebook, twitter, cnn, yahoo, youtube, etc. When someone does something as simple as send an email from the their web address, it passes through a data center for inspection and is then moved to it's end destination. But that's not all. It links banking activities, flight searches, shopping preferences, all the way to online interactions with others. This type of infrastructure has the very real way of grabbing information on any American for any reason, providing they use the internet. Does that seem like a bit of an over reach? It should. There's no reason that every single internet user in this country and even others, needs their information collected and stored on a server somewhere, but it's happening. And companies like Google, Facebook, and many other sites that offer a social interacting experience have been lobbying for years in Washington AGAINST privacy for their users because it would disrupt their business models. Free isn't always better.

So don't assume that you're just posting your personal information to Facebook, no big deal. Don't assume that anything you put online won't be available in the next ten years even after you delete it. Trust me, it hasn't gone anywhere except into a searchable database somewhere else. Things like first and last names, birth dates, where you live, where you work, what you drive, where you go to vacation are all viewable and searchable by three letter agencies and even more sinister entities (if you can believe that). Companies will often times put more information than is needed onto social media as well giving would be hackers and other digital thieves more knowledge of how to possibly extract their critical information. Our advice at Gilded Pendulum is two simple words, "Be vague." A lot of people who use these networking sites don't even know how they work. It is safe to assume that whatever you post can be searched by the entire world, and it often times is. 

At the end of the day, laws have been passed and others not been passed, for the sole purpose of collecting all of our information and doing things with it we would rather not have done. Be extremely careful before you hit that submit or send button, because it is forever. Whether you're one of our clients or not, we believe in protecting people and providing a sense of awareness to better inform them on the dangers existent online.

We can help secure your data internally and externally and give you other tips on how else to protect that which matters most online. Call or email anytime.

-Dom

Did you know that generally hackers only use their computers for malicious purposes about 40% of the time? The other 60% of the time they're procuring your customer's personal information through a very intricate process known as social engineering. That's not a term that many businesses that store critical information are typically aware of. The basic consensus is that if they keep their network safe, plug all the holes, and use top of the line equipment their worries are over. Nope! You're only half way done actually.

Have you ever attended a defcon or blackhat convention before? I have. On the show floor you'll be privy to the most aggressive network on the planet. For those going in unaware and who leave their smartphone's wi-fi enabled, you will be made an example of. Your name and information will appear on a large screen for all to see because you didn't take precautions or research where it was you were actually going. You'll see a myriad of spectacles from hackers showing how insecure your home router is to actually participating in social engineering experiments over a loudspeaker, live.

You see, social engineering is the art of cleverly extracting information from those trained to help, usually in the form of customers and fellow co-workers. A black hat type hacker (or white hat penetration tester) will use social networks like linkedin, facebook, etc to find out who the particular employees are at the company they're trying to get information from. LinkedIn is a great resource to see who works at that company and what their job title is. Facebook is a great resource to see when those people might be on vacation or out of the office. That's often times when the calls will start coming in from people claiming to be working at home that day (or the like) and that they need access to the network but don't have a remote login. Untrained employees who are use to merely assisting fellow co-workers tend to fall for these types of schemes giving that hacker everything they need to easily gain access to network resources and information, seeing the gatekeepers who would typically verify the information are out of the office. Again this is typically 60% of the "hacking" process in a lot of cases. Systems have gotten better at being more secure and often times this is the method that takes up the slack in those situations.

So it's pretty incredible how capable cyber criminal elements are at gaining access to inaccessible systems isn't it? The example above is just something that can happen over the phone. Sometimes an adept social engineer will actually gain access to your property, often times disguised as a particular type of repair technician, pizza delivery guy, engineer, you name it. These people are extremely gifted at what they do, providing the piece of information isn't available through the internet, and they'll already be on the guest list for the day. Now you'll have feet on the ground, corporate espionage at it's finest. This can happen at any time, and companies that are heavy in R&D or have access to critical information like pharma, shipping firms, financial institutions, etc should definitely take warning. Much of their most critical information is stored on secure parts of their internal infrastructure and this is one way how that information will be stolen or compromised.

Do not think simply because you have the best hardware protecting your software that you are in any way immune to having your data compromised. You are not. Sometimes your own employees will give a criminal the keys to the castle without even realizing it. In these types of settings, employees need to be trained on how these people operate, the types of questions they'll ask, and the type of information they may have already stolen in order to know what they know. 

Gilded Pendulum can help you with securing your network all the way to military grade encryption and 24 hour monitoring. However you as the business owner or CIO will have to make sure your staff is highly trained to defend themselves and your livelihood against the social engineers. They're out there, and they get paid a LOT of money to do what they do so well. Take notice and always be prepared. You can contact us at any time to be pointed in the right direction in just how to begin the process.

-Dominic

They happen every day from all over the world, attacking different services through different ports consistently for hours and days at a time. Some are minor annoyances that can be ratified relatively quickly, others are completely devastating. We all remember the attacks on Sony back in 2011 which crippled their entire network for a month and eventually not only cost them their reputation as being secure, but also 15 million dollars in a class action lawsuit. If you're a company that stores any kind of personal information of customers/clients you MUST protect their data at all costs. As I type this, multiple companies suffered a barrage of DDoS attacks today including Blizzard, League of Legends, Microsoft Xbox live on 360 (briefly) and of course, Sony.  More attacks are currently in the works according to various twitter feeds. These were non-malicious attacks for the most part today, but plenty of information is on these servers including financial information where applicable. These attacks showed once again that these companies may not be doing enough to secure their data and their infrastructure. There are however, other companies out there that do JUST that, secure your data for you 24 hours a day. We're well aware of these companies at Gilded Pendulum and can make sure your data is always being monitored, traffic mitigated, and redundancy present at all times for just such occasions. In house IT departments often don't have the time nor the resources to make this a full time job, but that doesn't mean it can't be accomplished. 

Feel free to email us with any questions as well as any concerns you may have about the future of your data's integrity online.

To close, here's a great feed of what actual cyberattacks look like in real time all over the world, illustrating attacker and aggressor as well as point of origin on darknets. This is constant, happens every day, and should if nothing else raise awareness of how often these things are going on. 

Stay Safe!

Some of you out there may have heard of this developing trend. A lot of the heavy hitting providers out there have begun the competition on the pricing structures for this service. So what is infrastructure as a service or (IaaS)? It's quite simple actually. It's merely a provisioning model where companies can lease equipment in the cloud for whatever they see fit. As a customer you pay a monthly fee for the leasing of another company's equipment instead of purchasing your own and setting up your own cage in a data center somewhere that your IT staff will have to manage in person as well as remotely.

There are of course advantages and disadvantages to this. The advantages are you don't have to show up at a data center for network discovery of new equipment installation and hook up. All of the layer one network responsibilities fall onto the provider. You also won't have to worry about backups, incremental or otherwise. Furthermore redundancy and failover are also non-issues.

The disadvantages, like with anything, are certainly there as well. In these instances, when it comes to security, you are at the mercy of whomever you signed with. For some businesses with sensitive information, banks especially, this type of security may not be adequate for your needs. You are also responsible for your own upgrades of tools, database systems, and underlying infrastructure itself. If you have certain technical needs that require mandatory pieces of hardware, you're relatively out of luck. There may also be legal reasons as to why you are unable to keep certain aspects of your data storage off shore or off-premises. 

Either way, its just another option for the business owner who enjoys a variety of choice. Just know that with any big technical decision or deployment, one must weigh both the pros and cons of that service and how viable it is for your particular business. Options are something we excel at providing at Gilded Pendulum. If you'd like to know exactly what yours are, we can help.  

Because if you've explored the site a bit, you would know that this is essentially what we are. So what does that mean for you exactly? Well, quite simply it means we don't play favorites. It means that I don't work for or with any particular company exclusively to try and get you a lackluster business contract. In fact, it means the exact opposite. Being an aggregate/agnostic carrier firm means I have the freedom to explore far more options with my clients. Many business owners and upper managers believe if they need critical data services they just have to call their local exchange carriers and hope for the best. They don't have anyone available who is already well aware of what these large data merchants are offering. They're also unaware that master agents like Gilded Pendulum can often times give their clients amazing deals that these company's own sales associates don't even have access to. They're not allowed to sell them! It cuts into company profits!

Why? Because they know that with an aggregate firm like ours, you have options and lots of them. They know that we have access to the great rate structure deals that they don't tell direct inquiries about. Most will just be told about the typical "specials of the month" or simply outbid the bid from another high priced competitor. Carriers and vendors know that we know, that when a potential client calls them for business services, that carrier will typically start at the absolute highest rates and attempt a negotiation from that starting point. That's an extremely difficult way of procuring the services you need for your business to function. Gilded Pendulum will bypass all of the absurdity and get down to brass tax with real deals, real cost-benefit analysis, telecom audits, and then like precise placement of a puzzle piece, place your organization intricately into the best possible scenario for streamlining your data and saving you the money and hassle of dealing with people who can only sell you THEIR product.

This is why our consultations are worth their weight in gold. You don't even have to tell us what you were quoted because it doesn't matter. We work outside those initial boundaries from the very start.

It's funny to think how the smartphones we have in our pockets today are ridiculously more powerful than what the Apollo 11 space shuttle crew had for it's trip to the moon. Think about that for a moment, it's pretty amazing seeing they made it there with something not much more powerful than your average calculator. But with just about everything, there's limitations. The end user is held back by processing speed, battery life, and actual storage on the device itself. So now we're starting to see an emergence of what many are calling "third platform" technology which is basically cloud computing.

What's cloud computing? To the uninitiated it's somewhat of a scary word because everyone is talking about it, but many haven't the slightest idea what it means nor what it does. It's an extension and a partnership on how your devices can be utilized better. The extension often times could be something as simple as storage that you can access with your internet connection via your phone or tablet. Google drive and drop box are perfect examples of this. When people run out of room on their phones/tablets, they'll just take what they have saved and move it to the cloud freeing up all that space. The partnership aspect is letting another machine on the internet (that's what cloud means, simply servers on the internet) do all of the hard number crunching for you and stream that data with the correct resolutions and visual quality back to your device of choice. Ever stream a movie, game (Playstation Now) or music from the internet? Congratulations, you're a cloud user.

One of the most powerful aspects of cloud use however is virtualization. You can see an example of the basic architecture in the image above. Whether you're just utilizing the hosted hypervisor aspect or actually have bare metal integration, this is what's fueling much of the cloud we know today, whether mobile or otherwise. Running applications like Xen Desktop for your employees in your offices that is practically indistinguishable from running a basic windows setup can save YOU a lot of money, time, and effort . Instead of purchasing powerful PC desktops to run windows, you can purchase inexpensive thin clients for your entire enterprise and your employees can login to their desktops from anywhere with an internet connection and work remotely. Their saved data and critical applications will be readily available at all times either in the office or from a cafe in Paris. I’ve worked for cloud companies in the past and this was our exact setup!

This is such a big subject it can hardly be summed up in three paragraphs. Are you curious what this new paridigm shift can do for you and your company? Give us a call, the options available might really surprise you.

Especially if you happen to run a business firmly planted in information technology. Although there are many aspects you can control, there are many you cannot. The things you tend to be able not to control take time away from servicing your customer base. Time spent on the phone arguing with someone in a call center about a service you paid for but aren't receiving, or a service that isn't functioning up to the advertised expectation becomes non-sensical. Business owners in today's world, as well as management personnel don't have time to deal with these inconveniences. They already, in most cases, have too much on their plate to contend with dealing with poor service. Does this describe what you're going through?

I'm not a big fan of outsourcing technical responsibility overseas. I've had to contend with it on many an occasion when a certain technical department is migrated elsewhere and the troubleshooting process as well as properly managing escalations becomes extremely problematic. But do you know what I am a fan of? Carrier and vendor outsourcing. You're not relying on a bunch of untrained people sitting in a cubicle somewhere who can be extremely difficult to understand and who only have a vague comprehension of your infrastructure. You're just delegating the troubleshooting and heavy lifting to the people that built it in the first place. Having an issue with your network? Is your cloud giving you trouble? With our technical solutions, your problems get taken care of, fast. We're not just selling you a high impact solution to streamline your data, we're going to support it well after the fact. That's why we're your ally as well as your solutions provider. When the chips are down, you need someone in your corner. That's where we come in.

Integrity has always been a major issue with me when engaging companies to find solutions, and I've built this business on the same principle. Integrity, honesty, and building lifelong relationships is how business should always be done.

Of course these are all things you’ll learn after our first meeting.