Net Access Blog

Net Access

Recent Posts

Pictures From Our FLEXOfficeRecovery Grand Opening Event

Posted by Net Access on Oct 14, 2015 4:20:46 PM

It was a fun and informative afternoon at our FLEXOfficeRecovery grand opening celebration last Thursday in Cedar Knolls. Over 100 guests toured our new business continuity facility, enjoyed Oktoberfest-themed food and drinks and mingled with the Net Access team on a beautiful fall afternoon. Congratulations to Chris Porto from Persistent Telecom for winning our GoPro raffle.

Please click on the picture below to access the photo gallery from this event:


Read More

Topics: disaster recovery

Net Access Weather Advisory Notification

Posted by Net Access on Oct 1, 2015 2:21:29 PM

Net Access is closely monitoring the developing weather conditions for Hurricane Joaquin. We have begun our normal operations related preparations for a storm that could have significant impacts to travel and also utility outages. Some of our preparations include:

  • Securing Hotel Rooms for Critical Staff
  • Notification of Fuel Vendors to ensure availability of additional fuel in the event of a long term utility outage
  • Performing Additional Readiness Tests of our UPS and Generation Plants

The National Weather Service's National Hurricane Center is currently forecasting that Hurricane Joaquin could be advancing towards the Northeast US by early to the middle of next week. While the severity of its impact to our area is unknown, our Facilities and Operations teams are taking precautionary measures to guard against service interruptions. Throughout the event, all systems will continue to be monitored as usual.

Additionally, the Facilities and Operations teams will be performing an increased number of visual inspections of building structure and all critical systems. In the event an emergency response is necessary, incident notifications will be sent. In addition, our Operations Center can be reached 24x7 by calling (973) 590-5050, by logging into the customer portal at and opening a ticket, or emailing




Read More

Top 10 Reasons to Choose Net Access for your Data Center Needs

Posted by Net Access on May 21, 2015 4:18:35 PM

In honor of David Letterman's final show last night, here is our Top 10 list:

Read More

Topics: net access

Congrats to our Parsippany II Opening Event Raffle Winner!

Posted by Net Access on May 18, 2015 8:58:56 AM


Congratulations to Bill Curran, from PNY Technologies on winning the Apple Watch raffle at our Parsippany II Data Center Grand Opening Event last week.  Enjoy it Bill!

Read More

Security: Heartbleed, Net Access and How It Can Effect You

Posted by Net Access on Apr 24, 2014 10:57:00 AM

So What Is Heartbleed Really?

what is heartbleedIt’s all over the news that there is a major security flaw in the Internet exposing practically everyone that has ever used it and transmitted private data over it.

The root cause of the problem is in a security protocol called OpenSSL (Secure Sockets Layer) that facilitates encrypted sessions between a client application (web browser, email etc.) and the host application (web server) securing the data that passes between them. What has been discovered is that a flaw was introduced 2 years ago so that while these sessions are alive and heartbeat packets are exchanged between the host and client, this is the point at which the session is vulnerable to high-jacking by a 3rd party who can spoof the heartbeat packet and intercept the session. 

Technically Speaking..

The Heartbleed bug write-up mentions Apache and nginx as being the most notable software using OpenSSL, and also points out that these have a combined active site market share of over 66% according to our April 2014 Web Server Survey. The good news is not all of these servers are running an HTTPS service, nor are they all running vulnerable versions of OpenSSL with heartbeats enabled. According to estimates just over 15% of SSL are running the heartbeat extension, accounting for around half a million certificates issued by trusted certificate authorities. These certificates are consequently vulnerable to being spoofed (through private key disclosure), allowing an attacker to impersonate the affected websites without raising any browser warnings.

For those of you on Microsoft platforms only small percentage of IIS web servers also appear to support the TLS heartbeat extension; these are more likely to be vulnerable Linux machines acting as reverse proxy frontends to Windows servers.

Support for heartbeats was added to OpenSSL 1.0.1 (released in 2012) by Robin Seggelmann, who also coauthored theTransport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension RFC. The new code was committed to OpenSSL's git repository just before midnight on new year's eve 2011.

OpenSSL's security advisory states that only versions 1.0.1 and 1.0.2-beta are affected, including 1.0.1f and 1.0.2-beta1. The vulnerability has been fixed in OpenSSL 1.0.1g, and users who are unable to upgrade immediately can disable heartbeat support by recompiling OpenSSL with the -DOPENSSL_NO_HEARTBEATS flag.

In all actuality how serious is the risk to me?

Like all security scenarios it really comes down to how big the target is (like in the Target credit card hack). For an end-user that is regularity accessing higher profile sites on the Internet for transactional purposes or Social networking it is of a greater concern as hackers usually target these types of assets due to the high volume of traffic, which leads to an increasing likelihood of intercepting useful data for nefarious use later. Especially as many Internet users tend to use the same passwords and usernames for a large proportion of their accounts .

According to a recent Netcraft web server survey that looked at nearly 959,000,000 websites, 66% of sites are powered by technology built around SSL, and that doesn't include email services, chat services, and a wide variety of apps available on every platform. 

For a business, if you are running and operating any type of Internet accessible server or services (web, email, transaction processing) that uses OpenSSL you are at risk of exposing your user bases secure information on the Internet.

Should I change my password?

This is a simple answer -  YES

 However, understand that until the vulnerability is fixed and a patch is applied to the server there is still a risk that data can be intercepted. Also, remember to use good password practices that combine case, numbers and symbols to create a complex passcode that is much harder to crack.

To help you remember your passcode create a passphrase or rhyme that uses the first letters of each word, numbers and symbols such as:

     ! I walk my kids to school @ 830 Every day = !Iwmkts@830ED

Unfortunately not all websites accept symbols in the passwords however I expect this will become more apparent in the very near future.

So, we operate servers that use OpenSSL what should we do ?

Apply updates and patches to your system as soon as they become available then notify all your end users and clients to change their passwords. To enhance security implement passcode type practices, enable symbols and the like within the system, also for internal purposes consider implementing strong authentication using token based solutions from companies like RSA.

What is Net Access doing about this ?

Net Access has a culture of operating highly secure infrastructure, systems and secure managed services. Our security team is constantly assessing all our platforms on an ongoing basis. We are proud to say that all systems are go, the customer portal was never at risk and we do not anticiapate any adverse effects due to the 'Hearbleed' crisis.

We are also working with vendors and partners to ensure any systems we interface with are also secured.

Read More

Topics: heartbleed, ssl, security, ddos, heart beat, heart bleed, net access, risk, RSA