Infinite Group Inc.



Channel Partners Expo 2017: Recap and Insights



By Tom DeMay, Director of Channel Sales

IGI is fresh off our first Channel Partners Conference & Expo in Las Vegas with renewed energy and excitement for our growing opportunities in the channel. Last week’s show brought together more than 5,500 partners and supplies, more than 275 exhibitors and 100 speakers. We listened to exciting keynotes and sessions, saw some memorable exhibits on the expo floor, and made valuable connections with our channel community. (We had a little fun, too!)

This year’s conference placed a large emphasis on security, which, of course, was no surprise to us as a security-focused company with a new cybersecurity product, Nodeware. However, we did learn a few interesting facts about the current state of cybersecurity:

  • During the Keynote Address Camp Talent: Pull Together a Winning Team we learned that because security is such hot industry, there is zero unemployment in the cybersecurity space. You heard that right: cybersecurity professionals are in such high demand that every single one of them is employed, and the industry is still trending toward continued growth.
  • There was much discussion around the Internet of Things (IoT) and, specifically, the important of securing the IoT. We learned from the Keynote, The Power of IoT: Changing Lives & Transforming Businesses that the projected numbers for connected devices in the coming years is huge, and 85 percent of global organizations are considering implementing an IoT strategy. Of those considering an IoT strategy, 75 percent want outside help, which created a tremendous in the channel.

Beyond security, we picked up on two major trends that are taking place in the channel:

  • There are less barriers to cloud adoption than ever. Businesses of all types and sizes are moving their offerings to the cloud because they no longer want to maintain or support a data center or applications themselves, so many are eager to move to the cloud and leverage cloud services.
  • BYOD and mobility are still at the forefront. Businesses are increasingly doing away with the traditional office desktop environment, leveraging mobility and the IoT and vastly expanding ways to access their products and services.

We found that many companies exhibiting at the show emphasized the security in their cloud offerings—both their infrastructure and access to their infrastructure. What we found was missing here was the focus on security within the businesses’ infrastructure. Even though a business may have moved to the cloud, all businesses still have their own infrastructures and backend systems. Certainly, there were hardware, firewall, and antivirus venders represented at the show, but we found few vendors that addressed a business’ total cybersecurity needs (and little to none focusing on SMBs.)

As a result, we found that many of the distributors and master agents showed interest in our Nodeware vulnerability management solution for its ability to be structured as part of their MRR, and its simplicity and affordability that is ideal for the SMB space.

We had a great time at Channel Partners 2017 and we’re looking forward to what 2017 has in store for the channel. We look forward to seeing you all at the next show! For more information on Nodeware or becoming a channel partner, visit

Continue Reading

Infinite Group Inc. Introduces Nodeware Vulnerability Management Solution

Nodeware’s plug-and-play system simplifies and enhances security for SMBs

PITTSFORD, N.Y., November 14, 2016 — Infinite Group Inc. (OTCBB:IMCI), a premier IT service and support organization, today announced the launch of its Nodeware Vulnerability Management Solution. Nodeware’s patent-pending technology enhances the security of Small and Midsized Businesses (SMBs) by proactively identifying, monitoring, and addressing potential vulnerabilities within their networks—all with “plug-and-play” simplicity.

“Nodeware is unique in the vulnerability management space because it provides ‘always on’ real-time vulnerability detection at a cost that’s affordable to businesses of all sizes,” said James Villa, President and CEO of IGI. “This solution fills the security gap for SMBs, offering continuous monitoring and notification features that have not been widely available to them until now. Even better, its proprietary scoring system makes it easy to understand a network’s health at a glance.”

Nodeware is a simple security solution that takes only minutes to set up within any network. Nodeware locates and identifies every connected device within that network—including computers, printers, routers and smartphones—and continuously scans those devices for vulnerabilities. An added benefit is the system’s ability to scan external IP addresses for vulnerabilities—providing true 360-degree vulnerability management. Nodeware then displays and prioritizes those issues on its system dashboard and offers users instructions on proper remediation. Both resellers and their SMB customers have access to the Nodeware Manager dashboard and can opt in to be alerted of critical issues via email or text as they occur.

“One of Nodeware’s best attributes is that it is flexible based on the needs and size of a business,” Villa said. “Nodeware is equally effective whether your network has a handful of desktops or hundreds of devices of all different types. At less than 5 percent, Nodeware has very low network utilization in comparison to other products on the market, which helps to keep your network working efficiently.”

To learn more about the Nodeware Vulnerability Management Solution, visit or call 1-855-385-0610 for more information.

About IGI
Founded in 1986, IGI is a publicly traded company (OTCBB:IMCI) that leveraged its deep roots in technology to become one of today’s premier IT security and service organizations. IGI offers proven, scalable solutions to cover the entire IT chain. For more information, visit

Nodeware Contact
Megan Brandow
(585) 641-4503

Continue Reading

Empowerment of a CISO

When the title of Chief Information Security Officer (CISO) first came into existence more than a decade ago, the roles and responsibilities of the position barely resembled their current reality. The majority of CISOs reported to the Chief Information Officer (CIO), and were mostly focused on technology applications. They operated in silos and had a basic understanding of how to link security to the needs of the organization.

Since then, roles and responsibilities have evolved considerably. Instead of managing technology, today’s CISOs are responsible for a much broader and deeper set of interrelated tasks involving not only risk but governance. More often than not, they are reporting to the CFO or risk officer, rather than to the CIO. CISOs engage directly with the board of directors as well as, are public facing. They now have their own budgets and are charged not only with breach defense – but also the protection and enhancement of the value of the company and its brand.

With mounting threats, it is apparent that effective cyber-security demands a concentration on much more than technology. IT no longer can be expected to remediate cyber-threats. The demands of the CISO position requires in-depth knowledge of the company’s challenges and strong relationships with key stakeholders, as well as technical prowess.

The whole executive team, including the board of directors, must now assume a new management and governance role where technology, business and risk now meet – and they must be equipped to own such risks. The CISO must provide the support necessary to fulfill this new mandate, while bridging the gap between operations and IT to keep critical business systems, assets and other data secure and operational.

To be successful in this role, CISOs must have a deep knowledge not only of IT, but of the entire enterprise. Further, it is required that the CISO must Forge strong relationships with the company’s customers, top management and external suppliers. Also, they must be granted greater authority with direct reporting lines to the C-suite, as well as regular interaction with the board as it steps up its oversight and involvement in the defense of cyber-attacks.

Christopher Karr, CISSP is a Director of CyberSecurity at IGI

Continue Reading

Containment is Key After a Cyber Breach

I came across this Interesting article in GCN which speaks to cyber breaches and the ability to contain the breach. As this author indicates, a major provider of firewalls announced a critical vulnerability with its appliance. It points to continued vigilance around vulnerabilityGCN white management and the need to have a process in place to manage these effectively.

This also highlights that root cause at the OEM level must be taken into account when managing your security platform. While this can be remediated through available patches, it demonstrates that just because the OEM is responsible for addressing problems in their products, they aren’t always quick to identify them. Ultimately, this could lead to complete compromise, which may open a Pandora’s box in authentication control.

The underlying point here is that many organizations may have varied plans in place to ensure they are maintaining security. We could debate whether appropriate measures are being used however, what is becoming clear is that strategies for mitigating loss in a post-breach scenario are not being actively discussed.

Management must look at breaches not as a possibility but a likelihood. As such, mitigation plans must be developed to contain your exposure, remediate, and begin to get back on-line and in business. Just as hackers get creative in breaching security systems, we as protectors must get creative in design, management and mitigation.

Andrew Hsecurity1oyen is a Chief Administrative Officer at IGI which is a firm specializing in products and solutions for cybersecurity and vulnerability management.


Continue Reading

Assessing Cybersecurity is a Necessity for Small Businesses

The threat of hackers and cyber-criminals is very real, not only for large companies but also for small businesses as well.  That means that business owners must accept that a strong cyber-defense system is a must in the modern business world. It is worth noting, while an internal plan may work, external resources particularly those of experts in the field can greatly improve your security measures.

There is an interesting article in Forbes magazine that speaks to this from the small business point of view – How Small Businesses Can Improve Their CybersecurityForbes

This quote says it all. Small businesses are just as vulnerable, if not more so, than business with large IT budgets. There are cost effective ways for SMB’s to pay attention to their Network Security at reasonable prices. A well thought out and well-rounded comprehensive Cybersecurity posture no longer has to be viewed as something only the “big guys do”.  Rather it is an essential aspect in doing business especially in cyberspace.

– James Villa, President and CEO of IGI

Continue Reading

Infinite Group Inc. Announces Network Vulnerability Management Solution


  • Posted Jan. 4, 2016 at 9:21 AM

    Infinite Group Inc., a Rochester-based company, has developed a dynamic vulnerability management solution that reduces the cost and complexities of implementing an effective security assessment program designed for small and medium businesses.

    The solution augments an organization’s needs to more effectively manage cyber risk, reduce remediation costs and save money. Designed by security and business certified professionals, ÜberGuard utilizes a streamlined approach to manage the scanning process and check networks and infrastructures for vulnerabilities. Users also can schedule and execute both internal and external scans, assess vulnerabilities, execute reports, correct any issues in the network and re-scan to ensure the changes are implemented.

    For more information, contact James Harney at 855-385-0610 or visit

Continue Reading

IT firms see higher demand for their security services


Rochester Business Journal
January 22, 2016

Rochester-area firms are turning more and more to cybersecurity services to safeguard their data, customer information and networks.

“We’ve seen exponential growth with our customer base in the Rochester area,” says Trevor Smith, executive vice president of Brite Computers.

Cybersecurity services encompass a host of measures designed to protect computers, computer systems and digital communications networks from unauthorized access or attack. Demands for such services and products have grown over the past few decades and should continue to rise. The research firm MarketsandMarkets projected that the global demand for cybersecurity would reach $106 billion by the end of 2015—and come to $170 billion by 2020.

While the overall market for cybersecurity in the Rochester area is unknown, those working in the industry say business has been on the upswing. The huge thefts of customer credit card information and other data at Target Corp., Home Depot Inc. and Excellus BlueCross BlueShield boosted the market for cybersecurity products and services at firms like Pittsford-based Infinite Group Inc.

“Every time there’s a published issue stemming from some sort of event, it does cause some widespread fear and panic and inquiries as to what to do, how to do it,” says Andrew Hoyen, chief administrative officer of Infinite Group Inc.

Successful attacks can hit even large companies hard—Target recently agreed to pay as much as $67 million to Visa card issuers alone. Small to medium-sized companies can suffer even more.

“We’ve actually seen several companies go out of business as a result of being breached,” says Michael McCartney, president, CEO and co-founder of Buffalo-based Digits LLC, which also has an office in Rochester.

Hackers have also increased in number and proficiency, thereby driving up the need for increased digital safety. Criminals who once sent out millions of bogus emails in order to “phish” for personal information—passwords to online bank accounts and the like—can now “spear phish,” targeting individuals whom they believe have vital corporate information.

“They know an individual is the head of R&D (research and development) at a large organization, so they have access to critical stuff,” Smith explains.

Spear phishing hackers hooked a big one in 2013, when a contractor who had access to Target’s network clicked on a suspect email. As a result, they were able to steal the credit card information of up to 40 million of the retail giant’s customers. Such stories, coupled with increased business use of email, have helped drive up demands for cybersecurity.

“Most businesses use email as their main form of communication, so email spam and protecting people from (fraudulent) links and things like that on email is huge,” says Sitima Fowler, co-CEO of Capstone Information Technologies Inc.

At the same time, more and more employees leave relatively secure offices to conduct business outside over tablets, smartphones and laptops, resulting in a greater need for cybersecurity.

“Laptops need to be encrypted,” Fowler explains. “That means that if a laptop is ever stolen, people won’t be able to make sense of what is on it.”

Finally, local businesses’ and organizations’ computer systems and communications networks need to meet increasingly rigorous government and industry standards regarding data security and privacy. By doing so, they limit the risks of breaches and the legal and financial ramifications of those that occur.

Local firms meet their customers’ cybersecurity needs by a variety of means. Though some include them as part of general IT services, others specialize in helping their clients safeguard their systems and data.

Digits LLC offers proactive and reactive cybersecurity and Internet response services. As part of its proactive services, the company will assess the effectiveness of a firm’s security measures and take action to safeguard its data.

“We’ll look at their current infrastructure and their current security posture around the data they create, save and store … and make recommendations to increase or improve that security both from an outsider threat as well as from an insider threat,” McCartney says.

As part of that package, the firm provides software that can monitor a client’s systems in real time and signal when a breach occurs.

When hackers do strike, the reactive side of Digits comes to the fore. Company investigators use computer and digital forensics to try to discover what the hackers did, who they were and the kind and amount of data they stole—if any.

McCartney says the market for both types of services has greatly increased at Digits since 2012.

“It’s grown at least 60 percent, and no end in sight,” he says.

Responding to breaches of clients’ systems and similar incidents makes up about a third of GreyCastle Security’s business.

“Companies call us 4:30 on a Friday afternoon because there’s a couple hundred grand missing from a payroll account,” says CEO Reg Harnish. “We have teams of people who respond to those kinds of cyberbreaches and intrusions and theft and hacking.”

On the proactive side, the Troy, Rensselaer County-based firm identifies client’s security risks, builds programs or plans that reduce or eliminate them, and takes such measures as “penetration testing.”

“An organization engages us to essentially act like hackers—to break in and steal something of importance to that organization,” Harnish explains.

Business has grown by as much as 220 percent a year since GreyCastle was founded five years ago, according to Harnish. The firm’s employees used to commute to service Rochester-area clients, but GreyCastle recently hired someone in the area to do so. It is also in the process of opening a local office.

Brite Computers offers a broad range of cybersecurity services, including security assessments, data protection and assistance with meeting government risk-compliance standards. Business is on the upswing.

“We are seeing a huge growth in small and medium businesses because of the need for and the efficiency of the cybersecurity solutions,” he explains.

Small and medium-sized companies also make up a growing part of Capstone’s cybersecurity clientele.

“People are finding out that just doing things on their own is not enough,” Fowler says.

Capstone’s cybersecurity offerings include software, hardware and the technical assistance that companies need to protect their data and systems, both in the office and out in the field.

“We do the daily blocking and tackling to keep our clients safe,” Fowler explains.

Capstone’s ability to block-and-tackle has helped it double the amount of business it takes in via cybersecurity services over the past five years, according to Fowler. Nowadays, the provision of such services makes up over 50 percent of the firm’s business.

Cybersecurity also constitutes a major growth area at IGI, according to Hoyen.

“We’ve seen year-on-year growth probably in the 10 to 15 percent” range, he says.

One particular element of cybersecurity for which demand has grown in recent years is that of vulnerability assessment, which involves determining the security failings of internal and external Web and Wi-Fi systems. While companies generally conduct such assessments annually, ÜberGuard, a technology that IGI rolled out last December, allows them to do so in real time—and much more efficiently.

“It’s a vulnerability management solution that enables a customer to automate certain aspects of vulnerability management and the scanning of potential issues in their network, and then have canned reporting and dashboards, etc., at their beck and call,” Hoyen explains.

Hoyen, and others in the local cybersecurity industry, view the coming years with optimism.

“We are hoping to see 25 to 30 percent growth (year-over-year),” Smith says of his firm.

Mike Costanza is a Rochester-area freelancer.

Continue Reading

Assessing Medical Device Security Needs to be a Priority

The U.S. Food and Drug Administration (FDA) recently announced some proposed guidelines for managing cybersecurity in medical devices.  This is certainly interesting particularly as it relates to the Internet of Things (IoT).  This is highlighted in an article in TechNewsWorld – FDA Guidelines Target IoT Medical Device Security.  TechNewsWorld

However, as we all know and as the article states the operating systems and the applications that run on top of these devices are fraught with security issues. Identifying vulnerabilities is one thing, getting the OEM’s to address the issues by providing timely patches and re-configuration recommendations is another matter altogether.

We certainly need more than guidelines for medical product security.  There needs to be laws passed to enforce vigilant assessments and remediation for security flaws in these products. We must not forget that there are living, breathing patients hooked up to these lifesaving medical devices. A hacker exploiting a flaw that causes a device to fail could potentially kill the patient. This would change the hacker’s status to now be a murderer.

Christopher Karr, CISSP is a Director of CyberSecurity at IGI

Continue Reading

Could the Future of Cloud Computing be Underwater?

Wow!  Could the future of cloud computing be underwater?  It appears that may be the case if Microsoft sees their ideas come to fruition.  In an example of “refactoring,” or completely rethinking the way something has traditionally been accomplished, Microsoft is investigating the possibility of housing data centers underwater.

This is an interesting article from the New York Times – Microsoft Plumbs Ocean’s Depths to Test Underwater Data Center .  New-York-Times-LogoThe company is investigating the possibility of utilizing the ocean as a data center farm.  They have actually tested an underwater self-contained data center.   This could be an exciting possibility.

Jim Kegelmeyer is Director of Virtualization Sales at IGI

Continue Reading
Program code on a monitor


Security risks are not just a matter for large companies.  Smaller companies can be easier targets as they do not have the resources or expertise in place to provide complete security.  cybersecurity-graphicAre you an SMB that doesn’t think this could happen or thinks about security but doesn’t know where to take the first steps?  Or for that matter, know what would be helpful for my business to stay protected and proactive?


You’re not alone.  There are thousands of companies out there struggling with these same questions.  This certainly resonates in an article from the Constance Gustke of The New York Times – No Business Too Small to Be Hacked,  In this article, you see that your peer companies are in the saNew-York-Times-Logome proverbial boat.  Don’t neglect security but find ways to make your life easier now so you don’t have to deal with a myriad number of issues later.  Another important aspect is ensuring employees are properly educated on security procedures.  This will provide a grassroots level vigilance for protection.

How do you put security measures in place especially when you don’t have the expertise to do so and feel that every time you ask someone in IT, they give a complicated and very expensive answer?  Are there “plug and play” solutions out there that you can rely on that won’t break the budget?  These are all important considerations.  From that, you will need to be proactive in setting up your baseline and find the tools that help make security easy.  It is essential to develop a proactive security plan for your company and then implement it.  This will involve monitoring of your network to ensure any vulnerabilities are assessed and corrected.

Andrew Hoyen is a Chief Administrative Officer at IGI which is a firm specializing in products and solutions for cybersecurity and vulnerability management.

Continue Reading

CNBC on Cybersecurity Threats

Great article written by Harriet Taylor from CNBC on Cybersecurity Threats.
We need to change cybersecurity mindsets in today’s world.  This is essential not only to understand, but to handle the increasing volume of cyber issues.  It’s not just firms that must understand this issue, it’s individuals as well.
Continue Reading

Intel Announces EOL for McAfee at CES 2016 Event

On January 4, 2016, Intel Corp. announced at the Consumer Electronics Show in Las Vegas it will phase out the McAfee brand name and replace and re-brand the line as Intel Security.  This announcement has been in the making for a while.  Back in August 2010, Intel agreed to buy McAfee for $7.7 billion in cash. At that time, it was agreed that McAfee would continue to operate as a wholly-owned subsidiary of Intel, with its employees working alongside Intel personnel.

This most recent announcement by Intel CEO Brian Krzanich underscores Intel’s commitment to stay in the security field.  The new branding – Intel Security will be used to identify all Intel security products and services. He also stated that the re-branding will take place immediately, but the transition of McAfee products to the Intel Security brand may take up to a year to complete.  Krzanich also indicated that McAfee clients will not be able to purchase additional McAfee products (as of 1/11/2016) and they will need to make a decision about switching to the Intel Security software or a competing product once their McAfee software expires.

Lastly, Krzanich stated that its security products will retain the familiar red shield, which according to Intel, represents “the core values of security and protection.” The company also said that the transition would happen “as new products are introduced,” which suggests that Intel could brand the next version of every McAfee product as Intel Security.  Intel has published a Product FAQ document about the McAfee Vulnerability Manager and Total Protection solutions.  In addition, there is a McAfee Software End-Of-Life webpage for more information.

Due to this announcement,  all McAfee users will be forced remove and re-install a new antivirus endpoint protection solution on their computers once their McAfee license expires.  This change will now allow business owners and IT Administrators an opportunity to evaluate other newer endpoint protection solutions.

One product that has benefiting from this announcement is Webroot SecureAnywhere Endpoint Protection.  Webroot SecureAnywhere is a next-generation cloud based anti-virus and malware product that protects Microsoft and Apple systems.  At the core of this product is a behavior monitoring technology which doesn’t rely on traditional signature files.  Due to this new technology, Webroot doesn’t slow down systems or conflict with installed application making it the best solution to protect against Zero-Day-Threats and Ransomware.  Webroot has been able to reduce their competitor’s average time to identify a Zero-Day-Threat from at least six hours to under seventy minutes.

Check out this YouTube video to learn more.

Here are several other stories regarding this announcement:

Continue Reading