How to Stay Cyber Safe During Your Summer Travels

The summer time is the busiest time of year for travelling and whether you are going to an exotic location abroad, taking a work trip or driving to your destination in the US, it is important to take good cyber safety precautions not just on the trip, but starting from booking. Keeping track of your digital behaviors could be one of the best prevention methods for cyber attacks while on the go. While people are at home or work they are connected to a secure network but that can change when they are away. Technically speaking when they are away people are more likely to connect to a network that they shouldn’t. Below are some helpful tips that you can use to protect your digital security and privacy while traveling.

The Adventure Starts with Booking

When planning your trip, and comparing all the final details, make sure the websites you are using to book are legitimate and secure. It can be very easy for a scammer to spoof a URL or make a travel sight seem real but really it is a ploy to grab your information. Always double check the URL and make sure the site is verified to be HTTPS. A good rule to follow is to always make sure the top bar in left corner has a secure indicator (see below) before making any online transactions with that site. Be aware of your email inbox as well, If you get an email that looks like its from a major airline and offering a too good to be true deal, do not click on the link.


Get Ready to Go

One of the best pieces of advice is to make sure all of your devices are up to date. Updates ensure that all your devices have the latest security patches and reduce their vulnerability to attacks. Be sure that you have a password set up to get into your devices in case of them being lost or stolen. Apps are also important to keep updated, especially those that hold precious information like banking apps. “Running the most recent versions of your mobile operating system, security software, apps and web browsers is among the best defense against malware, viruses and other online threats” says the U.S. Computer Emergency Readiness Team

Have a Great Time!

While traveling, worries such as flight delays, traffic or a variety of other nuisances could completely take your mind off cyber security, and that is understandable.  If you covered everything discussed up to now, then you should be very well protected and ready. However, there are a few other items to take note of.

Free WIFI may be too good to be true: Never use a WiFi that isn’t secured with a password. It could possibly be a fake hotspot set up by cyber criminals. Be cautious with Free Airport WiFi because even the legitimate one can be insecure.

Take Advantage of New Payment Methods: The last thing you want to happen is your credit card to be declined while you are on vacation. One good way to minimize the chances of your credit card information being stolen is to use payment apps such as Apple Pay, Google Pay or Samsung Pay. These services do not directly transmit your credit card number, instead they provide the vendor with a randomly generated code in its place. That information is useless to anyone trying to intercept it. this can give you peace of mind when making transactions in unfamiliar locations.

To all that are traveling this summer, it is important to stay safe, and while cyber security isn’t the first on your list when your sipping a margarita on the beach, you will be happy you prepared.

Why is Everyone Updating Their Privacy Policies?

For the past month, your email inbox has probably been flooded with companies updating their privacy policies online. Maybe you even thought they were fake and receiving spam because of the high volume. But there is a major reason businesses like Twitter and Facebook are all updating their policies online. These companies sending them have been preparing for a new privacy law enacted by the European Union on May 25th known as the General Data Protection Regulation.

What is the GDPR?

These new European Union Guidelines are limiting how companies can use and process the personal data of consumer, giving the average person more control over their information and how a company can track them. Under this regulation companies need to explicitly ask if they can collect your data, they have to answer if you want to know what that data is used for, and they must give you the right to permanently delete that information. Companies also must warn the public about data breaches within 72 hours of them finding out.

GDPR in the U.S.A

So why would this be affecting people in the United States? Well any company that conducts business within the EU will have to comply with these standards or face high penalties. While the United States is not enacting the same privacy policy standards major corporations are enacting them in order to keep their websites functioning overseas. Those companies that have not caught up to the privacy standards have shut down their websites within Europe while they catch up on the back end.

What Will GDPR Change?

These new set of policies are changing the way people think about their data and how companies use them. Companies use data to make significant decisions about you and how they interact with you. While no policy change of this magnitude has occurred on the internet since 1995, experts say the GDPR is going to be the leader in new privacy policies around the globe. The internet and the way people share, store and send data has drastically changed since 1995. So, it will not come by surprise that even more regulations will come out within the years to come about how personal customer data is treated and handled.

What is Blockchain Technology?

You may have recently heard of the word “blockchain” being thrown around in certain articles or news stories. Specifically, blockchain comes up when the crypto-currency Bitcoin is being mentioned.  Sometime the term is used interchangeably with Bitcoin which is inaccurate and can give blockchain a bad stigma, making people believe it is only something hackers use to stay anonymous. However, blockchain is very interesting technology that may just revolutionize the way in which we make any type of transactions in the future.

What is Blockchain?

Blockchain technology is designed to let you safely exchange any type of digital property (like money) without the need for a middleman (like banks). Skipping the middle man then makes the transfers faster, and cheaper. Blockchain is also a hard coded permanent record of all transactions that ever happened, once information is added, it is impossible to remove. This does not allow anyone to change the record of what transactions took place, making it a reliable record of what happened. Since no one can change the records, the blockchain is a trustworthy source of information that lets strangers agree that a transfer happened even if they do not trust each other.

Blockchain has also solved the double spend problem. Digital money, like bitcoin is just a computer file, so it would be easy for someone to copy, paste and counterfeit it. When digital money is spent, its publicly added to a receivers account, so if a scammer tries to spend money twice, it can easily be discovered. Not needing a third party to handle the double spending problem allows digital property to be sent directly from one person to another.

How Does Blockchain Work?

When a transaction is sent (using the example of money), that transaction is recorded on EVERY record of the blockchain around the world. Each copy is an identical record of all transactions. Once one stranger gives money to another, now every stranger has a record of the transaction, the blockchain then compares all the transactions to make sure they all match. If a record does not match throughout the blockchain, the transaction does not get approved.

When a transaction is approved, it is placed into the block and given a unique transaction code. This code in the blockchain is directly related to past transactions and future transactions, making it impossible to go in and change. This permanent record will make it safe for people to directly exchange digital property without an expensive middle man.

What Use Does Blockchain Have?

  1. Entertainment: now people have the ability to pay an artist directly. Readers can pay authors directly. Artist can now self publish onto blockchain platforms and cut out all middlemen.

2. International Payments: Payments by companies and individuals become fast, cheap and secure, blockchain also ensures the money changes hand fairly.

3. Voting: With blockchain people could vote directly and from anywhere. Voting can be securely counted in a system that cannot be changed after the fact.

4. Ownership Records: By permanently  recording everything, this technology automatically ensures that the ownership for anything purchased can easily be proven. Currently purchase records exist in paper or items that can easily be corrupted or lost, changing this can reduce the possibilities of fraud and disputes.

5. Charities: Donations can now be tracked all the way from giving, receiving and spending. Blockchain can ensure that donations get to right people and used for what was promised. This allows for more transparency and accountability.

There are many more uses for blockchain  and the technology is still in its infancy, but as more and more practical uses come up we can start to see a huge shift in how we will exchange property. We will also have a more secure online market where people can trust that their personal data will not be compromised.

The Most Important Things to Monitor 24/7

Plenty of IT support firms tell you they monitor hundreds of things on your network and can present a huge 500 page report “proving” they are doing their job.   While many things are important to monitor, there are a few we see constantly ignored by an IT staff.  Save yourself a lot of trouble by checking these three things and make sure you are protected.

Data Backup / Business Continuity
Check your backup reports every day.  Make sure they show no failures, but more importantly check the logs at least once a week to verify critical items are being backed up.   We’ve seen plenty of clients add a new volume of documents on a  private folder for the CEO/CFO to share them for a new project, but they forgot to add it to the backup rotation.   Someone deletes a file accidentally and it can take days to renter the data.

Log Monitoring
You should be checking firewall, switch, server and several other logs for unknown or problematic activity.  It a pain to be sure, but what’s worse would be to ignore something and then find out a failure or weak point could have been prevented.  We’ve seen servers run out of drive space that were sending warnings for weeks and firewall logs showing an attack penetration days before clients lost access to their data.  Most importantly, if you are subject to government compliance’s.  Are you sure your are meeting all of the legal requirements?

Windows patching and Anti-Virus
Do you have systematic processes in place to notify you if Windows security patches are installed?  What about your anti-virus engine?  Is the scanner database current on all connected devices?  It only takes one infected machine to cripple a network and cause data loss to happen or worse, a data breach.

There are a few more items that are critical to watch and if you’d like to know more, feel free to contact us.

BYOD for Business. Good or Bad?

Bring Your Own Device (BYOD) is a hot topic in the business world right now. This policy allows employees to bring and use their personal mobile devices, laptops, smartphones, tablets and more to work. Is it safe for your office? There are benefits and risks to implementing BYOD you should consider before you allow this policy in your workplace.

 

Data Security

BYOD may imply that client information is on personal devices, ones you cannot control.  If you are in a compliance industry  this could cause serious trouble, but even without compliance issues, you should be careful of internal confidential information being on a device owned by an employee or consultant.  Accidents happen and you don’t want your price list posted to Facebook.  Carefully review the benefits of your staff having data at their fingertips with the associated risk.

Legal Issues

In some states, you need to worry about overtime laws if employees check and reply to email or information requests after hours.  You may be breaking the law by having honest people working hard for your firm, without pay.  BYOD can elevate this situation by allowing work email to be on personal devices.  Your staff means well, but the law is the law. Be sure to check with legal counsel on this issue.

Loss of Device Control

There are 2 additional scenarios to worry about apart from data security.  One, what if your employee quits?  Do you have the rights and ability to remotely erase their device? You certainly cannot have an ex-employee having any of your data.  In addition, what if your employee loses their device?  Do you have a process in place to erase it ASAP?   Do you have a rule for the employee to tell you about the situation as soon as it happens to protect your information?  If not, strangers could access your data without your knowledge

Cost

If you do decide to implement BYOD, will you be covering the employee’s data plan or part of it?  How will you discriminate between personal use and corporate use?  4G wireless can eat up data plans quickly and a doubled cell phone bill at the end of the month is not a nice surprise.  One benefit here is you can help the employee pay for part of the data plan and share the cost of the device, making it better and more affordable for both parties.

Familiarity and Ease of Use

Allowing your staff to use the device they are comfortable with and already familiar makes sense.  The learning curve is quicker and staff will appreciate the fact that they don’t have to maintain and carry around 2 or more devices.

Bring your own device sounds great to many business owners to save money, but after careful analysis it may be too good to be true.   Talk to your IT provider and get some answers before deciding.  As always, ECMSI is happy to answer questions or point you in the right direction.  We can be reached at 330-750-9412!

Local Governments Cyber Security Crisis in 8 Charts

Within the past few weeks, two large American cities learned that their information systems were hacked. First, Atlanta revealed that it had been the victim of a ransomware attack that took many of the city’s services offline for nearly a week, forcing police to revert to taking written case notes, hampering the Atlanta’s court system and preventing residents from paying water bills online. Then, Baltimore’s 311 and 911 dispatch systems were taken offline for more than 17 hours, forcing dispatchers to log and process requests manually. Both attacks could have been prevented. And they are more evidence of the poor, if not appalling, state of local government cyber security in the United States.

We know this because in 2016, in partnership with the International City/County Management Association, we conducted the first-ever nationwide survey of local government cybersecurity. Among other things, the survey data showed just how poorly local governments practice cybersecurity.

Under near-constant attack, but not fully aware

Nearly half – 44 percent – of all the respondents told us they experience cyberattacks at least daily. Based on prior research, we are confident that rate is actually much higher.

The volume of attacks isn’t dropping – and in some cases it’s increasing.

But even so, many communities didn’t know how frequently they are attacked, and most didn’t count or catalog initial attacks – though more than half did track more serious incidents and breaches.

More than half weren’t able to determine who was attacking their systems.

Unprepared to respond, and with not enough support

Certainly, there are local governments that do a commendable job with cybersecurity. If previous research into government information technology systems and electronic government can be a guide, they are most likely larger, more well-funded and more well-managed governments. However, the data from our more recent survey strongly suggest that at least some, and perhaps even a large fraction of, local governments may be unable to respond to electronic intrusions.

In part this is because few local officials are aware of the need for cybersecurity. Nearly two-thirds of the respondents to the survey, who were nearly all information technology or cybersecurity officials, said that top managers understood the need. However, among other groups in local governments, awareness dropped considerably. Perhaps as a result, support for cybersecurity efforts was also not as strong as Atlanta’s and Baltimore’s experiences suggest it should be.

With most local government officials and staff unaware and unsupportive, it is not surprising that cybersecurity is so poor among American local governments. Atlanta Mayor Keisha Lance Bottoms admitted that cybersecurity was not a high priority, although “it certainly has gone to the front of the line.”

And yet, crucial barriers remain, largely to do with how much money is allocated to cybersecurity efforts.

Getting more people in the know

If local officials are going to do a better job protecting their information assets, they’ll first need to know a lot more about what’s actually happening. The numbers of survey respondents who answered “Don’t know” to our questions was surprisingly high. No top local officials, whether elected or appointed, should be unaware of basic cybersecurity information, like whether their systems have been attacked or breached, or who’s attacking their systems and why.

Knowing these answers will only become more critical as computing becomes more deeply embedded in systems running “smart” cities. If computers control traffic lights, sewage plants and electrical grids, then the consequence of attacks is more severe than just loss of information or computer services.

Source: Norris, Donald, et al. “Local Governments’ Cybersecurity Crisis in 8 Charts.” The Conversation, 3 May 2018, theconversation.com/local-governments-cybersecurity-crisis-in-8-charts-94240.

This article was originally published by The Conversation. See here

4 Things to Look For When Choosing an MSP

Trusting another company to look over your IT infrastructure can be a very difficult thing to do. Today’s business landscape requires organizations to be increasingly dependent on the strength of their cyber security and IT team to hold the fort down and keep the company moving day to day.  But technology and cyber security is an industry that is constantly evolving, and the challenges businesses are facing include how to keep up and finding out what the right questions are to ask when choosing an IT partner. The following guidelines can help lead business owners in the right direction.

1. Can They Prove Themselves?

Many MSP’s (managed service providers) claim that they are the premier, number one or most experienced in your area, but can they prove it? A truly premier MSP should be willing to show you their operations and invite you to their headquarters to see just what resources they have and how they plan to achieve your IT goals. This level of transparency should come with any MSP that wants your business. If you are willing to trust them with your company data, they should be at least able to show you their operations and make you familiar with their staff of IT professionals that will be handling your infrastructure. Successful experts should also reflect a proven track record for dealing with IT issues, so do your research! Look around to find testimonials from other companies that are dealing with this MSP, do they have nice things to say? MSP’s that have open client testimonials and good reviews should be on top of your list for a potential partnership.

2. Don’t Be Another Line Item

Your business is unlike any other, even others in your industry do not have the exact employees with the same exact processes, so why should your technology services be any different? Each organization’s pain points are unique and require customized solutions. If any other MSP is not willing to approach your company’s technology requirements with a tailored technique and a process that focuses on your individual need, then they are not providing the highest level of value.

3. Don’t Think Just Do

Continually identifying incidents, potential threats and risks in a network infrastructure should be a required task for all managed service providers. However, just identifying threats isn’t enough. Working to fix identified holes in an organizations security strategy requires a huge level of focused analysis and evaluation. An MSP should not only be able to fix your problems, but they should be able to do so within a reasonable amount of time. Downtime to an organization is critical, no one can afford for their operations to be put to a screeching halt, especially because of some technical issues. Find that MSP that will guarantee you they will be there when needed and within the time you need them to be.

4. Find a Business Partner

The role of a good MSP is to work cooperatively with a company’s top executives to create a strategy that is relevant and comprehensible throughout the business.  They should form a partnership with you and your team in order to help the business grow. A top expert should be able to take confusing topics and make them clear.  They should understand that one size does not fit all and a cookie cutter approach to IT does not work anymore. Finally, a good MSP should be able to narrow down the issues to create a cost-effective solution for your organization.

 

If you have any questions regarding MSP’s and how one can help your business, please feel free to give us a call at 330-7509-412. ECMSI is here to make IT easy!

Are You Sure Your Data is Being Backed Up?

Most people don’t think about data backup until they’ve lost valuable information that could be impossible to recreate.  Then it’s critical and everyone wants to know NOW when the server will be running.   IT professionals, for the most part, install sound backup technology and let the process run until they get an error in the daily log. Then they take a look and correct.  However, this is incomplete and gives a false sense of security.  Is the right data still protected as your needs change? Don’t assume data backup is someone else’s job.

It’s not a question of IF but WHEN you will lose data.  If you don’t have a sound business continuity solution in place, then be prepared to lose your most critical data.  Accounting, customer information, trade secrets, and more can all be lost via many avenues including hardware failure, malware, viruses and even simple mistakes.  Here are some steps to take to ensure your critical data is protected.

  • Back up the business solutions, not just critical data  A good business continuity solutions provides for rapid return to production measured in minutes, not hours.  Of course you can reinstall Exchange or other software from a backup and reload data, but it is a lot of work to load Windows on the server first, patch it, then make sure it’s connected to the domain correctly, and reinstall the application. Only after all these steps are complete, can you reload the database and get back to operation.  This can take hours or even days!  You’d also have to find all the installation software or have an extremely fast Internet connection to download them and then take time and employee cost to reload and restore while end-users are calling constantly asking “where are my email and documents!?!”
  • Make sure your IT department has it covered!! Let’s say you are satisfied that you have competent professionals safeguarding your data. But when was the last time it was tested in a real world environment?   Do a dry run and ask IT to restore the most recent version of a document as well as another copy a few days old so you can see the changes you made to the file.  Can they do it?  How quickly?
  • Get a great, documented and tested plan developed by professionals that addresses the needs of the business. One of the primary questions is to determine your acceptable mean time to recover?   Can IT recover a database running your customer relationship software in minutes?  Have they done a recent test restore for all critical servers?   Ask yourself honestly how long you can be without certain critical IT functions while the restore is happening.
  • Constantly test everything and review the results You know business continuity is critical and demands your IT staff pay close attention to this crucial aspect. Here’s one more question: Who is determining what data gets backed up?  IT pros are great at their jobs, but they may not know which data should be classified as critical. Management should be involved in the decisions regarding critical data.  Are all departments protected?  What about critical PC’s?  A one hour quarterly meeting to review and provide your IT team direction can prevent disaster.   It takes time to do it right, but should you have a disaster, you’ll be glad you planned ahead.

Are you sure your data and processes are protected?  Check the status of your current backup solution. If you’re not satisfied or would like to learn more about our full solutions , give us a call at 330-750-9412. ECMSI is here to make IT easy!

Tech Trends That Will Transform the Way You Work in 2018

We saw some pretty big tech trends in 2017, like the rise of the Internet of Things, machine learning, and cloud computing. Those advances even made it into the mainstream business world.

In 2018, we expect these tech trends (and others) to continue to advance. So what tech trends should you keep an eye on in 2018? Let’s check out a few of the advances poised to dominate this year.

Flexible Workspaces Through Cloud Technology

Business becomes less of a 9-to-5 game every year. It should come as no surprise that employees prefer working at home in their sweatpants to uncomfortable business attire at the office. No technology has powered this shift more than cloud computing.

The cloud empowers folks to work from anywhere at any time (in any attire) with seamless collaboration. In 2018, flexible workspaces will become the standard as companies take advantage of cloud technology to connect better and produce more.

How your business can use it: Mobility will increasingly dominate the business environment. By harnessing the cloud’s power you can increase connectivity between employees as well as increase their productivity outside of the office. There are also a host of cloud-based tools that can revolutionize your business operations.

Voice Recognition Technology Invades the Workplace

Sick of seeing ads where people are asking Alexa every question that comes to mind? Well, We’ve got some good news: she’s coming to your workplace.

With Amazon announcing Alexa for Business, the artificial assistant could soon be a part of your work life. This addition could lead to a massive increase in productivity. Repeat after us: “Alexa, turn in my budget reports.” Doesn’t that sound nice?

How your business can use it: Voice-activated research, appointment setting, and other task management strategies are sure to optimize productivity in new and unique ways. Alexa can also handle simple tasks like ordering your lunch.

AI Will Impact Business in Powerful New Ways

Advances in machine learning in 2017 have opened the door for powerful AI innovations in the coming year. Expect cloud service management, apps, and smart solutions to make huge leaps in 2018. Where this ultimately leads is anyone’s guess (again, hopefully not Skynet).

It’s predicted that 2018 will be the year AI really begins to make waves in the workplace, automating routine tasks and freeing you to focus more on strategic, non-grindy work.

But don’t worry. AI isn’t coming for your job anytime soon. It’ll just make work easier and more productive.

How your business can use it: Data aggregation, system optimization, automated updates, automated analytics, automated customer service bots—you name it. The immediate applications are exciting, but they’re probably nothing compared to where we’re headed. That’s great news for your business’s future.

Tech Trends 2018 and Beyond

Businesses took a wild technological ride in 2017—some of you in your pajamas! But 2018 could be the year when technology truly revolutionizes business.

That’s good news for the economy and good news for loungewear manufacturers. It’s also good news for your company. Never have so many powerful tools been within reach.

With the stage set for tech trends to support real change and growth, continued advances will almost certainly transform business operation, setting the standard for years to come. Business technology stands ready to breakthrough with powerful new tools that offer a real competitive edge, as well as advanced cyber security, both in the short and long terms.

What will you do with these new tools? That depends on the company’s vision and your strategic plan. We encourage you to start thinking about how these tech trends will impact your business.

Top 5 Priorities for State and Local Government Technology

State and Local Governments have found that in recent years it is becoming easier to serve citizens and enhance the way of life in their cities by utilizing technology. Officials have seen much better city management and planning when they implement new tech. Government offices are also relying more on their IT infrastructure to keep their employees productive in order to better serve their communities. With the recent cyber breach that affected the entire city of Atlanta, state and local governments are starting to realize they are just as vulnerable to cyber attacks just like anyone else. Government offices hold a lot of valuable information and are relied upon to maintain not only their local economies but the safety and standard of living for their residents. This year governments are going to have to prioritize their technology and develop plans that will maintain their IT infrastructure, here are the top 5 things State and Local Governments should consider.

1. The Internet of Things Enhancing Communities

The Internet of things, or (IoT) has been a trending topic in the news recently.  But what is the IoT?  Simply put, it is connecting any device with an on/off switch to the internet. This includes, any household items, fridges, microwaves, to washing machines, lamps, wearable devices and the list can go on forever.  But what does this have to do with State and Local Government one may ask? Well, a whole lot. On a broad scale the IoT can be applied to things like transportation networks and can help create “smart cities” that can help us reduce waste and improve efficiency for thing such as energy use.  Check out the graphic below that shows how a smart city would work. (The graphic below provided by Libelium who specializes in IoT devices.)

2. Beefing Up Cyber Security

The IoT can do great things for a city, however without the right security measures, it could also make a city extremely vulnerable. State and Local governments need to have fail safe back up and disaster recovery plan for all departments to ensure the cities network is protected and does not get compromised. In the face of evolving threats, cities have already fallen victim like the case of Atlanta.  Atlanta has recently fallen victim to a ransomware attack in which the hacker demanded over $51,000 USD in the form of bitcoins. The ransomware stole information and locked out government officials from files and software needed to run city operations. Cyber security is a very sensitive topic for government because when compromised, like a business, people begin to lose trust, which is the opposite of what any local government wants for its residents.

3. Cloud Solutions for Data

Cloud solutions are no more a far-fetched concept.  Migrating data to the cloud is providing a way that government can bypass restrictions created by tightening budgets. More governments are moving their data to the cloud, however with the migration comes some planning. Local governments must consider their environment to ensure they pick the right model, whether being a public, private or hybrid cloud. Moreover, data management can prove itself an issue if governments are relying on multiple cloud management providers.

4. Consolidation and Cutting Redundant Costs

Finding saving and efficiencies is extremely important to governments. When there are too many separate entities all with their own network trying to work together, this can create many holes in a governments system, where one infection can spread like wildfire. In the case of the state of Ohio just five years ago, 26 agencies were using close to 9,000 servers to support more than 32 data centers that were only running at less than 10 percent capacity.  By consolidating and reconstructing these servers the state was able to save more than $100 million and avoid close to $60 million is added costs. Governments will need to look into simplifying their infrastructure to their best ability, not only will it be able to help with costs, but also with security.

5. Collaborating with the Right Tools

Managing and thinking about all of these technical items is the last thing an elected official wants to think about when they run for office. Especially to local governments who focus on their residents and improving their cities. Technology problems are the last on their priority lists, local governments should look to invest in managed service providers that will focus on the technology side, making sure it is safe and reliable, while the government focuses on more pressing community tasks. ECMSI in northeast Ohio can do just that for any local government. If you are a part of a local government that needs IT help. Please feel free to call us today at 330-750-9412. We are always here trying to Make IT Easy!