Securing Your Network. From Yourself!

Worrying about outside hackers is one thing, but what happens when a disgruntled employee causes more damage to your business network than any malware could have? Recently, a company out of the Netherlands that provided web hosting, Verelox, had to shut down all of its services to their customers because an ex employee went into their system, deleted all customer data and wiped out most of their servers. Verelox quickly resolved their issues but many times, these situations do not have such a nice outcome.

So how can your business take proactive steps to prevent data breaches within your business? First thing is to make sure your company has set boundaries and understands what each employee can and cant have access to. Knowing your end users is extremely important because it allows you to control who is seeing your information. Backups are extremely important when controlling your network, in the case of Verelox, they had a system of backups in place that were regularly updated, so they restored their systems with the backups they had in place.

So how big of a threat is insider damage? More than you may think. According to a 2016 IBM study, internal employees are responsible for 60 percent of data breaches. From those, over 75% of breaches are done with a malicious intent and 25% were accidental. In a 2015 Biscom survey 1 in 4 people admitted to taking data from a company after they left. Many of them did not feel like it was wrong because they were items they created while they were working for that particular business. The most shocking statistic is that 95% of employees who took company data, said they would not even receive any repercussions because their employer did not have any policies to stop them.

For the 25% that caused a data breach by accident, they most likely fell victim to a phishing email or other internet malware attempt. Educating your end users could go a very long way for your business, and is one of the best proactive tools to keeping your company data secure. Many small businesses get hit the worst when a data breach occurs because they do not have the proper resources to manage their IT and keep on it all while trying to run and grow their business.

 

An Investigation on Data Breaches in 2018

Recently, Verizon published their 11th edition of their Data Breaches Investigation report that looked at over 53,000 security incidents including over 2,126 confirmed data breaches. We wanted to highlight some of the key take a way’s in this report and show some of the shocking statistics businesses face when it comes to technology security in 2018. We are going to look at some of the motivating factors for hackers, what industries are affected the most and how a typical organization reacts to a cyber attack.

Who does the hacking?

73% of cyber-attacks are done by outsiders. These are organized criminal groups whose goal it is to specifically hack into systems illegally and collect information. 28% of attacks are done internally by those who may have the credentials or a way into the system with official credentials. These are especially hard to track because you never know who may be using company data for their own personal gain.

Why attack?

76% of breaches were financially motivated. Hackers are looking to steal information such as credit card numbers or social security information in order to use other people’s identities. We also see hacking in the form of malware that holds data for ransom for a fee. Found in over 39% of cases where malware was identified, ransomware is one of the most popular forms of online hacking today.

Who can be a victim?

Virtually any business that plugs in to any network could fall victim to a cyber-attack. Unfortunately, there are many ways a hacker could infiltrate in, whether it be POS, email, misuse by an employee, social media etc.  The most popular however is a direct hack by a group or person who specifically wanted to get in a particular network. Following close second is malware and phishing attempts. 4% of people will click on any given phishing campaign with 17% of all breaches happening because of human error in the everyday workplace.

Industry trends in data breaches.

Based on the Data of over 53,000 incidents and 2,126 confirmed breaches the number of the two categories for specific industries are as followed:

Accommodation: 338 breaches, 368 incidents
Education: 101 breaches, 292 incidents
Financial: 146 breaches, 598 incidents
Healthcare: 536 breaches, 750 incidents
Information: 109 breaches, 1,40 incidents
Manufacturing: 71 breaches, 536 incidents
Professional: 132 breaches, 540 incidents
Public: 304 breaches, 22,788 incidents
Retail: 169 breaches, 317 incidents

The Reaction

While most compromises happen in a very short time span, with over 87% taking a minute or less, finding out about them is a whole different story. On average, only 3% are discovered within minutes, while over 68% went undiscovered for months or more. The report states that in many cases it isn’t even the organization that recognizes the breach but an outside third party such as partners, law enforcement, or the most damaging, by customers.

Staying proactive and keeping your cyber defenses up is one of the most important things to any business in 2018. While no defense mechanism is a 100% guarantee. Having a plan and being able to respond quickly is the best chance of stopping hackers in their tracks and restoring your data.

To see the full report by Verizon click here

Contact ECMSI for a FREE network health assessment to see if your business is being effected by malware. Find out if their are any vulnerabilities in your network and what you can do to stop them! Fill out the form below.

 

 

Why Slackers Love Tech

You just gave your staff an extra 6-week paid vacation to check in with friends on Facebook, expose your company’s valuable trade secrets from smartphones, watch cat videos, and send résumés to your competitors  – all on your time, and your dime… That’s right: if a full-time employee wastes just ONE measly hour each day, it equals 250 hours burned – 6 weeks of paid time – on non-work-related activities.

 

Sites like Facebook, Twitter and Instagram are a constant source of distraction to people who feel like they need to keep in touch at all times.

Not only is work time being frittered away, but crucial company secrets slip through the cracks more easily. And sites being visited on your network expose your whole system to malware, hackers and online theft.

So, what are you going to do about it?

Face it – you rely more than ever on mobile technology. And you want to have faith in your team… But how do you know they aren’t secretly taking advantage of your good nature when they’re online?

You don’t. The only way to know what’s really going on at work is to monitor their on-the-job online activities.

Celeste O’Keefe, CEO at DANCEL Multimedia, a Biloxi, Mississippi, marketing firm, started monitoring her employees when she noticed some of them attempting to cover their computer screens as she walked by.

Since then, she’s fired four people for digital infractions. One was a man doing side deals with clients that should have come into the firm. She also fired a woman doing schoolwork on the clock.

Your rights as an employer to track web and e-mail activities of employees using company computers are well-established. But should you? And if so, how do you do so legally, and without damaging company morale?

Several good things happen when you check your team’s online behavior. For one, it can help your company avoid theft, embezzlement or other financial harm. Monitoring can also prevent gathering information about your employees’ religion, political views, sexual orientation or medical history. This could expose your firm to discrimination lawsuits.

Disciplining an employee for making negative comments about you online could result in trouble with the National Labor Relations if you have well-founded suspicions and documented agreement with your attorney and top managers.

Set clear policies. Document your corporate policy on Internet and device usage to make rights and responsibilities clear to everyone – and to protect you in the event of a legal challenge.

Inform and gain consent. It’s not enough to simply let your employees know you’ll be watching them. By being fully transparent and explaining the risks to the business from improper use of digital assets, you’ll steer clear of legal issues without putting a damper on morale.

 

My Internet is Down! Help!

If you worked in an office environment before, this situation may seem very familiar to you. You’re sitting at your desk when all the sudden you hear a fellow coworker complain that their internet is down. You then log into your computer and notice that your internet is not functioning either. The initial thought is always, “oh great another problem with this place.” If the people in your office are not the most tech savvy, which seems to be the case in many offices the first call to action is to ask, “your designated IT person” to see what they may know about why the office internet is not working. So, what do you do in a situation like this? Let’s look at some of the things you should consider.

  1. Are you getting power? Most issues can be resolved by checking your modem and router. If you see that no LED lights are being displayed, the next step should be to turn the modem and router off and wait several minutes before restarting the systems. On most routers, this should be green and may be flashing. If your router doesn’t have status indicators, look around back to see if the Ethernet port lights are flashing. If there is no activity, turn the router off. Unplug and reconnect each cable, making sure each cable is seated correctly in the appropriate port. Wait a few minutes before rebooting the router.
  2. Is everything plugged in? Checking the cable connection is very important. This could be something as simple as the cable being loose to a cut in half cord. If so, this is something that would need replaced immediately if you want your workplace to get up and running.
  3. Check to see if your firmware is current. Do you know what that is?  Firmware is embedded software, installed at the factory on a read-only memory (ROM) chip, which allows the router hardware to implement network and security protocols. Many vendors provide downloadable firmware updates that resolve performance issues, add new features, increase performance. Look for the firmware update in the System section of your router’s management system and follow the instructions carefully to make sure that you are installing the correct firmware version. Stay away from firmware from a third-party site.

While these are some of the basic actions you can take, other more serious issues can involve performing a ping test, changing the channel or frequency in which you receive data, and finally contacting your ISP, which is sometimes the last thing you want to do because of the long wait times, and you need your business to keep on moving. NOW!

If your business is lucky enough to have their own internal IT person, they may be able to figure it out, through going down the same checklist that we just mentioned that may take a while to figure it out, all while your business is at a standstill. The best measure would be to have systems in place that do their best to prevent issues like this from ever happening. Making sure your employees have reliable work tools is super important to the vitality of your business and even a small problem such as losing internet connection temporarily can lead to huge losses in productivity. And we wouldn’t want to see that happen. So, let’s discuss some ways that we can prevent this from ever happening… Or from ever happening again.

ECMSI – “Making IT Easy”, we answer all calls under 19 minutes and provide comprehensive Managed Service Contracts.

Call us Today at 330-750-9412!!

How to Speed Up Your PC

Slow computers seems to be a problem everyone has run into at some point in their life, and it can definitely be frustrating. For an employee, a slow PC could mean hours lost in productivity which is not good for employee moral, or business operations. Whether you want to make your PC faster for personal use, or get right back to work (which we all know you’re super eager to do), lets dive into some settings you can change in order to speed up your PC.

  1.  Change your power settings

If you’re PC is running on Windows 10 it will come with options in which you can enable a Power Saving plan, if this is configured you are drastically slowing down your PC’s performance in order to save energy. Typically, every PC , even desktop PC’s come with a power saver plan.

Changing your power plan to a higher performance or balanced will give your computer a huge boost in power.

2. Disable animations, shadows and visual effects.

Operating Systems now come with a a variety of nice graphics that enhance user experience and make functions seem more natural and fluid. On faster and newer PCs these effects usually do not affect system performance, But on slower and older PC’s they can cause a huge loss. Going into the system properties and looking into your performance options you will see a huge list of different animations and special effects. If you have the time you can play around with the different effects and keep what you like and don’t like. However, the easiest way is to click on the option to adjust for best performance and let Windows optimize your settings to get the most out of your system.

3.  Disable programs that run on startup

A reason your computer may be running slow and sluggish could be on account of all the programs you have running in the background, programs that you don’t even necessarily use. Stopping them from running will help your PC operate more smoothly.  Launch Task Manager, if it launches as a compact app with no tabs, click “more details” at the bottom of your screen. Click the Startup tab. You’ll see a list of the programs and services that launch when you start Windows. To stop a program or service from launching at startup, right-click it and select “disable.” This doesn’t disable the program entirely; it only prevents it from launching at startup.

4. Get rid of bloatware

What is bloatware you ask? Bloatware is all of the pre-loaded programs and software that all windows PC’s come with and while you expect a brand new computer to be clean and ready to go, that is not always the case. While bloatware is mostly not harmful at all, having your PC clogged up with all that information could seriously affect your computers speed. Upon purchase of a computer most retail sellers will offer optimization at an additional cost in order to clean out the PC. Or you could tackle the issue yourself and use software that could help you slim down your PC.

5. Check for Malware

If your PC is still running sluggish, their could be an even more underlying problem or even some malware that is affecting your system. Running a systems check from your anti-virus or internet security software and having it scan and get rid of problems could help get your PC up and running as fast as it should be.

If you’re using a relatively newer version PC with updated software, attempted to do all of this checklist and your still running into problems, the issue could be something that needs to get in the hand of trained professionals. And we know a few we would highly recommend.

ECMSI – Local Help Desk that can respond to your tech issues in 19 min or less!

Call Us Today 330-750-9412

 

5 Reasons Why Your Company Needs an IT Service Desk

Your company is growing, and as your operations expand, the pains of IT are emerging from the woodwork. But do not panic! There is an easy way to tackle on this obstacle and get you back on track to growing your business and not focusing on IT problems.

Here are 5 reasons why you should utilize an IT service desk for your companies needs.

1.  NOBODY has the time.

Your staff is busy, just like you. They have a specific skill set. That’s why you hired them. You need them to do their jobs, not take on IT projects they may or may not be equipped to handle.

For any small business, one of the challenges of maintaining success is focus. Anything that distracts your team has the potential to derail your growth. Sure, you might have someone on staff who can figure out why the printer isn’t working, but wouldn’t it be better if he were doing his actual job?

An IT service desk takes that responsibility off your people, freeing them to focus on actual work.

2. Time is MONEY $$$

Your staff is already spread thin. When one of your employees has to stop work to deal with an IT hiccup, they’re not doing what you pay them to do. That’s your first loss.

On top of that, they’re trying to fix something they that could easily fall outside their area of expertise. Loss number two.

When the issue is finally resolved, your staff member will have to circle back around to his/her job responsibilities and regain focus. By then, they’ve lost time they could have spent facilitating your company’s growth, and they’ve lost time learning how to act as an ad hoc IT service desk rep.

The inefficiency can add up. It’s so much better to have the right resources on call.

3. Temporary Fixes

Many small businesses don’t have an IT expert on staff. Even if a staff member doesn’t have to neglect core responsibilities to handle an IT issue, they may have no idea how to work with technology. That’s like taking your car to a mechanic who isn’t really a mechanic. They can attempt to address the problem, but there’s no guarantee their “fix” will result in actual improvement.

And what if they unintentionally make things worse?

Solve technical problems correctly the first time by relying on a skilled IT service technician.

4. Reduced operating costs.

The monetary savings in outsourcing your IT service desk can be HUGE.

A quality service provider will address issues strategically, taking into account your business needs and goals. They won’t just make the printer print this time. They’ll track down the network error causing the misfire and ensure nothing like it happens again.

Why run into the same issue repeatedly? A professional IT service desk can provide one-and-done solutions that leave you and your team better equipped, both now and in the future.

5. 24/7 Support

It’s simply not practical and out of the budget for a small business to staff an internal IT service desk. Especially if you need support 24/7. Even if you can afford one staff member during business hours, that represents a very limited resource available only at very specific times.

But an outsourced IT service desk can be available and on call every day, all day. When something goes wrong, you won’t have to worry about what time it is. You’ll have an entire team of experts at your disposal around the clock.

ECMSI knows IT Service Desk Support

If you’re an small business owner and you’re serious about getting the IT service desk support you need when you need it, ECMSI is ready to help. We are the leaders in customer support and service. Our goal is to help you focus on your daily core activities and not waste the time dealing with IT headaches. This is one of those business tools that can truly set you apart from the competition.

If you’re ready to focus on growing your business and alleviate the stress of IT, contact ECMSI today.

What is the “Internet of Things” or IoT?

If you are tech savvy or just try to stay up with the constant changes within the technology world, chances are you have stumbled upon many acronyms. One of the newest to emerge that has many people asking Google for help is the IoT. The Internet Of Things.

For titles, it’s the most ambiguous and non-descriptive you can get. “Things” is the word you substitute when your brain stalls and can’t come up with anything more professional or eloquent. So why is this weak word the main substance of the title? Because things is an all encompassing word. And all encompassing is exactly what IoT wants you to know about it.

From pacemakers to smart watches, the Internet of Things simply put is anything that will communicate data between devices and over networks. The newest home thermostat, door locks, light switches or refrigerator that can be controlled by your smart phone falls under this category. While all of this on the outset can seem incredibly cool and handy ( I mean, who wouldn’t want to walk into a house that is already at the perfect temperature), it does come with security concerns.

With more and more devices being connected to the internet, that means more opportunities for cyber criminals to gain vital information. With this knowledge,we have to ask then, what is being done to safeguard us? According to William H. Saito, who wrote this article on Forbes.com, if leading thinkers don’t act soon, IoT could mean “internet of threats”.  Firmware needs updated, standards need set and regulated and patches need pushed. And that’s just where the security of IoT starts.

So, are you looking suspiciously at your Smart Watch now?

The Threat of Social Engineering.

You can defend your data with all the latest and best technology. But if just one team member gets tricked into giving away the keys to the castle, it’s game over. Hackers know this. And that’s why so many use social engineering to break in.

And it’s not just the big companies you hear about on the news. On February 3, 2016 a suspect posing as the CEO of Magnolia Health Corp. obtained a spreadsheet with sensitive data about their employees. On February 23, someone posing as an employee of Central Concrete Supply Company obtained confidential W2 records and disappeared with them.

In a 2011 survey, Check Point Software Technologies found that nearly half of the companies surveyed reported one or more social engineering attacks resulting in losses ranging anywhere from $25,000 to $100,000 per occurrence.

Unfortunately, there just aren’t any whiz-bang tricks or tools that will automatically prevent a clever “social engineer” (SE) from breaking in. The keys to protection are awareness and vigilance. To help you know what to watch for, here are five common ploys – and how to deflect them:

Familiarity – In this type of scheme, the hacker becomes familiar to an employee. Social networking sites can reveal an employee’s schedule and favorite hangouts. The hacker might then frequent the same bar or restaurant. After a drink or two, some key fact may slip out… The best way to bust this ploy is to be careful to not get lulled into a false sense of security around people you haven’t thoroughly vetted.

The Consultant – A social engineer poses as a consultant for hire. Once they get the gig they can scoop up all the info they need from you and your team because of their seeming authority. Watch for this especially with IT consultants. Do NOT trust blindly. Vet every consultant, and never give all the keys to the kingdom. Just because someone has the skills to fix your server or network doesn’t mean they won’t steal your data. Vet thoroughly, and, as Ronald Reagan said, ‘trust but verify’.

Piggybacking – The SE waits by a secured door for someone to use their passcode and enters right behind them. Or the SE struggles with a heavy box and asks a legit employee to hold the door open for them. Being kind and helpful, the employee helps the SE right into the building… free to do as they please. To foil this one, never forget the dangers of allowing a stranger in without proper clearance.

The Interview – Key information often escapes during interviews. A smart social engineer will gain an interview and deftly pick up all the information they need to hack into your network. Make sure any data provided during an interview offers nothing in the way of secrets. Keep the conversation light, or even superficial to avoid leaking critical data.

Angry Man – You may have seen this on TV… Somebody has an angry tone on the phone, or is grumbling to themselves as if they’ve just had an argument. We all tend to avoid people like that. Enough people avoid them and the way is cleared into the heart of the company – and your data. Don’t go along with it. When you see this exploit unfolding, call security.

The key to preventing social engineering attacks is a well-trained workforce. You and your people may be your company’s greatest asset. Yet without regular, proper training, human beings can be the weakest link in your company’s data defenses.

5 Tips For Safe Mobile Device Use

If you’re planning on heading out of town – or simply to the coffee shop to work – here are a few tips to keep in mind.

Protect your devices from thieves.

All mobile devices should be passcode-protected and loaded with apps that will help you track and find them in case they get lost or stolen. These apps allow you to remotely wipe the device if it falls into the wrong hands; you definitely don’t want to expose yourself to identity theft or allow someone access to your company’s network and client data. Also, never leave your device anywhere you wouldn’t leave your wallet.

Backup.

Mobile devices get lost and destroyed more often than desktop computers because you’re dragging them around from place to place and exposing them to non-gadget-friendly environments; therefore, make sure you are backing up all the data to the cloud. All it takes is a spilled cup of coffee to erase those precious family photos and videos; and most people don’t think about backing up their phone.

Take caution when connecting to free public Wi-Fi.

Hackers with routers and readily available software set up rogue hot spots for spying and serving you fake websites. They often name these hot spots something generic such as “Coffee Shop” or “Linksys” to fool you into thinking they are safe. You think you’re connecting to the coffee shop’s Wi-Fi, but you’re actually accessing the web through their portal. If you are going to use public Wi-Fi, simply use it for general web surfing, not shopping, banking or accessing critical data.

Turn off sharing.

If you use a laptop, you might have it set to share files and folders with other computers at work or home. However, you don’t want those settings “on” when connecting to a public network. When connecting to a public hotspot for the first time, Windows will ask you for a location type; choose “public” and it will automatically reset your settings to turn off sharing.

Carry your own connection.

If you’re going to access your bank account, go shopping online or retrieve critical data when traveling, invest in your own personal Mi-Fi connection. If you don’t have one and you need to make an emergency balance transfer or an immediate purchase to save a significant amount of money, it’s safer to use your cell phone. When banking, use your bank’s official app and sign up for any extra security they offer. For example, Bank of America’s SafePass program sends a text message with a 6-digit code to authorize a transaction. The code expires as soon as you use it.

 

Most Common Mistakes Businesses Make!

The right technology brings value to small businesses, but there are a few common mistakes that negate those advantages. Follow these technology tips to avoid five of the biggest mistakes small business owners make when it comes to business technology.

Mistake #1: Choosing the cheapest option

Everyone wants to save money—especially a small business where every dollar counts. However, when it comes to your business technology, cheaper isn’t always better. It’s smart to establish a budget. But make sure the business technology solutions you choose are capable of providing the support you need. Otherwise, you’re not saving money. Instead, you’re just wasting time.

Small businesses receive almost two-thirds of all cyberattacks. It’s tempting to think that large enterprises make much better targets for data breach, but small businesses are not immune to attacks.

Choosing to go cheaper on your security can be disastrous in the long run. Data loss, especially as a result of a security breach that threatens the privacy of your customers, is painful. You’ll lose time trying to correct issues, and you could lose credibility with your customer base.

“A survey of small-business owners by Nationwide found only 13 percent of respondents believed they had experienced a cyber attack. However, when owners were shown a list of specific examples of attacks, including phishing, viruses and ransomware, the figure of those reporting attacks increased to 58 percent.” – CNBC

Mistake #2: Investing on an as-needed basis

Being proactive when it comes to business technology is your best option.

Waiting until something breaks almost always ends up costing more in the long run. Not only that, but it can lead to downtime and a loss of profits. For example, if all of your customer data is on one computer with absolutely no backups and anything happens to that computer, you face the possibility of losing everything. Take action before you need it to ensure that your business runs more smoothly. Have a backup plan in place before you need it.

Mistake #3: Compatibility

A major factor in choosing business technology is figuring out what’s compatible with what you already have. Even if you have the best IT solutions available, if none of them work together you’re not going to be any more productive or efficient. That’s why with our partners, we make sure to understand each and every one of their unique network environments

Instead, there’s the best mix of solutions for your business.

Another important question when finding the right security-technology solution is to determine how the technology will integrate into current security equipment at the facility. Security technology, whether it’s cameras or real-time location devices, is not a cheap investment. More and more systems across the security technology spectrum can easily be integrated. – Forbes

Mistake #4: No business technology support

One of the most important factors in anything related to business technology is access to the support when you need it.

Partner with a managed IT services provider (MSP) who offers real-time support. That way you have help when you need it, and you won’t have to suffer unnecessary downtime.

Mistake #5: Using under-qualified people

Speaking of managed IT services, making sure you choose a partner who has the experience and background to deliver the kind of support you need. All MSPs are not created equal. Find out the history of any MSP you’re considering. How long have they have been in business? What do their customer reviews look like? Do they know your industry? Can you see their location?

And take every kind of support you need into account, from VoIP to cloud solutions. Make sure you’re working with a partner who is there to actually help you grow your business!