Category Archives: Uncategorized

Understanding Cyber Security Threats

The rise of new technologies has changed the way organizations operate, compete, and evolve. When deployed strategically, each of these emerging technologies can offer organizations a leg up in a fast-paced marketplace, greater insight into their operations, and more control over their business. However, the changing nature of our digital environment is also providing cybercriminals and bad actors with a larger attack surface—and more dangerous tools—than ever. The evolution of workplace technology has also increased the sophistication of cyberattacks.

Given this reality, it’s critical that managed services providers (MSPs) and their customers understand what cybersecurity issues and challenges they’re up against. As companies increasingly rely on connected technology, the stakes of data breaches are clearly growing.

What are the most important security issues facing companies today?

As companies become more reliant on their digital environment, their vulnerabilities to cyberthreats increase in turn. While this certainly doesn’t mean that organizations should forego critical IT investments to reduce their potential attack surface, it does mean that stakeholders need to stay aware of the specific cybersecurity issues that are most pressing to their companies.

Similarly, greater investment in the cloud means that an increasing number of companies are storing and processing proprietary data offsite. The expansion of cloud computing has enabled numerous benefits, including greater organizational flexibility and cost savings. However, relying on the cloud—whether public, private, or hybrid—requires careful cybersecurity protocol. While third-party providers may be responsible for the security of the cloud itself, customers are generally responsible for the security of the information they store and use in it.

What are the threats in cybersecurity?

With new platforms and capabilities opening companies up to new vulnerabilities, it’s critical that MSPs understand what tactics cybercriminals might use to take advantage of unprepared and unprotected organizations.

Across the board, cybersecurity threats that organizations have been familiar with in the past have become even more dangerous. Phishing—the process through which cybercriminals attempt to lure employees to click on links or download files to extract sensitive information—has evolved and matured. And while new technology like blockchain is specifically designed to be secure, users still have private keys that they use to conduct transactions at their specific blockchain node. Successful phishing operations could put these keys in the hands of bad actors and jeopardize the reliability of the network and the applications that rely on it.

Once cybercriminals have access to an organization’s network, the threats they pose are immeasurable. Bad actors may set up a cryptojacking operation in which they harness the resources of computers across a company to mine cryptocurrency, leading to significantly decreased performance. They may steal proprietary information—trade secrets that have the potential to jeopardize a company’s performance—and extort executives for ransom in return for not releasing it. They may even launch integrity attacks, effectively overwriting information in critical databases and allowing cybercriminals to commit fraudulent acts.

The full range of cybersecurity threats that companies face goes on, but the common link among them is that greater network connectivity across companies heightens the potential damage of cyberthreats. This means attacks that may have crippled one area of an organization in the past now have the potential to devastate the whole organization.

What are the challenges of cybersecurity?

The cybersecurity challenges that organizations face range from the internal to the external. On the one hand, companies need to safeguard proprietary information, protect employees, and earn the trust of those they do business with. This requires a shift in organizational culture that puts cybersecurity front and center and educates employees. On the other hand, organizations increasingly need to comply with government regulations as consumers become more concerned about their personal information. This poses new cybersecurity challenges for companies who will have to go to greater lengths to stay compliant with new regulations.

Internally, organizations need to recognize the importance of cybersecurity. Stakeholders need to be prepared to invest in the type of technology and expertise needed to secure their IT infrastructure and maintain that security around the clock. While cybersecurity may have previously taken a back seat to other business areas, companies now need to take a proactive role in monitoring their network and considering potential attack vectors.

Additionally, organizations need to confront the challenge of educating their employees in the reality of cybersecurity. From phishing attacks to ransomware, today’s workers need to be trained to spot nefarious activity, avoid engaging with it, and alert appropriate stakeholders as soon as possible. By educating employees on what threats the organization faces and what form they may come in, it’s more likely that massive breaches can be avoided and damage can be minimized.

How can MSPs support organizational cybersecurity?

Given the full range of threats your customers face today, it’s up to you as an MSP to secure their IT infrastructure and help protect their business. MSPs should consider how they can best deter cybercriminals, detect illicit activity, and defend customers’ networks.

The key here is having multiple layers of defense:

  • Patch management—Patching helps you ensure that all operating systems and third-party software is kept up to date with the latest security patches.
  • Endpoint detection and response (EDR)—EDR helps you identify potential threats at endpoint level and then respond effectively through automation.
  • Email protection—Since email is still the main vector cybercriminals use to get a foothold in an organization through phishing, being able to filter out potentially dangerous messages and attachments, can help reduce your attack surface.
  • Web protection—The use of malicious websites to get people to inadvertently download malware into their network is prevalent. Being able to stop staff from going onto known malicious sites by blocking access to them is and important layer of defense.

Interested in learning more about the benefits of partnering with ECMSI? Give us a call at (330) 750-1428 or visit www.ecmsi.com.

Unnoticed Hacks: Is Your Private Data Being Leaked?

It’s easy to notice that there are a plethora of threats to our personal data in today’s modern world. When we sign up for a new service, we’re risking our personal data falling into the wrong hands. But the worst part is that typically, there is no indication that our data has leaked.

Today, there are three potential leak sources that you should make sure you’re cautious of:

Mobile Apps

This is a problem that is more prevalent on Android, owing to the fact that anyone can develop, download, and install an Android app. Apple has iOS locked down quite tight but that doesn’t stop the occasional bad app from making it through the net. There are several different attack vectors that a mobile app can use to acquire your personal data.

Most of us live a significant portion of our lives on our smartphones, making them absolute treasure troves as far as our personal data is concerned. In some cases, apps will ask directly for the information that they want, although they aren’t always completely honest about what they intend to do with it.

As well as stealing personal and financial data, the same apps that used to leak user data are now beginning to steal user photos and use them to commit identity fraud. Most of us have enough data stored in our smartphones for someone to be able to identify us with relative ease.

Adware

A lot of app developers have chosen to fund their or support their apps through the use of advertising. After all, there are now a number of advertising networks that offer code app developers can freely add to their apps. This code will handle everything for the developer, leaving them with nothing to do but collect the revenue that they earn through it. In principle, it’s a great system – app developers get to earn enough money to maintain their apps, while advertisers get to display their ads to large numbers of people.

However, there are also a number of illegitimate ad networks operating. These often have the appearance of being legitimate advertising networks and the majority of them will even pay out what appears to be a fair sum to the developers.

The businesses that pay to be on the network, under the impression that their ads are going to be displayed to mobile users, pay the advertising networks according to the number of views or interactions an advert gets, but it is difficult to verify that ads are being displayed properly. There are ad verification services that can help advertisers to verify their ads are displayed properly. Unfortunately, cybercriminals are using very sophisticated methods to hide more ads on the page and make it look like they are being displayed legitimately.

These malicious adverts have been known to infect legitimate apps, unbeknownst to their developers. This is done by inserting malicious ads into the supply chain of a legitimate ad network. This attack is difficult to pull off but devastatingly effective.

Malicious actions performed by the app include showing ads outside of the visible area, constantly opening a browser using a legitimate link within the app in order to engage in targeted spear-phishing of the user, and stealth downloading malware.

Free Proxies and VPNs

A nefarious proxy is more of a threat than a VPN because with a VPN there is some degree of encryption, limiting what VPN providers can find out about their users. They can still monitor your activity, but with a compromised proxy, they will be able to read all your unencrypted data.

Data is a very valuable resource, so it is only natural that it would attract organized crime. However, few people realize just how prevalent it is and how at risk they might be. Always be careful what apps you install on your phone, especially if they aren’t from an official app store.

Recovery Time Objective and Why It’s Key to Business Continuity

If you have never seen or heard the term ‘RTO’ in the context of your business continuity plans or tests, then this will give you a solid next step to ensure that you’re in a good position. Unfortunately, nearly 80% of all SMBs are in the same boat, which has been and continues to be massively exploited by criminal organizations using ransomware to make money. Lots of it.

To paraphrase an old tech adage “if you can’t recover quickly, then it’s not a backup.”

What is RTO?

Recovery Time Objective, or RTO, is the time it will take to restore business operations in any event of downtime caused by hardware failures, ransomware infections, software errors, human errors, and natural disasters

Unfortunately, for many businesses, the problems that arise when RTO is not a key component of the plan isn’t realized until it’s too late. Many organizations have found this out over the last few years because of the ever-growing threat of ransomware attacks.

Many businesses with preventive measures and backups in place end up in a bad situation because their plan didn’t factor in the recovery time for restoring production databases or mission-critical applications.

What is business continuity and what role does RTO play?

Business continuity is the ability for a business to remain in operation despite risks and events of downtime and disasters. By the numbers, 80% of businesses experience some type of unplanned downtime.  Of this total, some experience catastrophic outages that knocks them offline for 3-5 days – and apportion of these never recover and ultimately out of business as a result of the outage.

Simply put, RTO is Business Continuity.  A proper business continuity plan includes:

  1. Identification of potential downtime risks
  2. Evaluating the business impact of those risks
  3. Identifying ways to prevent those risks
  4. Identifying ways to recover from downtime
  5. Regular testing of those methods against specific risks
  6. Regular re-evaluation of risks & methods

Evaluating Your Risks

Evaluating risks can start pretty general and become more specific as you get closer to making buying decisions. Once all systems are listed and evaluated, you can begin posing options for various disaster recovery options and RTO objectives. This will ensure that you have a plan that you need rather than a mix of “too much” or even worse, “too little”.

The benefit of this pre-planning far outweighs any time you saved by skipping it and “hoping” it’ll be enough. Every year, thousands of businesses discover that their “hope” was indeed a poor plan when something takes their business out of operations and they scramble to get back online.

Unfortunately, when it comes to recovery, there are no second chances. Call ECMSI today and get the backup and disaster recovery plan your business deserves! (330) 750-1428

www.ecmsi.com

 

Is Your Business Leaving Endpoints Exposed?

We all know the drill when it comes to data protection: make sure that you can failover servers and business-critical applications in the case of an outage, right? Well, in reality that’s only a fraction of the real picture.

Most businesses these days are either leaving data completely unprotected, or not sufficiently protected. Instead, this is what the data protection plan looks like for a typical SMB:

  • Servers, critical business applications: Disaster Recovery functionality is in place
  • Branch offices, remote workers, endpoints: EXPOSED
  • Cloud Applications: EXPOSED

While we’ve taken into account servers and mission critical apps, there’s in fact a large portion of business data that isn’t sufficiently protected. There are many reasons for this; Bring Your Own Device (BYOD) is one trend that presents challenges with endpoint backup and recovery. Cloud apps add yet another hurdle as they will generally have retention policies in place — say 30 days — but after that the data is gone. Forever. So how do we work around this in order to completely protect our business data?

As employees started creating, editing, and storing business data on laptops, tablets, and smartphones, it suddenly became a data protection concern that needed to be addressed. What would happen if one of those devices was lost, stolen, or otherwise compromised by hackers? What would happen if one of those employees became disgruntled and left the company – taking along with them, valuable business data?

Aside from the IT nightmare it presents, most businesses see endpoint data protection as an expensive add-on of which those budget dollars should be spent elsewhere.

So, what is the solution for endpoint data protection? First, consider the types of endpoints you have to protect within your business. For example:

  • Laptops
  • Tablets and smartphones

You need a solution that can protect across varying device types and operating systems. Next, centralize all this data in the cloud with a provider that gives you cloud flexibility. Remote backup and recovery from the cloud is especially important with endpoints, as they’re in distributed environments and can’t always be physically accessed by IT. Whether you have your own data center and need to utilize a private cloud or prefer to use a public or vendor cloud, it’s important to have cloud choice. When it comes time for a recovery, you’ll be glad you did. Transparent deployment that stays out of an end-user’s way will make make it much easier when rolling our your endpoint backup solution.

Once you have your solution in place, you’ll want to set up frequent backups — multiple times per day — in order to capture newly changed or created files. Backup all devices on any OS, protect it in the cloud, access it anytime, from anywhere. For IT, this solution will not only alleviate the historical problems and concerns with endpoint backup and recovery, but it will make their jobs easier in the long run.

For a more detailed look at endpoint protection tips and strategies, give ECMSI a call today!: (330) 750-1428

www.ecmsi.com

Ransomware Attacks: How are you protecting your business?

While you may be hearing that the total number of ransomware attacks declined in 2018, that doesn’t mean your data is safe. In fact, CyberSecurity Ventures predicts that ransomware will cost businesses $6 trillion by 2021 and Cisco considers it more profitable than the global trade of all major illegal drugs.

How do you truly protect your business? Here’s our checklist:

  • A major vector for an attack is an attachment in an email. You can do a couple things to safeguard from this vector. First, scan all attachments with a good anti malware solution and make sure the definitions are up to date and your solution provider has some protection from zero day attacks. Secondly, and maybe most important, is to train your staff to be weary of attachments –even if they come from a trusted source. If it looks suspicious, do not open it. If it is something that you feel may be important or it appears to come from someone you know, contact them and ask if they sent it. Another related vector is malicious websites that are a conduit for malware. Be sure your anti malware solution can block suspicious websites and web links.
  • Have a Bring Your Own Device (BYOD) policy and a solution of managing and mitigating the impact these devices have on the security of your environment. You need control over the notebooks, mobile devices, and tablets that enter your network. Your solution must provide you with sufficient visibility into what’s connected to your network and what those devices are doing. You need to be able to enforce policies that prevent users from accessing compromised websites or downloading suspicious files.
  • Run modern operating systems. Systems like Windows 7 may be user favorites and may support some legacy applications, but they are the cyber criminals’ dream. They lack the sophisticated built-in defenses found in operating systems like Windows 10. If your business uses Macs, you are not immune. Be sure to get users on the latest version of Mac OS as quickly as possible.
  • Patch every server, network device and endpoint with the latest security patch. This is critical as it can be an effective vector for attack and many IT departments are lax about patching.
  • Secure your network by deploying a layered approach; protecting your endpoints, network, email, and DNS layer. Do not ignore IoT devices. They are vulnerabilities too! They’re often ignored or even unknown to the IT department, but by removing simple points of vulnerability, you can effectively block the attack before it enters your infrastructure.
  • Protect your assets by segmenting your network to prevent an attack from being able to spread. Segmented networks will limit the number of resources that that can be attacked from a single entry point. This also allows you to deploy the strongest defenses where the highest value services and data reside without burdening the entire network with the expense and complexity of these defenses. This is all intended to ensure that your entire network is not compromised in a single attack and any damage that does occur is in the lowest value portions of the infrastructure.
  • Closely monitor network activity. This allows you to identify patterns of attacks before they can cause real damage. Deploy a good Security Information and Event Management (SIEM) tool and use it.
  • Most importantly, have a business continuity plan that details how to respond in the event of an attack. Carefully choreograph all the steps you need to take and what your users need to do to be sure they do not make the situation worse and are ready to resume work once your systems are back online. Core to this plan is a disaster recovery solution that is designed to restore your critical business functions quickly enough to avoid the effect of a prolonged outage. This is your life vest when all else fails and the criminal gains sufficient access to your systems to cause major damage. It is the only option available today that can foil every known attack.
  • Orchestration eliminates the panic by allowing you to rely on a pre-planned, automated, and tested recovery. To be effective, the business continuity solution needs to continuously protect your data and has orchestration that automatically restores your entire infrastructure, including servers, network devices and storage to an offsite virtualized environment. The automated orchestration is a key element because it translates to speed and predictability of the restore process when your team is operating under the pressure of an outage.

As we know, ransomware is on the rise and it is clearly here to stay. Ransomware is doing some real damage to businesses, and increasing in its sophistication to better target vulnerabilities. All businesses are at risk unless you take action to lower your susceptibility to an attack. The true fix is an effective business continuity plan that restores your systems and gets users back online as quickly as possible. For more information: Shane Nesbitt, IT Consultant – (330) 750-1428

www.ecmsi.com

Will Your DR Solution Rise to the Challenge?

This may sound like a familiar situation: You have the latest and greatest disaster recovery software available. You have carefully designed processes in place to monitor the system, to be sure that the backup jobs run when scheduled and all your data is protected. Your system supports Bare Metal Recovery (BMR) to dissimilar hardware, so you will be able to restore your systems on new hardware, if needed. All this gives you 100% confidence that, in the event of a disaster, you can recover all your systems and get your infrastructure back up and running. Sounds like your data protection plan is on point, but even assuming that you can recover these critical systems just as expected, we have some news for you. You’re still not properly protecting your business.

The problem arises from the fact that traditional disaster recovery was originally developed even prior to internet, when the pace of business was slow as a snail compared to today’s standards. Businesses could accept a longer Recovery Time Objective (RTO). Systems were less complex, which aided in making traditional disaster recovery an acceptable solution. The transaction rate of most businesses would allow a down time of a few hours with little problem, and even a day or two with some inconvenience. In today’s world, not only would such disruptions in vital systems be unacceptable, but the complexity of modern systems would add to the recovery time afforded by typical disaster recovery solutions. What is needed is a modern disaster recovery solution, that also provides business continuity functionality, at a price that everyone can afford.

In the past, disaster recovery solutions were so costly and sophisticated that only the largest companies had the financial resources to afford them (not to mention the staff to operate them). Only the “big guys” were able to benefit from virtual non-stop operation of their IT infrastructure. At the time, most disaster recovery systems consisted of duplicate environments idling along with a team to manage the failover — should the need arise.  Fortunately, technology evolved, and thanks to virtualization, orchestration, deduped file systems and the cloud, true business continuity is now available within the budget of companies of any size.

To get a better idea of the difference between legacy disaster recovery and today’s Disaster Recovery as a Service (DRaaS) solutions, let’s examine the workflow differences between the two solutions once a failure occurs. The goal of a traditional disaster recovery solution is to allow the restoration of individual systems back to physical or virtual hardware from some type of backup. The problem with this approach is several fold:

  • It is focused on the individual systems and not the entire infrastructure. This means that all the dependencies for services necessary for the operation of restored systems are a manual process and therefore slow and prone to human error. Imagine repointing IP addresses and MX records manually after the restoration of an Exchange server.
  • It is dependent on the limitations of the availability of physical hardware or virtual systems that are largely manually configured.
  • Typically, large amounts of data are moved from backup locations to target systems to complete the restoration of failed systems. This includes: operating systems, applications, databases and data. This is always a slow process.

In the end, this all adds up to a very time-consuming and tedious process, that often requires several attempts and re-work to get everything functioning as it should.

The goal of a modern DRaaS solution is to restore the function of the entire IT infrastructure after a single or multi-system failure, while minimizing human intervention and downtime. To do this, the business continuity solution leverages several key technologies:

  • Virtualization — provides complete flexibility in deploying any scale of machine at any location which allows your business to dramatically speed recovery time in the event of a disaster, and also allows you to test multiple disaster scenarios without affecting your daily operational processes, so that you can be ready at a moment’s notice.
  • Orchestration — orchestration creates intelligent workflows to support real-time recovery of applications by understanding the dependencies of applications and systems and ensuring that each process comes back in the correct order and in a completely automated fashion.
  • Data deduplication — one of the advantages of data deduplication is the ability to replicate a reduced data set to a remote location without the same network bandwidth requirements as conventional replication. It also makes it easier for replication to occur at any time due to the small amount of data that actually has to travel between locations.
  • Cloud based resources — having the ability to spin up applications and systems remotely allows complete flexibility for your business, even in the event of your primary business location becoming completely unavailable. It also provides complete flexibility and scalability for your business because the cloud-based environment is able to instantly provision any environment your business may require.

Interested in learning more about ECMSI’s layered security? Call Shane Nesbitt, IT Consultant, today at: (330) 750-1428

www.ecmsi.com

Why Do You Need to Back Up Your Data?

Your business data is the lifeblood of your company and the amount you are collecting and storing is growing all the time. Imagine the impact if you lost a day’s data, a week’s data, a year’s data, due to inadequate or infrequent back-up processes. What would happen—could you recover?

Why Do You Need to Back Up Your Data?

  • Simple Recovery. People make mistakes and frequently. Emails containing viruses are accidentally opened every single day. There’s no reason to stress about the issues if you have frequent backups to restore when you’ll need them most.
  • Audits and Taxes. Tax authorities are notorious for audits. It’s important for companies to maintain financial and accounting data for tax purposes.
  • Archiving. Backed up information streamlines the development of archives. With digital information, company history is in the making.
  • Data Loss Prevention. We’ve all heard about or experienced a tragic loss of data. The main reason for data backup is to save important files if a system crash or hard drive failure occurs.

How Can Data Be Lost Unexpectedly?

  • Computer Crashes
  • Virus/Malware Infection
  • Hard Drive Failure
  • Theft
  • Physical Computer Damage

Benefits of a Managed Backup

  • Low Cost of Ownership. A fully managed data backup and restore solution for the same or less than a capital purchase that you have to manage yourself.
  • Total Peace of Mind. You can rest assured that your business data is safe and being handled by experts, which means you can focus on your business.
  • Reduce Your Day-to-Day Operating Costs. While most solutions require full backups periodically or in some cases daily, our solution only requires an initial full backup then from that point stores only incremental file changes. This saves you money in storage space, data transfer costs and server load.
  • Safeguard Business Information. Since the solution takes backups in terms of changes, you will be able to recover files, even older revisions.
  • Ensure Business Continuity. Backup your most critical business applications to ensure that you can get quick access to restore systems that would have the most impact to your day-to-day operations if they were down.
  • Increase Productivity and Decrease Downtime. With our rapid restore capabilities, we will minimize the costs associated with lost productivity and downtime.
  • Detailed Reporting Information. No longer will you be unsure of how well your data is protected. We will provide you with reports monthly that let you know that your data is safe!

ECMSI’s Backup Solution

managed backup service from ECMSI ensures that all files are automatically backed up as frequently as every 15 minutes if needed. And it will likely cost less than your monthly phone bill. So, how much is your data worth?

Call Shane Nesbitt, IT Consultant, to learn more about ECMSI’s managed services, security services and backup solutions: (330) 750-1428

www.ecmsi.com

What is Proactive Security?

Almost every Managed Service Provider (MSP) will promise you a “proactive” cyber security approach. With the idea of a proactive approach, businesses small and large expect their MSP to prevent cyber attacks and data breaches and MSPs would like to ensure these issues do not escalate. It’s not always clear what proactive means. Here’s some additional information to ensure you’re receiving the best approach when it comes to your network security.

What threats are you facing?

Before any SMB can work towards the prevention of cyberattacks, it’s important to understand what threats you’re up against. You should review the most common cyberattacks in your industry at least a few times per year.

What is it that you’re protecting?

Take some time and document every company device that connects to the internet. Review what services you have to protect those devices and what they have access to.

Create a baseline of protection

Before you can start improving your cybersecurity approach, you need to know where your baseline is. Devise a handful of real-life scenarios and simulate them on your network. Network penetration testing from trustworthy IT professionals will help pinpoint weak spots in your current framework.

Finalize a plan

With an experienced MSP on board for the entire process, you can easily turn these findings into a layered proactive security approach.

An MSP will train everyone in your office about effective security practices such as spam awareness and proper device usage. They will also dedicate their tool set to ensure:

  • Software, licenses and patches are up-to-date
  • Dangerous and unsecured websites are blacklisted on your network
  • Training is provided for office staff to educate on the most effective security practices
  • Your data is protected and backed-up
  • Front line security defenses are put into place
  • and much more.

As soon as you focus on preventing downtime events instead of reacting to them, your IT infrastructure will increase your productivity. EMCSI offers a FREE Network Health Assessment to identify what devices are on your network and where your vulnerabilities lie.  Call Shane Nesbitt, IT Consultant, today to schedule : (330) 750-1428

www.ecmsi.com

Disaster Recovery: Is Your Business Ready?

Your organization is running like a fine tuned machine. Every single piece is in place from your employee’s to processes and the critical technology it takes to run your day to day operations. It has taken years to cultivate and get your process down, but it is all still a work in progress. There is always going to be obstacles that come your way that have to be tackled on to keep your business moving forward. The last thing your business needs while trying to grow and move forward is an IT disaster.

Disasters can come in many forms, events like hurricanes, earthquakes and tornadoes can definitely put a damper on daily activities, but the type of disaster that has been recurring more often and is more of a silent player are IT disasters. Equipment failures, ransomware and other malware can really cut down your businesses productivity and make it hard to focus on your core activities. When IT problems strike, companies are always faced with putting in more time and resources than they need to in order to fix these problems. Downtime is something no organization can afford to have.

According to a report from the IT Disaster Recovery Preparedness (DRP) Council, one hour of downtime can cost small companies as much as $8,000! But what are some of the major causes of this IT downtime? A survey from a disaster recovery service provider Zetta provided some common causes of IT downtime.

  1. Power Outage
  2. Hardware Error
  3. Human Error
  4. Malware
  5. Natural Disaster
  6. Onsite Disaster

IT systems these days are critical to the success of a business, it only makes sense that every business has an IT disaster recovery plan.  Imagine if your business is being held up by some malware, which if the right prevention tactics were put into place would have never even happened. It can be quite frustrating. IT disaster prevention is also a very specialized plan. These plans need to include the following:

  1. A Statement and overview of the goals of the plan
  2. Contact information for key personnel and disaster recovery team members
  3. A Diagram of the entire IT network
  4. Identifying the most critical IT assets
  5. List of software, licenses keys and systems that will be needed in the recovery effort.

For a small business owner these resources can be scarce and hiring those specialized in IT can be quite expensive. Small business shouldn’t have to worry about their IT, they should stay focused on growing their business and maintaining a safe, productive digital environment for their employees. A managed service provider like ECMSI can be your main partner in IT disaster recovery. An MSP will be proactive about your environment fixing up any issues that could arise before it causes any damage to your network. This leaves you with peace of mind that your business is safe and protected. Contact Shane Nesbitt, IT Consultant, today for additional information: (330) 750-1428.

www.ecmsi.com

Tips for Staying Safe While Online Shopping

Labor Day weekend. The time for family, friends, fairs, cookouts and…. shopping! While it’s undeniable that holiday deals are some of the best around, it’s important to always keep your security in mind before purchasing. Check out the below tips on ways to keep yourself safe while online shopping this weekend:

1. Shop Secure Sites Only

Prior to entering any of your personal or financial information, it’s important to make sure the site that your one is secure and legitimate. The easiest way to tell if your site is secure is to check for the “https” at the beginning of the site address. If you’re finding yourself wanting more information  on how to know if a site is secure or not, check out this link here!

2. Don’t Use Your Debit Card

When online shopping, it’s best practice to use credit cards or a payment service like PayPal. Credit cards offer more security and less liability is a card number gets stolen. Because debit cards are linked to your bank account, you become a much higher risk if someone is able to back your information.

3. Beware of “Too Good to Be True” Links

Before you start clicking around, take precautions on accessing links that seem a little too good to be true, especially on social networks. If you find yourself really tempted by an offer, save yourself the risk and do some research or find someone else who has tried to take advantage of the deal before clicking.

4. Create Stronger Passwords

We know. We’re always stressing the importance of stronger passwords. But unique and secure passwords are your best gate keeper when keeping your information private. Want to beef up the security to another level? Use a 2FA: you can read more about this here!

5. Outsmart Email Scams

Similar to avoiding click-bait links, beware of email scams. Email scammers send out malware and viruses by disguising them as “special offers” or “gifts”. Safe bet: Don’t open emails from people or companies you don’t know. Especially those who alert you that “there may be a problem with your account!” – if you’re genuinely worried about the safety of your bank account, give your bank a call.

It’s always important to follow safety protocols when accessing websites, emails and more. Score some great deals – but keep it secure!