Submit a Ticket | Upcoming Events | PCS Connect | Call us (478) 971-1834

Many businesses and people are struggling as the COVID-19 Pandemic. Closures of restaurants and bars, canceled events, and other restrictions force our society to practice social-distancing. In this time of need, we, as a group, are more prepared than most other industries to help our clients maintain their businesses through this crisis. As an MSP, we brand ourselves as partners to our clients, and now is the time for us to step up and help you, our partners.

These are scary times. Many businesses are closing their doors to help fight the spread of the COVID-19 virus. Unfortunately, businesses like restaurants, bars, bowling alleys and movie theaters cannot operate remotely because they count on patrons walking into their facilities. But certain sections of other businesses, like accounting, law, and even parts of the medical and dental fields can utilize the efforts of remote employees.

Much like the disaster recovery plans, we offer for technology, we can also help with the back-up solution of setting up people to work from home. We deal with remote employees daily, so it is something we’re used to figuring out and operating smoothly.

We also regularly use the internet to communicate with each other using platforms like GoToMeeting, Skype, and Facetime. Around this office we have daily meetings with remote employees, so we’re used to setting up access for meetings and special events.

The technology on our side allows us to maintain productivity and ensure life will continue at a somewhat normal clip. With that being said, we believe there are three key reasons why technology will pull us all through the COVID-19 Pandemic.

  1. Remote Work Capabilities: You may have never dreamed you’d be writing up your next big report with your child sitting next to you playing their online educational game, but here we are. Many employers have sent their employees to work from home in an effort to quell the spread of COVID-19. With strong remote access or VPN, work continues without a great deal of interruption.

  2. Virtual Events/Streaming: Events organizers across the country are canceling, postponing, or moving events online. Technology allows these events to continue without major hiccups. Artists taking to Facebook Live to perform, speakers moving to platforms like Zoom or YouTube, and church services across the world streaming, only reveals the tip of the iceberg when it comes to streaming technology.

  3. Communication: Video chat, online messaging, email, and phone communication will keep the world connected through this difficult time. We’ll quickly see how important it is to connect with our fellow man for work, pleasure, and sanity.

During these trying times, it is our job, as IT professionals, to help those who are in need. Whatever we can do to help our local businesses keep their heads above water will only make our community stronger. People helping people, and professionals helping businesses stay open.

It is unknown how long drastic measures stemming from COVID-19 will last, but with technology on our side, thankfully the world will continue to progress.

5 Tips for Successfully Working from Home

COVID-19 has forced event cancellations, school closures, and a consideration for remote work where possible. As more companies are sending their employees home to work, we compiled this list of tips to be successful away from the office.

  1. Reliable Internet: Nothing is more frustrating than having spotty Internet, especially when you’re trying to work on a big project through a remote access connection to your work computer. Most Internet packages available today will be fine. However, you might need to curb ancillary access of the Internet, like streaming and gaming if you’re trying to do something more than upload and download documents. If your Internet seems slow, shut down and restart your router/modem. This can sometimes speed things up for a while.

  2. Good Computer Hygiene: You know that “It’s time to update” pop-up that you’ve been avoiding for weeks? Take the time to update. This is most likely handled automatically by your IT team at the office, but your home system may be woefully behind, curbing your speed, as well as opening up unnecessary security holes. We recommend applying security patches as they are released to keep your computer up to date. Not sure if there are updates available? You can check your computer’s control panel for notifications. You can also try simply restarting your system. Often, the updates will kick into gear. 

To maximize effectiveness, watch the number of programs you’re attempting to run and browser windows you have open at any given time. Computers are not great multi-taskers; they will regularly switch between a multitude of processes (the instructions behind your applications) to complete commands. In fact, the number of processors in your system is the maximum number of things your computer can be “working” on at once, so if you’re seeing a drop-off in performance, take a moment to close a few programs that are not actively in use.

  1. Connect Securely: In order to protect your business, connect through remote access software or VPN. This will allow you to use your regular work desktop without risking business data in an open atmosphere. Consult with your IT team to review their plan for remote access as well as enterprise-grade antivirus before beginning remote work.

  2. Establish a Routine: When you go into the office, you have a clear routine. You come in, grab a cup of coffee, banter with your co-workers for a few minutes, sit down at your desk, and get to business. While it may be appealing to work in your pajamas, try to maintain as much normalcy as possible. Stick with a clear starting time and work schedule. Create an office space so that you’re not just piled up on the couch. Plan to get dressed and ready for the day, just like you’re going into the office. In essence, act like it’s just another day at the office.

  3. Over-communicate: You may find yourself feeling isolated pretty quickly when working from home. This is likely because you’re missing out on the short interactions and general banter with your colleagues. We highly recommend setting up a daily touch-base with your team in order to discuss priorities, work through sticking points, and to simply connect with other human beings.


Don’t be afraid to send more progress emails than normal. Utilize messaging apps liberally, and don’t underestimate the power of a video chat or meeting. If an email exchange is getting too long (more than three replies back and forth without solving the problem) pick up the phone.

Working from home can be an efficient way to keep a business running. When done right, you can be just as productive, if not more so, than at the office. Enjoy the opportunity presented by COVID-19 concerns to establish a new work normal, at least for a short period of time.

Due to the COVID-19 outbreak, many companies are considering work-from-home options to facilitate social-distancing and to keep their workforce healthy. However, it’s not as simple as sending your employees home, firing up personal laptops, and getting to work. Here are seven things you need to have lined up in order to successfully deploy your remote workforce.  

  1. Secure Remote Access: Employees should not have open access to everything on their work systems from their personal computers. This keeps company data protected. In order to be productive through this pandemic, however, employers will need to provide a secure connection utilizing VPN or remote access software. These solutions will mirror the employee’s work desktop without housing all of the data on the individual’s personal system, allowing them to seamlessly continue work.

  2. File Sharing Capabilities: While people will be working in isolation, they must still be able to collaborate. File sharing/group editing software will be critical to moving forward on creative or documentation projects through real-time editing, commenting, and versioning. Software like Dropbox for Business, Microsoft Teams/Sharepoint or Google Documents fill this need securely.

  3. Enterprise Level Antivirus: Basic home-level antivirus is not sufficient, particularly in secured industries. Extend your enterprise-level antivirus to home systems that will have access to your network in order to create an added layer of protection. You may also consider deploying firewalls on top of individual’s home networks to create the same secure connection employees experience in your office.

  4. Video Conferencing: Meetings must go on while people work remotely; however, voice-only leaves much to be desired in terms of tone and context. We highly recommend putting in place video conferencing options. You can implement something as simple as Google Duo/FaceTime, or something more feature intensive, like Zoom or GoToMeeting.

  5. Messaging Software: You can’t just spin your chair around to talk to your co-worker when working remote, yet it’s not efficient to always pick up the phone. We recommend implementing a messaging software like Microsoft Teams or Slack to open communication channels and allow employees to continue to interact quickly and accurately. Utilizing these tools, you can set up one-on-one conversations or set up channels to facilitate team communication.

  6. Phone: A strong VoIP solution will allow employees to take their office phone numbers remotely on their cellphones without giving out their cellphone numbers. Office calls will transfer seamlessly to the employee’s cellphones, voice mails will be sent via email, and the employee can dial-out using a phone application to maintain office functionality.

  7. Remote Access Policy: Prior to providing access to your employees, put in place a clear access policy that acknowledges that your company monitors whatever they do while connected. Employees should be encouraged to act as if they are on site even while working remotely and reminded that punishments for doing something illegal/against company policy will apply.

The COVID-19 situation is ever-changing. Schools across the nation have been closed and events have been cancelled. While it may make sense to keep your employees on-site for now, we believe it’s important to have a plan should you need to close your physical offices. Getting these seven pieces of the puzzle in line will prepare you to take your workforce remote. For assistance implementing these things, contact us today.

5 Reasons Hackers Steal Your Data

As professionals in the IT business, we all have firsthand knowledge that the web can be a dangerous place for anyone, especially if you run a business. The more we analyze security breaches, the more we ask the most crucial question: why? Why do people go through all that trouble to make life more difficult and dangerous for the rest of us?

Well, you can imagine that it differs from hacker to hacker. Just a  few common factors likely end up being the reasons why they do what they do and why they started in the first place. In today's blog, we’ll take a deep-dive into the villains of our story, and explore some reasons why they do what they do.

1.) Identity Theft

Though you may not realize it, you are more important than you think—well, more valuable, anyway. You might think of you or your company’s value in terms of what is in your bank account, or the assets you may hold. However, you probably carry more potential value that you don’t tap into, such as not opening additional accounts and not maxing out your credit cards.

Consumer Affairs estimates that the average loss for an individual involved in credit card fraud last year was about $2000. That number might seem a bit low to some, but remember that most people only have a few thousand dollars maximum available on their credit card at any given time. Imagine if your company’s credit card was compromised. How much could you be on the line for? Or what if someone opened accounts or took out loans using your stamp of approval? For many of us, the losses could be staggering.

2.) Ransomware

The last few years have taught all of us to fear that word. From small to large businesses, from individuals to local and national governments, no one is safe from these threats. As far as a reason for this type of attack, the answer is simple: hackers identify and attack victims that can give them a good return on their time invested.

When hackers hold an organization for ransom, the victim often ends up paying because they can't afford to operate too long without productivity. While some sources report that overall ransomware attacks are down, lately, they have become more sophisticated and demand more money to release the “hostage” data or systems.

3.) Mooching Off Your Equipment

Hackers generally have less money and fewer resources than the people they steal from. Sometimes the reason for the attack isn’t just for cash, but rather for access to available operating systems. This type of hacker is looking to take advantage of large servers with massive computing power for activities such as mining Bitcoin. Sadly, they probably don’t plan on giving you a cut. They’ll use your processing power late in the night and stick you with the extra electrical charges. Another reason why you should always check your bills!

4.) Because They Can

You could consider this to be the scariest category of a hacker since there's nothing that can be done to stop them. They can best be summed up in a quote from Alfred in The Dark Knight when he said; “Some men aren’t looking for anything logical like money… some men just want to watch the world burn.”

Since a person like this doesn't have anything other than personal accomplishments as a goal, they can be harder to catch and harder to convince to change their dastardly ways. For example, in one month in 2000, a young man by the name of Michael Calce (who used the handle “Mafiaboy”) took down the systems of CNN, Yahoo, Dell, and Amazon. All are substantial companies with state-of-the-art security systems. What was his grand reason for doing this? To prove that he could. While this is not the most common category of the hacking community, they can still be some of the most difficult hoodlums to deal with.

5.) To Sell Your Information

This is one of the more significant issues today. We live in an era where the greatest currency is information. Once hackers get their hands on information such as credit card numbers, passwords or even patient records, selling personal data on the Dark Web is very straightforward. To make it lucrative, they need to deal in volume. According to some reports, credit card numbers typically sell for around $10 a piece. For the same amount of time and energy it would take to steal your private information, they can accumulate hundreds or thousands of pieces of information by accessing your customers’ records.

The scary part is, once your stolen data is out there for the highest bidder to snatch up, you can be on the hook for damages. Currently, there are dozens of high-profile lawsuits in progress for businesses whose systems were hacked and now private and sensitive data from their clients are exposed for all the world to see… for the right price.

Regardless of the reason hackers do their dirty work, it’s up to us to protect the data we have access to. We just need to update our security systems and stay one step ahead of the criminals. If you don't feel that your current security measures are up to snuff, give us a call today! We'd be more than happy to assess your current set-up, and show you how you can implement a plan to make sure you won't be defenseless against those unsavory characters on the web.

The Risks of Cyberattacks with Windows 7

We hope you understand that this article is being written with tears in our eyes. After months of being part of the loud choir warning about the End of Life of Windows 7, some estimates state that up to 32% of all computers worldwide are still using this operating system!

Currently, the most common cyberattacks against small and medium businesses are phishing, malware, denial of service attacks, man-in-the-middle attacks, and ransomware. A man-in-the-middle attack is named that way because a hacker wedges a barrier between two parties who are conducting a business transaction. The hacker then becomes the liaison for data swapping, so it is easy to steal sensitive data. An SQL breach involves installing malicious code into a SQL server and then siphoning out the data. And we’ve all heard the latest horror stories on how ransomware is holding businesses, corporations, and even whole cities hostage.

Although the funeral seats of Windows 7 are still warm, the first major attacks and vulnerabilities are already starting to raise their ugly heads. As the OS becomes more and more obsolete and more information is passed from hacker to hacker on the Dark Web, the overall safety of your data becomes less and less.

Count the Costs

Data breaches do a lot more than just cause chaos in your office. Once your system has been compromised, you need to find a way to get your information back, either because you need it to function or because it may contain sensitive information. The 2018 IBM Cost of a Data Breach report calculated that on average, a data breach can cost your company $148 — per record. Many companies have hundreds, thousands or even millions of records!

Besides the costs of just having the records themselves stolen, think of the liability that those stolen records can expose you to. Think about lawsuits if your customers’ personal or financial records become available to the public. If you’re a medical office or happen to have medical files on patients, a hack can put you in hot water with HIPPA violations, which can put you on the line for up to $25,000 for each breached file. Clearly just on a financial level, making sure your company is protected is worth its weight in gold.

The Problem and Solution

So, what exactly are hackers looking for? In a perfect world, they can trick you by either downloading a virus or hooking you with a phishing scheme. However, computer users have become more knowledgeable over the years, so those scenarios have become only minor tools for hackers.

As the expression goes, “Every lock has a key.” Sometimes there are ways to get into your system that were put there by design and sometimes the programmers made a mistake and created a backdoor in the OS without realizing it. Either way, it’s usually only a matter of time before one or more hackers find their way into your system. Once one finds their way in, they rarely keep this information to themselves and often sell it or just give it away.

In a normal situation like this, once Microsoft is aware of the vulnerability, they will create a patch to remedy the problem. A patch is downloaded code that will update the part of Windows where the problem is located. It is always recommended that you download and install patches as soon as they become available.

The End of Life Problem

When Microsoft or any other company says that its software is at its End of Life, it usually doesn't mean that it will stop working. Rather, it just means that the company will no longer support it. In the case of Microsoft, that means that they will no longer provide security patches or any other updates in addition to not offering support from their techs. Really, it’s just a matter of time before the system becomes obsolete and holes are found in its armor.

Speaking of which, 2 security researchers at Guardicore Labs recently announced that the Barbarians are not only at the gates, they have already entered. According to them, a medium-sized medical tech company was hacked when pirates found a way into their system via WAV files. As we said, it’s just a matter of time before this grows to more and more ways to undermine the system of Windows 7 users.

The Obvious Solution

We’re not going to beat a dead horse on the topic, so we’ll just say that the best way to avoid these problems is by upgrading to Windows 10. But not so fast! Simply upgrading your OS is not going to keep you safe forever. Just because you will then have access to the safety protections that Windows 7 now lacks doesn’t mean it’s a one-and-done situation. You need to make sure that your systems are always up to date. Did you just get a pop-up for a new update? Stop what you’re doing and make sure that every machine on your system is updated. Having just one person put it off can put your whole network in danger.

We understand that there is a big difference between taking care of a single personal computer at home and a whole network of computers and servers at your business. Updates, especially on servers, can often be a time consuming and daunting task. That’s why we’re here to help. If you feel that you need a helping hand in making sure your system is up to date and stays that way, please contact us to see how we can assist.

Microsoft Security Flaws

Life can be ironic, can’t it? We’re not just talking about the “Rain on your wedding day” kind of irony, either. It seems that Microsoft and anyone who works in the tech field — ourselves included — have been harping about how Windows 7 users need to upgrade before its End of Life happened on January 14th. And what else happened on that day?

Well, Windows 7 did meet its End of Life, but the NSA also came out with a warning that Windows 10 — and all other platforms that Windows 7 users were supposed to move to — had a massive security threat. So, how important is this, and more importantly, how does this affect you and your business?

Conflicting Stories

Microsoft has been pretty tight-lipped about this whole situation and has already rolled out a patch, although they’ve only labeled this as an important update, not critical like they have for similar issues in the past. Industry experts feel this can be a way of trying to play down a major issue, making it seem like this is nothing more than a minor hiccup. This might have worked had the NSA not said anything.

The NSA has been notorious at finding exploits in Windows, as well as other operating systems, so they can conduct surveillance without asking permission from software developers. In fact, the famous Wannacry virus was believed to have spread so quickly because hackers found an exploit that the NSA was using at the time. The reason we bring this up is that if the NSA is making this public and not merely keeping it to themselves like before, it must mean that this is a major issue that risks the security of more than just a handful of people. We'll probably never know the real truth behind the matter, though we can guarantee that there is plenty of information that is not being shared with the general public. 

The Windows 7 Connection

Both Microsoft and the NSA made their announcements on January 14th, so it stands to reason that this must have been a known issue for a while. Which begs the question, why didn’t anyone say something sooner? More likely than not, it was probably because Microsoft had been pushing the Windows 10 upgrade for so long that if those who hadn’t upgraded from Windows 7 heard about the gaping flaw, it might have given them an excuse to hold back.

From what it looks like, the issue stemmed from a program that interfaces with digital signatures and determines whether or not a program is legitimate and licensed. Somehow there was a vulnerability in the sequence that opened a door so huge, even the NSA considered it too much of a breach of privacy for individuals and businesses. As far as we know, this was not an issue on machines running Windows 7.

So, I Might As Well Stay With Windows 7, Right?

Not so fast, buddy. Yeah, we’ll be the first to admit that this whole situation doesn’t smell right and was most likely the result of Microsoft trying to save face, but don’t make this is an excuse to stay with Windows 7 if you haven’t already upgraded. Security concerns are a fact of life and having one doesn’t make Windows 10 any better or worse than other versions. Think about your favorite version of Windows and it probably had dozens of issues that needed to be resolved over the years. Yes Microsoft indeed caused this problem themselves and it wasn't just a way in that hackers devised, but again, that’s to be expected from time to time. Both Microsoft and the NSA said that neither was aware of anyone having been pirated as a result of this vulnerability.

When it comes down to it, here is the hard fact of the matter: although this flaw in Windows 10 wasn’t great, it was fixed quickly, and any other issues or vulnerabilities will be continued to be fixed for the foreseeable future. Windows 7, on the other hand, is dead and is never coming back.

Think of it this way: would you still run Windows 95 on your computer? Chances are your answer would be an emphatic no. And why not? Most likely due to a lack of functionality and security issues. Well, if not Windows 95, why not Windows 98, NT, ME or XP? Probably for the same reasons as for Windows 95.

Although Windows 7 still works and was just recently updated, it’s no different than any other previous version of Windows. Those who still use older versions can be and are hacked regularly. Why? Because they aren't supported, so hacking them gets easier every day.

Looking Ahead

We understand that if your business still hasn't updated from Windows 7, there is most likely a good reason besides just being lazy. There are always several considerations to making changes, such as hardware upgrades, data migration, and even software compatibility. For a company that isn't equipped for all of this, upgrading may be an overwhelming prospect.

If you find yourself in that situation, please contact us to see how we can help your business move forward and stay there. Whether you need a one-time service or perhaps full MSP coverage, our team of professionals is here to help.

7 Reasons to Upgrade from Windows 7

It’s true that we’ve been running around like Chicken Little, shouting about Windows 7 End of Life, but you know what? The sky has fallen — Windows 7 is dead. That’s right, we are past the End of Life date and Windows 7 is no longer being supported by Microsoft. At least that’s what they are saying.

“But wait,” you say. “My computer system still works. In fact, I’m reading this on a Windows 7 computer right now!” While it’s true that Microsoft didn’t pull the plug on the operating system, that doesn’t mean that you should still be using it. And if you are clinging on to that dated technology, we’ll offer you 7 reasons why you should upgrade from Windows 7.

 

#1. No More Updates

Ok, so we’ll get the big issue out of the way first. Microsoft has ceased releasing new patches and security updates for Windows 7. You might feel safe for now, but hackers will soon learn how to get past the latest security barriers, as they always do. In the past that wouldn’t be that big of an issue as Microsoft would regularly come out with new patches. Something that won’t be happening now.

When hackers find a new way to get in, not only will they cause as much havoc as possible, they’ll also share or sell this information on the Dark Web. Then it will be open season.

 

#2. Large Target

Some people figure that if they continue to use the outdated OS, it’s no big deal since most people have already switched to Windows 10. The thought is that hackers going after a handful of people on the older systems isn't worth the time. Yes, most Windows users have indeed upgraded, but keep in mind that there are between 1.2-1.5 billion current PC’s running on Windows. The US Digital Analytics Program estimates that as of December 2019, 18.7% of those users were still on Windows 7, which would add up to almost 300 million users. If you were a hacker and you had a pool of potential victims who were using an operating system that is no longer supported, you would most likely dedicate your time trying to pirate their systems. The path of least resistance.

 

#3. Speed

The newer Windows OS is much leaner on the backend. Take booting up as an example. On average, you can save more than a minute starting up your computer. That may not sound like much, but think about how much time that saves over the course of just one year. Assuming you work five days a week for an entire year, that’s 260 minutes (4.3 hours) of you unnecessarily waiting at your computer. If you have a team of just 20 people, that would be 87 wasted man-hours every year!

That’s just the bootup time. Even web browsing is faster! The newer OS platforms use more web and cloud-based applications. Less network interaction between your computer and server means faster runtime across the board.

#4. Touch Support

When Windows 7 came out, touchscreens were still a novelty. Now, since everyone is using tablets and smartphones, more and more applications for touchscreens on PCs are commonplace. These can range from signatures to graphic design and beyond. Given, this alone probably isn’t a reason to upgrade your entire network, it’s still a great feature that we’re sure you could likely benefit from.

 

#5. Connect Everything

Ten years ago, we were all just babies when it came to connection. Remember taking pictures on your digital camera then connecting it to your computer with a USB cable? You know, like a caveman?

Now you can link your phone to Windows and have pictures, videos, weblinks and more instantly available on your workstation. You can also connect screens with a colleague or customer without having to download third-party software and go through a long process of trading logins. Lastly, and perhaps most importantly, you can upload and backup your documents using OneDrive. This is a great tool if you’re a very small operation or as a backup to your backup in a larger business.

 

#6. Your Software Has Already Moved

One of the many arguments we hear about is the cost and hassle of purchasing and installing new software. Sure, it might be a small investment to get with the times. but you know what? There are companies out there using software that runs on MS-DOS, too! You can only justify not upgrading for so long before you become obsolete.

Sure, there are indeed unique custom software programs that large companies — such as banks and hospitals — use that would cost millions of dollars to upgrade and migrate. However, for 99% percent of the rest of us, it’s best to just suck it up and move on with our lives. There are few if any programs out there that can’t migrate that are worth keeping around. Chances are that if your software hasn’t upgraded, there are probably a dozen others available that can do the job better.

 

#7. New Features

Wow, this is a big one. We could dedicate a month’s worth of articles about the new features between Windows 7 and 10. You’ll find new features that used to only be available with expensive third-party systems such as advanced voice-to-text recognition. Some updated features are beefed-up copy and paste abilities, the ability to edit screenshots, virtual desktops and even a digital assistant — Cortana.

 

At the end of the day, you really do need to upgrade no matter what. If you’re still part of the undistinguished group of Windows 7 users who aren’t sure what the next step would be in upgrading, we’d be happy to talk with you and go over your options.

Beware of Ransomware!

As we enter 2020 and look back on the past decade, we see how much business and technology have evolved. For example, smartphones went from being a toy that those dang Millennials couldn’t get out of their faces (and the real reason they don’t have jobs, according to everyone’s uncle) to one of the most important fields of computing and marketing. We have also seen the rise and domination of cloud computing and online retailing.

As we progress further into the future, however, old foes that once lurked in the shadows have become dominant forces of disruption. One cyber threat to our modern world that has been around as long as most of us have been online is the common computer virus. And those viruses seem to grow stronger every year. With the start of the new year, let’s go over what we should be concerned with and how to protect yourself and your business.

Enemy at the Gates

Without a doubt, the word that strikes terrors in mortals throughout the business tech world is ransomware. We’ve covered this topic in great detail previously, but due to the ever-present and ever-evolving threat, it’s worth revisiting regularly. In fact, just recently, the entire city of New Orleans declared a state of emergency due to a particularly nasty ransomware attack.

Essentially, ransomware is a combination of a garden variety virus and kidnapper. Once your system is infiltrated, a portion or all of your system is locked out and an automated process or live person sends you a message explaining your situation and their demands. Think of it as less “nice place you have here — shame if something were to happen to it,” and more of an offer you can’t refuse. Once the demands are met, your system and data are supposed to be released back to you.

The FBI officially recommends that you don’t give in to their demands as this will only feed the problem, though they have made it clear that they understand that it is often less expensive to just pay the hackers than have the problem mitigated. Sadly, although these criminals do typically honor their word, there is no guarantee. In addition, there have been stories of companies that went through the effort of getting control of their system back on their own, only to see that some or all of the data had been lost, deleted, or put up for sale on the Dark Web.

Are You Prepared?

In short, if you have to ask this question, the answer is probably no. Simply avoiding strange websites or having an antivirus isn’t enough. We’re not just talking about random guys with a computer on their bed looking for a couple of extra bucks. Due to this being a more publicized, successful and profitable scheme, we’re seeing both an increase in volume as well as sophistication.

These are pirate attacks. When we think of pirates, we may have an image of the Hollywood dirty, toothless, bumbling buccaneers. But the truth is that pirates in all forms have always had to stay one step ahead of countermeasures against them. A solution that worked a decade ago — or even a year ago — might be outdated now, and it could open you and your company up to an attack.

Don’t Let This Slide

Cybersecurity is something that far too many companies put to the side and don’t pay much attention to. The problem with that attitude is that one minute you’re safe and the next minute your company’s data is at the mercy of some shadowy figure from the other side of the world — at least as far as you know. This isn’t an easy fix, like certain health problems that grow over time and can be managed by making simple changes once discovered.

One of the biggest transformations in recent years is how absolutely everything is done digitally. From Grandma’s recipes to Amazon’s shopping cart system, very little if anything is done on paper anymore. Gone are the days of towering filing cabinets, as they have been replaced with towering servers, either onsite or at a hosting location.

Obviously, if you lose access to your data, that will put your company out of commission for at least a few days, but probably much longer. Also, if something goes south with the ransomware attack, losing your data altogether can be a gamechanger — if not a game-ender.

A third problem that could also arise is if the person hacking into your system decides to ransom, sell or out just leak the data itself. Going back to the idea of more and more information being available digitally, think of the damage that can be done to your business if all of your customer’s credit card information was auctioned to the highest bidder. Or, if you’re a medical office, what would the repercussions be if your patients’ information was leaked. These aren’t hypothetical situations — they are reported by the news on a regular basis.

The Situation Isn’t Hopeless

It isn’t all bad news. Thankfully, there are companies that are ready and able to help you combat these threats as they arise. If you don’t have a system in place to protect your company or feel that what you currently have is inadequate, contact us to see what we can do to protect you against the everchanging threats to your cybersecurity.

Remember: the best way to keep hackers out of your system is to make sure they don’t get in there in the first place.

Managing Your Cash Flow

Unless you run a not-for-profit entity, the point of just about every business is to make money. Ironically, for many businesses, especially small businesses, this is the easy part. The hard part is keeping that money. Between paying vendors, purchasing supplies and materials, paying employees, and even yourself, you may find your balance sheet just breaking even. But is this the best way to do business?

Before we get started, just remember that we are not financial or tax experts, so make sure to speak with your accountant or financial department before making any changes. Well, now that we have that out the way…

Balancing the Books

Unless you are a publicly traded corporation, small businesses often like to zero out at the end of the year to avoid undue taxes. Sadly, it seems that some take that to the extreme and seem to keep a low balance in the bank throughout the year. In fact, a study by JPMorgan Chase concluded that the average small business only has enough cash on hand to cover 27 days of expenses. This can be a dangerous game to play if you want to make any major purchases or if your industry fluctuates seasonally.

Just like in personal finance, experts often suggest having enough cash to cover costs for three to six months. While this seems great in theory, that might be a lot of money depending on what sort of business you have. Many industries, such as construction, often have material bills ten times their payroll amounts or more, which would make the six-month plan almost impossible. So, how can you know what’s reasonable for your business? 

Let Your Inner Nerd Lead the Way

Notice how we didn’t tell you there wasn’t any math at the beginning of this article. But don’t worry — we’ll make this as painless as possible. Before you can come to a number, think about your goals or previous experience. For example, if you have a seasonal business, how many months of “excess” do you have verse months of “lean”? If you have a stable workload year-round, do you plan on taking on more employees or want to make major capital investments? For the first scenario, merely take your average monthly inflow minus average outflow and multiply that number by the number of months you want to cover:

[Monthly Inflow – Monthly Outflow] x Months to Cover = How much cash you need on hand

It’s as simple as that!

For the second scenario, just adjust by including the estimated amount you will need for the investment divided by how many months you have to save for it included as part of your monthly costs:

[Monthly Inflow – Monthly Outflow + (Total Investment/Months to Save)] x Months to Cover

A little more complicated, but nothing most people couldn't handle, especially if working with a financial professional. However, to make this easier, you have two options. The obvious option to increase gross income, which is always good. The other option is to lower expenses. What are some easy ways to do that?

Cut Down on Costly Mistakes

In general, the more efficient you are, the lower your costs. But there are hidden costs that many small business owners tend to overlook. We all know that good help is hard to find and not holding on to it can cost you. In order to cut costs, it might seem like a good idea to not pay employees a competitive salary. However, in the long run, this ends up being counterintuitive. How so?

In this job market, the grass sometimes seems greener everywhere else. With the internet, finding those pastures requires very little effort. Having a good employee leave over a few bucks can mean being without their work efforts, and that should generate you much more than what you pay them. Besides, on average, replacing an employee can cost you a third of their salary out of pocket!

Another mistake is not planning ahead when it comes to technology. While many businesses have one or more types of insurance for protection, what arrangements do you have for your computers, servers or other electronics? Think about this: if your system goes down or you need to upgrade, how much are you going to have to spend, both out of pocket plus any downtime this might cause?

Most businesses don’t include this important factor in their budgeting, and, as a result, may get a big hit that will take time to recover from. For this and other reasons, a Managed Service Provider (MSP) is like an insurance policy for your company’s technology needs. An MSP will go over your needs and goals and come up with a monthly plan to make sure that you won’t have any surprises when you have known or unknown technology needs. This gives you the ability to put one more item on your monthly budget and one less thing to keep you up at night.

It’s Totally Worth It

When your business has a reasonable amount of cash on hand, you’ll be able to not only navigate the seas of uncertainty but be able to grow and prosper. With today’s information, take some time to do an honest reflection on where you currently stand and what might be best for your business. To see where we can fit into a plan to increase your liquid cash on hand via an MSP, feel free to contact us directly!

Keeping up with the Competition

You may have noticed in the past ten years or so, we’ve had more variety and better prices than ever before when shopping for — well, just about anything! This has been due in part by a global economy where competition is greater than ever. That’s great news for consumers but presents more pressure on companies to differentiate their goods and services from everyone else.

Regardless of what sort of business you run, there is almost certainly at least one other company that can do what you do just as well if not better. So, what do you need to do to get a leg up on the competition? Well, you can provide a better product or service, of course. But in today's business climate, you’ll need to go above and beyond that.

Pricing

The days of competing with a store across town are long gone. Unless you are a business that offers a local service that can't be done somewhere else (e.g., restaurants or barbers), you’re keenly aware that someone from another part of the country — or world — can offer the same thing at a lower price. When a consumer is browsing by price, a difference of just a few cents can cost you the sale.

Thankfully, you can use this system to your advantage. In the past, to see what prices your competitors offered, you had to either hear it from other people or go into their store yourself. Nowadays, you’re just a few clicks away from that information. Not only can this help you in adjusting your prices, but you can even see if the product or service you plan to offer can give you the income you need to be profitable before you even start.

Size

While many businesses can easily start off as a one-man operation or just a small office, being too small can hurt you in the long run. Having too small of an operation might cause you to not be able to handle the amount of clientele you need to stay competitive. Being small may also slow down production due to having too few people responsible for too much work. While running a lean business may seem to be the most cost-effective approach, be realistic about your business goals. Even modest growth in your operation can have astronomic results in overall business if done right.

Employee Relations

There’s a reason why any company of size has a human resources department. If there is trouble amongst your employees, it can eventually affect the bottom line. They say that good help is hard to find, but any business owner or anyone who’s worked in management can tell you that isn’t always true — good help is hard to keep! It’s little wonder that many companies, when measuring success and failure, use a metric known as employee churn rate. This measures the percentage of the company’s workforce that leaves and has to be replaced. The higher this number, the more unhappy the employees in general, and this is often reflected in the profitability of the company as a whole.

If you work in a professional or specialized field, where do you think those ex-employees end up? Often in the arms of your competition or occasionally starting their own company that competes with yours. One of the most notable examples is Dave Thomas, who many forgot worked for Kentucky Fried Chicken (Now just KFC) before using the skills he learned under Colonial Sanders to open his own company, Wendy’s, which is now one of KFC’s biggest competitors. Imagine how things might have turned out if they were able to keep him satisfied?

If your employees aren’t happy with their jobs, how do you think that will affect the quality of their work? How will they treat your customers? As famous businessman Richard Branson once stated: “Clients do not come first. Employees come first. If you take care of your employees, they will take care of your clients.

Stay Out of the Stone Age

For better or worse, customer expectations can often be more important than reality. One of the things many customers expect these days is that if a company isn’t using the latest space-age technology, at least they should attempt to keep up with the times. For example, how would you feel about hiring a company that is still using Windows 98?

In addition to superficial perception, there may be some substance to that argument as well. Many older versions of software lack features that we now take for granted as being standard. What’s more, older versions of software can also be dangerous. How many times have we heard of common software (such as Java) that had a flaw that hackers were able to exploit? Besides, even if the version doesn’t have a defect, older versions of most software can and will eventually have ways to let in cyberthreats to either you or your clientele.

Along with aging software, older hardware can be detrimental to your competitive edge. Out-of-date or inefficient hardware can leave you unable to deliver what your customers expect or make the end product a lower quality. While you don’t have to purchase equipment every time a new advancement comes along, keeping an eye on what is generally being used by your competitors will at least keep you even with them.

Consider Outside Help

Technology is a tool for your business, either on the frontend or backend. Make sure your equipment, software, and data management are all up to date and optimal for your needs. If purchasing those items is cost-prohibitive, you might consider utilizing a Hardware as a Service (HaaS) or Software and a Service (SaaS) arrangement to keep up with the competition. If you feel that your company would benefit from this, contact us today to set up a consultation to help you sharpen your competitive edge.

As we head into this new decade, it’s more important than ever to stay competitive. You’ve worked hard to get your company this far. Don’t let it suffer by not keeping up with technology’s ever-changing advancements.

Is It Time For a Server Upgrade?

While many of us may not physically see our servers as often as we see our personal terminals, we interact with them directly or indirectly daily. Within your office network, the server is the heartbeat of the entire system. Since we rely on them without directly interacting with them we tend to forget that they’re there. However, just like with any other type of computer, servers can expire and need replacing from time to time. Have you checked your servers lately?

 

Section 179 Deductions

For those that have been following our blogs this month, you’ll recall that our topic is Section 179 tax deductions. As a quick recap, this is a section of the tax code that not only allows you to write off purchases made for business purposes, it will let you take the full value at one time versus the past option of making you deduct a depreciated percentage over multiple years. While it doesn’t give you credit for the total cost of your business investments, it does allow you to legally avoid paying tax on the funds used for these purchases.

The purpose behind Section 179 is to give businesses a break when they are just starting out or are expanding, therefore allowing them a chance at making a profit (or at least avoiding too much of a loss) while making major purchases. While the total amounts are subject to change, the law currently allows write-offs of up to $1 million for single purchases and a maximum of $2.5 million total per year.

As always, we need to remind our readers that we are not tax experts and this information should not be taken as the final word. Every business and situation is unique, so please consult your company’s CFO or other tax and accounting professionals before making any decisions or purchases.

 

Are You Ignoring Your Servers?

As we mentioned earlier, your servers can be an “out of sight, out of mind” affair. However, if you’re working on an internal network, (in the same building or remotely), you are likely interacting with one or more servers throughout most of the day. Just like with terminal computers, they are subject to a finite lifespan, either becoming obsolete or just wearing down. This can cause several potentially critical problems for your business. For instance; network speed might become an issue. This can affect how quickly information travels to and from the server and your computer or between users of the network itself.

In addition, storage can become difficult to access. While servers typically have much more capacity than the average desktop or laptop, that isn’t to say that it’s unlimited. Cloud storage and data back-up are becoming increasingly popular these days, but that’s not to say that there aren’t situations where it would be preferable or necessary to stick to a local, physical server. For example; if your office deals with sensitive medical information you’ll need to remain HIPPA compliant, and cloud storage may not be a safe choice for you. That means you’ll have to be extra diligent about keeping your on-site servers and back-up systems healthy.

 

Backups Don’t Last Forever

Many of us remember when we first used floppy disks or CDs for our computers, thinking about how they would outlive us — only to have our expectations dashed with corrupted data after just a few uses. Back-up systems in any form have their limitations, such as magnetic tapes becoming demagnetized or servers getting an unexpected electrical charge. Whether you’re using a back-up drive or a physical format, you need to understand that if you are archiving information that needs to be stored indefinitely, you’ll need to plan to transfer that data to another form of storage every 5-10 years depending on technological advancements.

There is a fairly new medium called M-Discs that, due to their unique material and technology, are reported to keep data safe for 1,000 years. While that may be theoretically possible, try to convince the horde of dads who bought those 100-year lightbulbs for $40 apiece only to have them burn out in about a year! Remember that no matter what the company selling to you may say, nothing is permanent. If your data is worth keeping, it’s worth transferring every few years.

With that in mind, as the year comes to a close, perhaps this would be a good opportunity to look over your current equipment and see where you stand. If you can’t find any records to tell you the age of the drive, checking to see when the first files were transferred could be a good place to start and at least give you a good estimate.

 

Now’s the Time!

Remember that both servers and back-up devices are important elements of many pieces of equipment that need to be updated and replaced at some point. If you’re coming to the end of 2019 and finding that you had a better year than expected, or have unused funds sitting around, take advantage of Section 179 deductions so that you can lower your tax liability while making business-critical equipment upgrades.

You’ll never know what tomorrow will bring, let alone next year or the year after. It’s impossible to predict if you’ll have the funds when the servers or backups fail or simply don’t have the time to address the issue. By upgrading your equipment while we’re still in tax year 2019, you’ll be setting yourself up for success for next year and possibly the years ahead!

Windows 7 Replacement

The worst kept secret in the IT world right now is that Microsoft will end support of Windows 7 on January 14th of 2020. If you’ve been following this story at all, perhaps you’ve seen that  many people are discussing this across all industries. And if you haven’t been following it, you’re probably wondering why this is such an important topic. It is important because it may affect you and your business.

 

Why Windows 7 EOL Matters

It may be hard to believe, but Windows 7 has been out for over ten years! At the time it came out, it was heralded as a new beginning for Microsoft -- since they were just coming off of a series of disastrous releases mixed in with their successes.  (If you don’t remember Windows ME, you’re better off). The next version that came out, Windows 8, appeared to be another dud, so many users held onto Windows 7 as it was a proven operating system. Unfortunately, this has stopped many users from upgrading since then. In fact, some estimates from earlier this year show about 1 billion computers still running Windows 7!

What End of Life for Windows 7 means for you is that Microsoft will no longer provide support or updates for that operating system. While there will be some exceptions, (you will be able to pay substantial fees for certain updates and limited support), all Microsoft support will be done away with within three years. Even so, the cost of this supplemental measure is more than updating to Windows 10, so why spend money on a dying platform?

Hackers are paying attention to this deadline, so you should too. Older versions of Windows, for both computers and servers that have surpassed support, have continuously become victims of hacking campaigns. Remember; when a hacker finds a way into Windows, the team at Microsoft figures out how it’s being done and will send out a patch, which is the whole point of security updates. With Windows 7 being at the end of its life, once the updates come to an end and a hacker finds a way to exploit the system, you can be sure that he’ll be telling all of his friends how easy it is to breach.

 

Section 179 to the Rescue!

With all the new security benefits plus the updated features of Windows 10, what possible reason could someone have for not upgrading? One of the most common reasons is cost. While upgrades used to be free, Windows now charges $99 per license to upgrade. That can be a significant charge for anyone, and it’s especially costly if you have to purchase software for  multiple terminals.

As we’ve mentioned in previous blogs, Section 179 allows companies to take deductions of the full value of the property purchased for business purposes within the same business year. If you make the purchase this year, you can upgrade the software on your office systems and take it as a deduction on your 2019 taxes. While that doesn’t exactly eliminate the cost, it will make your burden much easier to bear.

 

Not Just the Software 

The other reason for not upgrading is that while businesses would like to upgrade, their hardware won’t support the new OS. This is a valid argument since many of the machines that came out around the time Windows 7 came out, which is ten years ago, are not able to support Windows 10. Or would run very slowly at the very least. If you find yourself in this camp, the fact is that you’ll need to upgrade your hardware to use Windows 10.

However, if you are currently using computers and servers that are out of date, it would probably be in your best interest to upgrade for reasons other than just Windows. Many other software programs that you currently (or would like to) use may not be able to run their latest versions on these terminals as well.

Just like with the OS software, while there is an upfront cost involved, you would be able to include any hardware updates with the other Section 179 deductions that you currently have for the tax year 2019. Note that this also includes any related costs. For example; you may pay for shipping or set-up in addition to the actual cost of the machinery, so you can write that off, too. Did you include service contracts, warranties or insurance fees? That would be included in the deduction as long as it is implemented this year.

 

The fact of the matter is that time is running out. Thankfully, Section 179 deductions help to lessen the blow of the cost, though this isn’t something that can be pushed aside indefinitely as there are real consequences to consider.

While we are discussing the theme of Section 179 deductions in our blogs this month, we need to remind our readers that we are not tax advisors. The information we provide is for general discussion, and before making any decisions, please speak with your company’s CFO or other tax and accounting professionals. That being said, remember that current Section 179 laws allow you up to $2.5 million in deductions that you can write-off in 2019. If you find yourself in need of a system upgrade, now is the time to do it!

 

Writing Off Major Purchases for 2019

Managing a business is a lot like managing your weight — if you take in more than you put out, then you'll have major gains at the end of the year. And with both business and personal weight, those gains can have consequences.

As a business owner, the goal is to make as much profit as possible, but remember that those profits come with a nasty little caveat: taxes. The higher the profit, the higher the tax. Thankfully, this year Uncle Sam will show some mercy come tax time in the form of Section 179 deductions. As a disclaimer, we are not tax advisors and any planning or decisions should be reviewed or undertaken by your company’s CFO or accounting professionals. Look at this as an overview to motivate you to take advantage of this new law.

 

What Are Section 179 Deductions?

When we talk about 179 deductions, these are the classic "write-offs,” but with an extra benefit. With many write-offs, you can only take partial deductions over a few years. For instance, you buy a car for business but you can only write off a portion of the car’s value for the next five years. By definition, Section 179 in the tax code allows a business to deduct the value of a property that was purchased for the business against any profits (or losses) that may have been made throughout the year it was purchased and implemented, thus lowering the total tax burden. This “property” falls into the following categories:

Business Personal Property: This would include anything purchased for business use that isn’t bolted to a floor or wall. This includes furniture, computers, software — even paper and pens!

Machinery and Equipment: This includes items purchased for businesses that are too large to move or might physically be bolted down. An example of this would be a printing press or conveyer belt.

Business Vehicles: These are cars or trucks that have a gross weight of more than 6,000 lbs and are used exclusively for business purposes.

Listed Property: This is property used for business purposes. What’s interesting here is that it doesn’t have to be 100% business-oriented, though you can only write off the portion that is used for business in proportion to time used. For instance: if you have a home office and you work for eight hours a day for five out of seven days in a week, that means that your home would be used for business purposes about 23.7% percent of the time and therefore you could possibly write off 23.7% of your mortgage.

Capital Improvements: If you make improvements to a building used for business, you can write off that expense. This also includes items like air conditioning or alarm systems.

 

What Does This Mean For Small Businesses?

 It would not be an over-exaggeration to state that many small businesses wouldn’t exist without these deductions. While Section 179 deductions may just mean larger profits for large corporations, they may end up being the entire profit margin for a small business. One reason for this is that capital expenditures make up a larger proportion of the total costs of smaller businesses compared to larger companies. Having the ability to take these write-offs in a single year can make all the difference in the world.

In addition, by having the ability to purchase equipment and property on such favorable terms, a small business may be able to purchase more than they initially planned on, thus helping them grow at a faster rate. On the other hand, if a company doesn’t need more equipment or other purchases at that moment, they could invest the tax savings in other ways, such as hiring more employees, which can also contribute to business growth. As of 2018, limits have been raised from $1 million per qualified capital purchases up to $2.5 million. This is certainly more than enough for most small businesses!

 

Include Deductions In Your Budget

Some view tax deductions as a bonus, but that shouldn’t be the case. When creating a budget, deductions should be included as a part of your income or at least as a justification in increasing expenditures. Small companies, especially when new or in a growth phase, need all the liquidity they can get.

As we are nearing the end of 2019, are you finding your company has extra funds sitting around? By taking advantage of Section 179 deductions, perhaps you’re now realizing that you will have more to write off this year than initially thought and you’ll have a lower tax burden than you’d planned on. Therefore, you may want to consider investing in yourself for next year. Budgets for newer businesses are notoriously difficult to plan since income forecasts won’t be as predictable as they are for established businesses. While the economy is strong at the moment, we all know that this can change at the drop of a hat.  If things are going well this year, it would be smart to capitalize on that by getting ahead of some of next year’s purchases.

That extra ten pounds you’ve gained this year may not be doing you any favors, but the gains your company made will not only put more money in your pocket, it can also help you invest in the future. If you have any questions, consult with your tax professional to see which Section 179 deductions can be a boon to your bottom line.

Utilizing a vCIO

Using technology in any business is an absolute necessity in the modern world. For this reason, most larger businesses employ CIOs to oversee the technical aspects of business, ranging from purchasing to implementation and maintenance.

While this may work for large corporations, many smaller businesses find themselves without a single, dedicated IT professional on staff, let alone a department with a CIO. However, that’s not to say that companies of this size wouldn’t benefit from this type of support. Are there other options available?

vCIO

A term that has become common in the small business world is vCIO or virtual Chief Information Officer. No, this isn’t some sort of hologram that shows up to company meetings. It’s possible for an individual to fill this role remotely, but it's best to hire a Managed Services company to perform the tasks the CIO would.

There are a series of reasons why a Managed Services provider would be beneficial. First, this type of service usually costs less than the salary of a dedicated person with the needed qualifications. While individual humans tend to make mistakes from time to time, a team of people doing the work has more checks and balances in place to make sure that the job is being done well. Beyond these generalities, what exactly are the benefits of a vCIO?

Seeing the Big Picture

Two of the major jobs of a CIO is to create the entire technology system as well as plan for the future. Are you planning on expanding the number of computer terminals? Perhaps you will eventually move your server storage to the cloud? What sort of backup system is in place currently and how are you budgeting for upgrades and maintenance? A vCIO would make these types of plans for you. Naturally, you make the final call, but they put forth an expert recommendation with a plan for follow-through.

Taking Care of the Little Things

The more technology is running in any given operation, the greater the likelihood of something breaking. Most small businesses don’t have the time or expertise to handle the day to day maintenance of their systems without diverting attention from other areas. Even if an employee has the time and does well with his/her home network, business equipment should be in a category far above consumer-grade. For instance, maintaining a server with a Windows Server OS utilizes a completely different skillset than using Windows on a desktop PC.

Along with the previously listed points, efficiency is a major benefit of using a vCIO. Let's say that someone in your company is technologically inclined. If an issue arises, that would take them away from their normal duties. In addition, the amount of time and effort you need to fix the problem may be much more than someone who deals with similar issues regularly. Think of having to search for passwords and how long it may take to look up error codes online. In the end, you'll probably still need to bring in outside help, taking even more time to fix what would be a routine task to a dedicated managed services professional.

Never on Break

The only thing that is more of a burden than hiring a dedicated IT professional is hiring an entire team. Many businesses have some sort of operation running 24/7. Even if you have someone on staff, how many hours can they work in a day or week? What happens if they called in sick or take a vacation? vCIO services will have people on call around the clock, day and night. If it breaks at four in the morning on a Saturday, a vCIO will address it well before someone shows up Monday morning, unable to work.

Just in Case

Once the systems are up and running, support issues tend to drop. Does that mean that all your needs are met? Well, even the most skilled backyard mechanic needs to bring their car into the shop occasionally. There will be times when a system needs a major overhaul, such as hardware or software upgrades. This requires a large amount of time and expertise. If your company finds itself in an emergency, like a virus spreading through your network, you need intense intervention. A vCIO can help you weather such a storm until you’re able to get back on your feet. For many companies, these are the sort of situations that convince them that they need a vCIO moving forward.

As we’ve discussed, vCIOs may or not be the best solution for your company. However, if you currently find yourself without a dedicated, technical professional on staff, you may want to research your options. A relatively small investment in this sort of service will, more than likely, pay off big in the future.

Plan Your Technology Refresh

You spend your whole life up to date with every new singer and song. Then, one day, you realize that you don't recognize anything on the radio, and they don’t make music like they used to. You start to avoid the new stuff only listening to things from your college days.

While in your personal life this attitude might work for you, in the business world, this could be devastating, especially when it comes to your network. We live in an age where virtually all companies utilize technology. If you consistently hold on to older technology, you could find yourself going the way of the dinosaurs.

The March of Progress Waits for No One

There are certain technologies you can use for a decade or more while others become outdated within weeks. Of course, how and when a technology becomes obsolete varies depending on a variety of factors. For the sake of this discussion, we will use two different terms: Functional obsolescence and absolute obsolescence.

Absolute Obsolescence occurs when it's physically impossible to use the technology. For instance, a computer without a modem or ethernet port would make connecting to the internet impossible. Utilizing a line of business application that runs solely off floppy disks also falls in this category.

Functional Obsolescence is a bit different. This is when something technically works but is not advisable. An example of this would be using Windows 7 after January 20, 2020. Although possible to use, you're asking for your system to be hacked and files compromised due to security holes. When it comes to software, utilizing older software often limits its functionality. Think of trying to create a .docx file (current MS Word format) while using Word 97 (only capable of .doc). It’s like trying to get blood out of a stone.

Keep yourself informed about end dates. Be proactive with update schedules to make the prospect of upgrading less of a burden. Be aware of when certain parts of software will no longer be supported so that you can plan for a transition. This will make normal operations significantly smoother, as well as make it easier to recover should you ever experience a data loss event. 

Perception is Everything

Besides the explicit risks of using obsolete technology, we need to consider perception. Using updated technology displays success and professionalism. Perception is worth its weight in gold when it works in our favor. In certain industries, there is massive competition between individual providers and customers can have very little reason to choose one over another, so this perception is critical.

There’s a reason why companies who invest in new technology often spend good money to advertise it to the public. Unless a potential customer is familiar with the expertise and reputation of your company, they rely on signals like your technology. Using noticeably out of date technology can leave a negative impression and make them think twice before doing business with you.

The Bottom Line

A generation ago, using computers was a luxury. However, that is no longer the case. From web designers to lumberjacks, just about every industry requires technology to some extent. Instead of trying to fight it, proper planning and implementation can make this fact of life work in your favor.

Consider it time to plan a technology refresh. Since everyone is in the same boat, there are plenty of options to accommodate even the most tech-illiterate user. Subscription services have become an immensely popular option for software, making sure that users always have the most current versions. For those that have an idea of how often they need to replace their hardware, Hardware as a Service (HaaS) programs may be your best bet. You pay monthly or yearly for not only maintenance but also for the eventual replacement at a set interval, taking the guesswork out of upgrades.

But when it comes down to it, much like the rest of life and business, balance is key. You shouldn’t make new technology your center of focus, but try not to be stubborn about upgrading, either. Remember, while you may be comfortable rocking out to the oldies, there’s still plenty of value in what’s new and fresh.

When Should I Upgrade My Technology?

When is the worst time to decide you need a new car? It’s probably when you’re on the side of the road in your old, broken down clunker that just won’t run anymore. Hopefully, you’ve never experienced that before. Unfortunately, businesses often find themselves in that exact situation when it comes to their computer systems. As businesses are increasingly dependent on technology, it’s ironic that attitudes about their upkeep and replacement remain lax. Why is that attitude dangerous and what can you do to combat it? 

Break/Fix Cycles 

There’s a good reason why you wouldn’t want to buy a new car, or a new computer system, right when the old one dies – desperation. Either you will buy a replacement that isn’t right for you or one that costs way too much. 

Waiting until a computer, server, or another device is completely unusable is unwise. This can result in going over budget or having to compromise the actual needs just to get someone running. Take the time to develop a relationship with a Managed Services Provider or VAR to plan what you need for a technology refresh. Get a general idea of how long your systems can reasonably last (typically 3-5 years depending on equipment and usage). We recommend you create a schedule for replacement on a regular basis. In doing so, you’ll be able to divert resources to make it less of a burden when replacements are necessary. It’s best to plan this out before you are desperate and end up making rash decisions that could end up costing you more than you bargained for. 

Embracing the Technology Curve 

While you don’t want to wait until you have a steaming heap of broken technology, you also don’t want to swing in the opposite direction. Purchasing everything at the bleeding edge of technology guarantees that you will get a version filled with all the bugs that software and firmware updates eliminate over the first months. As with many aspects of life, you must strike a balance. Keep an eye out for any advancements in hardware or software that you (currently or could potentially) use that would make a noticeable improvement for your operations. Then, make a plan for making that purchase. Lean on the guidance of your IT support professional or team for timing that makes sense. 

New Options for a New Generation 

The amount of tech needed for even non-technical industries is increasing by the year. This can present new challenges for a new era. For example, for thousands of years, contractors have used hammers, saws, and other tools for physical tasks. Now they use tablets for blueprints, smartphones for communication, and desktops for billing and documents. That doesn’t take into account the administrative offices for larger construction companies. If construction companies need all this tech, imagine the changes in other industries as well! 

Operating in this new age requires more expense and logistics. Thankfully, there are options to address these new concerns beyond simply “go and buy what you need when you need it.” That’s exactly where a Managed Services Provider or IT team comes in. 

Dollars and Sense 

With your IT department or services provider, develop a monthly and annual budget for technology. Scour past spending numbers to determine reasonable, realistic amounts, as well as where you may have excessively spent due to desperation or the desire to be on the cutting edge. We have found that systems typically last about 3-5 years. Craft a budget that makes sense with this particular refresh cycle. 

Having a fixed budget in place will help you avoid surprises when technology spending comes up. In addition, take a look at subscription services for both hardware and software. 

Instead of charging one time for software without ongoing updates, products (such as Microsoft Office 365) now charge on a monthly or yearly basis. This allows you to know exactly how much you’ll need to budget as well as ensures you have the most recent version, features, and security updates. 

Technology is a part of business that won’t be disappearing. By doing your research and planning accordingly, you can successfully navigate when it’s time to upgrade. 

 

Cybersecurity for Small Businesses

If you own or run a small business you know, better than anyone, that it’s not easy work. It takes a lot of time and energy to meet the demands expected of you every week. That's why certain aspects of running a business, such as cybersecurity, often take a backseat to other, more urgent issues. Many small business owners look at cybersecurity as something they’ll get to when they have the time. Others rely on whoever in-house knows the most about computers. 

Some employees might have the basic computer knowledge to get by, but a do-it-yourself (DIY) security approach isn’t the best choice. Let’s take a look at some reasons why outsourcing cybersecurity might be your best solution. 

The Numbers Don’t Lie  

In a recent survey, 87% of small business owners felt they were at low risk of ever being attacked. Even more alarming, 30% had absolutely no security solution at all. However, since 2016 at least 50% of small businesses have had at least one cyber-attack of some sort. That appears to mean that 37% of small businesses have already been attacked and still feel at low risk. 

On average, a small business has a 60% chance of shutting down within a few months of a breach. Let that sink in. While many small businesses play fast and loose with security risks, the majority won't live to tell the tale past a hack. A huge percentage of small businesses are happily swimming in the waters of commerce unaware of the school of piranhas forming underneath them because most of the previous victims have disappeared without a trace. 

No One Is Too Small 

Small businesses falsely assume that no one sees their company as attack-worthy. They think larger businesses are bigger targets due to their size and income.  Everyone is a target. In fact, it's worse for small businesses because they not only have less ave less security, but their valuable information often lacks appropriate backup. 

What’s Good for the Goose Isn’t Good for the Gander 

When implementing cybersecurity prevention for a small business, many people turn to what they’re familiar with. This often takes the form of relying solely on basic virus protection. While programs like these are certainly better than nothing, there’s more to do than controlling the spread of viruses. Cybercriminals are more motivated than ever before, and some hackers even work in teams to attack your computers until they find a way in. Single-layer, consumer-level solutions are not the best defense. 

The Rising Threat of Ransomware 

Hackers are far from dumb criminals. They know exactly what they're doing. If a hacker encrypts the information on a single computer in a small business, there’s a good chance they can infiltrate the rest of the business, holding it captive using a ransomware attack. 

When a hacker takes over your information, they hold it hostage until you pay the ransom, just like in a physical ransom situation. Just how much ransom are we talking about? According to some experts, half of all ransomware payments made by businesses amount to more than $10,000. 20% are more than $40,000. If you’re a large corporation, that could be a drop in the bucket. But for a small business, the cost is far more damaging. The ransom payment could amount to months of payroll. It’s no wonder that many small businesses close up shop after being attacked just once! 

The Bottom Line 

Take heart. This is not a hopeless situation. Nothing could be further from the truth! A small business simply needs to prepare. One of the biggest hurdles to having a comprehensive security plan is the cost. Most small businesses dream of having one dedicated cybersecurity person, let alone supporting a division like many larger companies. What is a more reasonable option? 

MSPs (Managed Service Providers) are a way of outsourcing this difficult but important aspect of your business. Find a company that deals with small businesses regularly, like we do. MSPs understand the best ways to implement a security solution appropriate for your unique situation at a reasonable price. After all, a solution will only work if it keeps pace with the cybercriminals who are after your assets. 

Hackers are After Healthcare Information

When you think of a hacker frantically tapping away in a dark room, who do you think he’s targeting? Banks? The government? Try healthcare information. 2018 saw three times as many healthcare-related cyberattacks as the year prior, and 2019 is holding onto that momentum. 

Healthcare breaches are much larger in scope than we imagine. While you might think this affects a few dozen people at most, these hacks end up gathering information on thousands — sometimes millions — of patients at a time. One of the largest beaches this year (AMCA), exposed over 20 million patients. While these numbers can be mind-boggling, they do bring some important questions to mind. 

Why Do Hackers Target Healthcare Information? 

What possible reason could hackers have to want to know about that time you got ringworm at the gym or that you occasionally get heartburn? Healthcare records aren't targeted for that information, but are actually prized for  “full information”. Full information includes names, addresses, birthdates, and Social Security numbers. If someone steals your credit card information, you can have the card canceled and useless within a few minutes. Full information, on the other hand, includes personal information that rarely or never changes. 

While we think about credit card information sold on the Dark Web, medical information is even more valuable. Just how valuable? According to current estimates, your medical record can fetch 10 to 60 times that of your credit card information! Once it’s in the wrong hands, that information can be devastating to your credit into the foreseeable future. 

How Is Healthcare Information So Easily Breached? 

Unfortunately, most healthcare organizations and those that work with them don't take the hacking threat seriously. Here are some of the biggest factors contributing to this epidemic. 

Older Systems 

The healthcare industry is notorious for being slow to upgrade their computer systems. One reason is that many healthcare offices are small and have an "if it ain’t broke, don't fix it" mentality. Also, HIPAA requirements are quite strict so finding new software can be a daunting task. There’s even a debate about whether or not newer operating systems are HIPAA compliant. Older, out-of-date software and systems are low hanging fruit for cybercriminals. 

No Security Department 

Think of your primary care physician’s office. You may be familiar with your doctor, the nurses, and the billing people, but when was the last time you saw an IT department? Many smaller offices don’t have the resources or the wherewithal to have something like this formally set up. They depend on the general staff —who are often overworked as it is — to take care of the day-to-day technical issues. Even if the entire staff is competent in this area, this would be a major undertaking. 

Massive Interconnectivity 

You might remember having to wait while people faxed/mailed your medical records from one place to another if you changed doctors or had to have treatment at a different location. Now, it takes a few minutes while things electronically transfer. We expect convenience, but it comes at a cost. Many medical facilities and hospitals constantly send information back and forth throughout the day. The more points of transfer in a system, the more opportunities there are for someone to find an entry point. 

Various Devices 

Along with being interconnected, healthcare is more and more dependant on technology. In many areas, modern healthcare facilities look more like a futuristic spaceship than a hospital! Remember that every piece of technology that uses medical information is a potential target for hackers. While the main servers might be heavily protected, who makes sure that the third desktop at the nurse’s station on the second floor has its security updated? What about the rolling computer used for billing or the tablet used by one of the surgeons? Any of these devices open the door for someone to gain access to all of the patients in the system. 

Out of sight, out of mind 

Unfortunately, this is most likely the main cause of hacks in the healthcare system. Medical professionals are well aware of the idea of “an ounce of prevention is worth a pound of cure”. Unfortunately, they tend to ignore this when it comes to their IT, waiting until a disaster to force necessary changes. 

If you are in the healthcare industry or work with healthcare information (i.e. lawyers, billing departments, accountants), don’t wait before it’s too late to turn a new leaf. If you frequent doctor's offices, make sure they know the importance of cybersecurity. The last thing you want is to be on the news as the latest victim. 

 

Rise of Ransomeware

From a technology standpoint, there’s never been a better time to be alive. Chatting with people for free all across the world or opening your front door at home while in a business meeting, it seems that our interconnected world has unlimited possibilities. Sadly, that can go really wrong when people with less than pure motives take advantage. Viruses and other threats are on the rise, and there is one word whose very mention sends shivers down the spine of mortal cybersecurity professionals everywhere: ransomware.

Ransome is so frightening because of how quickly it is becoming a major issue across all systems worldwide and how devastating it is for businesses. Today, we will be discussing this threat and what you need to do to keep it out of your business.  

Know Thy Enemy

What exactly is ransomware and why should you care? Like other computer threats (think viruses or trojan horses), ransomware has a colorful name that aptly describes what it does. In fact, it’s exactly what it sounds like: someone holds your data or computer access hostage until you pay a ransom. Depending on the circumstances, this can range from a relatively small sum to well over $1,000,000.

These attacks rarely occur on their own. Most often they are part of an email phishing scheme. As criminals have become more and more sophisticated, attacks like these — that only suckers used to fall for — are becoming common even among seasoned professionals.

The Rise

Ransomware has grown to by one of the top cyber threats your company faces. To put this in perspective, in 2018, we saw a 300% increase in ransomware attacks from the year before. So far in 2019, we’ve seen even more attacks than all of last year.

Why the increase? Frankly, because it works. While the ransom can be quite high, most hackers consider the size of the company and value of the data. In most cases, they set the price cheaper than manually restoring the data, so many companies just pay the ransom and hope if they don't have a proper backup. The FBI recommends not paying so as to not encourage the hackers, but they also recognize that this may actually be the only option for many organizations without the proper security protocols in place.

(In)Famous Status

Ransomware has been popular in the news lately because hackers are targeting governments of all sizes, in addition to businesses.  For instance, in the state of Florida alone, seven municipalities have been victims. In April, the city of Tallahassee paid $500,000 to get access to critical systems and data after an attack. They paid for the attack by diverting funds from employee payroll. The city of Riviera Beach paid over $600,000 in Bitcoin for a similar attack in May after an employee fell for a phishing scam!

National governments are also falling victim! The government of Ecuador said that have seen over 40 million attempts to hack into their system. A few have been successful, resulting in expensive ransoms.

What Does This All Mean?

Saying that “ransomware is here to stay,” would be a massive understatement. However, there is a bit of good news about this. While ransomware itself is a relatively new threat, it uses old standbys to enter your computer in the first place. Ransomware affects your system after hitching a ride on another threat, such as a virus or phishing attempt. Think of it this way. In the past few years, zika, a dangerous virus passed on by mosquitos has been on the rise. Because it’s transmitted by a known pest, we can use the same precautions we’ve always used against mosquitos to prevent infection. This would include repellent, avoiding standing water and wearing long clothing.

Similarly, the best way to avoid ransomware is to protect your network against many of the same threats we’ve always faced with computers. This means being proactive and keeping your system safe before the ransomware can have access to your vital data. In the event of a breach, you also need to have a viable back-up to seamlessly rollback before the attack.

How well does your current system protect you from ransomware and other cyberthreats? Contact us today to prepare you for this very real and rising threat.

Business Evolution

Figuring out how to effectively utilize social media within your business can be a tricky task. On the one hand, it’s critical for marketing. On the other, it can be a major time suck. You'll have to walk a fine line of utilizing the main players like Facebook and Instagram, alongside other lesser-known social-related platforms to evolve your business and increase communication and productivity amongst employees and clients. We're not going to spend time in this blog giving you a large how-to of using each of these platforms, but we will get you started down the right path with the correct technology.  

 

Customer Service 

While nothing can replace a human voice, sometimes, utilizing social technology can massively improve your customer service. Start with simple tools like the Facebook Messenger autoresponder. Whenever someone messages you on Facebook, they immediately receive a response acknowledging their message in addition to expectations for further interaction. This allows you to be continually responsive-without constantly sitting on Facebook.  

 

If you’re ready to take it a step further, consider specific customer service profiles on Facebook and Twitter. You’ll need to be able to clearly track customers’ complaints and rants, but quickly showing up in response on these social profiles will make a big difference. Check out how these companies do Twitter support very well.  

 

Finally, consider a chat mechanism on your website. A whole generation of customers is rising that much prefers chatting online to getting on the phone. You don’t have to constantly manage this service. You can either set office hours or outsource to a third party to start and triage conversations.  

 

Utilizing these techniques, your office manager and customer service team can get off the phone and answer questions through a social platform while they are working on other items creating greater efficiency. 

 

Communication 

Communication between employees can also be enhanced with social platforms. For example, Microsoft Office 365 offers Teams, software for messaging, video conferencing, calls, and screen sharing. Instead of walking all the way to someone’s office or trying to multitask while waiting for answers, you can type in a name and send a message to anyone in the company. It cuts time in half; you get quick on the spot response or support.  When employees are working remotely, they can still communicate effectively with anyone in the office utilizing a screen share and video to make their message clear. Something like this will also allow you to eliminate other video conferencing software for a more complete, all-in-one solution saving time, training, and money. Your IT company can point you in the right direction when it comes to implementing software like this.  

 

Morale 

Finally, social media, social tools, and social platforms are all shown to increase morale within a business. They are allowing employees to streamline their jobs without the stress and hassle of attempting to collaborate with different people via email or an office visit. It also shows them that you trust them to use these things on work time and not abuse the privilege. Taking a small break to check Facebook or network with a client makes a surprising difference in the workplace. Do some research and find out what would work best for your business.  

Social Media Use Policy

Everywhere you turn today you will find social media. People taking selfies at the grocery store, responding to Instagram while walking down the street and of course checking Facebook while clocked-in at work. What do you do when social media use gets out of hand in the workplace? It can seem like a never-ending battle with employees, but it doesn’t have to be that way.  

 

Before you go any further, draft up a social media use policy. This will save you headaches and possible litigation. Employees can agree to it and follow it or they can find work elsewhere. Sounds harsh, I know, but your business's reputation is not worth Mary’s selfie. Don’t get me wrong, the policy doesn’t have to be rigid and forceful. Your employees are adults and can handle responsibility. Similar to a job description, policies allow for clarification and accountability, which is great for both employer and employee.  

 

To create a social media use policy, start by splitting the policy between company official accounts and personal accounts. For company official accounts, clearly articulate your brand as well as how you want it perceived, so that the message is consistent across all platforms, no matter who posts or comments. Talk about confidentiality and what company info can or cannot be shared. This can be similar to the non-disclosure you had your employees sign when they got hired.  

 

For personal accounts, explain what they’re allowed to divulge about the company. For example, posting identifiable client information without the client’s permission is a major no-no. Badmouthing the customers is clearly out, as well as complaints about employees or managers that should be brought to HR. Basically, the employee is responsible for what is posted and should be cognizant of who may be reading.  For anyone that uses their personal account for company business (i.e. connecting with customers or sharing marketing materials), set clear expectations of what can and should be listed on their account. For example, it’s an employee’s prerogative to have a side-gig as an underwear model on the weekend; but perhaps it’s not the best idea to have that individual representing your company using social media pages filled with scantily clad photos. You probably have other more conservative options, or you can encourage that employee to develop different social media accounts to represent your company.  

 

For both personal and company accounts, outline the potential consequences for not following these guidelines. Ensure these are clear and concise to avoid loopholes that can be quickly manipulated. 

  

Perhaps even more importantly, spell out clearly defined roles and responsibilities. Figure out who will have access to the company’s social media.  You can harness the power of social media for your benefit if you play it smart. Your marketing team will need it, well, to market. Sales can keep in touch with prospects or members easily and it gives all parties confirmation that you care. Beyond that, you may want to give your receptionist or office manager access in order to help with customer service on different platforms. Clearly articulate expectations for each role so that you don’t end up with customer service professionals trying to market, and marketing selling things that the service team can’t deliver. With clear roles, you’ll also know when each team member will jump in to field an interaction from a customer or prospect without overwhelming them or leaving them hanging. 

 

As you develop your policy, keep a few things in mind. Don’t discourage use, and ensure the language of the document sounds positive. Employees will get upset with a big change to their routine, particularly if they perceive it as restrictive or negative. Also, be transparent on why you’re creating a policy. Let them know if productivity has been negatively affected through social media use, and be clear with them about the potential security risks you are trying to avoid. Finally, explain how a policy keeps everyone honest and accountable. As long as you are transparent about the new policy, implementing it shouldn’t be a huge issue. If you have employees assist you drafting this document, that’s even better. They become part of the change and not steamrolled by it. 

Ma! Did you make a new FB account?

Have you ever received a Facebook friend request from your mom even though she is already a friend of yours on Facebook? So, you call her up to make sure she didn’t forget her password again and just create a new FB page. Then, right after that, “she” sends you a video link saying you’re in a YouTube video. You think, “Well dang! I didn’t think she even knew how to use Messenger.” As the confusion mounts, you realize, momma’s FB has been cloned in an effort to hack your account. Not today hackers! 

 

In this day and age of social media, there are two very specific ways hackers compromise your data. Cloning is the first. This is when someone makes a social media account by using someone else’s identity. You’ve all seen them — Mom is already your friend on FB, but now you’re receiving another friend request from her. The new page has one photo, no posts and a handful of mutual friends that fell for the fake profile. This within itself is not hacking. It’s incredibly easy to copy a photo and create a basic FB page with basic information. The idea behind cloning is to get you to think this is your friend or loved one so they can hack your information. Social engineering can come into play, asking mutual friends for money – saying you’ve been arrested. Another way is by having the clone account send malware to friends.  

 

This exact situation happens more often than not, but what does it have to do with your business? Mom may not work with you, but take her lesson as a valuable warning. When “funny business” happens on Facebook, a multitude of things could occur, compromising your business, clients and other important data you have stored. Imagine receiving a message on your company Facebook Messenger from a friend saying “you’re in a YouTube video.” The link is right there — you have the urge to click on it. It could be bad PR, right? So, you click it and instantly the malware takes over your computer. Passwords and logins are automatically stolen from you and in the hands of hackers. Not good! This could compromise payment methods or pertinent company information. This hacked info could turn into full-blown social engineering if you don’t pay attention. The worst part is that almost everyone on your friend list will get bombarded by a similar message creating a domino effect. It’s terrible to infect your loyal followers and you’ll see a lot unfollow you because of the inconvenience.  

 

Facebook is not the only platform to worry about. In fact, Instagram, Twitter, and Snapchat have all fallen victim to hacks. One huge reason for this is because people don’t know better when it comes to security information. Social media is so easy to use that people often forget that information can be compromised. Careless clicking is another culprit. Aren’t you curious what your favorite coffee says about your personality? It’s quizzes and fun time wasters like this that allow hackers to access information. Simply clicking on these silly things opens your account to malware and in some cases ransomware. Users have reported being locked out of their accounts, accounts being deleted and some even being held for ransom until users paid the hacker. If you are using these platforms for business, you must be extra leery about what you are clicking on. It’s a terrible day when the content on your social media disappears over an avoidable breach.  

 

These things don’t have to happen to you as long as you are smart about your social media. Make sure that whoever is running it is well trained in cybersecurity. Also, ensure your passwords are strong and not easy to hack. Then go check on mom and give her a fast and efficient cybersecurity breakdown. This subject seems obvious, but the amount of people that get hacked each year as well as the amount of stolen data continues to grow. Hackers are also constantly looking for new ways to take information. Be vigilant and up to date on current trends. Protect your business from these sly social media mongers.  

Warning: this will be a bit of a tricky topic because it’s impossible to talk about bandwidth conservation without words like limits, controls and monitoring. Let’s face it, in today’s workplace, employees have come to expect the complete freedom that comes from Wi-Fi and BYOD and are likely to balk at anything that hinders their “rights” to these services. We’ll focus on providing tips and logic that allow you to control bandwidth consumption, all while maintaining happy employees. 

Identify Your Largest Culprits 

If you’re like most offices, you’ve got that one guy. The one that is sitting there with 56 browser windows open, streaming music as well as that day’s big game, yammering on his work phone all while surfing the web on his Wi-Fi connected cell. Not only is this behavior obnoxious, it’s killing everyone else’s productivity. Start your bandwidth conservation with these individuals. Begin with a simple conversation. “Do you really need to have all of that going all at once?” If a conversation doesn’t work to both kill the usage — and frankly, get them back on task — you can move forward to more aggressive measures including website restrictions, a separate Wi-Fi network for all cell devices or a performance improvement plan for this individual.  

Implement Social Media Controls Wisely 

Social media can be extremely beneficial for your business by connecting customers, providing excellent marketing opportunities and opening a door for customer service. It becomes a problem when you have people sitting at their desks scrolling their feed, posting selfies, or going live to tell people about what they ate for breakfast rather than working. To solve this problem, we do not recommend killing access to all social media in your office. People will find a way around your controls. Instead, we recommend conservative protocols.  

First, have a conversation with your employees. Let them know that you understand their desire to connect with the outside world while at the office but that it can’t interfere with work expectations. That means personal live videos, bathroom breaks for a selfie photo session and constant comments on friend’s posts are out. An occasional birthday greeting or post is perfectly acceptable.  

If this doesn’t stick for the company as a whole (not just the occasional individual), you have to get a bit harsher. For example, limit access to social media to between the hours of 11-2 (a typical span for lunch breaks). Limit access to particular departments like sales, marketing, and customer service. Limit access to particular problem sites (e.g.,. if Instagram isn’t utilized in your company social media strategy, you may want to cut access entirely) 

Block the Right Websites 

Outside of social media, typical bandwidth sucking sites include YouTube, Pandora, Spotify, Netflix and any other streaming services. While you’re probably okay allowing music streaming (listening to music often brings people into hyper-focus), you’ll want to cut off access to most video streaming when you start to see bandwidth issues. Rather than get rid of everything cold turkey, consider putting a TV with access to all of these streaming services in the breakroom so that employees don’t feel deprived of their binge-watching, but are at least doing it in a constrained, appropriate environment.  

Backup and Update at Appropriate Times 

Data backup and systems updates are absolutely critical to business success, but you don’t necessarily have to do the heavy lifting during peak usage hours. Instead, schedule the major daily backup (not just incremental minute-to-minute changes) to run afterhours. Cluster your system updates to run all at once for all employees at night or on the weekend rather than whenever the employee sees a pop-up.   

Aggressive Security Protocols 

Malware and viruses are notorious for stealing bandwidth. Make sure you have the proper firewall and virus protection protocols in place to avoid having these piggybackers stealing your network power.  

Audit Your Bandwidth – Get What You’re Paying For 

Every year, we recommend running an audit of both your phone and bandwidth services to make sure that you’re getting what you’re paying for. What do your upload and download speeds look like versus what you were promised? A master agent and MSP can help to make sure everything is in line.  

Bandwidth is a limited and extremely important asset. You don’t always have the option of buying more pipeline. Instead, implement these bandwidth conservation protocols to make sure your employees are always able to work at their maximum capacity.  

 

How much time do your employees waste?

Very few employees can honestly say they spend the entirety of their workday actually working. Whether it’s the 15 minutes you spend making your coffee in the morning or the 10 minutes catching up on Facebook after lunch, the occasional work break is inevitable.  

  

A recent study showed that the average worker admits they waste three hours per eight-hour workday, not including lunch and scheduled break-time. However, a different study stated that workers only spent about 35 minutes, per day, not working.  

  

While concluding the exact amount of time workers waste during their workday might be difficult (because no one wants to admit they are looking for deals on patio furniture rather than writing that time-wasting blog they were assigned), we can all say we have been guilty of frittering away some precious time during our workdays.  

  

Here are the top four ways employees are wasting their time at work and a few ideas on how to be more productive during your workday. 

  

Time Waster #1: Emails  

  

Emailing has become the top form of communication in the workplace. What’s the first thing most of us do when we come into work? Check our emails. Technological advances in the way we communicate have brought about the notion of having to be connected at all times. Our clientseven our colleaguestend to expect instant responses to each and every message, even when we are sick or on vacation. While email can be extremely beneficial, a lot of our workday is spent reading and answering emails. Many professionals have actually found they can get much more done during their workday if they don't respond immediately to every single email. 

  

Solution: Try not to check your email first thing in the mornings. Instead, spend anywhere from 30 minutes to an hour working on something more important first thing in the morning. This allows you to fully concentrate on what you have to do without any of those unread emails distracting or stressing you. You can also increase productivity by simply turning off your email notifications for short periods of time during the course of your day. It could be 15 minutes or 60, but you’ll realize that during that distraction-less time, you’ll be able to blast through your to-do list. 

  

Time Waster #2: Online Distractions 

  

The internet is known for luring employees deeper and deeper into its web (no pun intended) with each and every click. It is said that 60% of online purchases are made during regular work hours and 65% of YouTube viewers watch between 9am – 5pm on weekdays while (presumably) at work. Social media outlets such as YouTube and Facebook can be a great platform for brand awareness and business growth, but let’s be honesthow many times are you actually on these sites marketing for your company? You’re not. You’re wishing your uncle Brad a happy birthday. Some professionals have even admitted to spending time job hunting during work hours on the company computershame on you! 

  

Solution: If you just absolutely can’t keep yourself from refreshing your Facebook feed every 10 minutes, simply block it. StayFocusd is an extension Google Chrome offers that allows you to set a certain amount of time you’re allowed to visit any website of your choice. Once that time is up, it denies further access to these sites. Company-wide, you can have your IT Company adjust your firewall settings to block certain sites entirely, for certain periods of time or just for certain people. If that seems too harsh, you can always better manage your lunch time. Take the first half of your lunch break to feed yourself and use the second half to completely indulge and get your daily fix of online distractions without feeling guilty. If you still can’t get away from these Internet sites, well, you’ve got a bigger problem, buddy.  

  

Time Waster #3: Colleagues 

  

Nobody enjoys spending their entire workday in silence. Humans are social creatures by nature. We all appreciate a little chat here and there during our workday. For that reason, co-workers can be awesome, but they can also be a major time suck.  

  

What amazing thing did you do this weekend? Are we supposed to send this email this week or next? Where should I upload the document? Can you review this really quick? 

  

We have all had those colleagues who would rather talk than work. While it can be very flattering to be the expert/most interesting one in your group, the fact that you are constantly engaged in conversation can quickly become irritating, not to mention that it can take up a huge part of your workday.  

  

Solution: Headphones! Wear headphones while you work, at least while you’re concentrating on a project. Even if you aren’t listening to anything, having both of your headphones in will signal to your colleagues that you’re focused and in the zone. I understand some of us have very persistent co-workers who may still decide to come on over to your desk and give you a quick tap on the shoulder. At that point, simply tell them you are glad they came by because you need help with [insert irrelevant work assignment here]. If they leave your desk with some work to do, they’ll think twice next time they come on over for a chat. 

  

Time Waster #4: Meetings 

  

Meetings are a necessary evil in most companies. 47% of professionals say their biggest time waster is having to attend too many meetings. On average, 33 minutes a day are spent just trying to schedule these meetings. You don’t always need to have a meeting. Nothing makes an employee more frustrated than having their schedule filled with unnecessary meetings. We have all been to those meetings where literally nothing pertained to you and absolutely zero words came out of your mouth. While communication in the workplace is extremely important, there are better ways of communicating information that doesn’t involve attending meetings every other hour. 

  

Solution: The next time you’re invited to a meeting that you believe might be irrelevant for you, ask the host why they think your presence is needed. You can then set up some sort of system where your supervisor can go in your place and simply cascade that information down to the rest of the team. If your supervisor is too busy to attend, then you could ask to meet with the host a couple minutes before to share your insight because you will not be able to stay the entire time. You can also make the suggestion that a meeting be handled via email or through your project management software. Using this strategy can at least start a project in the right direction without bogging down everyone’s time.  

  

There are many other time wasters that we could discuss, but we’ll have to save that for another timeI have a meeting. 

 

Who’s stealing all the bandwidth?

Click…wait. Click…wait. Click…ARGH! Sounds like someone is running out of bandwidth.  

What is bandwidth?  

Bandwidth is a lot like plumbing. The bigger the pipes, the more water can flow through. Similarly, the more bandwidth you have, the more data you can send or receive at any given time. 

An internet connection with a larger bandwidth can move a set amount of data (say, a video file) much faster than an internet connection with a lower bandwidth. However, be aware that with greater bandwidth comes greater cost and responsibility.

Is someone or something taking your bandwidth? 

Our dedicated team of experts has put together a list for you to help you determine who/what’s stealing all the bandwidth? Don’t fall victim to these bandwidth bandits! 

Who’s stealing all the bandwidth?

Not so long ago, it would have been ridiculous to ask an employer to give you free TV, free movies, free music and a free TV camera and crew at your house in case you wanted to work from home and conduct a meeting with coworkers. Yet, with the internet, all of these things and more are at the fingertips of most office employees and their remote counterparts. Naturally, a growing number of employees will use some or all of these services for personal use while under your roof and on the clock wasting your valuable bandwidth.

Many employees use much more bandwidth than necessary to do their jobs. As a business owner, what can you do about it? First of all, you’ve got to let your employees know that bandwidth is more than a commodity. Just like electricity, water, and leasing building space, bandwidth is a necessary expense you need to keep your business running. But unlike all the other expenses, the amount of bandwidth you truly need varies based on the workload and what you allow. It can be overused by employees who stream videos, stream music or play video games between completing company tasks. So, what are the most abused “Bandwidth Bandits”? Let’s take a look.

VIDEO:

Does your company upload or store video content on a daily basis? Many companies do these days, especially for marketing and training purposes. In addition to these, what about the videos that are being watched inbetween company projects? Viewing TV shows or movies online uses about 1 GB of data per hour for standard definition video, and up to 3 GB per hour for HD video. Downloading and streaming consume about the same amount of data. Since just about everything online is HD quality, you can see that those streaming and storing video content are usually the guiltiest bandwidth abusers in your office.

WI-FI:

Everything that is available to your employees through their internet connection is available through Wi-Fi. The extra strains Wi-Fi puts on bandwidth are caused by the users who connect their phones to Wi-Fi so they can save on their personal data plan. At no extra cost to them, they can stream video and surf online on their phones. Some people even use their phones to play video games while on (or off) their lunch breaks. Just being connected puts a small drain on your Wi-Fi, but all the rest can slow your network down to a crawl.

THE CLOUD:

Using the Cloud adds a lot of flexibility to your business. The scalability allows you to tailor your bandwidth needs as your company’s needs grow or shrink, but the amount of bandwidth usage varies as more and more files and programs are shared through the Cloud. With subscription-based software programs becoming the norm, there’s data floating in and out of your employee’s workstations all day. If you use heavy-hitting data drainers like HD video files that are shared between two or more employees, your Cloud gets weighed down fairly quickly. If not monitored properly, excess data usage through the Cloud can clog your system like hair in a bathtub drain. 

VIDEO CONFERENCING:

Whether you’re working from home, meeting with clients, or even interviewing potential new employees, video conferencing is definitely a tool that makes good business sense. Many business trips have been replaced by video conferencing, and that’s good for your budget. But now you’re sending that information through your internet connection which needs to be factored into your bandwidth needs. The good news is that video conferencing costs a lot less than travel, so spending a little more on bandwidth is probably the most cost-effective way to meet with people one-on-one.

STREAMING MUSIC:

Many people enjoy listening to music while at work, and if the company allows it, then it’s no big deal. Right? Well, mostly right. Problems may arise when the streaming music is left running 24 hours a day or multiple people are competing, blasting their own tunes. The more people stream music, the more it will cause a drain on your bandwidth. Even though music streams at a low data rate, some services allow users to store their music files on the Cloud, and that causes a bump in the data flow. Accessing personal music files and streaming internet radio may not take up too much bandwidth, but the number of employees who are constantly listening to music adds up. If most of your employees listen to streaming music, then data usage should be monitored.

SOCIAL MEDIA:

Humans are social creatures and they search out ways to stay connected to people they are close to. Social media gives us many ways to stay in touch with others, but in the office, that comes at a price. When business owners calculate the bandwidth requirements for start-ups, they often don’t factor in their employee’s social media habits. Sure, most functions utilized through social media don’t use much data at all, but increasingly, video attachments are sent along with text messages. Even in a compressed state, video files are among the greediest bandwidth thieves 

As you can see, there are many ways your bandwidth is being used throughout the day and it can impact your business in a variety of ways. For example, just a few years ago, it was taboo for employees to spend time watching videos on YouTube or looking at pictures of their nephew’s graduation on Facebook during work hours. Today, it is generally accepted that employees will spend some time doing these things.

As a business owner, you can place limits or controls on these habits, but these actions may cost you in other ways. Employee morale is linked to online habits, and if employees can’t stay in touch with their friends on your time, they’ll probably take more breaks than they used to so they can wish Aunt Edna a happy birthday.

It’s a challenge to find a balance between the bandwidth your business needs and the bandwidth your employees need. As the one who writes the checks, it may not seem fair that you’re funding someone else’s online habits, but in today’s business arena, it’s the price of doing business. In the next blogs, we’ll show you how to rein in these data hogs all while maintaining positive company culture and avoiding

Cloud Etiquette 101

Horrible house guests — we’ve all had them. Whether it’s that annoying family member that overstays their welcome or that old college buddy that leaves beer cans and potato chip crumbs all over your couch, if you thought that was bad etiquette, you’ve yet to see the worst. 

 

Imagine coming into the office and finding that your current work has gone missing, your valuable data has been completely disorganized and all your important files have been put in the trash. What would you do? I’m not referring to your paper trail, I am talking about what most businesses today share – the cloud.  

 

Cloud computing, particularly file-sharing, has its own essential and unwritten code of ethics. No one appreciates an ill-mannered cloud partner. For those reasons, we have put together a few etiquette tips to help you not overstay your welcome when utilizing the cloud.  

   

Rule #1: Make Your Names Clear and Concise. Be as specific as possible when naming a file or a folder so that everyone sharing it has a good idea of the contents without having to dig into the file itself. When you’re creating sharable folders, name them for the project rather than the people involved, so your colleagues don’t end up with a bunch of folders in their repository all carrying their name. Consider creating a specific file-naming convention that your business uses and make sure every employee understands it to avoid any confusion. 

 

Rule #2:Ask Before You Delete! When deleting from the cloud, the files aren’t just deleted from your computer - they’re deleted from everyone’s computer sharing that file. Make sure to never delete files or folders without asking. Better yet, don’t delete anything that you didn’t create yourself. You may think that you’re clearing up some extra clutter, while in reality you’ve just killed the report your officemate has spent hours creating. If you do happen to delete something you shouldn’t, you typically have about 30 days (depending on software) to recover the file. After that, you’re on your own to deal with the missing data and any angry glances your coworkers shoot your way.   

 

Rule #3: Size Matters. Be aware of the size of your files. Don’t add a massive 3 GB mega-file that’s going to take up all of that folder’s storage space. Bear in mind that just because you have unlimited storage does not mean everyone you’re working with does. Also, be sure to keep your data organized to avoid annoying others with unnecessary clutter. Do you have a habit of creating and sharing a bunch of notes that lead to a final project? Go ahead and delete those notes after the project’s completion, but only if you created them. See Rule #2. 

 

Rule #4: Create Clear Permission Protocols. Not everyone in your office should have access to every file. Make sure you have clear rules when it involves sharing. File-sharing willy-nilly is akin to a house guest just handing out all of your clothes to your neighbors with no documentation about who they went to and if they’ll ever be returned. When in doubt, don’t share unless you’re the owner of a folder or file.  

 

Rule #5: Maintain Accountability. Cloud computing works best when there is accountability. Sometimes there will be many individuals working out of the same project. It is important to keep track of who is working on which file and when, so you don’t end up with a bunch of overlapping edits or changes that you have to sort out later. Clarify out who is responsible for final updates and ultimately responsible for the files themselves. 

 

Working together is the only way we can make #thecloud a better place. Don’t be the person no one wants to share their cloud with. Simply follow these simple etiquette tips. 

Transitioning to the Cloud

Are you considering moving your company to the cloud? There are a lot of perks. First, it allows your company to scale up and down based on system needs more easily. When you host software onsite, you have to invest wholly in the server required, whether or not you’re utilizing that server fully. If the software is in the cloud, on the other hand, you only pay for what you use. Second, you have access anywhere you choose to be at any time, which opens up tremendous opportunities for remote work and greater efficiency.  

 

Finally, consider security. Data loss is not a matter of if — it’s a matter of when. And, unfortunately, it happens to companies of every size. More than half of businesses locate their disaster/backup systems in the same physical location as their primary system – red alert! If you only have one copy of your system’s backup at your office and your hardware fails or a breach occurs, then a backup is completely useless. In a bit of irony, it turns out that the safest place to be during a storm (whether literal or figurative) is “in the cloud.”  

   

So, let’s say you’ve finally agreed that it’s time to move to the cloud – where do you start? 

 

Here are some recommendations that can help you though the process: 

 

  • First off, moving to the cloud doesn’t have to be an all-or-nothing process. Companies that weren’t “born in the cloud,” meaning any company more than a few years old, need a plan for transitioning to the cloud. Establish the plan, let your data trickle into the cloud and take your time. No need to jump in headfirst. It is perfectly fine to keep your business operating in a hybrid cloud environment (some items on site, some in the cloud) for as long as you need, perhaps indefinitely.  

 

  • Make sure you know your data. Truly understand what is going on before you begin to move your data and applications. Say you’re going to sell your house — you first need to clean and organize your belongings before putting them all away in storage. The same exact concept holds true when it comes to transitioning to the cloud: clean and organize before you store. You may find that while a software works in the cloud, it may experience extensive lag and downtime. Knowing this before you make a move will significantly reduce frustration.  

 

  • Know your options: Public cloud, private cloud or hybrid cloud? Refer to our previous blog (To Cloud, or Not to Cloud) to learn the difference between these types of clouds. How much storage, bandwidth and support do you want to pay for? Make sure you tailor your cloud service to best fit your company’s needs. What works for someone else might not work for you.  

 

  • Do your research. Here’s the reality: we have heard and experienced the effects of far too many subpar cloud solution horror stories. Companies that were put up on a half-built cloud solution eventually had to return to their on-premise solutions. With unreliable cloud partners, comes hidden costs such as unexpected fees for the overuse. Choose a reliable provider. 

 

  • Define key roles. Who will have access? Who can add, delete or modify data? What responsibilities belong to who and how will this change with the cloud? It is crucial to know your staff’s access limitations. 

 

  • Add encryption. Most cloud service providers offer encryption features such as service-side encryption to manage your encryption keys. Who controls and has access to these encryption keys? What data is being encrypted and when? Ultimately, you decide how safe your solution is. 

 

While the road ahead may be tough, with these tips in mind, you can begin moving your business processes to the cloud safely and efficiently with the support of the right IT services team. 

To Cloud, or Not to Cloud

Everyone is talking about cloud computing these days and for good reason. The cloud is revolutionizing how computing power is generated and consumed. Cloud refers to software and services that run on the internet, instead of locally on your computer. When tech companies say your data is backed up “in the cloud,” it has nothing to do with those white fluffy things in the sky. Your data isn’t actually up in the cosmos or floating around in space. It has a terrestrial home. It’s stored someplace — lots of places, in fact — and a network of servers find what you need when you need it and then deliver it.

Cloud computing, if done properly, can make your business much more efficient. However, a cloud solution is only as good as the quality of the research, the implementation and the follow-through. So, how do you know if moving your business applications and data to the cloud is the right answer for you? There are few things you need to know about the cloud first. 

What exactly is the cloud? This is a tricky question in and of itself. Just like the clouds in the sky, there are many clouds when it comes to technology. In the simplest terms, cloud computing means storing and accessing data and applications over the internet instead of your computer's hard drive. It is using a network of computers to store and process information rather than a single hard drive.

Public vs. Private vs. Hybrid? Not all clouds are the same. You have options with public clouds, private clouds and even hybrid clouds. Choosing the right options for your business comes down to the needs and the amount of control you would like to have.

  • Public clouds: owned and operated by a third-party cloud service provider which deliver their computing resources such as servers and storage directly through the internet. With a public cloud, the hardware and software are owned and managed by the cloud provider. You access these services and manage your account using a web browser. 
  • Private clouds: unlike the public cloud, the private cloud is used by only one organization. A private cloud is one in which the services and infrastructure are maintained on a private network. Some companies also pay third-party service providers to host their private cloud.
  • Hybrid clouds: combine public and private clouds, which allows data and applications to be shared between them. Data and applications can move between public and private clouds as needed, offering better flexibility and more deployment options.

HaaS or Saas? Just like there are different types of clouds, when it comes to cloud computing, there are also different types of cloud services. Most commonly used cloud services fall into two categories: HaaS and SaaS. 

  • Hardware as a Service (HaaS) basically refers to leased computing power and equipment from a central provider. The HaaS model is very much like other hardware service-based models. Clients rent or lease rather than purchase a provider's hardware. 
  • Software as a Service (SaaS) utilizes the Internet to provide applications to its users, which are managed by a third-party. Unlike HaaS, this is a web-based model where software providers host and maintain the servers and databases eliminating hardware investment costs. 

Is it safe and reliable? As mentioned before, cloud computing is the way of the future. We know it is easy and inexpensive – but is it safe and reliable? What good is saving money and switching to a cloud solution if it will bring additional risks to my business? Most cloud service providers offer encryption features such as service-side encryption to manage your own encryption keys. So, in reality, you ultimately decide how safe your solution is. As far as reliability goes, in many cases, cloud computing can reduce the amount of downtime to seconds. Since there are multiple copies of your data stored all throughout the cloud, there is no single point of failure. Most data can usually be recovered with a simple click of the mouse. 

In the end, though, companies shouldn’t make decisions entirely based on what they are comfortable with or what is cheapest. What should be most important is deciding whether or not transitioning into the cloud will work for your business.

To cloud or not to cloud? The choice is all yours. Do your research and ask the right questions.

Fixing Your Weakest Link: Your Employees

You can have every piece of security hardware in the books: firewall, backup disaster recovery device, and even anti-virus. However, your employees will still be the biggest vulnerability in your organization when it comes to phishing attacks. How do you mitigate as much risk as possible?

  1. Create and Strictly Enforce a Password Policy: Passwords should be complex, randomly generated, and replaced regularly. In order to test the strength of your password go to howsecureismypassword.com. (This is a perfectly safe service sponsored by a password protection platform that tells you how long it would take a hacker to decode your password.) When creating a password policy, bear in mind that the most prevalent attacks are Dictionary attacks. Most people utilize real words for their passwords. Hackers will typically try all words before trying a brute force attack. Instead of words, use a combination of letters, numbers, and symbols. The longer the password, the stronger it is. While it’s difficult to remember passwords across different platforms, try not to repeat passwords. This will protect all other accounts in the event of a breach on one of your accounts.
  2. Train and Test Your Employees Regularly: Educate your employees on how they can spot a phishing attack. Then, utilize penetration testing (this is a safe phishing attack orchestrated by your IT company to see how employees respond) and how well they do. If employees fall for phishing attempts then send them through training again. We recommend doing this on a quarterly basis to ensure that your employees stay on their toes and you should provide education on the latest attacks.
  3. Create a Bring Your Own Device Policy and Protect all Mobile Phones: You can safeguard as much as humanly possible on your network, but your employees are all walking in with cell phones. Are they allowed to get work emails on their phones? What about gaining access to the network remotely? Cell phones create a big black hole in security without proper mobile device management and mobile security.
  4. Perform Software Updates Regularly: Make sure that your software is up-to-date with all the latest security patches. Holding off on updates means that you’re leaving yourself open to vulnerabilities that have been discovered and addressed.
  5. Invest in Security: Security is not something for cost savings. Home-based hardware is not sufficient, and you, at the very least need a quality firewall and backup device. Invest in your employee’s training, ongoing security updates, and maintaining a full crisis/breach plan.

There are two things that aren’t going away in any business, employees and security threats. Make sure that you’ve taken care of everything you can to avoid falling victim to these attacks.

How To Spot A Phishing Attack

Would you know if you were the subject of a phishing attack? Many people claim that they’d be able to tell right away if they received an email from an illegitimate source. If that were the case, there wouldn’t be 1.5 million new phishing websites every month. A 65% increase in attacks in one year! Hackers would have moved on to their next idea for swindling people out of their identities and money.  How do you spot a phishing attack and avoid falling victim yourself?

Look for these red flags:

Sender Email Address: Always check to make sure that the email address is legitimate. Amateur hackers will send things from Gmail or Hotmail accounts and hope you don’t notice. More sophisticated hackers will closely mimic an actual email domain, like amazonprime.com rather than amazon.com. Double check the email address before responding, clicking, or opening, even if the from name appears correct.

Discrepancies in Writing Format: If the attack is coming from overseas, you’re likely to notice some small issues in writing format, like writing a date as 4th April, 2019 rather than April 4, 2019. While this is subtle, it should be a red flag.

Grammar Issues: We all fall victim to the occasional typo, but if you receive an email riddled with grammar and spelling mistakes, consider the source. It’s likely from a hacker, especially if the email supposedly comes from a major organization.

Sender Name: This one is also difficult to track, but phishing emails will typically close with a very generic name to avoid raising suspicion. You should recognize the people that send you emails, or at the very least clearly understand their role at the organization.

Link Destination: Before you click on any link in an email be sure to hover over it. The destination URL should pop up. Check out the domain name of this URL. Similar to the sender email address, make sure that this address is legitimate before clicking.

Attachments: Is it realistic to expect an attachment from this sender? Rule of thumb, don’t open any attachment you don’t expect to receive, whether it’s a Zip file, PDF or otherwise. The payload for a ransomware attack often hides inside.

Email Design: A cooky font like Comic Sans should immediately raise red flags, especially if you don’t clearly recognize the sender.

Links to Verify Information: Never ever click on a link to verify information. Instead, if you think the information does need updating go directly to the website. Type in your email and password, and update your information from the Account tab. Always go directly to the source.

Odd Logo Use: Hackers try their best to mimic a websites’ look and feel. Oftentimes, they get very close; but they won’t be perfect. If something feels off, it probably is.

While there is no fool-proof method for avoiding falling victim to a phishing attack, knowing how to spot likely culprits is one step in the right direction. We’ll cover other protective measures to reduce your risk of falling victim to phishing attacks in our next blog.

While the number of people falling for sending personal information to the crown prince of Nigeria in hopes of receiving his promised wealth and riches seems to be dropping, phishing remains a major issue. In fact, the number of phishing campaigns pursued by hackers around the world increased 65% in the last year.

What exactly is phishing? Hackers mimic the emails, forms, and websites of legitimate companies in an effort to lure people into providing their private, personal information, like credit card numbers, social security information, account logins, and personal identifiers. The victim typically doesn’t realize they’ve been compromised until long after the event, and oftentimes only after their identity or finances are affected. In the past, an attack was carried out relatively quickly. As soon as the victim gave up their information, the hacker moved in and stole money from the compromised account. Today, it’s often more lucrative for hackers to sell that information on the Dark Web, resulting in longer-lasting and even more devastating attacks.

3 Types Of Phishing Attacks

Spear Phishing

Phishing attempts directed at specific individuals or companies have been termed spear phishing. Attackers may gather personal information about their target to increase their probability of success. This technique is by far the most successful on the Internet today, accounting for 91% of attacks.

Threat Group-4127 used spear phishing tactics to target email accounts linked to Hillary Clinton‘s 2016 presidential campaign. They attacked more than 1,800 Google accounts and implemented accounts-google.com domain to threaten targeted users.

Clone Phishing

Clone phishing is a type of phishing attack whereby a legitimate and previously delivered email containing an attachment or link, has had its content and recipient address(es) taken and used to create an almost identical or cloned email. The attachment or link within the email is replaced with a malicious version and then sent from an email address spoofed to appear as though it came from the original sender. It may claim to be a resend of the original or an updated version to the original. This technique could be used to pivot (indirectly) from a previously infected machine and gain a foothold on another machine, by exploiting the social trust associated with the inferred connection due to both parties receiving the original email.

Whaling

Several phishing attacks have been directed specifically at senior executives and other high-profile targets within businesses. The term whaling has been coined for these kinds of attacks. In the case of whaling, the masquerading web page/email will take a more serious executive-level form. The content will be crafted to target an upper manager and the person’s role in the company. The content of a whaling attack email is often written as a legal subpoena, customer complaint, or executive issue. Whaling scam emails are designed to masquerade as a critical business email, sent from a legitimate business authority. The content is meant to be tailored for upper management, and usually involves some kind of falsified company-wide concern. Whaling phishers have also forged official-looking FBI subpoena emails and claimed that the manager needs to click a link and install special software to view the subpoena.

Have you ever gotten an email from your bank or medical office asking you to update your information online or confirm your username and password? Maybe a suspicious email from your boss asking you to execute a wire transfer. That is most likely a spear phishing attempt, and you’re among the 76% of businesses that were victims of a phishing attack in the last year.

Method of Delivery

Phishing scams are not always received through email and hackers are getting trickier and trickier with their preferred method of execution. In 2017, officials caught onto attacks using SMS texting (smishing)Voice phishing (vishing) or social engineering, a method in which users can be encouraged to click on various kinds of unexpected content for a variety of technical and social reasons.

Ransomware: The Consequence

Phishing is the most widely used method for spreading ransomware, and has increased significantly since the birth of major ransomware viruses like Petya and Wannacry. Anyone can become a victim of phishing or in turn, ransomware attacks. However, hackers have begun targeting organizations that are more likely to pay the ransoms. Small businesses, education, government, and healthcare often, don’t have valid data backups. Therefore they are unable to roll back to a pre-ransomed version of their data. Instead, they have to pay their way out or cease to exist. Outside of ransom costs, victims of phishing campaigns are often branded as untrustworthy and many of their customers turn to their competitors, resulting in even greater financial loss.

Why are effective phishing campaigns so rampant despite public awareness from media coverage?

Volume: There are nearly 5 million new phishing sites created every month, according to Webroot Threat Report. There are now even Phishing as a Service companies, offering phishing attacks in exchange for payment. One Russian website, “Fake Game,” claims over 61,000 subscribers and 680,000 credentials stolen.

They work: Over 30% of phishing messages get opened, and 12% of targets click on the embedded attachments or links, according to the Verizon Data Breach Investigations Report. In short, these hackers have gotten really good at looking really legitimate. 

They’re simple to execute: New phishing campaigns and sites can be built by sophisticated hackers in a matter of minutes. While we think there are far more legitimate ways to be earning money, these individuals have made a living out of duplicating their successful campaigns.

Now that you have an understanding of what phishing is, our next two blogs will teach you How to Spot a Phishing Attack, and Fixing Your Weakest Link: Your Employees.

You’re prepared, at least mentally, to begin your migration to Windows 10 because you’ve read What Does Windows End of Life Mean to My Business? and Getting Ahead of Windows End of Life. Is your hardware ready, though? How you handle your IT (on your own, as needed support, or with a fully managed agreement) will change how you will have to deal with your transition.  The following items should help you decide how to prepare your hardware for the Windows 10 migration.

Do It Yourself

If you own all of your own equipment and deal with IT issues in house, then you will want to get started on migrating your devices now. The good news is that Windows 10 is highly compatible with just about every PC out there. If you run into trouble, it’s likely a vendor incompatibility issue, not Microsoft, itself, so you’ll want to contact them directly. When you have that handled, upgrading from 7 to 10 is as simple as running the ISO file from Microsoft.com, from a USB, or DVD. The bad news is that it will take significant time migrating every PC in your business. You’ll also need to deal with a backlog of Microsoft customer service support if you happen to run into any issues.  Remember that almost 70% of the world’s computers are still running Windows 7. It’s almost guaranteed that others will run into issues and need support, as well. 

MSP

If you are with a managed service provider, you should be just fine. In fact, you likely already have a plan in place from your most recent business review. Over the course of the next few months, your IT company will ensure software compatibility with all of your line of business applications and contact any necessary vendors and schedule a time with you to come out and run the update once their sure everything will go smoothly. Now, would also be a good time to consider any hardware upgrades that you’ve been needing. All new PCs will automatically come with Windows 10, alleviating any upgrade issues now or in the next three years or so. The best part of it, you have to do nothing. No downtime for your business, no extra IT work for you, and no worries.

If you’re on a full managed services agreement, the upgrade is more than likely covered and any hardware needs will be handled on a new monthly payment plan (HaaS agreement). If you’re on a partial agreement or break/fix model, you’ll likely be billed for the time required to complete the upgrade. Either way, your IT company will have you completely in hand. Just remember that your service provider will soon be booked solid assisting other clients with this transition. It’s important to schedule now so you’re not left waiting. 

Time to Get a Contract?

If you’re reading this blog as someone that had planned to do this upgrade on your own but have now decided that you don’t have the time or desire to do so? It’s time to contact Prestige Computer Solutions. We’ll make sure that you’re taken care of through Windows 7 end of life and well beyond.

Getting Ahead of Windows End of Life

With Windows 7 end of life quickly approaching, it’s time to start thinking about what needs to be done to prepare. Technically, regular Windows 7 support has been dead since 2015, however, the extended support period is over January 2020, which means no more updates or security patches. What should you be aware of for EOL? Get ready, you may have some work to do. 

Many are concerned that their PCs will stop working. That is not the case. Your Windows software will work, but its security will depreciate rather quickly, which could put your PC in danger of cyber-attacks and viruses. Back in 2014, Microsoft ended support for Windows XP. It affected 40% of computers worldwide. Now, years later, it is estimated that about 7% of computers are still using Windows XP. These computers are the ones hackers like to target because of the security holes caused by lack of regular patching. 

Currently, about 70% of businesses worldwide use Windows 7, so it's highly likely that you need to take action before Windows 7 retires. The more systems you have on Windows 7, the sooner you need to prepare. Here‘s a quick action plan:  

  • Determine how many systems need an upgrade. Simply take a count of all the systems running Windows 7 or, if you still have some, Windows XP. If systems are on Windows 7, and the hardware is up to par, you likely will be able to do a simple license upgrade.  
  • Assess your hardware. Windows 10 will not work on all hardware systems. You may need an upgrade. Contact your IT provider to help you determine if your hardware has the right specs. The easiest way to tell? If your hardware came out in the last three years or so, you’re probably in the clear. We recommend upgrading your hardware about every three to four years to avoid any compatibility issues.
  • Create a timeline and budget. You don’t have to make all these changes all at once. You could plan them out up to and including January 2020, but we recommend getting started sooner rather than later. Again, your IT provider will be able to help determine your best path forward.
  • Create contingency plans. Unfortunately, not all line of business applications will immediately jump to operation on Windows 10, particularly if you’re utilizing an older version of the software, or if your software provider has gone out of business or moved to their own end of life cycle. Sometimes this is inevitable, but you need to be able to quarantine these vulnerable systems from the rest of your network as much as possible or take the time to plan your upgrade now. A quality IT company will be able to help you make the decision, as well as set up a test environment so that you know your contingency plans are working long before you need them.
  • Training Your Staff. While the transition from Windows 7 to Windows 10 is not the monumental shift past software updates have been, the new system does take a bit of getting used to. Plan time to work with your staff one-on-one or in a group so that you don’t end up with them wasting time tinkering or trying to figure out why their favorite button isn’t where it used to be. Your IT provider should be able to provide this user-based training for Windows 10, as well as the majority of software you utilize on a daily basis.

Keep in mind that Windows 10 end of life takes place in January of 2025; so, while planning, ensure your devices can make the switch again in a few years, or that you’re budgeting for another upgrade. Also, document your processes during the shift. This could make life so much easier down the road. Most of all though, act. You don’t want to be stuck without security patches or an up-to-date operating system. It's like hackers can smell your outdated system and will gladly break-in. Protect yourself and your business and begin planning sooner than later.

You’ve all heard the panic. Windows is cutting off support for its widely popular version 7 software. January 14, 2020 will officially mark Windows 7 End of Life. Many companies have used Windows 7 since its onset in 2009 and are still actively using it today. That means you will need to migrate every single device. It’s possible you’ll need to upgrade your hardware as well. So, what’s the big deal? Can you just stick with Windows 7 or will your computer self-destruct?

 

The good news is that your computers will work just fine after the End of Life date. However, just because your computer will function doesn’t mean it’s wise to hold onto outdated software. The largest concern for Windows 7 users is security. Since updates and support will no longer be available, your device will be extremely vulnerable to cyber threats. In fact, this is a bit of a hacker’s dream. They are standing by, knowing people will neglect to update their operating system.

 

Windows 7 is actually already in its ‘extended support’ phase and has been since 2015! Microsoft ended mainstream support including new features and warranty claims. Yet, throughout this time Windows has kept virus patches and security bug fixes up to date. With End of Life, that will go away. IT and security experts alike strongly suggest migrating your operating system to something current before the Windows EOL date. Theoretically, you could pay for Windows 7 extended support on each individual device, but the costs will build up faster than simply migrating. Not only that, but specific security and bug fixes will also be more expensive and charged on an individual basis.

 

Currently, there are a few options to choose from when it comes to Windows 7 EOL. Don’t be cheap and go to Windows 8. Though it is a newer version, it’ll only be a matter of time before you need to migrate all over again. You could transition to Windows 10 (recommended). If you are worried about cost efficiency, you could try a free operating system like Linux. It will take some research to find the specific Linux platform that’s best for you, but it may be worth it if you’re someone who likes to tinker. Then, of course, you could swap to a Mac altogether. Just keep in mind that Apple’s products are pretty expensive and you may need to re-purchase certain business applications.

 

It’s important to begin working with your IT Company on this migration as soon as possible. They’ll take a look at the devices you are using, determine how many are utilizing Windows 7, and ensure your hardware isn’t out of date. Not all computers will be able to handle a new operating system, which could make a migration take much longer, more difficult, and costlier as you upgrade hardware. Your IT company will provide a recommended path for an upgrade with a clear budget and timeline for completion.

 

Overall, take some time to plan your transition. Talk to us if you need additional help or options. Most of all though, get moving now. EOL will be here in no time.

Why are you so popular?

You’ve heard about many of the scams that exist on the internet now. It’s tough to simply look at your emails without noticing several phishing emails sitting in your inbox. Lately, the largest influx of social engineering scams has come from social media.  As of right now, worldwide social media users total 2.34 billion according to Statista. That is a lot of people to target, and hackers are taking advantage. How? Fake accounts. Forbes estimates that there are over a half billion fake social media profiles in circulation today. There are four main ways these cyber-criminals are utilizing social engineering via social media.

Swaying Public Opinion

The most recent large-scale example of utilizing fake accounts to sway public opinion was meddling in the 2016 election. When investigating, Facebook not only found millions of fake Facebook accounts, but they also found that there were Facebook ads created to sway American voters. The ads and posts came from profiles that looked legitimate, but in all reality were conjured up simply to create influence with minimal effort. In addition to their obvious desire to affect election results, if people clicked on the ads, their computers were often infected with malware that would give away valuable personal info.

Fake Advertising

Have you seen the pages that say a celebrity talk show host is giving away XYZ prize or a big-name brand is handing out free gift bags if you share and like the page? All scams. The perpetrators hide behind names that look similar to the authentic celebrity or brand and rely on unwitting people to click, share, and like. These hackers then follow-up by selling your information to third-parties or targeting you with malware advertising to get you to keep coming back.

This technique goes all the way back to 2011 after Steve Jobs passed away. A fake FB ad claimed that Apple was giving away iPads in honor of his passing. Well, that ad went viral and thousands of people clicked on the link, which in turn infected their computers and devices.

Minimally Invested Profiles

Social engineering has gotten more complicated with (MIP) minimally invested profiles and (FIP) fully invested profiles, found mostly on Facebook and LinkedIn. MIPs are created in bulk, and they usually have very little original content on them, as well as a sexy or provocative profile photo. These hackers go around making friend requests willy-nilly in hopes that their picture will intrigue people to add them. They'll eventually send you malware via FB messenger or put rogue posts on your Facebook wall.

Fully Invested Profiles

The FIPs that get created take a little more time and effort, however, they are more efficient because they really look the part. To an untrained eye, a profile like this could pass as an acquaintance. The best way to crack this mystery profile is by looking at their friends, seeing if you already have a friend by that name, as well as scouring the content of their posts. If this raises even one red flag, it's likely it’s a fake profile.  People using this technique target you on Messenger with infected content, usually videos that lure you in because you “know” the sender.

These are just a few of the main ways that social engineers are using social media to target people. While snooping on your co-workers, checking to see what crazy Uncle Larry just posted, or simply browsing through memes, always be diligent and aware of your internet surroundings. In addition, make sure your firewall and antivirus are up to par! Don’t let a social engineer manipulate you into surrendering your information.

Even though ransomware attacks decreased in 2018, they remain a major threat in the cybersecurity landscape. So much so, that ransomware was recently featured on 60 Minutes. The story primarily covers three major instances of ransomware, two that affected municipalities, and a third that targeted a hospital.

All three were attacked in a way that encrypted every single one of their files and also encrypted some of the files within their backups, sending the organizations back to operating on pen and paper. Two, despite FBI recommendations, ended up paying the ransom to restore their data quickly, while the third decided not to pay the ransom and went about remediation on their own. 

The hospital was hit with a $55,000 bill, while one municipality (Leeds, AL) was able to negotiate payment down to $8,000. These ransom sums may not appear astronomically high, but that’s exactly how the hackers keep going. If they requested millions in ransom, no one would pay. An amount in the solid five-figures, though, feels doable for most organizations to get their precious data restored. The third entity (Atlanta, GA) suffered millions of dollars in losses and time in efforts to recover. Some of their data could never be recovered.

The story presented a very clear picture of the dangers surrounding ransomware; however, there were two major issues in the story. First, the entities covered were obviously major entities implying that you needed to be in the public eye to be affected. This is certainly not the case. In fact, nearly 50% of small business owners say their business was affected by a cybersecurity attack in the last year. Ransomware is not just for highly public entities. 

Perhaps more importantly, the story painted paying the ransom as the cheaper and often faster way to go. In very rare occasions, paying the ransom is the only option; but if you’re stuck in a ransomware trap, we do not recommend jumping straight into paying the ransom. Here’s why:

  1. Sure, after you pay the sum (typically in bitcoin), the vast majority of hackers suddenly become ethical and return your files. Let’s look at the reality, though. You’re relying on someone who just took your data hostage for an exorbitant fee to return that data to working order simply because you held up your end of the unwanted bargain. Sounds a lot like using hope as a data recovery strategy to us. At any point the hacker could respond, “Thanks, but no thanks!” or “Well, we thought this would be a sufficient amount; but we ran into snags with your recovery. We’ll actually need x number to finish the job.” 
  2. Prevention is a better strategy. If your back-up is set up correctly with an on-premises and multi-tenant off-site solution, you should be able to roll back to data that existed before the ransomware attack. Granted, you may lose some data in the process if the encryption gets into the backup like it did in the attacks covered in the 60 Minutes story. Losing some data is a lot better than putting yourselves up the creek financially by paying a major ransom. In addition to proper backup, ensure that you’re effectively training employees and stringently monitoring data coming in and out of your network. 
  3. Isolation is possible. In short, don’t store all of your valuable data in one place. If, on the off-chance, ransomware breaches your network, you don’t want to give it an open door to encrypt absolutely everything of value. Keep all critical applications on isolated networks to maintain global network safety. 

Ransomware attacks may be on the decline. However, that just invites the hackers to come up with a more creative way to scam you out of time and money. Perhaps phone ransoms are coming next. Regardless of what the hackers create, make sure you’re prepared and don’t have to rely on paying a hefty ransom to keep your business in operation. 

Cybercriminals are no longer some kid in a basement working on a computer. They are highly educated “professionals” with degrees in not only IT but psychology and other arears of human behavior. They use this knowledge to put together clever social engineering campaigns to trick you into giving them the information they are looking for. Below are some of the methods they use to achieve this end.

Email.
Although we are swamped with SPAM on a daily basis and we use SPAM filters and anti-SPAM solutions there is only so much the SPAM systems can do in trying to figure out the real email verses the bad email. The rest is on you. If you are like me you spend a few seconds on a new email to determine if it is something you need to read or delete. These cybercriminals are so good at what they do that they often have their emails chosen to read over the legitimate ones. We all know about the Nigerian prince that needs your help to get his money out the country all he needs is a few thousand deposited in an account to secure the deal. But most of the newer ones will attempt to trick you into believing the email comes from Netflix or your bank or Amazon etc… These are just some of the way’s social engineers’ prey on unsuspecting and trusting people. If sending money or willingly giving up information isn’t involved, then there is usually malware within the email. The links that can be clicked on will deploy malware to infect your computer files and obtain information about you or encrypt all your files and hold them hostage for a ransom. It’s amazing how prevalent these scams are. But if you’re educated on them, you won’t become a victim.


Posing as someone you know.
This can take several different forms, however the most obvious is copycat Facebook profiles. This is another prominent scam that cybercriminals use to trick people into thinking they are receiving a friend request from someone they know. The profile will often contain a few photos from the original person’s profile so it looks a tad more real. As unsuspecting friends add this profile, it begins to look more legitimate because of similar friends and associates. This profile can ask for money or send links containing malware to infect your computer, or even corrupt your Facebook profile gaining access to personal information. Another way cybercriminal can gain access to your information is by posing as someone within your company. They can send an email that looks like it’s from your boss when really its fake. Usually, something about the email address will be a bit off, if you’re paying attention. Letters are swapped around or a .net becomes a .com at the end of the email. As soon as you open it or click on a link, there goes malware infecting your computer. This scam is usually highly effective because it gets sent to everyone in the company, and people often take it as real from the boss.

Target people is through advertisements.
Considering ads are pretty much everywhere online now, creating ransomware ads is incredibly easy and a bit difficult to spot among the hundreds of people see every day. For this type of social engineering, cybercriminals literally deploy ad campaigns showcasing a product or a service. When you click on the ad, it downloads malware or ransomware onto your computer. Most of the time these ads are for anti-virus software or a pop-up will come on your computer saying your computer has been infected and to click the link to clean the virus. Tricky, tricky cybercriminals. 

Six Tricks to Better Digital Etiquette

It’s probably safe to assume that in one day you send more emails than you speak words. If you have a regular office job, you probably use email all day, every day. Sad, but true.

But because of this, it’s important to know the dos and don’ts of proper email etiquette. You don’t want to be giving off the wrong impression, do you?

Can I send an emoticon?
This is a bizarre one. In the past, absolutely no way. Now, however, things are a little different. Emoticons add a personal touch to emails and they can also help in your efforts to be humorous. If used correctly, an emoticon can make a detached email seem friendly or help soften an otherwise harsh body of text.

Is it funny or is it just awkward?
Writing is a funny thing because one sentence can be read a million different ways. One person may interpret something completely differently than you did based on how they read it, their education level, their personal experiences and the way the wind blew ever so gently that day.

This means you should always be careful when you use humor, especially in a professional context. What you find hilarious may come off as rude and belittling to someone else.

Stay away from Caps Lock.
When you capitalize complete words or sentences, people tend to feel threatened. They automatically think, “Is he/she angry with me?” Or they think you’re too incompetent to use a computer properly. Do you not know where the caps lock button is? Either way the cookie crumbles, it’s not good.

Use spell check.
The lines are so blurred nowadays that you finish emails through text messages and end a phone call when you physically walk up to the person you’re speaking to—however, this doesn’t give you the right to use bad grammar and spell words incorrectly.
Spellcheck your email and always make sure you use complete words. In emails, do not use: cuz, k, y? or ya. Save that for your texts, and even then, only with close friends and family. Your boss or manager likely won’t be impressed with poor English skills.

Is that a novel or an email?
Let’s face it. We don’t like big globs of text (take note of what you’re reading right now). It’s intimidating. If we receive an email with a massive amount of text, we glance through it (missing important information) or save it for later (and never come back to it).

When you write an email, keep it short. Break up your information and highlight key information (bold your font or use the highlighter function). If you can’t get your point across

Can you spot the Phish?

The most damaging thing that can happen to your business is Ransomware. The number one way it gets into your business is through an email attachment. These emails are called phishing emails. Would you know if you were the subject of a phishing attack? 80% of employees will open a phishing email. These crooked companies are very sophisticated and employ social engineers to figure out how to get you to believe the phishing emails they send are legit. With over 1.5 million new phishing sites every month, and over 70% increase in attacks in 2018 over 2017.
Hackers would not be doing this, if it was not so successful.

So how do you spot a phishing attack?

  1. Sender Email Address: Always check to make sure that the email address is legitimate. Amateur hackers will send things from Gmail or Hotmail accounts and hope you don’t notice. More sophisticated hackers will closely mimic an actual email domain, like amazon-online.com rather than amazon.com. Double check the email address before responding, clicking, or opening, even if the from name appears correct.
  2. Discrepancies in Writing Format: If the attack is coming from overseas, you’re likely to notice some small issues in writing format, like writing a date as 4th April, 2018 rather than April 4, 2018. While this is subtle, it should be a red flag.
  3. Grammar Issues: We all fall victim to the occasional typo, but if you receive an email riddled with grammar and spelling mistakes, consider the source. It’s likely a hacker, especially if the email supposedly comes from a major organization.
  4.  Sender Name: This one is also difficult to track, but phishing emails will typically close with a very generic name to avoid raising suspicion. You should recognize the people that send you emails, or at the very least, clearly understand their role at the organization.
  5.  Link Destination: Before you click on any link in an email, hover over it. The destination URL should pop up. Check out the domain name of this URL. Similar to the sender email address, make sure that this address is legitimate before clicking.
  6.  Attachments: Is it realistic to expect an attachment from this sender? Rule of thumb, don’t open any attachment you don’t expect to receive, whether it’s a Zip file, PDF or otherwise. The payload for a ransomware attack often hides inside.
  7.  Email Design: A strange font like Comic Sans should immediately raise red flags if you don’t clearly recognize the sender.
  8. Links to Verify Information: Never, ever click on a link to verify information. Instead, if you think the information does need updating, go directly to the website. Type in your email and password, and update your information from the Account tab. Always go directly to the source.
  9. Odd Logo Use: Hackers try their best to mimic the site’s look and feel. Oftentimes, they get very close; but they won’t be perfect. If something feels off, it probably is.

While there is no fool-proof method for avoiding falling victim to a phishing attack, knowing how to spot likely culprits is one step in the right direction. 

Contact us if you have any questions or need help with your cybersecurity. We provide ongoing training for your emploiees, please see our next lunch and learn event here you can RSVP now.

You may not realise it but HIPAA law requires more than just Medical facilities to adhear to the HIPAA regulations.

The following are the types of company’s that are required by law to perform HIPAA audits.

  • Hospitals
  • Urgent Care Clinics
  • Dental Offices
  • Nursing Homes
  • Behavioral Health Facilities
  • Diagnostic Labs
  • Correctional Facilities
  • Pharmacies

However In addition to the above there are many other businesses that are exposed:

  • IT Service Providers
  • Shredding Companies
  •  Documents Storage Companies
  • Attorneys, Accountants
  • Collection Agencies
  • EMR companies
  • Data Centers
  • Online Backup companies
  • Cloud vendors
  • Insurance Agents
  • Revenue Cycle Management vendors
  • Contract Transcriptionists

The following are the reports we provide:

HIPAA Policies & Procedures. The Policy and Procedures are the best practices that we have formulated to comply with the technical requirements of the HIPAA Security Rule. The policies spell out what your organization will do while the procedures detail how you will do it. In the event of an audit, the first thing an auditor will inspect are the Policies and Procedures documentation. This is more than a suggested way of doing business. The Policies and Procedures have been carefully thought out and vetted, referencing specific code sections in the Security Rule and supported by the other reports we provide.

HIPAA Risk Analysis. HIPAA is a risk-based security framework and the production of a Risk Analysis is one of primary requirements of the HIPAA Security Rule's Administrative Safeguards. In fact, a Risk Analysis is the foundation for the entire security program. It identifies the locations of electronic Protected Health Information (ePHI,) vulnerabilities to the security of the data, threats that might act on the vulnerabilities, and estimates both the likelihood and the impact of a threat acting on a vulnerability. The Risk Analysis helps HIPAA Covered Entities and Business Associates identify the locations of their protected data, how the data moves within, and in and out of, the organization. It identifies what protections are in place and where there is a need for more. The Risk Analysis results in a list of items that must be remediated to ensure the security and confidentiality of ePHI. The value of a Risk Analysis cannot be overstated. Every major data breach enforcement of HIPAA, some with penalties over $1 million, have cited the absence of, or an ineffective, Risk Analysis as the underlying cause of the data breach. The Risk Analysis must be run or updated at least annually, more often if anything significant changes that could affect ePHI.

HIPAA Risk Profile. A Risk Analysis should be done no less than once a year. However, Prestige Computer Solutions has created an abbreviated version of the Risk Analysis called the HIPAA Risk Profile designed to provide interim reporting in a streamlined manner. Whether performed monthly or quarterly, the Risk Profile updates the Risk Analysis and documents progress in addressing previously identified risks, and finds new ones that may have otherwise been missed and resulted in a data breach.

HIPAA Management Plan. Based on the findings in the Risk Analysis, the organization must create a Risk Management Plan with tasks required to minimize, avoid, or respond to risks. Beyond gathering information, Prestige Computer Solutions provides a risk scoring matrix that an organization can use to prioritize risks and appropriately allocate money and resources and ensure that issues identified are issues solved. The Risk Management plan defines the strategies and tactics the organization will use to address its risks.

Evidence of HIPAA Compliance. Just performing HIPAA-compliant tasks is not enough. Audits and investigations require evidence that compliant tasks have been carried out and completed. Documentation must be kept for six years. The Evidence of Compliance includes log-in files, patch analysis, user & computer information, and other source material to support your compliance activities. When all is said and done, the proof to proper documentation is accessibility and the detail to satisfy an auditor or investigator is included in this report.

External Network Vulnerability Scan.. Detailed reports showing security holes and warnings, informational items including CVSS scores as scanned from outside the target network. External vulnerabilities could allow a malicious attacker access to the internal network.

HIPAA On-Site Survey. The On-site Survey is an extensive list of questions about physical and technical security that cannot be gathered automatically. The survey includes questions ranging from how facility doors are locked, firewall information, how faxes are managed, and whether servers are on-site, in a data center, or in the Cloud.

Disk Encryption Report. Encryption is such an effective tool used to protect data that if an encrypted device is lost then it does not have to be reported as a data breach. The Disk Encryption Report identifies each drive and volume across the network, whether it is fixed or removable, and if Encryption is active.

File Scan Report. The underlying cause identified for many data breaches is that the organization did not know that protected data was stored on a device that was lost or stolen. After a breach of 4 million patient records a hospital executive said, "Based on our policies that data should not have been on those systems." The File Scan Report identifies data files stored on computers, servers, and storage devices. This report is useful to identify local data files that may not be protected. Based on this information the risk of a breach could be avoided if the data was moved to a more secure location, or mitigated by encrypting the device to protect the data and avoid a data breach investigation.

User Identification Worksheet. The User Identification Worksheet takes the list of users gathered by the Data Collector and lets you identify whether they are an employee or vendor. Users who should have been terminated and should have had their access terminated can also be identified. This is an effective tool to determine if unauthorized users have access to protected information. It also is a good indicator of the efforts the organization goes to so terminated employees and vendors have their access quickly disabled. 

Computer Identification Worksheet. The Computer Identification Worksheet lets you identify those that store or access ePHI. This is an effective tool in developing data management strategies including secure storage and encryption.

Network Share Identification Worksheet. The Network Share Identification Worksheet takes the list of network shares  and lets you identify those that store or access ePHI. This is an effective tool in developing data management strategies including secure storage and encryption.

HIPAA Supporting Worksheets. A set of individual documents are provided to show detailed information and the raw data the backs up the Evidence of Compliance. These includes the various interviews and worksheets, as well as detailed data collections on shares and login analysis.

For more information on HIPAA and our HIPAA Services and reports please feel free to contact us 

Why you need a Managed BDR Solution

Backup Disaster Recovery (BDR) is very different from traditional backups. Managed BDR meets the needs and challenges of today’s complex computing environments.

Fast recovery is the most important part of any backup and without a truly managed BDR system you are at serious risk.

Can your business operate for days or weeks without your computers and data? Regular backups, even offsite backups, no longer solve the need for fast recovery in today’s competitive business environments.

If you are hit with Ransomware how long, can you be down while your IT restores and rebuilds your systems? With regular traditional file backup models you could be down for days or weeks, while your critical systems are rebuilt and your data is restored. With a Managed BDR solution you can be up and running in a day or less, most systems can be recovered in as little as 15 min.

Backup and Disaster Recovery (BDR) is a combination of data backup and disaster recovery solutions that work cohesively to ensure a Company’s business continuity.

Prestige Computer Solutions Managed BDR keeps your business operations running by ensuring your data is always available. AI-based technologies proactively defend data against ransomware attacks, and with near-instant recoveries, avoid operational outages, loss of productivity and costly downtime caused by infections and recovery efforts.

Call us today to see how we can help you secure your business.

So what is the difference between traditional file backups and BDR? Take a look at the quick videos below.

You take all the necessary security measures. Firewalls, Anti-Virus, Backups Onsite and offsite, SPAM filters etc. But your biggest vulnerability in your business comes from your employees and the awareness on how to deal with phishing attacks.

So how do you address this serious issue?

  1. Password policy’s are important and should be enforced. Passwords should be at least 8 characters long to be effective. When creating a password policy, bear in mind that the most prevalent attacks are Dictionary attacks. Most people utilize real words for their passwords. Hackers will typically try all words before trying a brute force attack. Instead of words, use a combination of letters, numbers, and symbols. The longer the password, the stronger it is. While it’s difficult to remember passwords across different platforms, try not to repeat passwords. This will protect all other accounts in the event of a breach on one of your accounts.
  2. Education is key to keeping employees aware of the latest methods criminals use to try to trick you. Regular Employee training is the most effective method available to combating this problem. We recommend doing this on a quarterly basis to ensure that your employees stay on their toes, and you always provide education on the latest attacks.
  3. Protect all Mobile Phones, you can safeguard as much as humanly possible on your network, but your employees are all walking in with a cell phone. Are they allowed to get emails on these phones? What about gaining access to the network remotely? Cell phones create a big black hole in security without proper mobile device management and mobile security.
  4. Make sure that your software is up-to-date with all the latest security patches. Holding off on updates means that you’re leaving yourself open to vulnerabilities that have been discovered and addressed.
  5. Security is not something for cost savings. Home-based hardware is not sufficient, and you at the very least need a quality firewall and backup device. Invest in your employee’s training, ongoing security updates.

There are two things that aren’t going away in any business, employees and security threats. Make sure that you’ve taken care of everything you can to avoid falling victim.

Prestige computer Solutions offers Lunch and Learn training classes to businesses in and around the Middle Georgia Area. We hold classes in our facility in Warner Robins and Macon Georgia.

You can book online here for the next lunch and learn, Hacking the Hacker.

 

Do you need a Managed Services Provider?

What happens when you find out your server or network system is down? What do you do? How long does it take to get you back up? What is the cost to your business?

You can take proactive steps to minimize the cost of downtime.  But it can be tricky if you don’t have the essential expertise and time needed to manage your IT.


That’s why you need a Managed Services Provider (MSP)—to be the one-stop solution to all your IT Technology related challenges. A good MSP will provide you with a variety of solutions that keep your systems optimized and minimize downtime.

  1. 24/7 Systems monitoring eliminates potential outages by identifying problems before they become a major problem.
  2. Remote Support for quick effective Expert IT assistance to get your issue resolved.
  3. On-Site Support for those issues that need that direct level of support
  4. Quarterly system health review to keep you up to date with your technology and eliminate surprises.
  5. 24/7 Cybersecurity Monitoring and threat mitigation. Let the experts fight the security battles for you
  6. Employee Training is essential for your ongoing productivity. A Good MSP offers training as part of your unlimited services.

Because you’re serious about minimizing downtime, you need a good technology partner.
Only a true MSP can provide you with the necessary level of support you need to keep your systems running and your business functioning.

Give us a call today. (478) 971-1834
Prestige Computer Solutions is the largest and fastest growing MSP in the Middle Georgia area. We specialise in helping small businesses.

 

HIPAA and Social Media!

Social Media can certainly enhance the doctor patient relationship by announcing new services and information to patients thereby improving overall health awareness.  Healthcare providers need to be aware of the potential of exposing patient information when using social media to interact with patients. 

Billions of people use social Media content every day and over 40% of healthcare professionals use the same platforms to build and expand their professional network. Huge advantages can be made when using Social Media such as Facebook to provide notifications about new services. Facebook advertising can be used to target specific groups of people and let them know about a new or critical health benefit you offer. An example of this could be to target mothers of children of a certain age within a specific area that vaccinations are available or due.

Call us if you need to provide this type of service for you practice. We provide advanced profesional Facebook advertising.

So what actions on Social Media violate HIPAA rules?
According to HIPAA regulations, a violation or breach is unauthorized use or disclosure under the Privacy Rule which exposes the privacy or security of Protected Health Information (PHI).

Examples of common violations include:

  • Sharing pictures (like a team lunch in the workplace) with patient information visible in the background.
  • Sharing any form of PHI (such as images) without the patient's written consent.
  • Posting "gossip" about a patient to those who are not concerned, even if the name is not mentioned.

How much could a HIPAA violations cost?
People in the healthcare industry cannot treat HIPAA lightly. If an employee were found guilty of violating a HIPAA rule, that person and the practice could face a fine between $100 and $1,500,000. Depending on the severity of the violation, the employee might face a 10-year jail sentence, lawsuits, termination from the job, and the loss of medical license.

What do you need to do to prevent violations?
It is a good idea to have employees undergo training on HIPAA Security and HIPAA Privacy procedures and policies when they are hired. Topics that should be discussed include computer use, computer and mobile device security, and bringing personal devices into the workplace.

These procedures are crucial to making sure that employees comply with HIPAA rules and are protecting patient information, whether it be electronic, written or oral.

Do you work in the healthcare industry? do you need help managing IT and privacy issues? or do you want to do some profesional Facebook marketing? if so Feel free to give us a call today!

Is your internet Router Hacked ?

You all have probably heard the news clips on Russian hackers getting into your internet routers and steeling your passwords.  The question is how vulnerable are you and is this something you need to worry about? 

First if you are a business with a legitimate Firewall not a Router you are not at risk for this issue.  If you purchased your router from a retail store you may be at risk.  If you are not sure of what you have. Give us a call we can do a quick evaluation of your firewall and internet service for you.

This issue generally is only something that affects home users with retail store type routers. Vulnerabilities in some routers’ firmware code allow hackers to change some of the router’s critical settings. For example, altering the Domain Name Server (DNS) settings enables them to instruct your router to send your Internet requests to malware-infested servers and fake websites.  If that happens it could result in malware being downloaded onto your computer or mobile device and/or having your identity and online accounts compromised. Bad, bad stuff for sure.

To check your router and make sure you are not at risk you can use one of these free tools.  Visit this page on the F-Secure website.  After you click the button the tool will check your router’s settings to make sure they haven’t been changed to values that are known to be incorrect or malicious. The entire test takes mere seconds and the results will be displayed right on your screen.

here is a list of the most vulnerable routers

If you are unsure or you get a bad result please contact us we can help.

Managed Services! What is it exactly?

Well it is a term that makes no sense to the average non-IT person. Unless you work in the IT industry, you probably have not heard of Managed Services before.

Here is the skinny… Managed Services is a service offered by an IT company that takes care of all your computer and technology issues for you. In other words if it is IT related  Managed Services makes it so much better.

Now, a lot of people get the same look of confusion on their face when someone says Managed Services. That’s normal.  Just like the word Idiopathic make no sense to anyone but doctors, or architrave makes no sense to anyone but those in the building and engineeringl field.

So that is all fine and good, but what does it do for you and your business? And how does it make it better?

Let me see if I can break it down for you here:

Managed Services is known above all for its monitoring, IT company’s or Managed Service Providers (MSP's) use tools called RMM tools that allow them to proactively monitor all your systems and either automatically fix it or generate an alert for the technician to look at.  Usually we can fix a problem before anyone ever knew about it.   All this equates to less down time for your business and improved productivity.

Because of all this monitoring, you and your staff will experience very little downtime. Your computer network is no longer sputtering out of control. It does what it should, when it should, no matter what. Why?  Because a group of technicians make sure that it does.

Managed Services also automatically keeps your systems updated to the latest security patches this helps keep you one step ahead of the hackers and viruses that are looking to gain access to your systems. Also we are able to monitor the antivirus software keep it up to date and know when you have something bad going on before it gets out of control.

When you have fully Managed Services your IT Systems are… well, fully managed. From routine maintenance and automatic upgrades to proactive monitoring and instant support, your technology remains consistent because it’s consistently taken care of.

In other words, hurdles are all but eliminated. Problems are identified and corrected immediately, and your business can remain productive and free of IT challenges and complications.

It is always possible for you to still have a hardware failure and or a system break down now and again and you could still experience a network glitch here and there. But with Managed Services, this will not cost you anything. Because all this is bundled into a flat rate monthly support plan called Managed Services.

This means that those ridiculously large and out-of-control repair expenses go away completely. You finally have the full ability to successfully budget for your technology needs. No more guessing. No more hoping. No more praying. It is what it is and won’t change.

With the lovely combination of routine maintenance, proactive monitoring, and a flat, monthly rate, a fully Managed Services solution removes the element of surprise from your IT. There will be no coming to work on a Monday morning only to discover a broken-down network. There will be no large repair fees to wait for. And there will be no dreading an eventual collapse of your data. Managed services eliminates the surprises.

No more Googling. No more YouTube-ing. No more calling that friend of a friend. Managed Services is managed by a group of professionals who are experts at what they do. You are no longer the wannabe IT guru, and you no longer have to figure it out by yourself.

So hire an MSP. If you need help or advice, just call us.

If you want to check your password you can go to this link. It is safe and will give you a good idea how good your password truly is and how easy it could be for a hacker to crack it.


No longer do fancy symbols and upper-case letters and numbers have any importance.   Most hackers use computer programs that will zip through these like butter.  What does make it harder for them is the length of the password in other words you could use the following (This is my good and safe password) as a password and it would be much safer than Pa$$w0rd   again give it a try here.


The other thing that is important! is to change your password regularly.  I recommend changing password at least every 90 days and do not reuse old passwords. Also do not use the same password for all your systems.


Unfortunately, it’s not uncommon in our current culture to face major security breaches on our favorite platforms, such as the recent ones that involved LinkedIn, MySpace and Tumblr, where hundreds of accounts details went for sale on the dark web. Think about it. If you used the same password everywhere, attackers would be able to quickly access all of your other accounts quickly (and they know it).

What’s more alarming than that? Almost 90% of small business owners don’t feel like they’re at risk of experiencing a breach.

We at Prestige have a good handle on how to get this issue under control give us a call to see how we can help.

Don't leave your programs running

Some programs will develop issues if you leave them open such as QuickBooks.   Not to mention Word Documents Excel Spreadsheets etc.. It is always a best practice to exit and restart your computer at the end of the day. Doing this achieves two important tasks, one it logs you out and second, it makes sure all running applications are terminated.
The last thing you want is to find your critical data was not backed up because it was in use and you have now lost months of work.

Remember! reboot your computer at the end of the day to keep everything running well. Do not turn it off as security scans and patches are usually done after hours so as to not interfere with you while you work.

Computers do not live forever

But my computer is only 5 years old. Yes! it seems like only yesterday you purchased it. 

But like everything these days computers get old. Moving parts wear out and newer faster computer chips are developed. Those updates you must run to keep you safe etc. need more and more power and your old computer is now having a hard time keeping up.

So to keep up with the latest security requirements and run the applications you need you will have to accept the fact that 3 years is the designed lifespan of any computer desktop or laptop.

When looking for an IT Services and support company there are many factors you need to think about. The IT company should be a Managed Services Provider or MSP, how proactive the IT company is, are they able to respond in the event of an emergency.

Although most MSP’s use technology to remotely monitor and support your systems without going onsite, having an IT support company ready and able to come onsite to your business to fix an issue can be invaluable.
If you are experiencing low response times had difficulty accessing support from your IT company or you are thinking of looking for a Managed Services Provider here are a few reasons why you should consider a local IT support company.

1. Easy Accessibility & Quick Emergency Support
Arguably, the most important aspect of IT support next to proactive maintenance is the ability to easily and quickly access your IT support provider for quick support. Choosing a local IT service and support company allows you quick access to your IT support without the issues imposed by geography. In case of an emergency such as downtime, or virus attack, your local IT provider can respond in real-time.

2. Understanding of Your Local Business Environment
Using a local IT service provider can also provide your business with access to local IT experts that are not only versed in the day-to-day maintenance of IT systems but also understand challenges that other businesses in your geographical area face. Having this unique perspective can help your local IT service provider proactively suggest solutions to problems even before they occur.

3. Frequent Routine System Checks
While many routine IT system checks can be performed remotely, the local IT service provider also has the flexibility to come onsite to perform routine tests when needed. This allows your business to create a proactive IT maintenance that helps you prevent IT issues before they occur.

4. Cost Effective IT Support Services
Since most IT support services are priced hourly, having a local IT service provider who can get to you in no time, can help reduce your IT support service costs. The cost savings in travel time and expenses can be used for other strategic IT projects or even added to your businesses’ bottom line.

Local Georgia, GA IT Support Services Prestige Computer Solutions is located in Middle Georgia and from here we are able to provide local suport to companys throughout the state of Georgia with same day onsite support.
Most of our customers are located in Middle Georgia, Macon, Warner Robins, Perry, Fort Valley.

Ransomware!

According to the latest FBI 2017 Internet Crime report, losses of cybercrime victims exceeded $1.4 billion in 2017. 
The report data represents a total of 301,581 complaints filed with the Internet Complaint Center (IC3). 
This past year, the top three cybercrimes reported by victims were Non-Payment/Non-Delivery (84,079 victims), Personal Data Breach (30,904 victims), and Phishing (25,344 victims). The top three crime types with the highest reported loss were BEC ($676,151,185), Confidence/Romance fraud ($211,382,989), and Non-Payment/Non-Delivery ($141,110,441).

see full blog post here

Why you need a Managed Services Provider

First it is critical you understand the difference between a true Managed IT service Provider and one that just uses the words without understanding what must be done to actually deliver.

A true Managed IT services provider will provide you with a comprehensive set of solutions that will free up you or your staff to focus on the things that are important to your business. With Managed IT Services you can rest assured your systems are up to date monitored and optimized daily. Your security concerns are addressed and you have a team of highly skilled technicians dedicated to keeping you that way.

Why do you need managed IT services?
With today’s emerging risks to data security and advanced business technologies creating new levels of complexity, companies are realizing they could leverage expertise from Managed IT Service Providers (MSPs) to bolster network infrastructure, upgrade software, protect critical company data and provide vender management.  Whether a business is looking to leverage innovative HaaS (Hardware-as-a-Service) solutions, Managed Security or computer health and uptime management. Managed IT Services provide the advanced and dedicated IT support necessary to drive your business growth.

What are three reasons your business will benefit from proactive IT support?
1. 24/7 Monitoring and Support with Proactive Cybersecurity: Managed IT Services afford businesses the 24/7 security necessary to mitigate risks and, if a situation arises, restore you back to operation with speed. Even with an in-house IT department, sometimes it can be difficult to ensure that a business have the right talent on staff – at the right time – to handle a random IT issue. Infrastructure management, firewall and virus protection, WAN/LAN health monitoring, a fully secure virtual environment, disaster recovery, scheduled on-site support and more – all are available to your business with a managed IT service partner working to keep your data safe, secure and accessible 24/7.

2. Risk Mitigation & Reduced Downtime: Malware, hacking, loss of customer data due to breaches – or natural disasters. Not only can a managed services provider track and begin remediation of a known event more quickly and efficiently than the business could in the past, but through the robust tools available to managed services providers, many events can be headed off at the pass. Managed services organizations can determine that a failure is imminent in many cases, thereby allowing remediation efforts that will prevent the failure from occurring in the first place, which clearly reduces downtime and risk for the client company.

3. Controlled IT Spending – Finally! You can accurately predict and budget for IT maintenance costs and spend more time focusing on managing your core business. With the right IT service provider, businesses can experience a true partnership in the protection, maintenance and management of their business technologies – without the pain of absorbing unforeseen costs.

Prestige Computer Solutions Managed IT Services provide the proactive monitoring, measuring and maintenance your business technology needs to stay running – all the time.

Let Prestige Computer Solutions detect and prevent critical issues that could impact your productivity. Call Us today

FACEBOOK NOW SAYS the data firm Cambridge Analytica gained unauthorized access to up to 87 million users' data, mainly in the United States. This figure is far higher than the 50 million users that were previously reported.
Facebook's chief technology officer Mike Schroepfer shared this figure at the end of a lengthy—and somewhat unrelated—blog post Wednesday that laid out a slew of changes Facebook is making to restrict access to user data.

See full article here