Phishing Hits Businesses at Tax Time

Phishing schemes abound every season, and tax season is no exception. It’s an important time of year in the corporate world and cybercriminals are looking to take advantage of it, which is why your business must ensure that your confidential data is kept under lock and key.

Phishing baits to watch out for

Phishing attacks often consist of fabricated or compromised emails sent to finance/payroll or human resources employees that are made to look like they’re from an executive in your company. The message might contain a request to forward employee records, including their W-2 forms, but that’s not all…

Another common scheme, which doesn’t only happen during tax season, involves getting a call from a person declaring to be an IRS employee. And no, caller IDs won’t save you because they can forge that, too. The phisher will inform you that you owe them cash from back taxes and they will threaten legal action if you don’t pay via credit card at that instant.

Always remember, the IRS will never contact you on the phone to let you know that you owe them money. And they certainly won’t threaten you or demand payment over the phone. If they really need to notify you of such matters, they’ll use the postal service and will give you a chance to discuss payment terms.

Standard protection protocols

Don’t worry, the usual security measures against these phishing scams are pretty easy to integrate into your business. Begin by developing a policy that bans the request of private details through email. If an employee ever requires such info, they should get in touch with the person directly, follow your established protocols for the transfer of sensitive information, and minimize the number of people involved in the transaction.

Taking security a step further

Data loss prevention (DLP) systems are also valuable weapons against these types of phishing attacks. They evaluate traffic going in and out of your company, such as web usage, emails and instant messages, and virtually anything sent on your network. DLP systems can filter out private details, including Social Security numbers, and stop them from being sent out.

But beware, DLP systems come with a minor drawback, as they can also block legitimate traffic, like when your accounting department sends tax info to your CPA. Fortunately, an MSP like us can properly segregate the good and the bad traffic to avoid confusing and/or frustrating your employees.

Phishing schemes may be a normal occurrence during tax season, but that doesn’t mean you can’t do anything about it. Don’t let the vulnerabilities in your business, particularly the human element, fall prey to cybercriminals. Call us at 800-421-7151 right away and we’ll conduct an assessment of the security of your business, as well as design a risk management plan to help counter future complications.

3 Tips to Maintain a Secure Facebook Account

In March 2018, disturbing reports circulated on the web that revealed a company named Cambridge Analytica harvested confidential details of 50 million Facebook accounts. If you’re concerned that your private details are being passed around by private companies, consider the following 3 tips to maintain a confidential Facebook profile.

Download your Facebook data

The thought of a complete stranger going through your account is pretty disturbing. Yet, you’re probably curious about the amount of information you uploaded to your social media sites over the years. Fortunately, Facebook allows you to download a copy of all your data. You simply have to log in to its web version and…

  • On the site’s main navigation, click on the down button right next to the Quick Help icon
  • A menu will pop up and you’ll find Settings right above the Log Out option
  • Click on Settings and you’ll automatically be redirected to General
  • Within the General page, press Download a copy of your Facebook Data
  • It will redirect you to a different page where you’ll need to press Start My Archive button to proceed with the download process

Once that’s done, you’ll be able to see an archive of all your Facebook activity, such as the statuses you’ve posted, messages you’ve sent, and ads you’ve clicked on.

Change your privacy settings

After going through all your data, you might realize that everything you shared is harmless. But, that doesn’t mean it won’t end up in the hands of cybercriminals who can use it against you.

We suggest going back to the Settings page and clicking on Privacy. That’s where you can modify whether you want your posts to be seen by the public or only by your friends. You can even control who’s allowed to send you friend requests, view your friends list, and most importantly, decide whether search engines are allowed to link to your profile.

Check or delete apps

You know those personality quizzes that you and your friends always had a ball answering? Apparently, Cambridge Analytica gathered all the responses from one of those app developers. Luckily, you can stop them from further accessing your profile. In Settings, click on Apps to see all the apps linked to your profile. Beside each one, you can choose Edit Settings to review its authorizations or click Remove to completely get rid of it.

Your recent love-hate relationship with Facebook has you second-guessing. If you want to take data security up a notch, we can always provide more tips and tools, and even assess your current level of security. Just give us a call at 800-421-7151 and we’ll take care of your privacy so you don’t wind up breaking up with your favorite social media site.

Keeping Cloud Costs Under Control

One of the most well known benefits of the cloud is it boosts cost efficiency. By moving to the cloud, small- and medium-sized businesses no longer have to worry about purchasing high-end equipment or maintaining full-scale data centers. However, there are quite a few costs associated with the cloud, so it’s important you know how to keep them under control.

Don’t go for standalone services
Standalone services are the biggest price trap in the cloud. Spending on a standalone cloud software may seem harmless now, but if you decide to purchase similar services, the costs can quickly pile up. Then, there’s the issue of integrating these systems together, which costs even more time and money.

The best way around this is to find a service provider that offers a suite of products that work seamlessly together. Platforms like Office 365 or G Suite are great examples, and offer you differently priced packages based on the size and requirements of your business.

Team up with integration experts
If you do need to subscribe to a standalone service, you’ll want to integrate it with the rest of your cloud platform. But if you have limited experience with integrations, mistakes are likely to happen and cause downtime, which will inevitably cost you time and money.

The more economical option is to partner with a cloud integration expert, as they can quickly configure and deploy your systems with zero mistakes.

Understand cloud backup costs
While cloud backups are great for keeping your data secure, you must know how much you’re paying for them. If you plan on storing your data for a long time, you may be charged more. At the same time, if you store more versions of your data, it will cost you more.

One way you can keep costs down is to ask yourself whether certain files even need to be stored in the cloud. Mission-critical files like customer information, legal document, and business plans should be stored in the cloud so you can retrieve them right away after a disaster, but routine documents like timesheets can probably be stored in less expensive data centers.

Remove unnecessary accounts
Most cloud service providers charge you based on the number of users per month, so if you’re not diligent about removing accounts when employees have left your company, you could be throwing your money down the drain.

To avoid this, you need to have deprovisioning procedures in place for when an employee’s contract is terminated. Create a spreadsheet of each employee in your payroll and note down their cloud subscriptions. When an employee leaves your company, you must delete all their business accounts and give the relevant manager access to all their documents.

It’s also a good idea to schedule regular audits to make sure you’re not paying for people who’ve already left your company.

Work with a trustworthy provider
Last but not least, you’ll want to partner with a cloud services provider that not only gives you the best deals on cloud solutions, but also proactively monitors your account and warns you about any issues regarding the computing resources and storage space you’re using.

If you’re looking to keep cloud costs under control, talk to us today at 800-421-7151. We’re certified and experienced with all aspects of cloud technology, and we can show you how you can truly benefit from it.

Don’t Ever Let Your IT Company Do This To Your Computer Network

Today, when companies need to be lean, nimble and brutally efficient to survive in a competitive marketplace,cutting unnecessary costs is paramount. Unfortunately, it can be easy when you’re on a tight budget to accidentally strip away components of your business that may seem gratuitous but are actually essential to your success.

One of the first things that often ends up on the chopping block in the frenzy to save money is IT. Instead of continually investing in managed IT services, where professionals carefully maintain, protect and update your network month to month, some businesses decide that the best way to keep their technology running smoothly is to simply leave it alone, calling up a professional only when something breaks down.

Of course, this approach forgoes monthly costs and shaves off a fair few dollars from your technology budget in the short run. But while this approach may seem cost-effective, it opens up your business to a huge variety of technological crises, from expensive network outages to cyberattacks that may cripple the very future of your company.

The Problem With A ‘Break-Fix’ Strategy

It can be hard to imagine the huge list of problems that might arise within your network. So, it’s an understandable strategy to wait to do something until an issue becomes a serious problem. At that point, they bring in a professional who – charging by the hour – attempts to suss out and repair whatever may be broken.

It seems like a logical approach, but unfortunately, it’s littered with huge hidden costs. If you’re calling an IT expert only when something in your network is broken, only your most urgent technological needs are

addressed. When your technician is being paid an hourly wage to fix a specific issue, there’s no incentive to be proactive with your system. They won’t recommend important, money-saving upgrades or updates, and they will rarely be able to detect a crisis before it happens.

What’s more, the approach “If it ain’t broke, don’t fix it” very likely leaves huge holes in your security and drastically magnifies the costs of an IT meltdown. If they’re only arriving in the midst of crisis, there’s hardly ever an opportunity for the break-fix technician to strengthen the barriers between you and the hordes of hackers clamoring for your data. They’re on the clock, being closely monitored to fix the problem and then go away. Meanwhile, the security landscape is constantly changing, with criminals and security experts in a back-and-forth arms race to stay abreast of the latest developments.

Without someone managing your system on a regular basis, your protective measures are sure to become woefully out of date and essentially useless against attack.

Why Managed IT Services Are The Answer

When you turn your IT needs to a managed services provider (MSP), you’re entrusting the care of your network to a team of experts who have a real interest in your success. MSP engineers regularly monitor the health of your system, proactively preventing disaster before it enters into the equation and hurts your bottom line.

Beyond this preventative care, MSPs do everything they possibly can to maximize the power and efficiency of your equipment, implementing only the best practices and the latest software and updates.

When you invest in an MSP, you may have to invest more funds initially, but likely you’ll save tens of thousands of dollars in the long run by avoiding cyber-attacks, downtime and hourly rates wasted on a technician who doesn’t really care about the future of your business. When you choose an MSP, you’re not just choosing a superior and healthier network – you’re choosing peace of mind. Call us today at 800-421-7151 to learn more about our Managed Services. 

Does Private Browsing Secure Your Data?

If you’re getting targeted with surprisingly relevant ads, there’s a chance your internet activity is being tracked and analyzed by market researchers. While this doesn’t bother most people, private browsing mode can offer you some protection against online marketers and would-be data thieves.

What is private browsing?
Your web browser – whether it be Chrome, Edge, Firefox, Safari, or Opera – remembers the URLs of the sites you visit, cookies that track your activity, passwords you’ve used, and temporary files you’ve downloaded.

This can be convenient if you frequently visit certain pages, can’t remember your login details, or if you’re trying to recall a website you visited a few days ago. But if someone else uses or gains access to your computer, your most private (and embarrassing) internet activities are exposed for anyone to see.

With private browsing – also called Incognito Mode in Chrome and InPrivate Browsing in Edge – all the information listed above does not get recorded. In fact, all the websites and information you accessed in the private browsing session is immediately discarded without a trace as soon as you close the browser. This can come in handy when you’re using a public computer because you’re instantly logged out of all the accounts after closing the window.

Your cookies also won’t be tracked. In a normal browsing session, sites like Facebook will inundate you with highly targeted ads based on the sites and pages you’ve visited. But in private browsing mode, your internet activity won’t be used against you by marketing companies.

Another benefit of private browsing is you can use it to log in to several accounts on the same site, which is useful if you need to log into two different Google accounts at the same time.

Limitations of private browsing
Although private browsing does prevent your web browser from storing your data, it doesn’t stop anyone from snooping on your current activities. If your computer is connected to the company network, system administrators can still keep track of what you’re browsing even if you’re in Incognito Mode.

Also, if spyware or keylogger malware is installed on your computer, hackers will still be able to see what you’re doing online. Even though private browsing has quite a few benefits, you shouldn’t solely depend on it for online privacy.

Your computers must be equipped with Virtual Private Networks that encrypt your internet connection and prevent anyone from intercepting your data. And don’t forget to scan your computer for viruses with a strong anti-malware program to keep spyware and other malicious web monitoring software at bay.

If you want to know where you can get these solutions or learn more about web browser security, call us today at 800-421-7151. We have the tools and expert advice you need to prevent anyone from snooping on your internet browsing.

Prep for IT Incidents with External Support

Regardless of your best office IT strategies, it’s nearly impossible to thwart every type of cyberattack. And when they do happen, most businesses depend primarily on their internal resources and personnel. On the other hand, some organizations have realized the risks and complexities involved and have sought external support from leading industry specialists. Here are reasons why you should, too.

Access to new technologies and industry experts
Managed Services Providers (MSPs) are equipped with resources most small businesses can’t afford. They employ teams of experts in fields ranging from cybersecurity to data management to networking – all available for you on an outsourced basis. For example, an MSP provides advanced security software and applications that can help your business avoid the risks of cyberthreats.

They also work with industry tech leaders who provide insights into upcoming hardware and software products in the market. This ensures you receive updated recommendations on the latest technologies so you can use them in your business, and they often come with deals that you wouldn’t normally have access to.

Knowledge from past breaches
External IT support providers have been helping businesses recover from all kinds of tech disasters since the dawn of hackers. They now have enough knowledge to prepare Data Backup and Disaster Recovery plans for you. This way, you and your team would still be up and running after suffering from an IT emergency without disrupting much of your business operations.

External support providers’ experience with data protection will ensure your systems are monitored around the clock so your security systems are always functioning properly to keep cybercriminals at bay.

Run your business with ease
You don’t specialize in technology, so you don’t have the skill or the experience in dealing with digital felons. You also know how vulnerable your business is online and won’t dare do anything to jeopardize it. That’s why external support is such a great asset – you’ll be able to manage your business without any worries because your external IT provider will keep it protected. Give us a call at 800-421-7151 to see how we can keep your mind at ease.

Best Uses of Alexa in a Business Setting

Individual users find plenty to like about Amazon’s AI technology Alexa. It’s a great way to control smart home devices and perform small tasks like make shopping lists and answer phone calls. But Alexa also gets things done for business users, and here we’ll list some of the most useful.

Create and manage to-do and shopping lists
You have meetings to attend and deadlines to meet. Alexa has a straightforward To-do List feature that helps you stay on top of all your tasks. It’s ideal for busy professionals who prefer a no-frills checklist that allows them to simply view completed items, or to edit or delete items on the list.

You can also seamlessly sync third-party applications like Any.do and Todoist, which offer more features for organizing tasks, adding subtasks and folders, creating reminders, setting due dates, attaching files, and prioritizing items.

To connect to a third-party app:

Go to alexa.amazon.com or access the Alexa app
Go to Settings > List, click Get Skill
Click Enable
Log in to authorize the app
Alexa also has a default Shopping List that works exactly like the To-do List. It lets you add or delete items that can be browsed in the Amazon store and searched for in Bing.

Reorder office supplies
Ordering supplies on an Amazon smart home device is especially convenient because you would have already set up an Amazon account. When voice shopping with Alexa, you can either add items to your Amazon cart (“Alexa, add toner to my cart”) or directly order a single item (“Alexa, reorder toner”) without having to lift a finger.

When you place an order, Alexa checks product availability, walks you through Amazon search results, and asks you to confirm or cancel the order. Voice shopping is enabled by default, but it can be disabled in Settings > Voice Purchasing in the Alexa app.

Sync your calendars
One of the best ways to maximize Alexa in the office is to sync it up with your calendars. You can view scheduled appointments, set meetings, or have Alexa read the day’s entries with simple commands like “Alexa, what time is my next meeting?” or “Alexa, when is the company barbecue?”.

To add a calendar:

Go to alexa.amazon.com or access the Alexa app
Click Settings > Calendar
Select a calendar from the available platforms: Google (Gmail and G Suite), Apple (iCloud), or Microsoft (Office 365 or Outlook)
Log in to your account
Set a timer
A Pomodoro timer is a productivity enhancement tool that works by prescribing ideal work intervals and breaks. For example, you can set a timer that reminds you to take a 15-minute break for every hour worked, and setting this up in Alexa is easy.

To set a single timer:

Say “Alexa, set a work timer for 60 minutes.”
After the work timer finishes, say “Alexa, set a break time for 15 minutes.”
To set several timers at once, say:

“Alexa, create a work timer for 60 minutes.”
“Alexa, create a break timer for 15 minutes.”

But of course, due to the listening technology of Alexa, users should not expect 100% privacy. Here are a few ways that you can protect yourself from Alexa hearing and recording anything you don’t want her to hear:

Always Mute your Echo when Not in Use – The mute/unmute button can be located at the top of the device. Unmute and Alexa is no longer listening.
Don’t connect sensitive accounts to your Echo – This has proven to be a problem for users on multiple occasions.
Erase old recordings – If your Echo is connected to your Amazon account, as it should be to get the most out of it, you can manage recordings. This can be done by logging into Amazon’s website and navigating to “Manage my device.” You can delete both individual queries and/or the entire search history.

The commands we’ve included here work for simple instructions, but you can modify them and use tons of other Alexa commands to suit your purpose. If you need recommendations on how you can work smarter with AI and other productivity tools, get in touch with us today at 800-421-7151.

Outlook Tips to Increase Productivity

Microsoft is constantly updating and improving its Outlook email program, and some users struggle to keep up with all the new and exciting features. Look no further if you wish to catch up on the latest productivity-enhancing tricks.

Clean Up your inbox
No matter inbox how meticulously organized your Outlook inbox is, there’s always room for improvement. For a little computer-assisted help, try the ‘Clean Up’ feature.

From your Inbox, click the Home tab and choose from Outlook’s three Clean Up options:
Clean Up Conversation – Reviews an email thread or a conversation and deletes redundant messages.
Clean Up Folder – Reviews conversations in a selected folder and deletes redundant messages.
Clean Up Folder & Subfolders – Reviews all messages in a selected folder and its subfolder, and deletes redundant messages in all of them.

Ignore (unnecessary) conversations
An overstuffed inbox is often caused by group conversations that aren’t relevant to you. The Ignore button helps you organize your inbox and focus on relevant emails.

Select a message, then click Home > Ignore > Ignore Conversation. You can also do this by opening a message in a new window and clicking Ignore under the Delete function. To recover an ignored message, go to the Deleted Items folder, and click Ignore > Stop Ignoring Conversation.

Send links instead of a file copy
Help your colleagues save storage by sending a link to a cloud version of a file instead of the file itself. This is particularly useful when sending massive files. You can also set permissions to allow recipients to edit and collaborate on linked files in real time.

Upload the file you wish to send on OneDrive and send it to your recipients. From the message box, click Attach File > Browse web locations > OneDrive.

Improve meetings with Skype and OneNote
Outlook allows you to combine Skype’s HD video and screen-sharing features with OneNote’s organizational and project planning functions. It’s easy:

Go to the Meeting tab in Outlook, then click Skype meeting and send the link to participants. After the meeting has started, select Meeting Notes (under the Meeting tab) and choose whether you want to Take notes on your own or Share notes with the meeting.

Tag contacts
To get the attention of a specific person in a group email message, use the @Mention function. This works particularly well for mails to multiple recipients or for if you simply want to convey the urgency of your message.

In the email body or meeting request, type the ‘@’ symbol followed by the first and last name of the person you wish to tag (e.g., @firstnamelastname).
To search for emails you’re tagged in, select Filter Email from the Home tab and choose Mentioned, then choose Mentioned.

These are just a few strategies for getting more out of Microsoft’s email platform. To unlock Outlook’s true potential, you need the support of certified IT professionals. Give us a call today at 800-421-7151.

HTTPS is Something to Care About

For all the time we spend discussing the complexity of internet security, there are a few simple things you can do. Avoiding websites that aren’t secured with the HTTPS protocol is one of them. It’s a habit that can be developed with a better understanding of what the padlock icon in your web browser’s address bar represents.

HTTPS Encryption
Older web protocols lack data encryption. When you visit a website that doesn’t use HTTPS, everything you type or click on that website is sent across the network in plain text. So, if your bank’s website doesn’t use the latest protocols, your login information can be intercepted by anyone with the right tools.

HTTPS Certificates
The second thing outdated web browsing lacks is publisher certificates. When you enter a web address into your browser, your computer uses an online directory to translate that text into numerical addresses (e.g., www.google.com = 8.8.8.8) then saves that information on your computer so it doesn’t need to check the online directory every time you visit a known website.

The problem is, if your computer is hacked it could be tricked into directing www.google.com to 8.8.8.255, even if that’s a malicious website. Oftentimes, this strategy is implemented to send users to sites that look exactly like what they expected, but are actually false-front sites designed to trick you into providing your credentials.

HTTPS created a new ecosystem of certificates that are issued by the online directories mentioned earlier. These certificates make it impossible for you to be redirected to a false-front website.

What this means for daily browsing
Most people hop from site to site too quickly to check each one for padlocks and certificates. Unfortunately, HTTPS is way too important to ignore. Here are a few things to consider when browsing:

If your browser marks a website as “unsafe” do not click “proceed anyway” unless you are absolutely certain nothing private will be transmitted.
There are web browser extensions that create encrypted connections to unencrypted websites (HTTPS Everywhere is great for Chrome and Firefox).
HTTPS certificates don’t mean anything if you don’t recognize the company’s name. For example, goog1e.com (with the ‘l’ replaced with a one) could have a certificate, but that doesn’t mean it’s a trustworthy site.

Avoiding sites that don’t use the HTTPS protocol is just one of many things you need to do to stay safe when browsing the internet. When you’re ready for IT support that handles the finer points of cybersecurity like safe web browsing, give our office a call at 800-421-7151.

New Scam Freezes Browser to Panic Users

New Scam Freezes Browsers to Panic Users

Con artists have created a new method of deceiving users by freezing their browsers and displaying a security notification with bogus tech-support contact details. This adware scam has been found to affect users in both Windows and macOS. Their ultimate goal is to scare potential victims and trick them into dialing the fake hotline number on the screen.

The End Game
The scam works by displaying an error message indicating a bogus security breach incident that renders a browser unusable. It appears to be an important security message. These scammers capitalize on the fact that a serious crash can’t be solved by simply closing the site, thereby sending the users into a panic. This encourages them to dial the number listed on the warning message.

On the other end of the line, the scammers would pose as Microsoft or Apple representatives to convince users into surrendering their credit card details to repair a non-existing security issue. Whatever you do, please do not call the phone number for support because it is not Microsoft’s but rather a group of scammers waiting to rob you of hundreds of dollars under false pretenses. The scams are generally carried out through legitimate sites or malicious ads that have been hacked.

The Ingenious Process
This new scam operates against your browser by corrupting the window.navigator.msSaveOrOpenBlob programming interface, which basically uses it as a form of distraction. The hackers manipulate the browser and forces it to save a random document on a disk repeatedly at super fast intervals that are impossible to notice. After five to 10 seconds, your browser will be completely unresponsive.

The Easy Fix
To recover, Windows users simply have to open Windows Task Manager (press ctrl + shift + esc keys) and stop the process there. On the other hand, macOS users just need to wait until a system message prompts them to close the unresponsive Chrome tab. Typically, the latter is a more appealing option since users would have the freedom to close only the corrupted page. Manually closing the whole browser means possibly losing unsaved files in any open Windows.

When faced with IT-related issues, you need to determine how you can approach them calmly. The threats in the digital world may be terrifying and intimidating, but causing a panic in your workplace isn’t the answer. Call us at 800-421-7151 as soon as any problems arise, and we’ll help you as soon as we can. We can even hook you up with other security measures to beef up your network security.

Top Tips for First-Time Virtualization Users

Unlike most solutions, virtualization technology is not plug and play. It requires you to understand your IT environment and know which aspects could and should be virtualized. This is not something we expect first-time virtualization users to grasp right away, so if you’re planning to implement it, follow these tips.

Conduct an assessment
Evaluating your IT environment is an important step in the implementation process. After all, you can’t just go around virtualizing everything without a plan. An IT assessment performed by an impartial managed services provider (MSP) like us helps you understand what type of virtualization solution you need.

For example, if the report found that computers don’t have enough processing power to run certain apps, desktop virtualization — which consolidates operating systems and apps into a single powerful server — is an ideal solution.

From there, you should be able to estimate costs and set realistic timelines for the implementation.

Don’t forget about hardware
Just because virtualization frees up space in your server room, does not mean hardware is no longer an issue. No matter what type of solution you opt for, the servers you use must be strong enough to support the entire company’s computing demands.

This means you must take stock of your apps and their hardware requirements and make sure your server has all the processing power, RAM, network capacity, and storage necessary to run them.

Underutilized servers are excellent candidates for virtualization, but purchasing new equipment may pay dividends in the long run. If you choose the latter option, ask your provider for recommendations. Chances are they’re partnered with virtualization-optimized hardware vendors that offer top-of-the-line servers.

Prevent VM sprawl
Virtualization allows you to deliver computing resources to workstations in your network via virtual machines (VMs), which can be created on a server in just a few minutes. While this lets you scale and provision resources quickly, there are risks if you don’t have someone regularly reviewing which VMs are worthwhile and which are outdated. You could be losing out on cost savings and efficiency benefits.

When too many VMs are created, they can quickly consume all server resources and complicate licensing and asset management.

To prevent sprawl, you must establish policies and restrictions for VM creation. For instance, users must have a good justification for creating a VM (e.g., testing software or provisioning apps for new users).

Prioritize business continuity
You must also protect the hardware running your virtual servers. Make sure to lock up server rooms and have secondary servers available in case the first one breaks down. While you’re at it, take advantage of automated backup solutions that make copies of your VMs and their files regularly.

Work with experts
Building and maintaining a virtual infrastructure is no simple task. That’s why you’ll want to work with a virtualization specialist who can guarantee a seamless implementation and provide ongoing management services.

For more tips on virtualization, call our experts today!

Cryptojacking: How to Protect Yourself

Over time, your computer will work slower as software requirements become more demanding. But if you have a relatively new computer, and are experiencing performance problems after clicking a link or visiting a website, you might be the victim of a new cyberattack scheme known as cryptojacking.

Hijacked hardware
Cryptojacking secretly uses your computer to calculate complex mathematical problems to generate cryptocurrency. They get inside by using phishing emails to lure victims into clicking on a link, which then runs malicious cryptomining programs on the computer. Any cryptocurrency produced then gets delivered to the hacker’s private server.

But hackers have developed an even more insidious tactic. By infecting websites with ads and plugins that run cryptojacking code, any visitor who loads the web page instantly gets infected with the malware, sending their computer’s processor into overdrive trying to generate cryptocurrency.

Unlike most malware, cryptojacking software won’t compromise your data. But it will hijack your hardware’s processing power, decreasing performance while increasing your power and cooling bills. So instead of paying for the computing power themselves, hackers can simply use thousands of compromised computers.

Surge in cryptojacking
It’s difficult to tell how much hackers are making with cryptojacking, but there’s a good chance that this type of attack will be as popular as ransomware was in 2017. In fact, for as little as $30, anyone can purchase a cryptojacking kit from the dark web to force other computers to generate Bitcoin or Monero for them.

According to several reports, even sites like The Pirate Bay, Openload, and OnlineVideoConverter are allegedly using cryptojacking exploits to diversify their revenue streams.

The biggest reason why this is becoming so popular is because it’s a low-risk, high-reward scheme. Instead of extorting money directly from the victim, hackers can secretly generate digital currencies without the victim knowing.

If it is detected, it’s also very hard to track down who initiated the attack. And since nothing was actually “stolen” (other than a portion of computing power), victims have little incentive to apprehend the culprit.

Prevention and response
To avoid cryptojacking, you need to incorporate it into your monthly security training sessions. Teach your employees to practice extra caution with unsolicited emails and suspicious links. Using ad-blocker or anti-cryptomining extensions on web browsers is also a great way to stay protected.

Beyond prevention, use network monitoring solutions to detect any unusual behavior with your computers. For example, if you notice a significant number of PCs running slower than usual, you should assume that cryptojacking is taking place.

If you’ve confirmed that it is, advise your staff to close browser tabs and update browser extensions as soon as possible.

Cryptojacking may seem less threatening than some malware we’ve discussed in the past, but it can incur real power, cooling, and performance costs to your business when several systems are compromised. To make sure you don’t end up enriching any hackers, call us today at 800-421-7151. We offer hardware solutions and cybersecurity tips to keep your business safe and sound.

5 Ways Your Employees Will Invite Hackers Into Your Network

Whether they’re criminals or heroes, hackers in the movies are always portrayed as a glamorous group. When it comes down to the wire, these are the individuals who crack into the ominous megacorporation or hostile foreign government database, hitting the right key just in the nick of time. They either save the day or bring down regimes, empty the digital vault of the Federal Reserve or disable all the power plants in the country. It’s always a genius up against an impenetrable fortress of digital security, but no matter what, they always come out on top.

In real life, it’s rarely that difficult. Sure, if you look at the news, you might believe hackers are close to their Hollywood counterparts, stealing data from the NSA and nabbing millions of customer records from Equifax. But the majority of hacks aren’t against the big dogs; they’re against small to mid-sized businesses. And usually,this doesn’t involve actually hacking into anything. A lot of the time – approximately 60% according to the Harvard Business Review – an unwitting employee accidentally leaves the digital front door open.

The biggest threats to your company aren’t teams of roaming hackers; they’re your employees. Here’s why.

1 They’ll slip up because they don’t know any better.

With the proliferation of technology has come an exponential rise in digital threats of such variety and complexity that it’d be impossible for the average person to keep track of it all. Each of your employees’ lives are a labyrinth of passwords, interconnected online accounts and precious data. If their vigilance slacks at any point, it not only leaves them vulnerable, but it leaves your company vulnerable as well. For this reason, most cyber-attacks come down to a lack of cyber security education.

2 They’ll let you get hacked on purpose.

It’s a sad fact that a huge portion of digital attacks are the result of company insiders exposing data to malicious groups. Whether it’s info vital for your competitive advantage, passwords they can sell to hacker networks to make a quick buck or sensitive data they can make public simply to spite your organization, it’s difficult to protect against a double agent.

3 They’ll trust the wrong person.

For many hacks, little code is needed whatsoever. Instead, hackers are notorious for posing as a trusted member of your own team. And if you believe that you’d be able to spot an impostor from a mile away, you may want to think again. Not only is it easier than ever to crack individual users’ e-mail passwords and login credentials, personal info is now littered throughout social media. A simple visit to Facebook can give a hacker all they need to know to “social hack” their way into the heart of your business.

4 They’ll miss red flags while surfing the web.

Clickbait is more than a nuisance plaguing your social media feeds. It can be a powerful tool for hackers trolling for easy prey. If an employee doesn’t understand what exactly makes a site or link look dubious, they may open themselves – and your company – to browser exploits or other types of attacks.

5 They’re terrible at passwords.

According to Entreprenuer.com, “3 out of 4 consumers use duplicate passwords, many of which have not been changed in five years or more.” Even more of those passwords are simply weak, inviting easy access for unsavory elements. Many people brush off the importance of strong passwords, but the risks posed by the password “123456” or “password” cannot be overstated.

When it comes to defending your precious assets against digital threats, it can seem impossible to protect yourself at every turn. But there is one way you can make a concrete change that will tighten up your
security more than you realize: educating your people. Through a comprehensive security training program, including specific examples of methods hackers use – particularly phishing – you can drastically
minimize the risk of an employee accidentally opening up a malicious e-mail or posting sensitive info. When you make a concerted effort to make the entire organization vigilant against cyber-attacks, you’re much less likely to be targeted. Email us at info@wamsinc.com to learn more!

How to Enjoy Your New Laptop

Did you just get the newest laptop? New tech toys are always very exciting, but before you start showing off your new purchase, there are five steps you should take to make your laptop experience even more enjoyable and long-lasting.

1. Update your laptop’s operating system
One of the first things you should do before using your laptop is upgrade its operating system. Assuming you did not purchase the laptop right when it was released, your laptop will still be running an older operating system. With important patches and fixes released in each new update, it is recommended that you install the latest one to ensure your laptop is free of any vulnerabilities.

2. Remove bloatware
Opening your laptop for the first time, you might notice that there are already several preloaded software in the system — some of which you will probably never use. These are known as bloatware.

These apps take up a lot of your valuable drive space, so consider getting rid of them. The easiest way to do this is by downloading a bulk uninstaller, which allows you to check all the bloatware apps you don’t want and remove them in one fell swoop.

3. Install protection software
It’s no secret that the world we live in is unsafe. And with so much confidential information nowadays becoming digitalized, it is necessary to protect yourself against losing important data from your computer. The solution to this is very simple. By installing antivirus software that can automatically — or manually — scan your computer at a scheduled time, potential attacks can be thwarted before they become more serious.

Not only is your laptop’s data vulnerable to cyberattacks, there is always a chance your laptop can get lost or stolen. While there are preventive steps you can take — such as being mindful while using your laptop in public places — another solution would be to install anti-theft software. Security features such as “Find My Device” for Windows 10 and “Prey” for other operating systems can help you locate your device if it’s ever stolen or misplaced.

4. Optimize your power settings
One of the most frequent problems that laptop users have is that their batteries run out of juice too fast. However, you can actually extend the battery life by making a few tweaks to your power settings.

Reduce your display brightness, but not so much that it causes eye and mental fatigue
Use the Sleep or Hibernate mode for your operating system

5. Set up a backup plan
Imagine spending months working on an important project and suddenly finding it nonexistent the next day just because your laptop crashed. Deadlines will be missed. Profit margins will decrease. Customers will leave unhappy. And if worse comes to worst, you’ll be out of business.

Why add more unnecessary stress if you can prevent it from happening in the first place? By setting up an automatic backup system, you can regularly save all your important files; that way, you’d still have access to the data anytime were anything to happen to the original file.

Getting a new laptop can be fun, but the joy might be short-lived if you don’t set up any preventive measures from the start. Call us at 800-421-7151 for information on how we can help you secure your company’s laptop today.

Distributed Spam Hides Illegal Activities

Cybercriminals are fairly experienced at avoiding detection. By the time you notice they’ve infected your computer with malware or hijacked your account, serious damage has most likely already been done. To make matters worse, they have another way to hide their illegal activities, and it involves sending thousands of spam emails.

Understanding DSD
Distributed Spam Distraction (DSD) is designed to inundate your inbox with thousands of nonsense emails. There are no dangerous links, ads, or attachments involved, just random excerpts of text stolen from books and websites. What’s more, the email and IP addresses used are all different so victims can’t simply block a specific sender.

These attacks last anywhere from 12 to 24 hours and can flood inboxes with as many as 60,000 messages. While they may seem like harmless annoyances, the true purpose of DSD is to draw victims’ attention away from what hackers are doing behind the scenes.

And what they’re doing is exploiting your personally identifiable information (PII) to make unauthorized purchases or pilfer cash directly from your accounts. The DSD acts as a sort of smokescreen to hide payment confirmation messages behind a deluge of spam messages.

New tactics
Over the years, hackers have developed new tactics involving DSD. Several reports have shown that, instead of nonsensical emails, hackers are using automated software to have their targets sign up for thousands of free accounts and newsletters to distract them with authentic messages. This allows DSD blasts to slip past spam filters that have been designed to weed out malicious code and gibberish text used by traditional DSD attacks.

What’s even more worrying is that any ill-intentioned individual can go to the dark web and pay for DSD services. They just have to provide a hacker with their target’s name, email address, and credit card numbers — all of which can also be purchased in the dark web — and pay as little as $40 to send 20,000 spam messages.

How to stop it
DSD is a clear sign that one of your accounts has been hijacked, so whenever you receive dozens of emails in quick succession, contact your financial institutions to cancel any unfamiliar transactions and change your login credentials as soon as possible. It’s also important to update your anti-spam software (or get one if you don’t have one already) to protect your inbox from future DSD attacks.

Hackers only initiate DSD attacks after they’ve obtained their target’s email address and personal information, so make sure your accounts and identity are well protected. This means you should regularly change your passwords and pins, enable multi-factor authentication, set up text alerts for whenever online purchases are made in your name, and be careful about sharing personal information.

For more tips on how to deal with DSDs or other cyberattacks, call us today at 800-421-7151. We offer powerful tools and expert advice that will ensure your business’s safety.

WARNING: Your Business Is More Likely To Be The Victim Of Cybercrime NOW Than Ever Before…Take These Steps Today So You Don’t Get Hacked!

Though we’re in the midst of an unprecedented rise in high-profile cybercrime incidents, it’s easy to assume that our own much smaller businesses are safe. Sure, we think, hacking into the data stores of J.P. Morgan, the U.S. Government, or Virgin America can net hackers millions and millions of dollars.  Why would they bother with a small business?
But unfortunately for all of us, hackers actually do bother with small businesses across the country — these attacks just don’t make the news. By some estimates, including one reported in Media Planet, more than half of small businesses have had their data compromised. According to StaySafeOnline.org, these attacks, targeting small to midsize companies, now comprise over 70% of all data breaches. What’s worse, this digital onslaught shows no sign of slowing. In fact, ransomware attacks alone have increased 250% since 2016, accompanied by higher rates of malware, phishing, and other forms of cybercrime.
Once you see these numbers, it’s easy to understand why hackers seek the little guy. These days, massive corporations like Google or Citigroup employ incredibly sophisticated digital measures. Their digital vaults, though containing ludicrously attractive sums of potential money to grab, are located at the end of a virtual labyrinth covered in traps, with a final, inches-thick steel door protecting their assets for good measure. In contrast, the digital assets of small businesses are often hidden behind nothing more than a single, often weak,
password. With thousands of business owners going about their day-to-day, utterly oblivious to their paper-thin security, the question turns from “Why would hackers bother with my small business?” to “Why wouldn’t they?”
Though cybercriminals may come away with less than they might have had they targeted a Fortune 500 company, it certainly isn’t going to seem cheap to you. According to one TechRepublic analysis, an average
cyber-attack on a small business can cost as much as $256,000. Is that a sudden cost your company can weather?
Luckily, there is hope. Though small business owners often assume that effective cyber security solutions lie far outside their budget range, robust digital security is now more affordable than ever. By investing in comprehensive protection, small businesses can deflect even the most persistent hackers.
Today, a cyber-attack on your business is almost statistically inevitable. And when that attack comes, you’ll definitely want to be prepared. If you haven’t needed a doctor for the past two years, does that mean you’re
going to abandon your health insurance coverage? Of course not. What about car insurance? Does it become unnecessary in the absence of a crash? No, because even if you’re the best driver in the world, sometimes a collision is out of your control. What’s more, both your body and your car require regular upkeep and maintenance to remain in peak condition. It’s no different with your network security. As technology hurtles forward at an ever-increasing speed, the ways that hackers can infiltrate your network multiply. The best digital security platforms constantly update, enabling them to anticipate these shifts and prevent them from becoming liabilities. This way, you can be proactive prior to a digital crisis, ensuring that no matter what comes, your network is protected.
Even as digital crime climbs at a staggering rate, and hundreds of small businesses are forced to close their doors for good, thousands of owners fail to notice, assuming they’ll somehow be spared from an attack. Don’t be one of them. Invest in regularly maintained, powerful cyber security, and ensure the future of your company. Call us at 800-421-7151 to take the first step.

The “Not Me!” Problem…And Why This Is Almost Guaranteed TO Happen To You

Security this, password that – now they want a password with 14 characters with two symbols? And I have to change it every three months? As difficult as it is to remember 24 different passwords, four PIN numbers and a slew of new cyber security processes, we still manage to instantly recall most of the tangible things in our lives. The code for the company door and alarm system, the passcode to our phones, the garage code, the other garage code – you get the idea.

But these numbers are based upon a time when the most “real” threat seemed to be someone busting in our door and threatening our families in the middle of the night. In 2018, those kinds of physical threats are far less

statistically prevalent than cybercrime. In fact, data breaches and identity theft are occurring at three times the rate that home burglaries occur in the U.S. according to a 2016 study by the University of Kentucky.

Don’t succumb to the “Not me!” approach to the shift in crime. Understand that it can happen to you, and approach all aspects of physical and electronic security with the attention they deserve. Have any questions about your security? Call our experts at 800-421-7151 today!

Fortify Your Data, Physically

Truly optimized security settings and software are beyond the capacity of most business owners. You just don’t have time to tinker with your office IT. Instead, try these quick and easy tips before calling us.

Cover Up Your Webcam

There must be some credibility to doing this if Facebook founder, Mark Zuckerberg, former FBI director, James Comey, and NSA whistleblower Edward Snowden all believe their webcams could be compromised. This is not just another paranoid celebrity reaction to ruthless paparazzi, there’s a genuine reason behind it. Kindly take a moment to consider the following scenario: hackers using your webcam to spy on you.

Though it might sound unrealistic, this actually happened on several occasions. Sometimes for purely voyeuristic reasons and sometimes what appeared to be espionage. This is a very real threat with disturbing repercussions. Hackers aim to gain personal information based on your surroundings, deduce your location, as well as spy on the people you’re with, ultimately using this information to hold you ransom, threatening to broadcast your most intimate and vulnerable moments if you don’t pay up.

Fortunately, guarding yourself against such danger is really easy and some painter’s tape over your webcam should do the trick. If you’re not confident about regular tape, you can purchase a cheap webcam cover online or at any hardware store.

Purchase a Privacy Shield

Think of privacy guards as those iPhone scratch protectors, but with an anti-snooping feature. These are thin covers you put on your computer, laptop or smartphone screen to limit viewing angles. Once installed, anyone trying to look at your screen from anywhere – except straight-on – sees nothing. Privacy filters are commonly used to protect work devices, particularly which display or contain critical files with sensitive data or confidential information. However, less sensitive, personal devices are still vulnerable to ‘shoulder surfing’ – the act of peeking at someone else’s screen, with or without ill intent, which is why we recommend using these protectors on all your devices.

Use a Physical Authentication Key

Requiring more than one set of credentials to access sensitive resources is common sense, and has become standard practice for established online services. With something called two-factor authentication in place, you gain access to your account only after you’ve entered the authentication code, which the website sends to your smartphone once you’ve entered your account credentials. Until recently, two-factor authentication relied mostly on text messages that were sent to mobile phones. But professionals have now realised that phones can be hijackedto redirect text messages.

Moreover, authentication codes can be stolen, or users can be tricked into entering these codes via a convincing phishing website. If you’re looking for authentication services that cannot be hijacked, stolen or lost, your best bet is a USB or Bluetooth key you can carry on your keychain. This means nobody — not even you — will be able to access your account without the physical key. Ultimate security at your fingertips.

If you need help setting up two-factor authentication, or any IT security services, contact our experts at 800-421-7151 and experience true peace of mind as we fortify your data to no end.

The Risks of Auto-Complete Passwords

If you’re disturbed by advertisements and “helpful” suggestions that are based on your internet browsing habits, recent research has found yet another source of online tracking. It’s a sneaky tactic that also comes with serious security concerns. Let’s take a look at what you can do to stop it from targeting you.

Why auto-fill passwords are so dangerous

In 2015, the average internet user had 90 online accounts, a number that has undoubtedly grown since then. This has forced users to create dozens of passwords, sometimes because they want to practice healthy security habits and other times because the platforms they’re using have different password requirements.

Web browsers and password manager applications addressed this account overload by allowing usernames and passwords to be automatically entered into a web form, eliminating the need for users to hunt down the right credentials before logging in.

The process of tricking a browser or password manager into giving up this saved information is incredibly simple. All it takes is an invisible form placed on a compromised webpage to collect users’ login information without them knowing.

Using auto-fill to track users

Stealing passwords with this strategy has been a tug-of-war between hackers and security professionals for over a decade. However, it has recently come to light that digital marketers are also using this tactic to track users.

Two groups, AdThink and OnAudience, have been placing these invisible login forms on websites as a way to track which sites users visit. These marketers made no attempts to steal passwords, but security professionals said it wouldn’t have been hard to accomplish. AdThink and OnAudience simply tracked people based on the usernames in hidden auto-fill forms and sold that information to advertisers.

One simple security tip for today

Turn off auto-fill in your web browser. It’s quick, easy, and will go to great lengths to improve your account security.

  • If you use Chrome – Open the Settings window, click Advanced, and select the appropriate settings under Manage Passwords
  • If you use Firefox – Open the Options window, click Privacy, and under the History heading select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”
  • If you use Safari – Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.

This is just one small thing you can do to keep your accounts and the information they contain safe. For managed, 24×7 cybersecurity assistance that goes far beyond protecting your privacy, call us today at 800-421-7151.

2018: The Year of Social Media

Big-name social media platforms such as Instagram, Facebook and Snapchat are more interactive and responsive than ever. However, these platforms now have a plan to move another step forward in 2018. Here are the top 5 trends you should watch out for this year.

  1. The boom of Augmented Reality
    The launch of the new iPhones – both 8 and X – last September brought with it an under-the-radar change to the devices. The incorporation of a new chip provides iPhone users with extraordinary augmented reality (AR) experiences. While most conversations about AR focus on the mobile gaming experience, social media platforms will likely find a way to integrate the new technology as well.
  2. Influencer marketing
    Influencer marketing has proven to be the best way forward for companies to connect with younger audiences. Titanic companies such as The North Face, HubSpot and Rolex are great examples of companies which have profited heavily from social media-based influencer marketing. By contrast, companies that opted for traditional strategies struggled to connect to social media users, indicating that influencer marketing is here to stay and blossom in 2018.
  3. All eyes on Gen Z
    The oldest Gen Z-er is 22 years old and is only just heading into the labor market, meaning they’re going to start spending more money for sometime to come. Brands recognize this, and are aiming to shift their social media strategies to appease the newest customers on the market. Investment in platforms like Snapchat and Instagram is expected to grow exponentially this year.
  4. The growing importance of messaging platforms
    A recent study pointed out that over 2.5 billion people use messaging platforms like WhatsApp, Facebook Messenger and Kik to connect with companies. Rather than simply publishing marketing content to profiles and feeds, companies should focus on making it easier for customers to start one-on-one conversations. Therefore, it is more than likely that artificial intelligence, voice assistants and chatbots will all be integrated into messaging platforms for a more personalized user experience.
  5. Digital hangouts go mainstream
    In 2017, video content – including live broadcasts and chats platforms – was more prominent than ever, and live videos were definitely a successful part of it. This means digitally hanging out with friends and colleagues will become a social norm, as evidenced by the video hangout platform known as Houseparty, which boasts of over one million daily users.

With Gen Z-ers becoming a larger part of the buying marketing, companies will utilize social media platforms to their fullest by incorporating a wide variety of targeted methods to capture their attention. These methods involve technologies that were unimaginable only a few years ago, such as virtual reality and augmented reality. Moreover, investments in optimizing messaging platforms and influencer marketing also signals the start of a newer, more interconnected era between businesses and customers.

Small Business IT Hardware Checklist

It’s frustrating to return to the office after a long holiday only to be greeted by a disorganized workstation. If having clean, hassle-free technology is one of your company’s New Year’s resolutions, this technology hardware checklist can help.

✓ Clean up your computer components
Wipe your monitor with a clean, static-free fabric; remove excess dirt from your mouse’s exterior; and tidy up your keyboard with compressed air. Don’t forget your computer tower! Dust build-up can block your computer’s air vent and affect its performance. Ensure that your workstation is getting adequate ventilation and isn’t directly exposed to sunlight and other heat sources.

✓ Manage your cables
If you’re not giving your computers’ cables the attention they deserve, now’s a good time to do so. Other than wiping the thick coat of dust on computers’ cables, consider using cable management solutions that declutter and untangle messy wires. These don’t just organize and secure your cables, they also help ensure your PCs run quieter and are less prone to overheating as a result of blocked air vents.

Planning to relocate or upgrade in the near future? Organizing your computers’ cables now makes future relocation and upgrading processes much easier.

✓ Review and update your inventory
Keeping an inventory of all your hardware helps you manage hardware lifecycles and purchases, identify items that are near their end of life, and ensure you avoid duplicate purchases of items already in-stock.

Your inventory list should include all owned and leased devices: PCs and laptops, printers and scanners, tablets and smartphones, and modems and other network hardware. Update all your assets’ serial numbers and keep track of their respective users and location.

✓ Printer maintenance
Clean the interiors and exteriors of your printers, including paper trays, which are sure to have accumulated dirt from years of use. You should also repair and/or replace parts and accessories such as printheads and cartridges that are no longer in good condition. Should you decide to do a complete printer maintenance, check for the latest software updates for your printers and install them immediately.

✓ Implement a hardware policy
This is also a good time to create a technology guideline that your employees can follow to ensure they work efficiently. These guidelines reduce the need to spend on unnecessary repairs, keeping the succeeding year’s checklist shorter. With clear instructions on the proper use, replacement, and storage of your hardware and devices, you’ll be better able to manage your hardware for years to come.

With a more organized IT hardware inventory, you have one less thing to worry about. Want to get more in-depth hardware management recommendations? Call our experts today at 800-421-7151.

What are Virtual Containers?

Virtual containers have recently gained prominence with the open-source container platform, Docker. It promises to change the way IT operations are carried out, just like virtualization technology did a few years ago. Read on to know more about this revolutionary breakthrough and how it can help your business.

What are containers and why are they so popular?

Virtual containers are similar to shipping containers, which have made the transport of bulky goods much easier.

Prior to the introduction of containers, virtual workstations and servers granted users access to software and computing power across a local network or the internet. This is what has become known as “cloud computing,” as it created entire desktop experiences over the internet.

However, there was room for improvement, as virtual machines are known to take up a lot of system resources.This is because they run a virtual copy of an operating system alongside a virtual copy of all the hardware that the operating system needs to run. Such heavy load on one machine quickly takes up a lot of RAM and CPU cycles, slowing processes down.

Containers improve on the inefficiencies of cloud computing by promising developers that their software will run smoothly, regardless of the type of computer their end users are running.

How do they improve on virtual desktops?

Virtual desktops deliver thousands of applications to meet the needs of your business. These applications also use different languages, databases, and tools. To deploy, configure, manage and deliver these complex machines takes a lot of time and money.

Containers are essentially a better way to package these applications and their components. This technology helps organizations become more consistent and agile by extracting the host’s underlying operating system, meaning applications can be packaged with all their dependencies. This in turn, allows developers to choose the right environments and tools that best suit their projects.

As of now, only a few types of software create and deliver containers, with the most popular being Docker. Container technology had been around for a while before the introduction of Docker, but it was complex to implement and manage. With the popularity of virtualization services, software vendors gained resources to develop and offer simple, user-friendly container solutions.

Although containers have improved enterprise computing as a whole, virtual machines have not been made obsolete, and can still be used under certain circumstances. Regardless, both solutions — containers and virtual machines — can repurpose old hardware to utilize software hosted in the cloud. All you need to get started is an internet connection and an experienced IT professional by your side.

Want to maximize your business potential through virtualization and containers but don’t have an IT professional to consult? Call us today.

It’s Not Too Late to Cash In on 2017’s IT Trends

“Fad” is a dirty word for many small-business owners. Whether it’s what they’re selling or what they’re investing in, business owners need long-term and reliable investments to secure their future. With 2017 in the rearview mirror, we finally know what was a fad and what was a smart investment. See for yourself!

Small Businesses Love the Cloud

According to research from IDC, more than 70% of businesses with 10-99 employees took advantage of cloud technology in 2017, and that number is expected to rise this year. This is largely due to IT providers demonstrating that the cloud is just as, if not more, secure than on-premises solutions. The list of possibilities for what can be hosted in the cloud on a small-business budget is getting longer every day — if you’re not devoting resources to this technology, it’s time to jump onboard.

Mobile Payments Earn Users’ Trust

Like the cloud, making credit card purchases using a mobile device suffered from a trust deficit in its early stages. For good reasons, consumers have been conditioned to treat IT security with caution, and storing financial information on a smartphone that could wirelessly transmit that information to cashiers sounded dangerous.

However, after two years of availability without any major incidents, the number of users who have used smartphone-based wallets like Apple Pay has doubled. Accepting these payments is relatively simple for small businesses and opens up new business opportunities.

Cybersecurity Becomes More Affordable

Ransomware had yet another year of explosive growth, and small firms and medium sized and businesses were a primary target. Thankfully, managed IT services providers met the increased demand for cybersecurity services with intelligent data backup and network protection solutions tailored for SMB budgets. There will be even more ransomware attacks in 2018, which means you should be investing in more cybersecurity services than you did last year.

The Internet of Things Gains Popularity

Just a couple years ago, Internet of Things (IoT) devices were novelty gadgets for people with money to burn. Everything was being connected to WiFi networks: egg trays, pet-activated video chats, belts, you name it. But due to more useful applications in 2017, nearly a third of US businesses are now taking advantage of IoT gadgets. Connected thermostats, door locks, and AI assistants make it easy to save money, increase security, and boost productivity.

“Artificial Intelligence” is Widely Adopted

Although we’re still far from building computers that can truly think for themselves, 2017 was the year that computers got much better at creatively organizing and interpreting data for us. From digital assistants that answer your phones to customer relationship management platforms that intelligently uncover sales opportunities, IT solutions for business are getting significantly cheaper and smarter. Experts predict that more than 30% of businesses will use AI by next year and we recommend you join their ranks.

Technology investments are no different from any other investment. There will always be risks and you should always consult with an industry expert first. When you’re ready to get more value out of your IT, give us a call at 800-421-7151 and we’ll get started on your 2018 plan!

Do You Really Want The Cheapest Working On Your Company’s Network?

These days, firms and small businesses are more dependent on IT systems than at any other time in history. Because of this, even the slightest technological hiccups in our cyberspace-centered workflow can have expensive, lasting consequences. Perhaps the most dramatic illustration of this occurred back in 2013, when Amazon went dark for half an hour. Sure, it was a paltry 30 minutes, no big deal, until you consider the megagiant was theoretically hemorrhaging $66,240 every 60 seconds, based on their quarterly revenue.

Of course, your company probably isn’t a staple of international commerce like Jeff Bezos’s beloved brainchild. Because of this, many small business owners think that a downed server or small security breach here and there won’t matter too much for their bottom line. For these unlucky few, IT takes a back seat to more “pressing” issues, and they go the cheap route with their provider. This cost-cutting solution seems like the idea of the year, and will undoubtedly work great for the business – until it doesn’t.

Maybe your long-time technicians fail to notice a piece of outdated equipment, and your server gives up the ghost during peak business hours. Virtually all work grinds to a halt, and your employees are forced to wile away the two hours shooting three-pointers into the trash bins. Add up the two hours of wasted wages for your entire team, the financial cost of missed business, and the much more intangible loss of customer goodwill as they struggle with diminished service on a workday, and you’ll come up with a sum that disabuses any business owner of their illusions about “cheap” IT.

And that’s not even close to the worst-case scenario. Imagine, for a minute, that your technicians assure you, despite the lack of regular monitoring and maintenance, your network is secure. These words of comfort sound nice until the day a team of expert hackers actually attempt to access your systems, and find outdated, ramshackle security solutions in place — basically, a front door left wide open. At that moment, your business becomes a criminal’s playground. They’re free to access financial information and personal data of your customers and employees, hijack your business to send out floods of malicious software and spam, hold nearly every aspect of the company ransom for thousands of dollars, and cause chaos to their heart’s content.

The fact is, fixing problems is a lot more expensive than preventing them. When you cut corners and utilize subpar IT professionals (if any at all), you’re paying for an array of shoddy, Band-Aid solutions that will be applied piecemeal, and usually too late, like a finger plugging a hole in a dam. But when you make a substantial investment in your IT support, you’re investing in the most basic aspects of the future of your company.

Robust network security, dependable computers and servers, consistent Internet access, and other fundamental components of your company network are far from luxury items. These days, technology forms the scaffolding upon which businesses run. If any piece of the operation fails, the whole system suffers, usually accompanied by a fat financial penalty.

There is an ever-growing, endless list of potential technological pitfalls that can have permanent consequences for your business: teams of hackers zeroing in on vulnerable small businesses, rogue employees with a grudge, lost laptops, aging and unreliable hardware, fire, natural disasters, and IT “professionals” that have no idea what they’re doing, to name just a few. As technology progresses, and companies depend increasingly on it to stay competitive, it simply doesn’t make sense to relegate IT to the neglected corners of your budget.

When it comes to business, there’s a lot to worry about these days. A total collapse of your company’s technological infrastructure doesn’t need to be one of them. Invest in a robust, managed IT package from tried-and tested professionals, and leave the worrying to the experts. You can rest assured that our IT team of experts truly has you covered. Call us today at 800-421-7151.

New add-ons for Gmail!

Google is giving people an early Christmas present this year with the launch of several third-party add-ons for Gmail. This might not be the most exciting news from the technology giant, but as with the majority of its new feature launches, you can expect them to make life much easier.

Google’s focus is on productivity services that are already connected to email systems one way or another. This is why they have partnered with Asana, Dialpad, DocuSign (coming soon), Hire (by Google), Intuit QuickBooks, ProsperWorks, RingCentral, Smartsheet, Streak, Trello, and Wrike for their first set of native extensions.

What are some features can you expect?

While each add-on’s capabilities are slightly different, what they have in common is functionality that allows you to track various tasks right from the Gmail interface.

For instance, Gmail users will be able to view tasks and track their progress right from their inboxes when they receive emails from other Asana users. The Trello add-on allows you to turn emails into actionable tasks where you’ll be able to comment and move cards without having to switch to Trello itself. And the RingCentral add-on will let you make outbound calls and view and send SMS messages right from your inbox.

What’s more, these integrations work in the mobile Gmail app on Android, too. Google is currently working with Apple to bring these add-ons to iOS and they should be available soon.

How to install these add-ons

Just head over to G Suite Marketplace and download any extension you want. Then, those add-ons will be visible on the right sidepane of your Gmail interface. Unfortunately, they aren’t available in Inbox by Gmail (Google’s other email client) just yet.

However, Google has made it easy for developers to create customized add-ons for their company with guidelines you can find here.

With the introduction of Gmail add-ons, it’s exciting to see what other integrations are in store for businesses in 2018. But until then, if you have any questions about how you can use the web and cloud technology to your business’s advantage, just give us a call at 800-421-7151.

Understanding Virtualization Strategies

If the phrase “virtualization technology” either stresses you out or puts you to sleep, this article is for you. We’re going to explain once and for all how this emerging trend works and how small businesses can take advantage of it.

What is the core concept of virtualization?

By virtualizing any of the items below, you can trick software into recognizing hardware when none actually exists. The easiest way to explain this is with examples from the most common type of this technology: hardware virtualization.

  • If you had one high-powered computer processor, virtualization would allow you to split it up and run four separate operating systems (Windows, Apple OS, etc.), each seemingly running on a standalone, low-powered processor.
  • Conversely, virtualization could also be used to connect four high-powered processors to create what your operating system would recognize as one ultra-fast piece of hardware.

This technology can be applied in a number of ways to create opportunities for more efficient resource utilization and cost savings.

Desktop virtualization

Sometimes referred to as cloud desktops, this form of virtualization grants you access to a fully functioning computer that you access via a local network or the internet. Somewhere, a server has allocated a portion of its hardware resources for your virtual desktop. With a keyboard, monitor, mouse, and extremely low-end computer, you can connect to this virtual desktop and utilize all the processing power and storage the server has set aside for it.

Application virtualization

By installing a program on a server hard drive, your employee workstations can use their computing resources to run the program, but restrict data from being stored on their hard drives. The program and the documents it creates will never leave the server hard drive, making it much harder for hackers to compromise them.

With more advanced virtualization solutions, your server can also allocate the computing resources necessary to run the program, meaning your workstations are merely a window to your server.

Storage virtualization

Similar to hardware virtualization, this strategy makes it easy to organize how your data is stored. In addition to combining hard drives across several computers into a massive virtual drive, storage virtualization also stores data based on how important it is. Frequently used documents are saved to your fastest drives and can be automatically backed up to the cloud.

Network virtualization

If your office has more than 10 workstations, it makes sense to consider network virtualization, which allows you to separate vulnerable devices. For example, if you had one server that handles a lot of web traffic and another that stored sensitive documents, you might want to connect them to different networks to avoid a cross contamination. Network virtualization would allow you to do that without buying any new hardware!

Even with our simplified explanations, virtualization is still a complicated subject. Rather than try to figure it out in a few hundred words, give us a call at 800-421-7151 and we’ll show you in person!

Do More with Microsoft Office!

Have you been putting off learning about all the features in Microsoft Word, Excel, or PowerPoint? We don’t blame you. But mastering them can be extremely beneficial. That said, here are some free training videos that will help you get more out of Microsoft Office.

Office Basics is a series of free Office training videos from Microsoft which cover different features and functionality.

Intro to Office Basics

This training video will help you use templates to create professional documents, learn the ins and outs of SmartArt and Charts to express complex data and ideas, and collaborate in shared documents whether you’re working online, offline, or simultaneously with others.

What is Office 365?

Discover the features and upgrades within Office 365 that aren’t available anywhere else, and learn how cloud versions of applications like Word, Excel, and Outlook differ from their desktop counterparts.

Word Training

These training videos will show you how to create and edit documents as well as create and format tables in just a few clicks. They also cover document makeovers, how to organize documents, creating mailing lists, and how to translate text instantly.

Excel Training

Creating, organizing, and analyzing data from charts and tables can be quite complicated, which is why these training videos are perfect for anyone looking to design workbooks, add text and data, format and analyze charts, and create pivot tables and formulas. Other tips include how to slice data and locate them using VLOOKUP.

PowerPoint Training

There’s more to PowerPoint than adding text to slides. These training videos will show you how to create presentations, add and format text, design presentations, add audio, video, and animations, and format images. You’ll also learn about nifty features such as how to match slide colors using the Eyedropper and how to export slides to videos.

Outlook Training

Organize your Outlook inbox with ease and learn how to add and format text and images, manage contacts, calendars, meetings, and to-do lists, as well as other tips such as how to spice up your email signature, keep your inbox clean, and hold meetings using Skype and OneNote.

Microsoft’s new training videos might not be jaw-dropping, but they will surely help users do more with Office. If you’d like to learn more about the benefits of Microsoft Office for small businesses, just give us a call at 800-421-7151 and we’ll be happy to help!

What you need to know about VPNs for Personal Use

With stories of large-scale data breaches and internet service providers tracking internet habits, online privacy is becoming a rare commodity. Incognito mode and private browsing features may be able to cover up your browsing history, but they don’t completely protect your online activities. You need a Virtual Private Network (VPN).

What is VPN?

Simply put, a VPN is a group of servers you connect to via the internet. Once you’ve established a connection, your computer acts as if it’s on the same local connection as the VPN, making it seem like you moved to a different location.

When you surf the web through a VPN, all the data transmitted and received is also encrypted, preventing anyone — from hackers to government agencies — from monitoring your online activities.

Why should you have one?

Of course, security and privacy are major reasons why you would want a VPN. For example, if you’re connected to a public WiFi network — like the ones you typically see in local cafes and airports — using a VPN encrypts the information you’re sending or accessing online. This means things like credit card details, login credentials, private conversations, or other sensitive documents can’t be intercepted by a third party.

VPNs are also useful for accessing geo-restricted websites. If you’re traveling abroad and certain US websites are blocked in that region, you can simply connect to a VPN located in the US to access the sites you need.

Which VPN should you choose?

Given the increasing demand for secure online privacy, VPNs are surging in popularity. The following considerations can help you find the right one.

1. Cost
While free VPNs are available, we strongly suggest you avoid them. These keep logs of your internet activity, and in some cases sell them to the highest bidder. Maintaining a VPN service is also expensive, which means the free ones will likely plaster ads on your browser to make a quick buck.

Paid VPNs like SurfEasy and StrongVPN often come with more robust features and configurations that keep you secure. What’s more, they don’t keep a record of the sites you visit and hound you with pop-ups that lead to dangerous websites.

2. Location
The physical location of VPN servers is important if you want to access region-blocked websites. So if you’re planning on accessing your VPN service while traveling, your VPN provider must at least have servers installed or accessible in the locations you will be in.

3. Capacity
Read through a VPN provider’s terms of service to determine how much data you’re allowed to use. If possible, find out how many servers a VPN provider has. If they have plenty of servers online, you can rest assured that they have the capacity to support your internet browsing.

4. Device compatibility
Another important factor to consider is whether the VPN can be used across multiple devices. Nowadays, employees work on laptops, tablets, and smartphones, so you’ll want a VPN that’s compatible with all these.

5. IP leaking
Finally, a great way to evaluate a VPN service is to sign up for their free trial service and visit https://ipleak.net/, which will allow you to check whether your real IP address is actually being leaked. If it manages to track your physical location, you need to opt for a more reliable VPN service.

The VPN services described in this article are for personal and private usage for home computers and personal laptops. These services may or may not integrate or work with corporate VPN’s that your firm or enterprise may currently be using.

VPNs are now a vital component of cybersecurity, and if you need help selecting the right VPN for your business or personal usage, consult with our security experts today by calling 800-421-7151 or emailing info@wamsinc.com. We also offer comprehensive cybersecurity services so no hacker or third party can get their hands on your data.

What’s New with the Chrome Cleanup Tool?

Even if you’re sure that the websites you visit are safe, harmful software can still slip through, especially when you download and install free programs and applications. As the world’s most popular browser, Chrome is especially prone to infection. Fortunately, Google has improved Chrome’s Cleanup tool for Windows by integrating the following security features.

Detect Hijacked Settings

Many users prefer to enhance their browsing experience by installing extensions or plug-ins, some of which could be malicious. When these extensions are installed, they could inject harmful ads into web pages or allow access to third-party servers without the user’s consent.

Google’s new hijacked settings detection function prevents this from happening. Once it detects an attempt by a third party to change your browser’s settings, it will automatically revert to Chrome’s default settings. And in case you suspect any unauthorized change in your browser, you can manually reset settings in Chrome.

Simplify Cleanup

You probably don’t remember downloading many of the files in your Downloads folder, but these are actually software and other attachments that were bundled with the software that you do use.

Chrome Cleanup’s newly simplified feature makes it easier for you to determine harmful files, easing the pain of sorting through and deleting tons of downloaded files. Whenever it detects a malicious software, users will get a pop-up message that offers them an easy way to remove the potential threat, get more details about it, or disregard it in case of false detection.

Maximize Removal of Nonessential Software

Aside from the simplified interface, Google also made some much-needed improvements in Chrome Cleanup’s performance, so it’s now capable of eliminating more junkware.

Tricking users into installing a program without their consent is one of the many characteristics of unwanted software that Google lists under its Unwanted Software Policy. To help fight against this and other browser security risks, the company has partnered with an IT security team to strengthen Chrome’s ability to detect and remove unwelcome add-ons.

It’s important to note that these upgrades don’t affect Chrome’s performance and speed because they work in the background. In addition, these changes are now available in Windows devices but will soon roll out to other platforms. In the meantime, if you want to find out more about browser and application security, contact our security specialists today at 800-421-7151!

Tips and Tricks to Prolong Laptop Battery Life

A laptop would just be a cold piece of aluminum with a flat battery if you don’t have a power socket at hand. It’s hard to get any work done when you’re peppered with pop-ups and warning messages when the battery power gets low. So here are some tips you can use to prolong the life of your precious laptop battery.

Some truths about your laptop battery

Batteries in many devices nowadays are lithium-based — either lithium-ion or lithium-polymer — so users must take note of the following guidelines for their proper maintenance:

  • They can’t be overcharged, even though you leave your battery plugged in for a long period of time. When the battery hits 100%, it’ll stop charging.
  • Leaving your battery completely drained will damage it.
  • Batteries have limited lifespans. So no matter what you do, yours will age from the very first time you charge it. This is because as time passes, the ions will no longer be able to flow efficiently from the anode to the cathode, thereby reducing its capacity.

What else can degrade your battery

Besides its being naturally prone to deterioration, your battery can degrade due to higher-than-normal voltages, which happens when you keep your battery fully charged at all times. Even though a modern laptop battery cannot be overcharged, doing so will add a stress factor that’ll harm your battery.

Both extremely high temperatures (above 70°F) and low temperatures (between 32-41°F) can also reduce battery capacity and damage its components. The same goes for storing a battery for long periods of time, which can lead to the state of extreme discharge. Another factor is physical damage. Remember that batteries are made up of sensitive materials, and physical collision can damage them.

How to prolong your battery life

Now that you know some facts about your laptop battery, it’s time to learn how to delay its demise:

  • Never leave your battery completely drained.
  • Don’t expose your battery to extremely high or low temperatures.
  • If possible, charge your battery at a lower voltage.
  • If you need to use your laptop for a long period of time while plugged into a power source, it’s better to remove the battery. This is because a plugged-in laptop generates more heat which will damage your battery.
  • When you need to store your battery for a few weeks, you should recharge your battery to 40% and remove it from your laptop for storage.

These are just a few tips on extending the life of your hardware. There are many more ways you can maximize your hardware efficiency and extend its longevity. Call our experts today to find out more at 800-421-7151!

Cybercriminals Confess

 The Top 5 Tricks, Sneaky Schemes And Gimmicks They Use To Hack Your Computer Network

The contemporary world is rife with digital thieves. They’re penetrating the complicated data structures of huge credit-monitoring companies like Equifax, scooping up the personal information of millions of people. They’re releasing sensitive customer data to the public from discreet businesses like Ashley Madison. They’re watching webcam feeds of our celebrities without them knowing; they’re locking down the systems of public utilities like the German railway system; they’re even managing to steal thousands of gigabytes of information directly from high-profile government entities like the CIA.

They’re also targeting small businesses exactly like your own and extorting them for thousands and thousands of dollars. When running a company, it’s vital to have a dedicated security team, equipped with the most up-to-the-minute security technology, on your side to protect you from these malicious cyberthreats. But it’s not enough to leave it to somebody else. You also need to be informed. Here are five of the most common ways hackers infiltrate your network:

1 Phishing Scams

You receive an e-mail in your work inbox coming directly from a high-ranking employee with whom you’ve been

working on a project. Inside is a link he needs you to click to access some “vital information,” but when you click it, it rapidly installs a host of malware on the computer, spreads through the network and locks out everyone in the company.

Phishing scams are the oldest trick in a hacker’s book – ever received one of those “Nigerian Prince” scams? – but they’re still wildly successful. Not only that, but they’re becoming increasingly more sophisticated. As Thomas Peters writes for “Newsweek,” “The best messages look like they’re trying to protect the company. One well-meaning system administrator even offered to post a PDF that could deliver malware on an internal server because it was called, ‘How to avoid a phishing attack.’” How’s that for irony?

2 Social Engineering

Social engineering is a type of “hacking” that uses real, well-intentioned people to carry out its schemes, rather than intricate lines of code. This is especially effective for gathering sensitive information that can later be used

in another type of attack – e-mail passwords used for phishing scams, for example. Maybe your IT guy receives a call from the “secretary” of one of your clients, pretending that they’re experiencing problems with your

service due to some firewall, a problem that your IT professional is more than happy to help out with. Before you know it, the caller knows the ins and outs of your entire security system, or lack thereof. Social engineers have been known to use phone company customer service departments, Facebook and other services to gather Social Security or credit card numbers, prepare for digital robbery and even change the passwords to your central data network security.

3 Password Hacking

You may think that your passwords are clever and complicated, filled with exclamation points and random numbers, but it’s rarely enough. With information gathered carefully from social engineering or a simple check on your employees’ social media accounts, hackers can easily use brute-force to figure out that your password

is the name of the family dog, followed by your anniversary (for example). That’s if they didn’t already manage to steal your password through one of the techniques listed above.

4 Fault Injection

Sophisticated hackers can scan your business’s network or software source code for weak points. Once they’re

located, they can surgically attempt to crash the system through snippets of code they splice in expressly for that purpose. Different commands can do different things, whether they want to deliver a devastating virus,

redirect links on your website to malicious malware or steal and erase vast swathes of information.

5 USB-based Malware

At the last conference you attended, someone probably handed out free branded USB sticks to keep their business top-of-mind. Hackers will sometimes covertly slip a bunch of infected USB sticks into a company’s stash. The instant somebody tries to use one, their computer is taken over by ransomware.

So What Can I Do About It?

It’s a scary world out there, with virtually everyone left vulnerable to digital attack. Knowing the strategies hackers deploy is half the battle. But, frankly, these techniques are constantly changing; it’s impossible to keep up by yourself.

That’s why it’s so important to utilize only the most up-to-date security solutions when protecting your business. Hackers move fast. You and your security technology need to stay one step ahead, and WAMS will help you to do just that. Give us a call at 800-421-7151 to find out how.

Benefits of Serverless Computing

“Serverless computing” sounds like a dream come true. It conjures images of a world where business owners don’t need to worry about purchasing expensive hardware or configuring complex software. But serverless computing isn’t just a dream, it’s the next big thing in cloud computing.

What is it?

Outsourcing workloads to the cloud — like websites and apps — requires just as much hardware as if the computations were performed in an on-site server. The only difference is the location of the server.

Office 365 or Google Docs are great examples of this model. Thousands of servers are set up to run these apps so there is always enough capacity to handle the millions of people who use these apps at any given moment. Microsoft and Google need to manage and maintain these servers 24/7 to keep up with demand so they’re always on and always ready to handle more workloads, even during off-peak hours.

Serverless computing changes everything by allowing developers to create apps and websites that use cloud resources only when they’re needed. So, if you were to create a web app, you wouldn’t need to pay for a dedicated cloud server. The cloud provider would host your app’s programming code and run it only when a user requested it. The cloud provider would take care of allocating the appropriate resources and charge by the second for what you use.

Who can benefit from it?

Serverless computing is for users who use cloud resources for processing power. If you’re using the cloud only to store files, serverless services aren’t going to help you. However, if you use the cloud to process information and turn it into something more useful, serverless computing will help you immensely.

An everyday example of this is Amazon’s Alexa. Every command the AI assistant responds to is nothing more than an app that sits dormant until a user tells Alexa to run it. Small businesses are creating apps in Amazon’s cloud that can be processed by the voice assistant without the burden of setting up a dedicated server.

Serverless computing isn’t about getting rid of servers; it’s about using their raw computing power without being forced to fine tune them first. It falls under the umbrella of virtualization technology and is another step in the right direction for small businesses working with limited budgets.

For more information about how virtualization can help you lower costs and increase efficiencies, give us a call today at 800-421-7151.

Google Weighs in on Account Hijacking

According to experts, passwords shouldn’t be the only way you defend your accounts. After all, hackers have plenty of tricks and tools to steal them. So to help businesses fully understand the risks involved, Google conducted a study on the causes of account hijacking.

The results
From March 2016 to March 2017, Google and UC Berkeley researchers examined three main ways hackers hijack accounts:

Keylogging software – a malicious program that records computer users’ keystrokes
Phishing emails – to lead people into dangerous websites
Stolen passwords – available to the highest bidder
In just one year, Google found 788,000 successful keylogging attacks, 12.4 million victims of phishing attacks, and 1.9 billion accounts exposed via login credentials sold on the black market.

Researchers suggest the reason so many accounts are hacked is because people tend to reuse their passwords, which means if one set of login credentials is exposed, other accounts could be compromised.

Phishing is also a big threat because it targets users — the weakest links in your cybersecurity. The strongest password or security system won’t mean anything if your employees constantly fall for online scams.

Protecting your accounts

There are several things you can do thwart account hijacking. For starters, you should set strong and unique passwords for each account to minimize data breaches.

While the general rule in the past was to set a complex password — a mix of letters, numbers, and symbols — recent studies suggest that longer, 20-character “passphrases” are much tougher to crack. If you find it difficult to remember several passwords, consider using a password manager, which not only stores all your passwords, but can generate strong passwords, too.

To deal with phishing attacks, you should activate multi-factor authentication on your accounts. This adds an extra layer of identity verification to your password (e.g., a fingerprint scan or a temporary security key sent to your phone), making your login details ‘unphishable.’

Security training is also crucial. This includes teaching your employees about what phishing attacks look like and instructing them on password protection best practices so they never fall victim to account hijacking.

The bottom line is not only that strong password security requires strong defense mechanisms; you and your employees must be vigilant, too.

Need more advice on keeping your business safe? Call us today at 800-421-7151! We provide critical security updates and comprehensive support services to help you stay well ahead of cybercriminals.

Beware of Sneaky Microsoft Office Malware

Cybersecurity systems are getting better at identifying and preventing attacks coming from all directions. At the same time, hackers are coming up with new ways to bypass these systems. While online scams are the most common ways to do this, cybercriminals have discovered a new attack method using Microsoft Office.

What’s the new Office threat?
The Office exploit takes advantage of Microsoft’s Dynamic Data Exchange (DDE), a protocol that sends messages and data between applications. For example, DDE can be used to automatically update a table in a Word document with data collected in an Excel spreadsheet.

The problem with this is hackers can create DDE-enabled documents that link to malicious sources rather than to other Office apps. Theoretically, this allows hackers to launch scripts that download Trojan viruses from the internet and execute it before the user is even aware of the attack.

And unlike most malware-embedded Office files, which are usually blocked by security protocols from Microsoft, DDE exploits are instant. Once a compromised Word file is opened, it automatically executes the hack.

Outlook at risk
What’s even more alarming are the DDE vulnerabilities in Outlook. Recent reports found that hackers can embed malicious code in the body of an email or calendar invite, allowing them to perform phishing scams without a file attachment.

Fortunately, Outlook DDE attacks are not as automated as Word or Excel DDE attacks. Two dialog boxes will usually appear when you open the email asking if you want to update a document with data from linked files and start a specific application. Simply clicking ‘No’ on either of these boxes will stop the attack from executing.

Defending against DDE attacks

Beyond saying no, you can protect yourself by following these security best practices:

-Evaluate the authenticity of unsolicited emails before interacting with them and don’t open attachments from unfamiliar contacts.
-View emails in plain text format to completely stop DDE attacks embedded directly in emails from running. Note that this will also disable all original formatting, colors, images, and buttons.
-Use a strong email security system that prevents phishing emails, spam, and other unwanted messages from reaching your inbox.

Get in the habit of checking for Microsoft updates, as they’re usually quick to release patches after vulnerabilities have been discovered.
Last but not least, consider working with our team. We’re Microsoft Office experts who can keep you safe from the latest threats. Call us today to get started at 800-421-7151!

How The Cloud Could Have Averted Disaster For Hundreds Of Companies Affected By These Catastrophes

Two months after hurricanes Harvey and Irma wreaked havoc on coastal cities, large swaths of the United States are still reeling from their impact. In their wake, the nation has been moved as we witness numerous communities unite to rebuild, finding their bearings among the millions of dollars of flooding damage and rampant destruction. Though the wonderful people of these cities will persevere, these wounds will leave indelible scars on the affected areas.

Even with the concerted efforts of thousands of volunteers and community members alike, Russel Honore — the former Joint Task Force Katrina commander — told the FOX Business Network that an estimated “40% of small businesses don’t survive” widespread natural disasters like hurricanes. Part of this is due to raw damage, lack of proper insurance or business infrastructure simply being washed away in the flood. Other businesses can’t afford to hemorrhage money as they wait for the electricity grid to come back online, and are forced to shutter operations for good.

However, what is even more commonly fatal to companies both big and small is the loss of vital data. Many businesses can handle cleaning up flood damage, and they regain their footing quickly after a naturaldisaster. Still, if on-site servers, computers or network infrastructure soaks up the bruntof the water, then it’s going to be difficult, if not impossible, to get the company back to a pre-disaster point. If a company’s main server fails, it can mean thousands of hours of hard work down the drain, the loss of most clientele and hundreds of hours of downtime spent desperately trying to recover key data, which usually remains lost
forever.

But if, prior to catastrophe, a business has migrated their precious data to the cloud, they’re going to have a much easier time getting back on their feet and going straight to work. Even if an entire business is leveled, with cloud computing, employees can easily access the data central to the company’s operation and keep it afloat in
the interim.

Most cloud services back up your data with several levels of redundancy, making it almost impossible to lose it all, regardless of what may come. Whether it’s earthquakes, hurricanes or solar flares, you can rest easy knowing that your data is safe and sound and ready for you to access it. It’s a much safer, more secure way to go than having a server lurking in your back office, where it’s far more exposed than you might think.

This principle applies not only to environmental disasters, but to numerous other ways companies lose data each and every day. Whether it’s a disgruntled employee damaging or stealing precious data, or a hacker snaking their way deep into your systems and holding them for ransom, it’s all too easy to lose localized data. Some business owners feel uncomfortable holding their data off-site, citing security concerns, but it’s quite the opposite: the cloud sidesteps these concerns almost entirely, guarding your data behind highly secure cloud-based computing solutions and providing you with numerous backup options. Not to mention, according to a 2012 Alert Logic report, “on-premises environment users actually suffer more incidents” than those that use the cloud, and also suffer “significantly more brute force attacks compared to their counterparts.”

While it’s true that not every business is right for the cloud, it’s certainly something business owners should look into if they want to ensure the longevity of their company. If you’re interested, sign up to get our free cloud computing report.

Watch Out for the Huge KRACK in WiFi Security!

A fundamental flaw with WiFi networks has recently been discovered by two security researchers. According to their reports, the KRACK vulnerability renders advanced encryption protocols useless and affects nearly every wireless device. Read on to find out more about KRACK hacks and how you can defend against them.

What is KRACK?
Simply put, KRACK, short for ‘key reinstallation attack,’ allows hackers to bypass WPA2 — a security protocol used by routers and devices to encrypt activity — and intercepts sensitive data passing between the mobile device and the wireless router, including login details, credit card numbers, private emails, and photos.

In extreme cases, KRACKed devices can be remotely controlled. For example, hackers can log in to your surveillance systems and shut them down.

What’s worse, Internet of Things devices — like smart thermostats and IP cameras — rarely receive security fixes, and even if some are available, applying patches are difficult, as these devices tend to have complex user interfaces.

The good news, however, is you can do several things to mitigate the risks.

Download patches immediately
According to recent reports, security patches have already been released for major platforms, including iOS, Windows, and Android. Router manufacturers such as Ubiquiti, Mikrotik, Meraki, and FortiNet have also issued firmware updates, so make sure to install them as soon as possible.

Although IoT patches are rare, consider getting your smart devices from reputable vendors that push out updates regularly. It’s also a good idea to contact a managed services provider to install the updates for you.

Use Ethernet connections
Some wireless routers don’t yet have a security patch, so while you’re waiting, use an Ethernet cable and disable your router’s wireless setting. Turn off the WiFi on your devices as well to make sure you’re not connecting to networks susceptible to KRACK.

Stay off public networks
Free public WiFi networks — even ones that are password-protected — in your local cafe should also be avoided because they usually don’t have holistic security measures in place, making them easy targets for cybercriminals.

Connect to HTTPS websites
If you do need to connect to a public WiFi hotspot, visit websites that start with “HTTPS,” and stay away from ones that are prefaced with “HTTP.” This is because HTTPS websites encrypt all traffic between your browser and the website, regardless of whether the connection is vulnerable to KRACK

Hop on a Virtual Private Network (VPN)
You can also use a VPN service to hide all network activity. Simply put, VPNs encrypt your internet connection so that all the data you’re transmitting is safe from prying eyes.

Although the potential impact of a KRACK hack is devastating, security awareness and top-notch support are the best ways to stay safe online. Want more security tips? Contact us today by emailing info@wamsinc.com.

How to Set Up Secure Guest Wi-Fi

Today, Wi-Fi isn’t only crucial for your employees to get work done, it’s also a necessary amenity for your office guests. But there’s a right and a wrong way to set up guest Wi-Fi and the latter can result in a frustrating experience for users. So, how do you set up guest Wi-Fi properly?

Never give guests access to your primary Wi-Fi

While giving guests password to your company’s main Wi-Fi might be the easiest way to get them connected, you should avoid this at all costs.

Anyone with a little technical know-how can potentially access everything on your company network, including confidential data. Not to mention, guests’ devices connected to your business network increase the risk of a malware infection or cyber attack since you can never be sure that they’re safe and secure.

Ways to create secondary Wi-Fi for guests

If you router has built-in guest Wi-Fi support (you can check this feature through a quick web search) you could use it to create a separate “virtual” network. This means guests will have access to the internet without connecting to your main company network.

If your router doesn’t support multiple Wi-Fi networks, you can implement a separate wireless access point that bypasses the rest of your network and connects directly to your Internet service provider (ISP) connection.

Both options will keep your guests’ connectivity separate from your company network so you’ll never have to worry about unauthorized persons accessing your company data.

Keep in mind that guest Wi-Fi still uses your ISP connection so you should limit bandwidth usage on your guest network. The last thing you want is a guest streaming videos that slow down the Internet for your employees. With that in mind, you can even have your employees use guest Wi-Fi for their personal devices too. This minimizes the chance of employees hogging company bandwidth for personal use.

Your guest Wi-Fi should only provide outsiders with internet access, nothing more. While proper setup isn’t rocket science, it can be a tedious process. Having said that, if you need a team of experts to take care of it all for you, or simply have questions about how else to leverage your hardware for better efficiency and security, just give us a call at 800-421-7151.

Secure Your Passwords Now

For years, we’ve been told that strong passwords include three things: upper and lower-case letters, numbers, and symbols. And why wouldn’t we when the National Institute of Standards and Technology (NIST) told us they were the minimum for robust passwords? Here’s why and how it involves you.

The Problem
The issue isn’t necessarily that NIST advised people to create passwords that are easy to crack, but it did steer people into creating lazy passwords, using capitalization, special characters, and numbers that are easy to predict, like “P@ssW0rd1.”

This may seem secure, but in reality, these strings of characters and numbers could easily be compromised by hackers using common algorithms.

To make matters worse, NIST also recommended that people change their passwords regularly, but did not define what it actually means to “change” them. Since people thought their passwords were already secure with special characters, most only added one number or symbol.

NIST essentially forced everyone, including you and your colleagues, to use passwords that are hard for humans to remember but easy for computers to guess.

The Solution

One cartoonist pointed out just how ridiculous NIST’s best practices were when he revealed that a password like “Tr0ub4dor&3” could be cracked in only three days while a password like “correcthorsebatterystaple” would take about 550 years.

Simply put, passwords should be longer and include nonsensical phrases and English words that make it almost impossible for an automated system to make sense of.

Even better, you should enforce the following security solutions within your company:

Multi-factor Authentication – which only grants access after you have successfully presented several pieces of evidence
Single Sign-On – which allows users to securely access multiple accounts with one set of credentials
Account Monitoring Tools – which recognize suspicious activity and lock out hackers

When it comes to security, ignorance is the biggest threat. If you’d like to learn about what else you can do to fortify security, just give us a call at 800-421-7151.

New Version of Microsoft Office Announced

Do you use Microsoft Word, PowerPoint or Excel on a daily basis? You’re not alone. The Office suite has more than one billion users, and with a new version coming out next year that number could go up. Whether your organization currently uses Office or not, you need to be prepared for the next version.

Microsoft Office 2019: release and features

For the past ten years, Microsoft has updated its suite of productivity software every three years. The current version is Office 2016, and in sticking with the schedule Office 2019 will be available for purchase at the end of next year. However, previews of the next version will become available several months before the final release.

According to Microsoft, the newest version of Office will include:

-The usual Office applications (Word, Excel, PowerPoint, etc.)
-Office server programs (Exchange, SharePoint and Skype for Business)
-Security and IT management enhancements
-Improved “inking” features for touchscreen usability
-Streamlined data analysis features in Excel
-New PowerPoint presentation features like Morph and Zoom
-Office 2019 vs. Office 365

The biggest difference between Office 2019 and Office 365 will be price. For the former, users pay a one-time fee to acquire a software license. Once users have a license, they own that version of Office forever (although Microsoft will stop providing support 10 years after the product is released).

With Office 365, users pay a monthly subscription fee and can use applications as long as they don’t fall behind on the bill. Programs included in the Office suite can be accessed online or installed locally (as long as you connect to the internet at least once per month).

Thanks to cloud technology, Office 365 can be updated much more easily than other versions of Office. O365 users will probably have access to Office 2019 features around the same time as its release, possibly sooner.

The only drawback of Office 365 is its IT management requirements. Unlike its licensed counterparts, O365 requires one or more servers to be set up, domains to be maintained, and files to be migrated to the cloud.

Much like an O365 subscription, our managed IT services are charged based on a flat monthly rate. We can help your small- or medium-sized business enjoy all the benefits of the cloud. Just give us a call today at 800-421-7151.

The Best Computer Productivity Hacks

We’re all obsessed with finding new ways to become more productive. Business gurus often emphasize the importance of time management and taking breaks to avoid burnout. But aside from motivating yourself to work more efficiently, there are plenty of tools that increase your daily output. If you use a computer all day, check out these productivity hacks.

Monitor Productivity Levels
Start by tracking how much work you complete on an average day. Google Chrome Extensions like RescueTime record your most frequently visited sites, and track how much time you spend away from your computer. Running the app will provide you with a productivity rating and a detailed log of how you spend an average day.

If you find out you’re wasting a huge portion of your time on social networking, you’re more likely to make conscious adjustments on how you manage your time.

Get Rid of Clutter
Another way to increase output is by deleting old files, uninstalling unused programs, and organizing documents into appropriately labeled folders. This makes your work easier to find and improves your computer’s performance.

As for the clutter in your email inbox, Gmail and Outlook both have features that filter out unimportant messages. Simply enable Priority Inbox on Gmail or Clutter on Outlook to get a clean, spam-free inbox.

Block Time-Wasting Sites
Visiting non-work-related websites is a surefire way to hinder productivity. A quick, five-minute break to check your Facebook feed or watch a YouTube clip may not seem like much, but a few of those per day add up to a lot of time.

If you and your employees have trouble staying away from sites like Facebook, Instagram and Twitter, it’s a good idea to block access to them using URL filters.

Of course, if you want your employees to take occasional breaks during the day, you could use apps like StayFocusd or Strict Workflow. These allow you to set a limit on how long and how many times users can visit non-work-related sites.

Stay On Track with To-Do Lists
To-do lists help you break down large projects into manageable, bite-sized tasks. And perhaps the most satisfying aspect is crossing things off the list, giving you and your employees a sense of accomplishment and total visibility of your progress.

There are wide variety of digital to-do lists available today like Google Tasks or Trello. These platforms allow you to set deadlines for small tasks and write clear instructions for each item on the list. What’s more, they’re incredibly easy to use and are great for keeping track of your workflow.

Use Keyboard Shortcuts
Last but not least, mastering keyboard shortcuts will make it easier to perform simple functions than if you’re stuck looking for them in the toolbar. There are more than a hundred useful shortcuts, but some that you should always keep in mind are:

Ctrl + C, Ctrl + V, Ctrl + X – to copy, paste, and cut selected items
Ctrl + Z – to undo changes
Ctrl + T – to open a new tab on your web browser
Alt + Tab – to switch between open windows
Alt + F4 – to close the program
For many more like these, take a look at Windows’ list of advanced shortcuts.

These are just some of the tips every user should know to stay productive. If you need more ideas on how to get more out of your technology, call us today. We provide enterprise-level tools and advice that will make your life a lot easier.

Office 365 Web App Launcher Improvements

Do you sometimes wish you could get to your Office 365 applications faster? Microsoft has tweaked the Office 365 web app launcher so you not only get to your apps faster, but you also get to view your most relevant programs, files, contacts, and activities more conveniently. Here’s how it can make you more productive.

Key changes to the Office 365 main page

The newly added “Recommended” section displays activities — comments, edits, and @ mentions — on recently opened files. This gives users an overview of changes to recent documents.

Underneath the “Recommended” section is the “Recent” document column, which shows the most recent activities, while “Places” displays the SharePoint sites you frequently visit and the OneDrive folders you’ve recently accessed.

Being able to see the edits, shares, and comments on your documents makes collaboration more transparent among users within an organization, and these new upgrades make that possible.

What’s more, you can now search among online documents, web apps, SharePoint sites, and contacts within Office.com without having to open individual apps. For example, when searching for a document whose file name you don’t know, you can type in the name of the author and the results will show you the author’s profile and other relevant files and activities.

Web app launcher enhancements

One of the biggest improvements to Office.com, however, is how apps are displayed in the app launcher.

The main window of the new web app launcher has been redesigned to highlight the most frequently used apps. It will still show all the apps within your Office 365 subscription, but you can pin your most used apps or display all items in the main bar, which makes opening and switching between apps a lot easier.

You can also return to the main page with a single click of the Office 365 button from the App Launcher — no need to minimize or close each app.

Office 365 Gallery

Users aren’t always aware of every application included in their subscription, which is what the Office 365 Gallery is for. Its main function is to provide users with personalized suggestions of applications — and their descriptions — which may be useful to their active tasks. These suggestions include links to mobile and desktop-based versions of the applications they recommend, and resources for learning more about them. To access the Gallery, click “Explore your applications” from the Office.com main page.

Each of the changes in the new and improved Office 365 are aimed at simplifying and personalizing business users’ experiences, and we recommend exploring the tools available to you. Call us at 800-421-7151 to know more about Office 365’s productivity-enhancing applications and features.

What Are the Advantages of SaaS?

Almost every business relies on software to operate, and for most SMBs and firms, the costs of software — including license and maintenance — are painfully expensive. So is there a solution that allows you to leverage the power of software without a high price tag? One candidate is the software delivery service called SaaS. Read on to learn more about it.

What is SaaS and what makes it appealing?

Software as a Service (SaaS) is a software delivery model that allows you, as a user, to access software from any device via the internet. This gives you more flexibility since you won’t have to come to the office to use the software, but will be able to work from anywhere that has an internet connection.

As opposed to a traditional on-premises setup where software is stored locally, SaaS software is hosted in the cloud, eliminating the need to buy new hardware or spend money on its maintenance. Besides, by transferring software hosting to a third party, you’re also outsourcing all the responsibilities that come with maintenance such as upgrades and troubleshooting.

Another aspect that sets SaaS apart from using on-premises software is licensing. With on-premises, you purchase a license and pay yearly support fees; while with SaaS, you pay a monthly or annual subscription fee that covers licenses, support, and other fees. This is advantageous since it allows you to spread out costs over time, instead of purchasing licenses outright.

Will my data be safe?

One of the issues that makes companies reluctant to switch to SaaS is data security. Who will own my data? Will my data be safe? What if the vendor goes out of business?

First of all, when you’re outsourcing your software to a SaaS vendor, you have to sign a service level agreement (SLA). Make sure that the SLA specifies that you own the data and that the vendor is obliged to provide access to your data even if they go bankrupt.

Secondly, it’s likely that data hosted by your SaaS vendor will be more secure than when it’s stored on your average SMB’s or firm’s network. That’s because SaaS vendors have to undergo strict security audits, forcing them to invest more in security, backup technology, and maintenance than a typical SMB has to.

Should I switch to SaaS or stick to on-premises?

SaaS is an ideal solution for firms and SMBs with straightforward business models that are looking for a way to reduce upfront costs. But if your business is large or has complex business processes, a traditional on-premises solution might be a better choice since it offers more functionality and allows for full customization.

Still unsure about whether SaaS is the right answer for your organization? Want to know more about SaaS before making the transition? Call us today at 800-421-7151. Our experts are ready to answer any questions you may have about SaaS!

Equifax’s Leak: Lessons Learned

No business owner wants their customers’ data leaked, but no matter how well your prevention plan is, the unexpected can happen. And when it does, what will determine the fate of your business is how well you respond to it. So before you start planning an incident response, read the following story and recite this: Don’t walk in the footsteps of Equifax.

What happened to Equifax?

Equifax, the huge American credit agency announced in September 2017 that its database was hacked, resulting in a leak of tons of consumers’ private data, including personally identifiable information of around 143 million US citizens. It included names, social security numbers, addresses, birthdates, and credit card and driver’s license numbers.

Equifax responded by setting up a new site, www.equifaxsecurity2017.com, to help its customers determine whether they had been affected and to provide more information about the incident.

Soon after, Equifax’s official Twitter account tweeted a link that directed customers to www.securityequifax2017.com, which is actually a fake site.

Fortunately for Equifax’s customers, the fake phishing site was set up by a software engineer who wanted to use it for educational purposes and to expose flaws in Equifax’s incident response practice. So, no further harm was done to the already-damaged customers, and Equifax is left with even more embarrassment.

So what did Equifax do wrong?

One of the huge mistakes Equifax made in responding to its data breach was setting up a new website to give updated information to its consumers outside of its main domain, equifax.com.

Why? You first need to know that since the invention of phishing scams, phishers have been creating fake versions of big companies’ websites. That’s why so many major corporations buy domains that are the common misspellings of their real domains.

You should also know that phishers can’t create a web page on the company’s main domain, so if Equifax’s new site was hosted there, it’d be easy for customers to tell whether the new page was legitimate and not be fooled by a fake domain name.

What’s obvious from this embarrassing misstep is that Equifax had never planned for a data leak. And this is an unforgivable oversight by a company that handles the information of over 800 million consumers and more than 88 million businesses worldwide.

Don’t repeat Equifax’s mistake

Whether your business is a small startup or as big as Equifax, it needs to prepare for a data breach. Besides having a comprehensive network defense plan, you also need to have the right incident response plan in place.

So what you should do after you’ve discovered the leak is, first of all, be upfront with your customers and notify them as soon as possible.

You also need to establish a message that includes the following information:
How the leak occurred
How the leak could affect your customers
How you will prevent future attacks
What your company will do to support affected customers
You should also create a web page to keep your customers up to date. But remember, the new web page should be under your company’s primary domain name.

As we’ve seen from Equifax, an incident response plan that’s robust is a must. Feel free call WAMS at 800-421-7151 to talk to our experts about how you can come up with an acute one — so you won’t have to repeat Equifax’s apologetic statement, since it doesn’t help the company redeemged reputation at all.

Office 365 Threat Comes with New Techniques

If you’re using Office 365, you wouldn’t want to miss this news: Online scammers are carrying out a highly customized spear-phishing campaign to steal Office 365 users’ credentials and attack organizations internally. Get yourself informed and read on.

What makes it different from other scams?

The new threat comes in the form of spear phishing, an old familiar method in which hackers send emails that purport to be from trusted sources and dupe you into disclosing sensitive information. In this particular attack, the email messages are admirably well-crafted, making them even harder to spot.

The emails are also rid of the usual telltale signs such as misspelled words, suspicious attachments, and dubious requests. You might have to recalibrate what you know about phishing scams, because this new threat ticks all the boxes that make it look legitimate.

How does it work?

The hackers behind the attack craft personalized messages, pretending to be from trusted sources, such as your colleagues or Microsoft itself, and send them to your inbox. The messages could contain a link or a PDF file that leads to a legitimate-looking landing page. Upon clicking the link, the user will be prompted to enter his or her credentials, which the hacker will use to launch attacks within the organization.

Once they gain control of your account, they might set up new forwarding rules to monitor your communication patterns, which will be useful for their future attacks. They might even use your account to send further phishing emails to your co-workers to collect more sensitive information.

As for the phishing emails with PDF attachments, there will be instructions to fill in username and password to view the document. And once you do, your account is no longer yours.

Another way they can get your credentials is by sending an invoice that requires you to log on to a web portal to view the file. Attackers can also use this technique to trick you into performing a certain action, such as forwarding sensitive information or paying an invoice.

What can you do to stay protected?

Your first line of defense is multi-factor authentication, whereby you use a password and another authentication method — like an SMS code — to secure your account. This function is already included in Office 365 and here’s a step-by-step guide on how to activate it.

The second line of defense is training yourself and your employees to spot common phishing techniques. In particular, verify the accuracy of the wording and the sensibility of the requests in the messages.

For good measure, your organization can also install an email-validation system which is designed to detect and prevent email spoofing, such as the Domain-based Message Authentication, Reporting and Conformance (DMARC).

Identifying phishing emails and planning and implementing a robust defense system are ways to protect you and your organization against the new Office 365 threat. For tips on how to spot this type of scam and how to plan thorough security practices, contact our experts today at 800-421-7151.

SMBs Survive Disasters With Virtualization

Hurricanes Harvey and Irma caused millions of dollars in damages. Some of that damage was unavoidable, but hundreds of businesses managed to stay open thanks to innovative virtualization solutions. If you’re not already taking advantage of this technology, it’s time to find out what you’re missing.

Virtual desktops

In most offices, employees are still dependent on desktop computers. Their workstations grant them access to everything from customer relationship software to company databases and when these computers go down, there’s no way to get work done. Virtualized desktops allow users to access their files and even computing power from across the internet.

Instead of logging on to an operating system stored on a hard drive just a few inches away from their keyboard, employees can take advantage of server hardware to store their files across a network. With barebones computers, employees can log in to these virtual desktops either in the office or from home. Floods, fires and other disasters won’t prevent your team from working because they can continue remotely.

Virtual applications

Devoting a portion of your server’s hardware and software resources to virtual desktops requires a fair amount of computing power. If the majority of your employees’ time is spent working with just one or two pieces of software, you can virtualize just those applications.

If a hurricane destroyed your office and the hardware inside it, virtualized applications can be restored in minutes. They don’t need to be installed on the machines that use them, and as long as you have backups these applications can be streamed to employee computers just like a cloud-based application.

Virtual servers

If you use virtual desktops or applications, it makes perfect sense to use virtual servers as well. With a little help from a managed services provider, your servers can be configured to automatically create virtual backups. Beyond preventing data loss, these backups also make it possible to restore server functionality with off site restorations.

Virtualized servers are incredibly useful when clients need access to a website or database that you maintain in the office. For example, if you provide background checks on tenants to rental property owners through your website, an unexpected power outage won’t cause an interruption of service. Your virtualization solution will boot up a backup server away from the power outage and your customers will be none the wiser.

The benefits of virtualization extend far beyond disaster recovery planning. Your business can also reduce IT costs and increase hardware capacity — all it takes is some help from trained experts. Call us today at 800-421-7151 to learn more about what we can do for you.

DR Tips for Floods and Hurricanes

The trail of devastation left by Hurricanes Harvey and Irma has reminded us once again that coastlines and even entire regions of the country can be demolished by natural disasters. While catastrophes cannot be prevented, planning around them with a well-crafted disaster recovery (DR) strategy can help minimize the damages and keep your business alive.

Pay attention to location
First and foremost, your backup site should be in a hurricane-free zone. Ideally, your offsite facility should be located at least 100 miles away from your main location. If this isn’t possible, make sure it is built to withstand wind speeds of 160 mph (as fast as Category 5 storms), and is supported by backup generators and uninterruptible power supplies.

You should also request an upper floor installation or, at the very least, keep critical IT equipment 18 inches off the ground to prevent water damage.

Determine recovery hierarchy
Certain parts of your IT are more mission-critical than others. Ask yourself which systems or data must be recovered in minutes, hours, or days to get your business back to running efficiently.

For example, you may find that recovering sensitive customer information and e-commerce systems take priority over recovering your email server. Whatever the case may be, prioritizing your systems ensures that the right ones are recovered quickly after a disaster.

Use image-based backups
Unlike fragile tape backups, image-based backups take “snapshots” of your systems, creating a copy of the OS, software, and data stored in it. From here, you can easily boot the virtual image on any device, allowing you to back up and restore critical business systems in seconds.

Take advantage of the cloud
The cloud allows you to host applications and store data in high-availability, geo-redundant servers. This means your backups can be accessed via the internet, allowing authorized users to access critical files from any device. Expert technicians will also watch over and secure your backups, allowing you to enjoy the benefits of enterprise-level backup facilities and IT support.

Back up your data frequently
Back up your data often, especially during disaster season. If your latest backups were created on the 15th of September and the next storm, Hurricane Jose, makes landfall on the 28th, you could lose nearly two weeks of data.

Get in the habit of replicating your files at the end of each day, which should be easy if you’ve opted for image-based backups.

Test your DR plan
After setting up your backups, check whether they are restoring your files accurately and on time. Your employees should be drilled on the recovery procedures and their responsibilities during and after disaster strikes. Your DR team should also be trained on how to failover to the backup site before the storm hits. Finally, providers, contractors, and customers need to be notified about how the hurricane will affect your operations.

As cell towers and internet connections may be affected during this time, make sure your company forums are online and have your employees register with the Red Cross Safe and Well website so you can check their statuses.

It’s nearly impossible to experience little-to-no disruptions during disasters like Harvey or Irma, but with the right support, you can minimize downtime. If you’re concerned about any natural disasters putting you out of business, call us today at800-421-7151. We offer comprehensive business continuity services that every company must have.

What Will You Do When This Disaster Hits Your Business?

In today’s world of rampant cybercrime, every savvy business owner knows the necessity of locking down their data. However, we find that the cyber security technologies used by the vast majority of businesses are woefully out of date. Sure, your current solution may have worked great, but digital threats to the safety of your company are constantly evolving. Criminals will eventually attempt to breach your data — and your barriers are not as secure as you might think.

Before World War II, the Germans developed a technology that would prove to be a key player in the conflict: its family of infamous Enigma machines. These devices, about the size of a small microwave, were composed primarily of a typewriter and a series of three or four rotors. By using a set of rules
contained in a corresponding codebook, German soldiers would use the machine to encode vital messages to be sent covertly over the airwaves. The number of potential permutations — and thus solutions — for the code was in the tens of millions. The Germans were confident that the code could never be broken and used it for a vast array of top-secret communications.

The code’s impenetrability didn’t last. Via photographs of stolen Enigma operating manuals, the Polish Cipher Bureau reconstructed one of the stubborn Enigma machines, internal wiring and all, enabling them to decrypt the Wehrmacht’s messages from 1933 to 1938. Facing an impending German invasion, Poland decided to share these secrets with the British. But, at the outbreak of the war, the Germans increased the security of the Enigma initiative by changing the cipher system daily. In response, a British code-breaking team, led by genius English computer scientist Alan Turing, constructed primitive computers, known as “bombes,” that allowed them to decrypt the incredibly complicated ciphers faster than ever before. But it wasn’t until the capture of the U-110 warship and the seizure of its Enigma machine and codebooks that the British were able to decrypt the most complicated cipher of the war, the Kriegsmarine Enigma.

The information gleaned from these decrypts are believed to have shortened the war by more than two years, saving over 14 million lives.

Just like you, the Germans believed the systems they had put in place to defend their secrets were impenetrable. And it’s true: the system had few cryptographic weaknesses. However, there were flaws in German procedure, mistakes made by Enigma operators, and failures to introduce changes into the Enigma formula — along with the Allied capture of key equipment and intelligence — that ultimately allowed the Allies to crack the code once and for all.

Take this as a cautionary tale: the most advanced, complex cryptography system in the world became obsolete within 10 years. The same goes for your potentially outdated cyber security measures.

Though they may not be led by Alan Turing and his crack team, you can bet criminals are constantly chipping away at the defenses of even the most powerful firewalls. The arms race between cyber security companies and cybercriminals rages on behind the scenes, and you can bet that they’ve already cracked your business’s “Enigma.” Just look at the massive European cyber-attack this past June, which infected computers from over 27 companies across the continent, including those of the largest oil company in Russia, with ransomware. The unimaginable cost of that attack is something you certainly don’t want your business to shoulder.

As technology evolves, so does crime. New threats arise each and every day. While solutions are available (and needed), they are notably absent in older software developed at a time before these constantly morphing attacks even existed.

Once the enemy has found a way to pick your lock, you need a new lock. Luckily, you have your trusty IT provider, constantly on the lookout for cutting-edge solutions that protect our clients from even the nastiest malware.

Don’t be like the Germans. Constantly look at options to upgrade to more robust, better cyber security to defend yourself from the bleeding-edge hackers, and sleep safe knowing your business is secure.

Reduce Your Printing Costs with These 5 Tips

Outdated printers, the lack of a printing workflow, and an over-reliance on hard copies may be contributing to your ballooning printing expenditures. With some creative problem-solving and fresh ideas, you could drastically reduce your printing budget. Start by following these five tips.

Replace Outdated Printers

Outdated and cheap printers may be functional, but they are putting a huge dent in your IT budget.

Any piece of equipment that is seven years old (or older) requires frequent repairs and causes more trouble than it’s worth. Because old printers are no longer under warranty, fixing them is more costly and challenging. It’s also difficult to replace parts for old printers because manufacturers have stopped carrying them for models that have been phased out.

When you replace outdated equipment with newer, multi-functional printers, you’re investing in hardware that will pay for itself with increases in productivity and efficiency.

Avoid Purchasing Unnecessary Supplies

A poorly managed printer environment could result in a stockpile of cartridges, toners, and reams of paper. This happens when, for example, an employee uses a printer that’s about to run out of ink and makes an unnecessary request for a new ink or toner. This is more common than you may think, and definitely more expensive.

In the absence of a dedicated printer manager, you can avoid this situation by automating supply replacement. Assign a point person to proactively place orders when supplies are about to run out, so your company can avoid needless purchases.

Impose Strict Process Workflows

Submitting expense reports, filing reimbursements, and other administrative tasks require a proper document workflow. Without a guideline, employees and administrative staff tend to print an unnecessary amount of documents.

Automate your company’s document-driven processes to reduce or prevent redundant print jobs that result in stacks of abandoned documents. Not only is it wasteful, it’s also a security and privacy concern.

Go Paperless

Designing a document management solution that reduces paper consumption is the best way to save money. It may not be possible in every department, but those who can do their jobs without printing should be encouraged to do so by management. Printing lengthy email chains that can be discussed in a meeting is just one example of a wasteful practice that should be avoided.

Reduce IT Support Calls for Printing Issues

Calling your company’s IT guys to assist with problems like paper jams, printer Wi-Fi issues, and other concerns reduces employee frustration. You and your IT personnel could avoid dealing with these productivity killers by identifying the problem areas of your print environment. Then, you can work on solutions specific to your office, such as drafting a printing workflow, or getting help from document management experts who can recommend time- and budget-saving solutions.

Having a group of experts manage your IT workflow can make your day-to-day operations more efficient and help you save on printing costs. Our experts will gladly recommend best practices and tips on document management. Call us today at 800-421-7151.

Social Engineering Exploits Facebook

You’ve received a message from one of your Facebook friends. You click on the link not knowing what you’ve gotten yourself into. This describes one of the latest social media adware schemes, which has wreaked havoc on Facebook users worldwide.

What is it?

Little is known about the adware itself or those behind it, but it was uncovered by David Jacoby, senior security researcher at Kaspersky Lab, when he received a Facebook message from one of his friends, only to find out that wasn’t the case.

Basically, the adware uses Facebook Messenger to track your browser activity and pushes you to click on malicious ads or give out personal information.

How does it work?

By clickjacking and hijacking credentials of Facebook users, the adware is able to send messages to people in the victim’s contact list. If you’re one of those people, you’ll receive a phony message from your friend’s compromised Facebook account.

The message includes your friend’s name followed by the word “Video,” a shocked face emoji, and a shortened URL. Once clicked, the URL will redirect you to a Google Doc with a blurred photo taken from your friend’s Facebook page, disguised as a video. If you click on the “video”, you’ll be redirected to one of a number of targeted websites based on your browser, operating system, and location.

For instance, if you use Google Chrome, you’ll be sent to a website that looks exactly like YouTube, complete with the official logo. The hoax website will show you a fake error message to trick you into downloading a malicious Chrome extension.

If you’re on Firefox, you’ll be sent to a site with a false Flash Player update notice and a Windows adware executable; the same goes with OS X except the adware is hidden in a .dmg file.

The goal here is to move your browser through a set of websites so tracking cookies can monitor your activity and display malicious ads or you can be “social engineered” to give up confidential information.

How do you avoid falling victim?

Facebook has rolled out a number of automated systems to stop harmful links and files. What’s more, they will provide you with a free antivirus scan if they suspect that your account has been compromised by adware.

Still, you should be very skeptical about any shortened URL links sent to you by your Facebook friends, no matter how long you’ve been friends.

Due to their low key nature as potential security endpoints, cyber criminals are turning to social media platforms as their new medium of choice. To keep your business safe, you need to stay up-to-date and educate your employees. If you have any other questions about social media and how it can impact your business, just give us a call at 800-421-7151.

Move over IE, Hello Microsoft Edge!

Not all Windows users are fans of Internet Explorer, and not all Mac users are crazy about Safari. But there’s good news for Windows users: Windows 10 replaces IE with a brand new browser, Microsoft Edge. Here is a list of the key features you shouldn’t miss out on:

Import favorites
You can easily import the list of websites you’ve marked as favorites from any web browser to Microsoft Edge. You can do this by going to the More actions tab (located right next to the address bar), then Settings, and clicking on the Favorites settings tab. From there, choose the pages you want to add to your favorites list and click Import.

Change font size in reading view
Even with your reading glasses on, a website’s font can be too small to read. Microsoft Edge allows you to adjust the reading view by going to Other actions and selecting the Settings tab. From there, scroll down and click on the Reading section that will allow you to adjust the font size and even brightness to your liking.

Make notes on the website
Ever wished you could write on, circle, or highlight specific parts of a website and share them with your friends? Microsoft Edge lets you do just that with its new note feature. Select Make a web note and use tools such as the ballpoint pen or highlighter, or add a typed note on the page you’re browsing. When you’re done, click Save or Share to complete the process.

Reading list
This feature allows you to save articles, e-books, or any other content you wish to peruse later. By signing in with a Microsoft account, your reading list will appear on all your Windows 10 devices. Select Add to favorites or reading list, and then Reading list > Add. You can also add a link to your reading list by right-clicking on any link without having to visit the page.

Ask Cortana
Microsoft Edge users can easily access Cortana, Windows’ voice-activated personal assistant since it is built into the web browser. Cortana can make dinner reservations, offer additional discounts on certain shopping websites, and download applications that you may find useful. Simply highlight a word, phrase, or image, press and right-click it, and then select Ask Cortana to get more information or find related images.

View and delete browser history
As you browse the web, Microsoft Edge remembers and stores the information you’ve entered into forms, passwords, and sites you’ve visited. Most of it will be stored on your PC; but if you use Cortana, some of the data will be stored in the cloud which will be used to better assist you.

If you need to delete cache history, you can do so by following either of these two methods:

View your browsing history at Hub > History, then select Clear all history. If you want to retain certain data, you can choose what to remove, then select Clear.
Since Cortana’s browsing history is stored in the cloud, select Change what Microsoft Edge knows about me in the cloud, then select Clear browsing history.
Switching from one web browser to another isn’t always as smooth as it is made out to be. In order for users to make the most out of their time online, they require a period of adjustment. If you still have questions about making Microsoft Edge your default browser, get in touch with our experts today at 800-421-7151.

Beware of a New Ransomware Similar to Locky

Disguising itself as an invoice proved to be an effective approach for the original Locky ransomware, which infected millions of users in 2016. Although it was mostly defeated, hackers are currently using a similar approach to spreading a new type of malware. In 2017, a new Locky ransomware is poised to duplicate the success of its predecessor.

Quick facts

According to a threat intelligence report, the email-based ransomware attacks started on August 9 and were detected through 62,000 phishing emails in 133 countries in just three days. It also revealed that 11,625 IP addresses were used to carry out the attacks, with the IP range owners consisting mostly of internet service providers and telecom companies.

How it works

The malicious email contains an attachment named “E 2017-08-09 (580).vbs” and just one line of text. Like the original Locky authors, attackers responsible for the new variant deploy social engineering tactics to scam recipients into opening the attached .doc, zip, pdf, .jpg or tiff file, which installs the ransomware into their systems.

When an unsuspecting user downloads the file, the macros run a file that provides the encryption Trojan with an entry point into the system. The Trojan then encrypts the infected computer’s files.

Once encryption is completed, the user receives instructions to download the Tor browser so they can access the “dark web” for details on how to pay the ransom. To retrieve their encrypted files, users will be asked to pay from 0.5-1 Bitcoin.

What you need to do

This ransomware variant builds on the strengths of previous Trojans. In fact, the original Locky strain made it easy for cyber criminals to develop a formidable ransomware that could evade existing cyber security solutions. This is why adopting a “deny all” security stance, whereby all files are considered unsafe until proven otherwise, is the best way to avoid infection.

Here are other tips to avoid infection:

Don’t open unsolicited attachments in suspicious emails. Alert your IT staff, and most importantly disallow macros in Microsoft Office unless they’ve been verified by your IT team.
Performing regular backups guarantees you never have to pay cyber criminals a ransom. If all other security measures fail, you can always rely on your backups, which protect your business not just from cyber crime-related disasters, but also from natural and other unforeseen system failures.
Train your staff to identify online scams like phishing. This and other similar ransomware strains take advantage of users’ lack of cyber security training.
Update your operating systems as soon as updates become available to reduce, or eliminate, the chances of your system’s vulnerabilities being exploited.
Even with a trained staff and the latest protections installed, your IT infrastructure may still have unidentified security holes. Cyber security experts can better evaluate your entire infrastructure and recommend the necessary patches for your business’s specific threats. To secure your systems, get in touch with our experts now at 800-421-7151.

Amazon CEO’s Secret To Avoiding Email Overwhelm

Do you look at your inbox and want to cry? If so, you’re not alone. According to widely cited Radicati Group research, the average person gets 120 business emails every day. If you don’t manage your emails, you could end up in another statistical majority. People spend at least 14 percent of their workday on email alone. Is it any wonder that a recent Harris Poll found that only 45 percent of our workdays are spent on actual work? If you’re looking for the solution to your email woes, start with some of Silicon Valley greats.

BEZOS DELEGATES If you want to watch a corporate team start to sweat, see what happens when they get a “?” email from Jeff Bezos. Business Insider reports that the notoriously easy-to-contact Amazon CEO will forward customer complaints to his people and add only a question mark to the original query. Getting that dreaded mark is a little like getting the black spot from Blind Pew the pirate. You know that a day of reckoning is at hand. Follow Bezos’ lead. Instead of answering all emails yourself, ask, “Can this be better handled by someone else?” Forward it to your team and save yourself the time.

USE AUTO REPLIES You can also use auto-reply tools to manage the flood. Tommy John CEO Tom Patterson did just that after his emails skyrocketed from 150 to 400 a day. He tells Inc.com that “there weren’t enough minutes in a day to answer all of them.” So he didn’t; he set up an auto-reply to tell people that he only checked email before 9 and after 5 — and to please call or text if it was urgent. The result? “It forced me to delegate and empower others to respond,” he says. Suddenly the flow slowed to a trickle.

DO YOU GET MORE EMAILS THAN BILL GATES? And it really should only be a trickle; Bill Gates reports that he only gets 40–50 emails a day. Ask yourself, “Should I really be getting more emails than Bill Gates?” One possible cause for email inundation, according to LinkedIn CEO Jeff Weiner, is other employees sending too much email of their own. He writes, “Two of the people I worked most closely with ended up leaving the organization within the span of several weeks. After they left I realized my inbox traffic had been reduced by roughly 20–30 percent.” If you have over-communicators in your ranks, ask them to tone back the digital flood.

SET BOUNDARIES Creating a hard buffer between your email and your life is another CEO tactic. Arianna Huffington doesn’t check her email for a half hour after waking or before going to bed, and she never touches it around her kids. That space to breathe is essential to maintaining a work-life balance. And if it gets bad enough? Etsy’s Chad Dickerson has a solution: email bankruptcy! He tells Fast Company that every few years, he just deletes everything and starts fresh!

Not all Silicon Valley gurus have it figured out, however. Apple CEO Tim Cook doesn’t get 120 business emails a day. No, according to an ABC interview, he gets closer to 700. He just gets up at the crack of dawn every morning and starts reading. Hint Water CEO Kara Goldin does the same thing, preparing for a 12-hour workday with a marathon email session. But as you can tell from the other people we’ve discussed, this is an exception, not the rule. Emulate Jeff Bezos or Arianna Huffington instead and watch your email stress melt away.

Are all Hackers Out to Do Harm?

Newspaper headlines and Hollywood movies have influenced our understanding of computer hackers, but in the real world it’s not so simple. Some hackers are making tremendous contributions to the field of cyber security, it just depends on which hat they’re wearing that day. Take a few minutes to learn about white, black and gray hat hackers.

A complicated history

Since all the way back in the 1950s, the term hacker has been vaguely defined. As computers and the people who worked with them became more accessible, the word was used to describe someone who explored the details and limits of technology by testing them from a variety of angles.

But by the 1980s, hackers became associated with teenagers who were being caught breaking into government computer systems. Partially because that is what they called themselves, and partially because the word hacker has an inherently aggressive ring to it.

Today, several of those pioneering hackers run multimillion-dollar cyber security consulting businesses. So what should you call someone who uses their knowledge for good?

“White hat” hackers

Sometimes referred to as ethical hackers, or plain old network security specialists, these are the good guys. Whether it’s selling what they find to hardware and software vendors in “bug bounty” programs or working as full-time technicians, white hat hackers are just interested in making an honest buck.

Linus Torvalds is a great example of a white hat hacker. After years of experimenting with the operating system on his computer, he finally released Linux, a secure open-source operating system.

“Black hat” hackers

Closer to the definition that most people outside the IT world know and use, black hat hackers create programs and campaigns solely for causing damage. This may be anything from financial harm in the form of ransomware to digital vandalism.

Albert Gonzalez is one of the many poster children for black hat hacking. In 2005, he organized a group of individuals to compromise poorly secured wireless networks and steal information. He is most famous for stealing over 90 million credit and debit card numbers from TJ Maxx over the course of two years.

“Gray hat” hackers

Whether someone is a security specialist or a cyber criminal, the majority of their work is usually conducted over the internet. This anonymity affords them opportunities to try their hand at both white hat and black hat hacking.

Today, there are quite a few headlines making the rounds describing Marcus Hutchins as a gray hat hacker. Hutchins became an overnight superstar earlier this year when he poked and prodded the WannaCry ransomware until he found a way to stop it.

During the day, Hutchins works for the Kryptos Logic cybersecurity firm, but the US government believes he spent his free time creating the Kronos banking malware. He has been arrested and branded a “gray hat” hacker.

The world of cyber security is far more complicated than the stylized hacking in Hollywood movies. Internet-based warfare is not as simple as good guys vs. bad guys, and it certainly doesn’t give small businesses a pass. If you need a team of experienced professionals to help you tackle the complexities of modern cyber security, call us today at 800-421-7151.

6 CRM Best Practices You Need to Know

Most companies have customer relationship management (CRM) software to help them keep track of contact information and purchase history. But having a large database is worthless if you’re not using it to build long-lasting relationships. To keep existing clients coming back and bring new ones in, follow these CRM best practices.

Always update customer information
A CRM system is only effective when the data it provides is current. If the customer’s address, company name, or preferred method of contact has changed, your staff should be recording this information immediately so your sales and marketing teams are always equipped with the right information.

Use purchasing history for upselling opportunities
It’s easier to sell to existing customers than acquiring new ones. Boost your sales performance by analyzing your existing clients’ purchasing history and designing promotions or events designed just for them. For example, if they recently purchased a razor from your online store, you can program your CRM to recommend related products like shaving cream or aftershave. Not only does this widen your profit margins, it also makes customers’ lives a lot easier and promotes repeat business.

Automate processes
Take advantage of the workflow automation features in CRM apps to eliminate time-consuming and repetitive tasks. For instance, when a new lead is added to your CRM (via newsletter subscriptions or website visits), the CRM can be programmed to send follow-up emails, offer promotions, and other interactions to keep your business at the forefront of their attention. This saves you from writing the same canned responses while also making sure that you’re engaging your clients throughout the entire sales process.

Learn from analytics
CRM also makes it possible to analyze customer trends and behavior. If you noticed a spike in demand for certain products and services during the holidays, be more aggressive in pushing them out next year. If certain email campaigns were more successful than others (e.g., higher open rates, click-through-rates, and potential customers), understand what elements were responsible for that success and try to replicate them the next time you send a newsletter.

Customer data should also be used to shape sales and marketing tactics. A salesperson that already knows the client’s name, locations, and preferences can deliver more personal sales pitches and has a better chance of closing a deal. The point is this: If you’re not learning from your data, your business growth will be limited.

Integrate CRM with other business software
Tying CRM software to other programs makes it even more powerful. Integration with accounting software combines customer and financial data, eliminating redundant manual data entry and providing more insightful reports. When used alongside a VoIP system, your staff will get relevant customer information from multiple databases displayed on one screen when they’re about to make a call.

Get some CRM support
Last but not least, work with a CRM provider that offers 24/7 support. Ideally, they should be keeping your data safe, updating your software regularly, and advising you on how to use complex CRM features.

This may seem like a lot, but the important thing to remember is that just like every technology investment, CRM requires active participation from executives, managers, and frontline staff. If you need more advice on keeping customers happy or want to know what technologies can add value to your business, call us today at 800-421-7151.

Ways to Protect your Company Mobile Devices

Mobile devices can’t accomplish everything that desktops and laptops can, but that doesn’t mean they’re not important to businesses. More and more employees are using smartphones and tablets to increase productivity and enhance collaboration. But before you adopt a mobile device policy, you must keep them safe from cyber criminals. Cyber criminals now have more entry points to steal your data, but there are simple ways to keep your company’s mobile devices safe.

Ensure mobile OS is up-to-date

Apple and Android’s operating system updates improve overall user experience, but their most important function is to fix security vulnerabilities. You can reduce your business’s exposure to threats by installing updates for ALL devices as soon as they become available. Some people wait for a few weeks or months to update their device’s OS. This gives hackers ample time to exploit vulnerabilities on devices that run on outdated operating systems.

Install business applications only

Downloading apps seems harmless, but lenient mobile devices policies on what should and shouldn’t be downloaded on company devices could lead to staff downloading and installing non-business-related apps from third-party stores, most of which are notorious for malicious advertising codes and other threats.

Be careful with public Wi-Fi networks

Emergency situations might compel you to use password-free Wi-Fi networks in hotels, airport, cafes, or any public place. Connecting to an open network could expose your confidential information and sensitive company data to hackers connected to the same network.

You can avoid this by providing a practical internet data plan, preferably one that includes roaming services, for remote workers. And if you really have to connect to an open Wi-Fi, don’t use the connection for transferring sensitive data.

Enable phone tracking tools

Losing a company-issued mobile device is a scenario many would rather not contemplate, but it happens. Devices can be misplaced or stolen, and enabling a useful app such as ‘Find my iPhone’ for iOS devices, ‘GPS Phone Tracker’ for Android, or any other device-tracking app in Apple’s App or Android’s Google Play stores helps users locate lost phones, or otherwise delete data in stolen devices. Downloading and setting up the app takes just a few minutes, and it will give you peace of mind knowing that even if your phone is lost or stolen, its contents will not be compromised.

Screen SMS carefully

SMS messaging may not be as effective as email phishing, but SMS phishing can also be used to trick users into clicking malicious links. Hackers send messages purporting to be from someone you know or a legitimate source that asks you to urgently send confidential data. You can either delete these messages, block unknown senders, or alert your IT department in case you encounter a possible scammer.

Mobile devices are becoming more critical to operations. And with more devices open to attack, businesses must bolster their cybersecurity efforts. Hackers will exploit every possible vulnerability, and that includes those in unsecured smartphones and tablets. Get in touch with us if you need comprehensive security solutions for your business by calling 800-421-7151.

Know These Types of Malware to Stay Protected

Computer threats have been around for decades. In fact, one of the first computer viruses was detected in the early 70s. Technology has come a long way since then, but so have online threats: Spyware, ransomware, virus, trojans, and all types of malware designed to wreak havoc. Here’s how different types of malware work and how you can avoid falling victim.

Viruses

Once created to annoy users by making small changes to their computers, like altering wallpapers, this type of malware has evolved into a malicious tool used to breach confidential data. Most of the time, viruses work by attaching themselves to .exe files in order to infect computers once the file has been opened. This can result in various issues with your computer’s operating system, at their worst, rendering your computer unusable.

To avoid these unfortunate circumstances, you should scan executable files before running them. There are plenty of antivirus software options, but we recommend choosing one that scans in real-time rather than manually.

Spyware

Unlike viruses, spyware doesn’t harm your computer, but instead, targets you. Spyware attaches itself to executable files and once opened or downloaded, will install itself, often times completely unnoticed. Once running on your computer, it can track everything you type, including passwords and other confidential information. Hackers can then use this information to access your files, emails, bank accounts, or anything else you do on your computer.

But don’t panic just yet, you can protect yourself by installing anti-spyware software, sometimes included in all-purpose “anti-malware” software. Note that most reputable antivirus software also come bundled with anti-spyware solutions.

Adware

Are you redirected to a particular page every time you start your browser? Do you get pop ups when surfing the internet? If either situation sounds familiar, you’re likely dealing with adware. Also known as Potential Unwanted Programs (PUP), adware isn’t designed to steal your data, but to get you to click on fraudulent ads. Whether you click on the ad or not, adware can significantly slow down your computer since they take up valuable bandwidth. Worse still, they’re often attached with other types of malware.

Some adware programs come packaged with legitimate software and trick you into accepting their terms of use, which make them especially difficult to remove. To eradicate adware, you’ll need a solution with specialized adware removal protocols.

Scareware

This type of malware works like adware except that it doesn’t make money by tricking you into clicking on ads, but by scaring you into buying a software you don’t need. An example is a pop up ad that tells you your computer is infected with a virus and you need to buy a certain software to eliminate it. If you fall for one of these tactics and click on the ad, you’ll be redirected to a website where you can buy the fake antivirus software.

Scareware acts more like a diversion from the other malware that often comes with it. A good antivirus solution will help scan for scareware too, but you should patch your operating systems regularly just to be safe.

Ransomware

Ransomware has become increasingly common and hostile. It encrypts your computer files and holds them hostage until you’ve paid a fee for the decryption code. Because ransomware comes with sophisticated encryption, there aren’t many options unless you have backups of your data.

There are some tools that can protect against ransomware but we recommend that you backup your data and practice safe web browsing habits.

Worms

Similar to viruses, worms replicate themselves to widen the scope of their damage. However, worms don’t require human intervention to replicate themselves as they use security flaws to transmit from one computer to the next, making them far more dangerous than your typical virus. They often spread via email, sending emails to everyone in an infected user’s contact list, which was exactly the case with the ILOVEYOU worm that cost businesses approximately $5.5 billion worth of damage.

The easiest ways to protect your network from worms is to use a firewall to block external access to your computer network, and to be careful when clicking on unknown links in your email or unknown messages on social media.

Trojans

Usually downloaded from rogue websites, Trojans create digital backdoors that allow hackers to take control of your computer without your knowledge. They can steal your personal information, your files, or cause your computer to stop working. Sometimes hackers will use your computer as a proxy to conceal their identity or to send out spam.

To avoid trojan attacks, you should never open emails or download attachments from unknown senders. If you’re skeptical, use your antivirus software to scan every file first.

In order to keep malware at bay, you need to invest in security solutions with real-time protection and apply security best practices within your office. If you have any questions or concerns, or simply need advice on how to strengthen your business’s security, just give us a call and we’ll be happy to help.

Tell Office 2016 and Office 365 apart

Microsoft delivers some of the best productivity tools for businesses worldwide. Office 2016 and Office 365 are the most popular software in the market today. And while both offer Word, Excel, and PowerPoint, there are some significant differences between each product. Read on to find out.

How they’re paid for
Office 2016 is a stand-alone suite, and regardless of the quantity purchased, is described by Microsoft as a “one-time purchase.” You pay a single, upfront cost, meaning the entire purchase price must be paid before receiving the license to legally run the software for life.

By contrast, Office 365 is a subscription service requiring monthly or annual payments. Office 365 allows users to run applications only if payments are made. If you stop, you will have 30 days to continue operating after the previous payment’s due date before the license expires.

How they’re serviced
Another aspect to consider is the service and support offerings. Microsoft provides monthly security updates for Office 2016 applications, and these updates fix non-security bugs. However, you don’t get upgrades for improved features and functionality. If you wish to run the latest edition, you’ll have to pay another upfront fee.

Office 365 users, on the other hand, get the same security patches as Office 2016 and also additional feature and functionality upgrades twice a year.

How they sync with the cloud
Microsoft announced a major change this April: As of October 13, 2020, Office 2016 applications acquired through an upfront purchase are required to be in the “Mainstream” support period (the first five years of the decade-long commitment) to obtain cloud connectivity. Office 365 subscriptions won’t experience this problem.

In order to achieve measurable results and enjoy business growth, it’s imperative that your business is working with the right Office solution. Give us a call at 800-421-7151 and let our team of experts assess your needs and determine the better option.

Tips and Tricks for Avoiding IoT Threats

Internet of Things (IoT) devices have become more popular with businesses in recent years. This is largely because they can keep track of large amounts of information, analyze data patterns, and streamline business processes. But as you introduce more internet-connected devices into the office space, you may be exposing your business to attacks.

Set passwords
Many often forget they can set passwords for IoT devices. When this happens, they tend to leave their gadgets with default passwords, essentially leaving the door open for hackers. Make sure to set new and strong passwords — preferably with a combination of upper and lower case letters, numbers, and symbols — for each device connected to your network. Then, use a password manager to securely keep track of all your passwords.

Disable Universal Plug and Play (UPnP)
UPnP is designed to help IoT gadgets discover other network devices. However, hackers can also exploit this feature to find and connect to your IoT devices. To prevent them from getting to your network, it’s best to disable this feature completely.

Create a separate network
When you’re dealing with IoT devices, it’s wise to quarantine them in a separate network unconnected to your main office network. By doing this, user gadgets will still have access to the internet but won’t be able to access mission-critical files.

You should also consider investing in device access management tools. These allow you to control which devices can access what data, and prevent unauthorized access.

Update your firmware
If you want to keep your devices secure against the latest attacks, then you need to keep your IoT software up to date. Security researchers are always releasing security patches for the most recent vulnerabilities, so make it a habit to regularly check for and install IoT firmware updates. If you have several gadgets to secure, use patch management software to automate patch distribution and set a schedule to check for updates monthly.

Unplug it
Disconnecting your IoT devices from the internet (or turning them off completely) whenever you don’t need them significantly reduces how vulnerable you are to an attack. Think about it, if there’s nothing to target, hackers won’t be able to make their move. Turning your IoT devices on and off again may not seem like the most convenient strategy, but it does deny unauthorized access to your router.

Unfortunately, as IoT devices become more commonplace in homes and offices, more hackers will develop more cunning ways to exploit them. Getting into the above mentioned security habits can protect you from a wide variety of IoT attacks, but if you really need to beef up your security, then contact us today. We have robust security solutions that keep your hardware safe.

An Intern’s Week at WAMS

WAMS had the pleasure of partaking in an internship and career exploration program called “Living the Map.” A student from Colorado College was interested in spending a week with a marketing executive. Daniel Seddiqui of “Living the Map” reached out to me about this opportunity and sent me Alan Fox, an ambitious college student who had just completed his first year and chose this career exploration program to help him decide on his major. His reflection below describes his experience, and we are so grateful to have had an impact on such a promising young man. This was a wonderful opportunity for the both of us, and it was a pleasure to teach Alan about what I do. As a company, we are so proud to have left this impression on him.

“Ashli Lopp, a marketing executive at the IT consulting company known as WAMS, expressed a primary goal of my five week internship project bluntly when she stated, “It takes doing what you don’t want to do to help you realize the importance of doing what you want to do.”

As I first entered the WAMS office located just outside of the Los Angeles area in Brea, CA, I was nervous about what the week had in store for me. Would my presence be a distraction to others working? Does the individual that I’m shadowing have the time or desire to work with me for an entire week? To put it plainly, I didn’t want to be a problem at all for this company. Within five minutes of entering the office, it became clear that this fear was unwarranted and would not be the case. Ashli, the marketing executive I shadowed for the week, and Kevin, the general manager of WAMS, immediately made me feel welcome. After introducing myself to Kevin and discussing his recent travels in Colorado, Ashli introduced me to the rest of the company and had the patience to teach me about her job as well as a brief overview of the company.

The first thing I noticed in the office was that the employees exuded an unusual level of positivity and joyfulness. They seemed to genuinely enjoy spending time working there and they weren’t simply watching the clock, eagerly awaiting their time to clock out like many of my fellow auto shop  co-workers in the  past would. Throughout my week at WAMS, I tried to pinpoint the source of their workplace jubilance. Was management responsible? Was it the composition of employees? While I do think that WAMS has done an excellent job of hiring exuberant employees that are passionate about their jobs as well as their interactions with each other, I think the company’s upbeat culture has more to do with management incentivizing their employees with freedom and encouragement, rather than fear. Later in the week, account manager Matt Morris addressed this assumption, stating that, “Kevin doesn’t rule with an iron fist. . . He’s made this a place where you don’t dread coming to work.” This claim is supported by the fact that throughout my week with WAMS, I never observed a time when Ashli was motivated to complete a task by fear. On the contrary, Ashli went about her daily obligations with freedom and a sense of pride that she would complete them individually to the best of her abilities—not because a manager was breathing down her neck.

Other than observing the encouraging role of management within the company, I also thoroughly enjoyed learning about the different ways Ashli attracts clients. First off, she explained the three basic client profiles that she is aiming to attract and how she is able to craft a marketing approach to suit the audience. For example, for firm administrators who are typically more interested in the final result WAMS has to offer and less in the technology, Ashli would appeal to them through means that invoke emotion and focus on possible positive results rather than nitty-gritty tech details of how the system works. In addition, I was interested in the different ways Ashli went about striking fear in the hearts of her potential clients, communicating the dangers of ransomware and how customers needed WAMS to save their firm from potential closure.

While I was fascinated by the way Ashli went about attracting clients, I was also intrigued by the ways she went about keeping clients and making them feel appreciated. Whether it was sending clients cookies embroidered with the WAMS logo, “anniversary” Starbucks gift cards, or shock-and-awe packages containing promotional gear, Ashli was adamant about ensuring that a customer’s business was appreciated and not taken for granted.

Besides focusing on improving and maintaining her client base, Ashli also focused on educating and developing herself as a marketer. Each day Ashli read the news in order to keep up to date and inform her clients about the latest development in her field, whether that’s a development in cyberware or technology. Moreover, her eagerness to improve and develop further ways of marketing was clearly illustrated by her weekly discussion with different marketing employees in different fields across America.

All in all, exposure to both a close-knit, enthusiastic work place and to a marketing professional that was eager to teach me ways of creating and maintaining fruitful client relations made this week an especially beneficial and educational experience.”

Nyetya Ransomware: What You Need to Know

Nyetya, a variant of the Petya ransomware, is spreading across businesses all over the world. Although it shares the same qualities as WannaCry — a ransomware deemed ‘one of the worst in history’ — many cyber security experts are calling it a more virulent strain of malware that could cause greater damage to both small and large organizations. Here’s everything we know about it so far.

Worse than WannaCry

Nyetya is deemed worse than WannaCry mainly because it spreads laterally, meaning it targets computers within networks and affects even systems that have been patched. Because it also spreads internally, it needs to infect only one device to affect several others within a single network.

Cyber researchers trace its origins to a tax accounting software called MEDoc, which infected 12,500 systems in Ukraine. Since the initial infections in June, it has spread to thousands of networks in 64 countries. And although it hasn’t spread as fast as WannaCry, it might have a wider reach soon because it uses three attack pathways to infect a system. It hasn’t made as much money as WannaCry, which is why cyber researchers are concluding that the attacks are not economically motivated.

Don’t Pay the Ransom

Cyber security firms and researchers strongly recommend affected businesses to avoid paying the ransom. According to them, paying the ransom would be a waste since the infected user won’t be able to receive a decryption key to unlock their files or systems. This is because the email provider has blocked the email address on the ransomware message.

Although it operates like a ransomware — locking hard drives and files and demands a $300 ransom in Bitcoin — it functions more as a wiperware that aims to permanently wipe out data and/or destroy systems. So far, it has affected big-name multinationals in various industries, including Merck, Mondelez International, and AP Moller-Maersk, among others.

Perform backups and update outdated security patches

The only way businesses can be protected is by performing backups and staying on top of patch updates.

It’s safe to say that in case of a Nyetya attack, there’s no chance of getting back your data. In such a scenario, you would have only your backup files — whether on an external storage or in the cloud — to fall back on. But backing up is not enough; you should also ensure that your backups are working, which you can do by testing them regularly. Given the nature of Nyetya, you should also make sure that your backups are stored off-site and disconnected from your network.

Like its predecessor, Nyetya exploited vulnerabilities in unpatched Microsoft-run computers. As a business owner, make it a part of your cyber security routine to update your systems with the latest security patches, or risk having your files or systems permanently corrupted.

As a business owner whose operations’ lifeline depends on critical files, your backups are your insurance. If your systems’ network security needs another layer of protection, get in touch with us today at 800-421-7151.

Get Ready for Chrome’s Ad Blocker

For the longest time, we’ve been visiting countless websites only to be greeted with annoying ads that never piqued our interest. Luckily, Chrome users won’t have to put up with them for much longer. Google will release an ad blocker early next year. To that end, here’s everything you need to know.

What is it?

Ad blocker from Chrome actually works like an ad filter, meaning it won’t block all ads from the website, only ones that are determined to be too intrusive, like video autoplay with sound as well as interstitials that take up the entire screen.

A group called the Coalition for Better Ads, which consists of Google, Facebook, News Corp, The Washington Post, and other members will decide whether or not the ads are to be blocked. According to Sridhar Ramaswamy, the executive in charge of Google’s ads, even ads owned or served by Google will be blocked if they don’t meet the new guidelines.

How will it work?

From a consumer’s end, you won’t have to do anything except for updating your Chrome browser. For publishers, Google will provide a tool that you can run to find out if your site’s ads are violating the guidelines. The blocker will apply to both desktop and mobile experiences.

What are the benefits of Chrome ad blocker?

Bad ads slow down the web, make it annoying to browse, and drive consumers to install ad blockers that remove all advertisements. If that continues, publishers will face major obstacles since nearly all websites rely on ads to stay alive.

With Chrome’s ad blocker, wholesale ad blocking can be controlled to please both consumers and publishers. Users get a better web browsing experience and publishers can continue to make profits through online ad sales.

But isn’t Google already using third-party ad-blocking extensions?

Yes, but this means they have to pay third-party ad blockers — like Adblock Plus — a certain amount of fee to whitelist ads for the privilege of working around their filters. With their own ad blocker, this can be eliminated once and for all.

Are there potential drawbacks?

It’s undeniable that Chrome’s ad blocker gives Google lots of power to determine ad standards for everyone. It comes to no surprise that there are skeptics who don’t trust one company to act in everyone’s interest.

And while Google assures that even its own ads will be removed if they violate the rules, the fact that Google itself is an ad company with nearly 89 percent of its revenues coming from online ads doesn’t boost its credibility to industry peers.

Publishers will have fewer options to monetize their sites once Chrome’s ad blocker is implemented. To help, Google will include an option for visitors to pay websites that they’re blocking ads on called Funding Choices. However, a similar feature called Google Contributor has been tested a couple years ago with no signs of catching on so we doubt that Funding Choices will differ.

Despite expected criticism, Chrome’s ad blocker will likely result in a better web browsing experience. And as always, if you have any questions about the web, or IT in general, just give us a call at 800-421-7151 and we’ll be happy to help.

Cybercrime Insurance Loopholes: Protect Yourself

As hacking hit the headlines in the last few years — most recently the global hack in May that targeted companies both large and small — insurance policies to protect businesses against damage and lawsuits have become a very lucrative business indeed. Your company may already have cyber insurance, and that’s a good thing. But that doesn’t mean that you don’t have a job to do — or that the insurance will cover you no matter what.

When you buy a car, you get the warranty. But in order to keep that warranty valid, you have to perform regular maintenance at regularly scheduled times. If you neglect the car, and something fails, the warranty won’t cover it. You didn’t do your job, and the warranty only covers cars that have been taken care of.


Cyber insurance works the same way. If your company’s IT team isn’t keeping systems patched and up to date, taking active measures to prevent ransomware and other cybercrime attacks, and backing everything up in duplicate, it’s a lot like neglecting to maintain that car. And when something bad happens, like a cyber attack, the cyber insurance policy won’t be able to help you, just as a warranty policy won’t cover a neglected car.

Check out this real life policy exclusion we recently uncovered, which doesn’t cover damages “arising out of or resulting from the failure to, within a reasonable period of time, install customary software product updates and releases, or apply customary security-related software patches, to computers and other components of computer systems.” If your cyber insurance policy has a clause like that — and we guarantee that it does — then you’re only going to be able to collect if you take reasonable steps to prevent the crime in the first place.

That doesn’t just mean you will have to pay a ransom out of pocket, by the way. If your security breach leaves client and partner data vulnerable, you could be sued for failing to protect that data. When your cyber insurance policy is voided because of IT security negligence, you won’t be covered against legal damages, either. This is not the kind of position you want to be in.


All of this is not to say that you shouldn’t have cyber insurance, or that it’s not going to pay out in the case of an unfortunate cyber event. It’s just a reminder that your job doesn’t end when you sign that insurance policy. You still have to make a reasonable effort to keep your systems secure — an effort you should be making anyway.

Does the CIA Have Access to Your Router?

There are an exhausting number of cyber security threats to watch out for, and unfortunately you need to add another to the list. A recent leak from the CIA proves that routers are one of the weakest links in network security.

The Wikileaks CIA Documents

For several months, the notorious website famous for leaking government data has been rolling out information it obtained from the Central Intelligence Agency. The documents detail top-secret surveillance projects from 2013 to 2016 and mainly cover cyber espionage.

In the most recent release, documents describe government-sponsored methods and programs used to exploit home, office, and public wireless routers for both tracking internet browsing habits and remotely accessing files stored on devices that connect to compromised networks.

Is My Router One of Them?

According to the documents, 25 models of wireless routers from 10 different manufacturers were being exploited by the CIA. They weren’t off-brand budget devices either; the list includes devices from some of the biggest names in wireless networking:

  • Netgear
  • Linksys
  • Belkin
  • D-Link
  • Asus

Those brands account for over a third of wireless routers on the market, which means there’s a good chance you’re at risk.

After WannaCry used a previous CIA leak to fuel its global spread, you need to worry about more than just being a target of government espionage too. Over the past few years, almost all of these leaks have quickly made their way into criminal hands.

Patching Vulnerabilities

Fixing security gaps in hardware is tricky business, especially when they’re mainly used to monitor rather than corrupt. In most cases, there will be no visual cues or performance problems to indicate your hardware has been infected. As such, you should plan on regularly updating the software on your hardware devices whenever possible.

Accessing your router’s software interface isn’t a user-friendly experience for non-IT folks. Usually, to access it, you need to visit the manufacturer’s website and log in with the administrator username and password. If these are still set to the default “admin” and “password” make sure to change them.

Once logged in, navigate through the settings menus until you find the Firmware Update page. Follow the instructions and confirm that the firmware has been properly installed.

The CIA’s router leaks were vague, so we’re not even sure how recent they are. We are fairly certain, however, that all of the manufacturers have since patched the vulnerabilities. Regardless, updating your router’s firmware will protect from a number of cyber security risks. If you’re unable to finish the task on your own, one of our technicians can fix it, as well as any other firmware vulnerabilities, in a matter hours. All you need to do is call! 800-421-7151.

Changes to Office 365

Whether it’s for the sake of aligning with Windows 10, or not, Office 365 Pro Plus will be upgraded twice a year, in March and September. But what does this mean to business owners like yourself? Will the new update schedule affect how Microsoft plans to deliver and support ProPlus in the future? We’ll answer all that and more.

Why the New Schedule?

Feedback has almost always been Microsoft’s impetus to make changes of any kind, and this is no exception. The software giant wanted to simplify the update process and improve coordination between Office 365 and Windows, and the new schedule should handle both of those aims.

This is particularly helpful for those using Secure Productive Enterprise (SPE). SPE was bundled with Windows 10 and Office 365 ProPlus, meaning subscribers had to deal with two separate upgrades prior to the new schedule. Moving forward, things will be simplified as a single update twice a year will suffice.

What Else Changed?

Microsoft is extending support for ProPlus from 12 months per update to 18 months. This means you can technically update once or twice a year, which we’ll discuss in more detail below.

They’ve also changed the following terminology used in their updates:

  • Current Channel → Monthly Channel
  • First Release for Deferred Channel → Semi-annual Channel (Pilot)
  • Deferred Channel → Semi-annual Channel (Broad)

The Semi-annual Channel (Pilot) and Semi-annual Channel (Broad) describe the twice-a-year feature updates and how they will be deployed: the former to be used as deployment testing and the latter for actual deployment to an organization’s users.

When Will the First ProPlus Upgrade be Released Under the New Schedule?

The first Pilot channel will be available on September 12, 2017, the same day as that month’s Patch Tuesday. The first Broad channel will be available four months later on January 9, 2018, also on a Patch Tuesday.

The second release will bring a new Pilot on March 13, 2018 and a new Broad on July 10, 2018.

Can you Skip a ProPlus Features Upgrade?

While you can in fact choose only to upgrade once a year, you will eventually have to conduct a second upgrade to get the most up-to-date support. Microsoft is giving you two months of overlap in the next update to do this.

So, say your firm deploys the Broad channel in January 2018, but skips the July 2018 upgrade, you would have to upgrade within the two-month span between January 2019 and March 2019 to be eligible for the latest support.

What Happened to the ProPlus Upgrade for June 2017?

Microsoft released new Deferred Channel and First Release for Deferred Channel upgrades on June 13, 2017. You will have three months to conduct enterprise pilots and validate applications with this upgrade before the final Deferred Channel release on September 12, 2017. The last Deferred Channel will be supported until July 10, 2018.

Changes to the support life cycle of Office 365 ProPlus will ultimately save you time and reduce the hassles of conducting upgrades. That said, it might take some time getting used to the new schedule and nomenclature, so if you have any questions about Office 365 or the new schedule, just give us a call at 800-421-7151.

Quick Review: Why You Need Virtualization

With virtualization, you can make software see several separate computers where there is only one, or make several computers look like one supercomputer. That may sound simple, but it’s far from it. Of course the benefits are well worth it; here are just a few.

More Technology Uptime

Virtualization vendors use lots of fancy names for the features of their technology, but behind all the technobabble are a number of revolutionary concepts. Take “fault tolerance” for example. When you use virtualization to pool multiple servers in such a way that they can be used as a single supercomputer, you can drastically increase uptime. If one of those servers goes down, the others continue working uninterrupted.

Another example of this is “live migrations,” which is just a fancy way of saying that employee computers can be worked on by technicians while users are still using them. Say you’ve built a bare-bones workstation (as a virtual machine on the server), but you need to upgrade its storage capacity. Virtualization solutions of today can do that without the need to disconnect the user and restart their computer.

Better Disaster Recovery

Data backups are much simpler in a virtualized environment. In a traditional system, you could create an “image” backup of your server — complete with operating system, applications and system settings. But it could be restored to a computer only with the exact same hardware specifications.

With virtualization, images of your servers and workstations are much more uniform and can be restored to a wider array of computer hardware setups. This is far more convenient and much faster to restore compared to more traditional backups.

More Secure Applications

In an effort to increase security, IT technicians usually advocate isolating software and applications from each other. If malware is able to find a way into your system through a software security gap, you want to do everything in your power to keep it from spreading.

Virtualization can put your applications into quarantined spaces that are allowed to use only minimum system resources and storage, reducing the opportunities they have to wreak havoc on other components of the system.

Longer Technology Lifespans

The same features that quarantine applications can also create customized virtual spaces for old software. If your business needs a piece of software that won’t work on modern operating systems, virtualization allows you to build a small-scale machine with everything the program needs to run. In that virtual space, the application will be more secure, use fewer resources, and remain quarantined from new programs.

In addition to software, virtualization also encourages longer life spans of old hardware components. With virtualization, the hardware an employee uses is little more than a window to the powerful virtual machine on the server. Employee computers need only the hardware required to run the virtualization window, and the majority of the processing takes place on the server. Hardware requirements are much lower for employees and equipment can be used for several years.

Easier Cloud Migrations

There are several ways virtualization and cloud technology overlap. Both help users separate processing power from local hardware and software, delivering computing power over a local network or the internet. Because of these similarities, migrating to the cloud from a virtualized environment is a much simpler task.

There is no debate about the benefits of this technology. The only thing standing between your business and more affordable, efficient computing is an IT provider that can manage it for you. For unlimited technology support, virtualization or otherwise, on a flat monthly fee. Call us today at 800-421-7151.

Office 365 Tips to Make Your Life Easier

Office 365 receives dozens of changes every month, which explains why some get overlooked. While Office 365 Planner or Microsoft Teams are great tools for maximizing productivity, there are hidden functions and tricks you can use to make life a bit easier for yourself. Check out our six tips to improve your user experience with Office 365 below.

Declutter Your Inbox
If you’re having trouble managing the overwhelming amount of emails in your inbox, then using Office 365’s “Clutter” feature can clear up some space. To enable this feature go to Settings > Options > Mail > Automatic processing > Clutter then select Separate items identified as Clutter. Once activated, you need to mark any unwanted messages as “clutter” to teach Office 365. After learning your email preferences, Office 365 will automatically move low-priority messages into your “Clutter” folder, helping you focus on more important emails.

Ignore Group Emails
Are you copied on a long email thread you don’t want to be part of? If so, simply go to the message and find the Ignore setting. Doing this will automatically move future reply-alls to the trash so they never bother you again. Of course, if you ever changed your mind, you could un-ignore the message: Just find the email in your trash folder and click Stop ignoring.

Unsend Emails
In case you sent a message to the wrong recipient or attached the wrong file, Office 365 has a message recall function. To use this, open your sent message, click Actions, and select Recall this message. From here, you can either “Delete unread copies of this message” or “Delete unread copies and replace with a new message.” Bear in mind that this applies only to unread messages and for Outlook users within the same company domain.

Work offline
Whenever you’re working outside the office or in an area with unstable internet, it’s a good idea to enable Offline Access. Found under the Settings menu, this feature allows you to continue working on documents offline and syncs any changes made when you have an internet connection. Offline access is also available in your SharePoint Online document libraries.

Use Outlook Plugins
Aside from sending and receiving emails, Outlook also has some awesome third-party plugins. Some of our favorite integrations include PayPal, which allows you to send money securely via email; and Uber, which lets you set up an Uber ride reminder for any calendar event. Find more of productivity-boosting plugins in the Office Store.

Tell Office Applications What To Do
If you’re not a fan of sifting through menus and options, you can always take advantage of the Tell Me function in your Office 2016 apps. When you press Alt + Q, you bring up a search bar that allows you to look for the functions you need. Suppose you need to put a wall of text into columns on Word but can’t find where it is specifically. Just type ‘column’ and Microsoft will help you with the rest.

These tricks and features themselves will definitely increase productivity. And fortunately, there’s, there’s more coming. Microsoft continues to expand Office 365’s capabilities, and if you truly want to make the most out of the software, don’t be afraid to explore its newly released features.

For more Office 365 tips and updates, get in touch with us today at 800-421-7151.

Fixing Computers Drains Your Firm’s Funds

Aside from overseeing your business’s network security, IT security staff are also adept at fixing personal computers. However, that doesn’t necessarily mean they should. In fact, such occurrences ought to be minimized, if not avoided altogether. Your security personnel should be focusing on more pressing issues. But if they’re toiling over PC repairs, not only is your staff’s energy drained, but your IT budget plummets, too.

Cost of Fixes

According to a survey of technology professionals, companies waste as much as $88,660 of their yearly IT budget as a result of having security staff spend an hour or more per work week fixing colleagues’ personal computers. The ‘wasted amount’ was based on an average hourly salary of IT staff multiplied by 52 weeks a year. Other than knowing how much time is wasted, what makes things worse is that IT security staff are among the highest paid employees in most companies.

The fixes have mostly to do with individual rather than department- or company-wide computer problems that don’t necessarily benefit the entire company. The resulting amount is especially staggering for small- and medium-sized businesses (SMBs) whose limited resources are better off spent on business intelligence tools and other network security upgrades.

Other Costs

All those hours spent on fixing personal computers often means neglecting security improvements. The recent WannaCry ransomware attacks, which successfully infected 300,000 computers in 150 countries, demonstrate the dangers of failing to update operating system security patches on time. It should be a routine network security task that, if ignored, can leave your business helpless in the face of a cyber attack as formidable as WannaCry. It didn’t make much money, but had it been executed better, its effects would have been more devastating to businesses, regardless of size.

Profitable projects could also be set aside because of employees’ PC issues. For SMBs with one or two IT staff, this is especially detrimental to productivity and growth. They can easily increase their IT budgets, but if employees’ negligible computer issues keep occurring and systems keep crashing, hiring extra IT personnel won’t do much good.

What Businesses Should Do

The key takeaway in all this is: Proactive IT management eliminates the expenditure required to fix problematic computers. Bolstering your entire IT infrastructure against disruptive crashes is the first step in avoiding the wasteful use of your staff’s time and your company’s money.

Even if your small business has the resources to hire extra staff, the general shortage of cyber security skills also poses a problem. Ultimately, the solution shouldn’t always have to be increasing manpower, but rather maximizing existing resources.

Having experts proactively maintain your IT eliminates the need to solve recurring small issues and lets your staff find a better use for technology resources. If you need non-disruptive technology, call us today at 800-421-7151 for advice.

How To Keep Your Employees From Leaking Confidential Information

Back in 2014, Code Spaces was murdered. The company offered tools for source code management, but they didn’t have solid control over sensitive information — including their backups. One cyberattack later, and Code Spaces was out of business. Their killer had used some standard techniques, but the most effective was getting an unwitting Code Space employee to help — likely via a phishing attack.

When it comes to cybercrime that targets businesses, employees are the largest risks. Sure, your IT guys and gals are trained to recognize phishing attempts, funky websites, and other things that just don’t seem right. But can you say the same thing about the people in reception, or the folks over in sales?

Sure, those employees might know that clicking on links or opening attachments in strange emails can cause issues. But things have become pretty sophisticated; cybercriminals can make it look like someone in your office is sending the email, even if the content looks funny. It only takes a click to compromise the system. It also only takes a click to Google a funny-looking link or ask IT about a weird download you don’t recognize.

Just as you can’t trust people to be email-savvy, you also can’t trust them to come up with good people still use birthdays, pet names, or even “password” as their passcodes — or they meet the bare-minimum standards for required passcode complexity. Randomly generated passcodes are always better, and requiring multiple levels of authentication for secure data access is a must-do.

Remember, that’s just for the office. Once employees start working outside of your network, even more issues crop up. It’s not always possible to keep them from working from home, or from a coffee shop on the road. But it is possible to invest in security tools, like email encryption, that keep data more secure if they have to work outside your network. And if people are working remotely, remind them that walking away from the computer is a no-no. Anybody could lean over and see what they’re working on, download malware or spyware, or even swipe the entire device and walk out — all of which are cybersecurity disasters.

Last but not least, you need to consider the possibility of a deliberate security compromise. Whether they’re setting themselves up for a future job or setting you up for a vengeful fall, this common occurrence is hard to prevent. It’s possible that Code Space’s demise was the result of malice, so let it be a warning to you as well! Whenever an employee leaves the company for any reason, remove their accounts and access to your data. And make it clear to employees that this behavior is considered stealing, or worse, and will be treated as such in criminal and civil court.

You really have your work cut out for you, huh? Fortunately, it’s still possible to run a secure-enough company in today’s world. Keep an eye on your data and on your employees. And foster an open communication that allows you to spot potential — or developing — compromises as soon as possible. Need security training? Email us at info@wamsinc.com to schedule! 

How did WannaCry Spread so Far?!

By now, you must have heard of the WannaCry ransomware. It ranks as one of the most effective pieces of malware in the internet’s history, and it has everyone worried about what’s coming next. To guard yourself, the best place to start is with a better understanding of what made WannaCry different.

Ransomware Review

Ransomware is a specific type of malware program that either encrypts or steals valuable data and threatens to erase it or release it publicly unless a ransom is paid. We’ve been writing about this terrifying threat for years, but the true genesis of ransomware dates all the way back to 1989.

This form of digital extortion has enjoyed peaks and troughs in popularity since then, but never has it been as dangerous as it is now. In 2015, the FBI reported a huge spike in the popularity of ransomware, and healthcare providers became common targets because of the private and time-sensitive nature of their hosted data.

The trend got even worse, and by the end of 2016 ransomware had become a $1 billion-a-year industry.

The WannaCry Ransomware

Although the vast majority of ransomware programs rely on convincing users to click compromised links in emails, the WannaCry version seems to have spread via more technical security gaps. It’s still too early to be sure, but the security experts at Malwarebytes Labs believe that the reports of WannaCry being transmitted through phishing emails is simply a matter of confusion. Thousands of other ransomware versions are spread through spam email every day and distinguishing them can be difficult.

By combining a Windows vulnerability recently leaked from the National Security Agency’s cyber arsenal and some simple programming to hunt down servers that interact with public networks, WannaCry spread itself further than any malware campaign has in the last 15 years.

Despite infecting more than 200,000 computers in at least 150 countries, the cyberattackers have only made a fraction of what you would expect. Victims must pay the ransom in Bitcoins, a totally untraceable currency traded online. Inherent to the Bitcoin platform is a public ledger, meaning anyone can see that WannaCry’s coffers have collected a measly 1% of its victims payments.

How to Protect Yourself from What Comes Next

Part of the reason this ransomware failed to scare users into paying up is because it was so poorly made. Within a day of its release, the self-propagating portion of its programming was brought to a halt by an individual unsure of why it included a 42-character URL that led to an unregistered domain. Once he registered the web address for himself, WannaCry stopped spreading.

Unfortunately, that doesn’t help the thousands that were already infected. And it definitely doesn’t give you an excuse to ignore what cybersecurity experts are saying, “This is only the beginning.” WannaCry was so poorly written, it’s amazing it made it as far as it did. And considering it would’ve made hundreds of millions of dollars if it was created by more capable programmers, your organization needs to prepare for the next global cyberattack.

Every single day it should be your goal to complete the following:

Thorough reviews of reports from basic perimeter security solutions. Antivirus software, hardware firewalls, and intrusion prevention systems log hundreds of amateur attempts on your network security every day; critical vulnerabilities can be gleaned from these documents.

Check for updates and security patches for every single piece of software in your office, from accounting apps to operating systems. Computers with the latest updates from Microsoft were totally safe from WannaCry, which should be motivation to never again click “Remind me later.”

Social engineering and phishing may not have been factors this time around, but training employees to recognize suspicious links is a surefire strategy for avoiding the thousands of other malware strains that threaten your business.

Revisiting these strategies every single day may seem a bit much, but we’ve been in the industry long enough to know that it takes only one mistake to bring your operations to a halt. For daily monitoring and support, plus industry-leading cybersecurity advice, email us any time at info@wamsinc.com.

Bluesnarfing? What you Need to Know.

When buying a technological device today, whether it’s a smartphone, a speaker, a keyboard or a smart watch, one of things people look for is Bluetooth compatibility. And who could blame them when Bluetooth has become a ubiquitous feature of technology that everyone can’t live without. But just like any technology, convenience can quickly turn into chaos when fallen into the wrong hands. With that in mind, here’s what you need to know to guard against cybercriminals when using Bluetooth.

Google paid a settlement fee of $7million for unauthorized data collection from unsecured wireless networks in 2013. While their intention likely wasn’t theft, many disagreed and called them out for Bluesnarfing, a method most hackers are familiar with.

What is it?

Bluesnarfing is the use of Bluetooth connection to steal information from a wireless device, particularly common in smartphones and laptops. Using programming languages that allow them to find Bluetooth devices left continuously on and in “discovery” mode, cybercriminals can attack devices as far as 300 feet away without leaving any trace.

Once a device is compromised, hackers have access to everything on it: contact, emails, passwords, photos, and any other information. To make matters worse, they can also leave victims with costly phone bills by using their phone to tap long distance and 900-number calls.

What preventive measures can you take?

The best way is to disable Bluetooth on your device when you’re not using it, especially in crowded public spaces, a hacker’s sweet spot. Other ways to steer clear of Bluesnarfing include:

  • Switching your Bluetooth to “non-discovery” mode
  • Using at least eight characters in your PIN as every digit adds approximately 10,000 more combinations required to crack it
  • Never accept pairing requests from unknown users
  • Require user approval for connection requests (configurable in your smartphone’s security features)
  • Avoid pairing devices for the first time in public areas

Bluesnarfing isn’t by any means the newest trick in a cybercriminal’s book, but that doesn’t mean it’s any less vicious. If you’d like to know more about how to keep your IT and your devices safe, give us a call at 800-421-7151 and we’ll be happy to advise.

Data Loss Prevention Tips for Office 365

Office 365 is a complete cloud solution that allows you to store thousands of files and collaborate on them, too. In addition to its productivity features, Office 365 comes with security and compliance solutions that will help businesses avoid the crushing financial and legal repercussions of data loss. However, even with its comprehensive security tools, some data security risks still need to be addressed. The following tips will help your business’s data remain private and secure.

Take Advantage of Policy Alerts
Establishing policy notifications in Office 365’s Compliance Center can help you meet your company’s data security obligations. For instance, policy tips can warn employees about sending confidential information anytime they’re about to send messages to contacts who aren’t listed in the company network. These preemptive warnings can prevent data leaks and also educate users on safer data sharing practices.

Secure Mobile Devices
With the growing trend of using personal smartphones and tablets to access work email, calendar, contacts, and documents, securing mobile devices is now a critical part of protecting your organization’s data. Installing mobile device management features for Office 365 enables you to manage security policies and access rules, and remotely wipe sensitive data from mobile devices if they’re lost or stolen.

Use Multi-Factor Authentication
Because of the growing sophistication of today’s cyberattacks, a single password shouldn’t be the only safeguard for Office 365 accounts. To reduce account hijacking instances, you must enable Office 365 multi-factor authentication. This feature makes it more difficult for hackers to access your account since they not only have to guess user passwords but also provide a second authentication factor like a temporary SMS code.

Apply Session Timeouts
Many employees usually forget to log out of their Office 365 accounts and keep their computers or mobile devices unlocked. This could give unauthorized users unfettered access to company accounts, allowing them to compromise sensitive data. But by applying session timeouts to Office 365, email accounts, and internal networks, the system will automatically log users out after 10 minutes, preventing hackers from simply opening company workstations and accessing private information.

Avoid Public Calendar Sharing
Office 365 calendar sharing features allows employees to share and sync their schedules with their colleagues. However, publicly sharing this schedule is a bad idea. Enabling public calendar sharing helps attackers understand how your company works, determine who’s away, and identify your most vulnerable users. For instance, if security administrators are publicly listed as “Away on vacation,” an attacker may see this as an opportunity to unleash a slew of malware attacks to corrupt your data before your business can respond.

Employ Role-Based Access Controls
Another Office 365 feature that will limit the flow of sensitive data across your company is access management. This lets you determine which user (or users) have access to specific files in your company. For example, front-of-house staff won’t be able to read or edit executive-level documents, minimizing data leaks.

Encrypt Emails
Encrypting classified information is your last line of defense to secure your data. Should hackers intercept your emails, encryption tools will make files unreadable to unauthorized recipients. This is a must-have for Office 365, where files and emails are shared on a regular basis.

While Office 365 offers users the ability to share data and collaborate flexibly, you must be aware of the potential data security risks at all times. When you work with us, we will make sure your business keeps up with ever-changing data security and compliance obligations. And if you need help securing your Office 365, we can help with that too! Simply contact us today at 800-421-7151.

Protect your Data from WannaCry

This month, ransomware has taken center stage yet again. WannaCry has already infected thousands of users around the world. In true ransomware fashion, WannaCry holds user data hostage until the victim decides to pay the ransom. What’s more alarming, however, is that the global success of this malware will likely spawn even more potent variants. To protect your business from ransomware attacks, consider these tips.

Update Your Software
The first (and probably best) defense against WannaCry ransomware is to update your operating system. New research from Kaspersky shows that machines running Windows XP, 7 and outdated Windows 10 versions were affected by the ransomware. To check whether your systems are up to date, open your Windows search bar, look for Windows Update, click Check for Updates, and install any major updates.

Also, don’t forget to download the latest security patches for your business applications and security software.

Run Security Programs
Many antivirus programs now have mechanisms for detecting and blocking WannaCry malware; so when you’ve fully updated your security software, run a full system scan.

Keep in mind that antivirus isn’t a foolproof security solution. Instead, run it alongside other security applications like intrusion prevention systems and firewalls.

Use Data Backup and Recovery Tools
If WannaCry does infect your computers, only a solid data backup and recovery solution can save your business. Before ransomware strikes, periodically back up your files in both an external hard drive and a cloud-based backup service.

External hard drives will serve as your local backup solution for quick recovery times. However, we recommend keeping the external drive disconnected when it’s not being used and plugging it in only when you need to back up files at the end of the day. This is because when ransomware infects a computer, it will usually look to encrypt local backup drives as well.

Cloud-based backups, on the other hand, allow you to store files in remote data centers and access them from any internet-enabled device. When selecting a cloud services provider, make sure they provide the appropriate cloud protections to your files. For example, your backup vendor should provide reporting tools to keep track of any anomalies in your files. Document versioning features are also important. This allows you to recover older versions of a document in case the current version is encrypted.

After your local and cloud backups are set up, perform regular tests to ensure your disaster recovery plan works.

Stay Informed
Finally, it’s important to stay on guard at all times. WannaCry is just one of many ransomware strains affecting businesses today, and in order to stay safe you need to be constantly up to date on the latest cybersecurity- and business continuity-related news.

For more ransomware prevention tips and services, call us today at 800-421-7151. We’ll make sure hackers don’t hold your business hostage.

Office 365 Gets New Security Tools

Security is, by far, the biggest issue concerning most businesses today. Although safeguards like firewalls and antivirus software are necessary, it is foolish not to take additional steps for protection in dealing with increasingly sophisticated cyberattacks. Today, companies require multiple layers of security to steer clear of cyberattacks and compliance woes. To help companies with this process, Microsoft has released threat intelligence, advanced threat protection, and data governance features.

Threat Intelligence
Threat Intelligence for Office 365 gathers data from Microsoft security databases, Office clients, email, and other recorded security incidents to detect various cyberattacks. This feature gives users in-depth knowledge about prevalent malware strains and real-time breach information to analyze the severity of certain attacks.

What’s more, Threat Intelligence comes with customizable threat alert notifications and easy-to-use remediation options for dealing with suspicious content.

Advanced Threat Protection (ATP) Upgrades
In addition to Threat Intelligence, Office 365’s ATP service now has a revamped reporting dashboard that displays security insights across a company. This includes a security summary of what types of malware and spam were sent to your organization, and which ones were blocked. According to Microsoft, these reports will help you assess the effectiveness of your current security infrastructure.

ATP also has a new capability called “Safe Links” which defends against potentially malicious links in emails and embedded in Excel, Word, and PowerPoint files. If suspicious links are discovered, the user will be redirected to a warning page to avoid an infection.

Advanced Data Governance
The newly released Advanced Data Governance feature is also a much needed enhancement for highly-regulated companies. It classifies files based on user interaction, age, and type, and recommends general data retention and deletion policy recommendations. If, for example, your business has retained credit card data for longer than necessary, Advanced Data Governance will alert you of the possible data governance risks.

Data Loss Prevention Enhancements
Last but not least, the Office 365 Security & Compliance Center is also receiving data loss prevention upgrades. With it, you can easily access and customize app permissions and control device and content security policies. So if someone in your company attempts to leak sensitive customer information, Office 365 will notify your administrators immediately.

Although all these features are available only for Office 365 Enterprise E5 subscribers, security- and compliance-conscious companies definitely need these upgrades. Get the right Office 365 subscription by contacting us today at 800-421-7151.

Server Management: 4 Essentials

By their very definition, servers are tasked with managing significantly higher burdens than the average desktop workstation. If your business has a server onsite, there are so many things you need to consider to get the most out of your investment. Read on for a few of them:

Mount Your Servers Properly

Small businesses are usually forced to prioritize the here and now over long-term planning. Not for lack of caring, it’s just a fact of working on tight budgets and with small teams. This is especially evident when it comes to server planning. When your business first sets up shop, it’s tempting to plug in a server right next to your workstations – but doing so puts your hardware in harm’s way.

Mounting servers in a rack protects them from the accidents commonly associated with highly trafficked areas: spills, crumbs, and tripping hazards. Server racks keep your most essential hardware safe by organizing everything in a space that is more accessible for cleaning and management but less exposed to the day-to-day wear and tear of your office.

Server planning is all about leaving room for the future. When choosing your rack mount, make sure to leave room for the hardware you will need to expand in the future. Unless office space is a serious concern, it’s better to have a half-empty server rack than to be forced to tear the whole thing down and redesign it the moment you need to expand.

Keep Servers Separate from the Main Area

Depending on what type of servers you are running, they can create quite a bit of noise. This coupled with the fact that they are comprised of valuable hardware means that you should do everything in your power to keep your servers physically separate from your working space. If you don’t have room for a server room, consider investing a little extra in a secure rack mount with built-in sound reduction.

Never Skimp on Cooling

Even when your business first opens its doors, server cooling is a crucial consideration. These computers are designed to work at peak capacity and need optimal conditions to do so efficiently. Even if your equipment seems to be performing just fine, too much heat can drastically reduce its lifespan.

Make sure that your cooling solution operates outside the confines of your building’s infrastructure. If the central air gets shut off at night, or if your office experiences power outages, you need a cooling solution that switches over to backup power with your servers.

Keep Wiring Neatly Arranged

For anyone without hands-on experience with server hardware, the number of wires going into and out of your setup is shocking. Getting the whole mess organized isn’t just about cleanliness, it also affects the performance of your current setup and the viability of installing future upgrades. Any time you are installing, removing, or rearranging your server cables, check that everything is neatly labeled and safely grouped together.

Managing any type of hardware comes with dozens of important considerations, and that goes doubly so for servers. The best way to guarantee your IT investments are getting the care they require is by partnering with a managed IT services provider. To learn more about our services, give us a call today.

Use This 9-Step Checklist To Ensure Your Data Is Safe, Secure And Recoverable

Summer is upon us… Time for a stroll in the park…softball…fishing…a few rounds of golf…

Yet how could you possibly relax if some random bit of malware, software glitch or cyber-attack catches you off guard just as you’re walking out the door? A well-designed secure computer network gives you the confidence that “all systems are go,” whether you’re having fun in the sun, or just getting things done with your team.

Here’s a quick nine-step checklist we use to ensure that a company’s computer network, and the data for that business, is safe and secure from disruption, if not absolute devastation:

  1. A written recovery plan. Simply thinking through what needs to happen when things go south, and documenting it all IN ADVANCE, can go a long way toward getting your network back up and running quickly if it gets hacked, impacted by natural disaster or compromised by human error.
  2. Have a clear communication plan. What if your employees can’t access your office, e-mail or phone system? How will they communicate with you? Make sure your communications plan details every alternative, including MULTIPLE ways to stay in touch in the event of a disaster.
  3. Automate your data backups. THE #1 cause of data loss is human error. If your backup system depends on a human being always doing something right, it’s a recipe for disaster. Automate your backups wherever possible so they run like clockwork.
  4. Have redundant off-site backups. On-site backups are a good first step, but if they get flooded, burned or hacked along with your server, you’re out of luck. ALWAYS maintain a recent copy of your data off-site.
  5. Enable remote network access. Without remote access to your network, you and your staff won’t be able to keep working in the event that you can’t get into your office. To keep your business going, at the very minimum, you need a way for your IT specialist to quickly step in when needed.
  6. System images are critical. Storing your data off-site is a good first step. But if your system is compromised, the software and architecture that handles all that data MUST be restored for it to be useful. Imaging your server creates a replica of the original, saving you an enormous amount of time and energy in getting your network back in gear, should the need arise. Without it, you risk losing all your preferences, configurations, favorites and more.
  7. Maintain an up-to-date network “blueprint.” To rebuild all or part of your network, you’ll need a blueprint of the software, data, systems and hardware that comprise your company’s network. An IT professional can create this for you. It could save you a huge amount of time and money in the event your network needs to be restored.
  8. Don’t ignore routine maintenance. While fires, flooding and other natural disasters are always a risk, it’s ever more likely that you’ll have downtime due to a software or hardware glitch or cyber-attack. That’s why it’s critical to keep your network patched, secure and up-to-date. Deteriorating hardware and corrupted software can wipe you out. Replace and update them as needed to steer clear of this threat.
  9. Test, Test, Test! If you’re going to go to the trouble of setting up a plan, at least make sure it works! An IT professional can check monthly to make sure your systems work properly and your data is secure. After all, the worst time to test your parachute is AFTER you jump out of the plane.

Contact us at 800-421-7151or info@wamsinc.com, or visit wamsinc.com to schedule our Disaster Recovery Audit FREE of charge. Contact us TODAY to get scheduled!

2017 IT: Where it’s been and Where it’s Headed

Although we are not even halfway through the year, the world of IT has already changed so much! The Internet of Things, CRM Intelligence, Artificial Intelligence, and Security have been the hottest topics of IT in 2017 thus far. We conducted a survey of more than 200 law firms in Southern California in order to determine the top priorities for IT projects this year as well as the major driving forces in IT spending/budget allocation for 2017. It has been forecasted that businesses and firms will move to a Hybrid Cloud Solution as the primary model, and although this projection is due to advancing security strategies, your best bet for protection will be determined by the training of your staff.

Computerworld’s Forecast 2017 Survey of 196 IT managers, directors, and executives determined that productivity, security and compliance, client satisfaction, new revenue streams, and maintenance of service were all top priorities of which companies were looking to gain from IT in 2017; each category’s importance was dispersed relatively evenly. We however saw a large shift in the response of the 200 law firms that we surveyed, in which security and compliance were the most important priority of what was expected from their 2017 IT strategies. For law firms, this comes as no surprise; security and compliance are top priorities in avoiding any sort of malpractice suit because your clients’ data is precious and valuable. There is a clear pattern as to why security is such a strong concern, especially when adopting new solutions.

The Internet of Things

There has been so much hype around the “Internet of Things” in tech blogs lately, but what exactly is it? The Internet of Things (or IoT, for short) refers to a network of physical objects that feature an IP address of internet connectivity, as well as the communication that occurs between these objects and other internet-enabled devices and systems. Many homes are set up with smart thermostats, security systems, and lighting systems that are all controlled by a mobile device; this is an internet of things. Although currently only 12% of IT managers are actively pursuing an IoT project, it is projected to be more prevalent in the workplace in the near future.

IoT trends are forecasted to move toward more standardized solutions and a more rapid adoption in the consumer market as IoT solutions become more viable. The IoT provides real-time data analytics to the manufacturers of these products and solutions in order to better assess necessary changes based on consumer behavior; this is great for you as a consumer to enjoy a better experience but also has caused some to be leery about utilization of these solutions. It is predicted that as the IoT grows, so will cybercriminals’ attempts to target and compromise your solutions. This should not keep you from enjoying the benefits of an IoT solution, but this does mean that you need to ensure that it is being executed safely, because as attack attempts increase, so will security standards for IoT devices. Such a solution in your workplace may include turning on a light in your break room before you enter it, or having your coffee made before you leave your desk to retrieve it; these may be little things, but they can actually increase productivity and efficiency in the workplace.

CRM Intelligence

For law firms specifically, 2017 has forecasted a major increase of CRM (Customer Relationship Management) solutions. For those unfamiliar, at its core a CRM application maintains categorized lists of clients, prospects, and other important contacts. For each one it stores addresses, phone numbers, e-mail addresses, legal needs, and interactions with you, plus a wealth of biographical information. The applications track your interactions with clients and prospects, personalizing your communications. The key features that a law firm should expect from a CRM solution include task management, campaign and case management, contact management, lead management, and marketing automation. Additional benefits include mass email, strengthened relationships with clients, remote access, and social media integration.

The biggest trends we are seeing in 2017 include real-time hyper targeting, AI powered bots, multi-channel capabilities for social media, and most importantly, more platforms tailored to your specific job function. Do your research to ensure that you choose the solution that is best tailored to your needs. Capterra’s list is a great place to start.

Hybrid Cloud

Whenever the term “Cloud Solution” comes to mind for law firms, the biggest questions encompass security and compliance, as well as the ability to keep using your legacy software. When implemented correctly, firms often get to enjoy not only a more secure, but also more flexible solution. With a hybrid solution, your data and backups are stored off-site, so if anything happens to your network you are covered and able to restore your backup. In a hybrid cloud solution, you truly get the best of both worlds, and often benefit from cost savings as well, since you aren’t paying for all those expensive servers.

You may be afraid to make the leap to a solution involving the Cloud, but what many fail to realize is that if you do any banking online, use Office 365, or use social media for business, you already are operating in the cloud. As with any solution, there are risks associated with Hybrid Cloud solutions. You must ensure that your data  is protected and can be recovered easily by having redundancy. Your provider must have and honor a service-level agreement ensuring uptime and security on their solution.. We implement Cloud and Hybrid Cloud solutions at WAMS for our clients. Security is our top priority and we provide for all of our Cloud Connect clients a detailed service agreement..

Artificial Intelligence

The three largest categories of Artificial Intelligence breaking out in 2017 are Advanced Machine Learning, Business Intelligence, and, probably the most Sci-Fi of them all, Virtual Personal Assistants (VPAs). Advanced Machine Learning, in the field of data analytics, is a method used to devise complex models and algorithms that lend themselves to prediction. Business intelligence, or BI, is a term used to describe software applications that analyze an organizations raw data and related activities including data mining, online analytical processing, querying, and reporting. Business intelligence is useful for areas of your business such as monitoring your staff’s online activity to ensure productivity and security. Advanced Machine learning takes BI a step further and basically creates algorithms to analyze data and helps you to make predictions based on patterns.

When you think of a virtual personal assistant, you may be thinking of something out of a movie. The realistic VPAs of this time would be more like Siri or Alexa, which have become the norm for many people. It is however, predicted that more and more businesses will use virtual assistants to greet you, such as at an airport or at a front desk, and some can even communicate with you in various ways. On a business level, it has been projected that Artificial Intelligence will be used this year to automate processes, better organize unstructured data, create chatbots for marketing and customer service, and make business predictions through machine learning. On the consumer level it is predicted that “smart” everything will become the norm.

There are pros and cons to utilizing artificial intelligence, and it is important to be aware of when it is appropriate. Error free processing, intricate process automation, faster data insights, and better research outcomes are all pros of using artificial intelligence in the workplace. The cons that you may face are the fact that it is never good to rely solely on technology and we have seen a predicted threaten of job losses and over concentration of power due to the small amount of people that are creating these solutions. The ultimate pro and con of artificial intelligence is that it is smart, but isn’t too smart just yet.

Security

When considering the implementation of all of these new solutions and technologies, the number one focus should always be security. Staff awareness and training to combat cybersecurity threats is vital to your firm’s success. The ransomware industry is becoming an industry of its own, with its own customer support and cybercrime products popping up left and right. It has also been forecasted that cybercriminals will exploit browsers to find better ways to attack individuals, and there has even been talks of a twenty four hour internet shut down. This is why it is vital to protect yourself, have backups in place that you could restore data before it was compromised, and properly train your staff on awareness. Whether you want to implement an IoT solution, are ready to implement a CRM , think it may be time to move to the Cloud, or want to use artificial intelligence to better monitor your team, do your due-diligence by researching and always ensure that any of these solutions are secure.

3 Reasons Why Security is Better in the Cloud

If small- and medium-sized businesses think cyber security is impossible to manage now, just think about what it was like before the internet provided a way to receive IT support remotely. In today’s business landscape, enterprise-level solutions and security can be delivered from almost anywhere in the world. Read on to find out why that’s even safer than you realize.

Hands-on Management

Unless you have an overinflated budget, relying on local copies of data and software means IT staff are forced to spread themselves across a bevy of different technologies. For example, one or two in-house tech support employees can’t become experts in one service or solution without sacrificing others. If they focus on just cybersecurity, the quality of hardware maintenance and helpdesk service are going to take a nosedive.

However, Cloud Service Providers (CSPs) benefit from economies of scale. CSPs maintain tens, sometimes thousands, of servers and can hire technicians who specialize in every subset of cloud technology.

Fewer Vulnerabilities

Cloud security isn’t only superior because more technicians are watching over servers. When all the facets of your business’s IT are in one place, the vulnerabilities associated with each technology get mixed together to drastically increase your risk exposure.

For example, a server sitting on the same network as workstations could be compromised by an employee downloading malware. And this exposure extends to physical security as well. The more employees you have who aren’t trained in cyber security, the more likely it is that one of them will leave a server room unlocked or unsecured.

CSPs exist solely to provide their clients with cloud services. There are no untrained employees and there are significantly fewer access points to the network.

Business Continuity

The same technology that allows you to access data from anywhere in the world also allows you to erect a wall between your local network and your data backups. Most modern iterations of malware are programmed to aggressively replicate themselves, and the best way to combat this is by quarantining your backups in the cloud. This is commonly referred to as data redundancy in the cybersecurity world, and nowhere is it as easy to achieve as in the cloud.

The cloud doesn’t only keep your data safe from the spread of malware, it also keeps data safe from natural and manmade disasters. When data is stored in the cloud, employees will still have access to it in the event that your local workstations or servers go down.

The cloud has come a long way over the years. It’s not just the security that has gotten better; customized software, platforms and half a dozen other services can be delivered via the cloud. Whatever it is you need, we can secure and manage it for you. Call us today at 800-421-7151.

Tips on Prolonging Laptop Battery Life

Certain laptop brands have longer battery lives than others. But, there are power-saving techniques that help preserve battery power regardless of brand. Laptops are most useful to businesses with remote work policies, and if you spend the majority of your working hours on one, these tips on prolonging your its battery life will come in handy.

Manage Your Laptop’s Power Settings

Computer manufacturers are aware that battery life is an important consideration for most users, which is why many Windows and Apple computers have settings that help reduce battery consumption. Windows laptops have a Power Plan setting that lets you choose either a standard setting or a customized power plan; Energy Saver under MacOS’ ‘System Preferences’ offers a setting that allows you to adjust display and sleep controls.

Adjust Display and System Settings

You can also make adjustments to your laptop’s display and system settings to reduce brightness, turn off screensaver, disable Bluetooth and Wi-Fi (when they’re not used), and trigger the system to hibernate instead of sleep. A “sleeping” laptop consumes a little energy, but a “hibernating” laptop consumes absolutely none.

Use a Battery Monitor and Other Maintenance Tools

If you think your laptop battery drains unusually fast, access your system’s battery maintenance tool to check its status. If your laptop doesn’t have one, you can download an application that creates a battery health report. That report will include charge cycle count, which determines the number of charge cycles your laptop has; and battery life estimate, which states how much longer the battery will provide power based on its current settings.

Keep Your Laptop Operating Efficiently

One way to accomplish this is by managing your web browser usage. Having many tabs open on your browser drains your battery’s power and reduces your productivity.  When multitasking, close unused apps and programs – especially those that download files or play media, as they consume the most power. This not only helps reduce battery consumption, but also helps the user stay focused on the task at hand.

Handle your Laptop with Care

Laptops are delicate and require safe handling and a cool temperature. With the exception of a few models (e.g., Apple’s MacBook Air), many devices are designed with a cooling system that keeps its CPU, graphics processor, and other components from overheating; and not to mention, its battery from depleting fast.

For that reason, handling your laptop with great care ensures longer battery life and better overall performance. When using your laptop on-the-go, make sure you don’t block its vents from circulating air, which means you should never put it on a surface such as a bed or similar soft surface that could prevent its cooling fans from working. And while it may seem harmless – and appropriate – putting your laptop on your lap is actually unsafe.

For businesses with remote workers and/or bring your own device (BYOD) policies, a laptop that lasts all day allows employees to be more productive and saves your company from having to spend on new laptops or replace batteries as a result of neglect. For cost-effective strategies on business technology, call us today at 800-421-7151.

Homographs: The Newest Trend in Phishing

So much of cybersecurity depends on adequate awareness from users. Phishing for example, preys on people’s fears and desires to convince them to click on hyperlink images and text before checking where they actually lead to. However, with the latest trend in phishing, even the most cautious users can get swept up. Read on to educate yourself on how to avoid this dangerous scam.

What are Homographs?

There are a lot of ways to disguise a hyperlink, but one strategy has survived for decades — and it’s enjoying a spike in popularity. Referred to as “homographs” by cybersecurity professionals, this phishing strategy revolves around how browsers interpret URLs written in other languages.

Take Russian for example, even though several Cyrillic letters look identical to English characters, computers see them as totally different. Browsers use basic translation tools to account for this so users can type in non-English URLs and arrive at legitimate websites. In practice, that means anyone can enter a 10-letter Cyrillic web address into their browser and the translation tools will convert that address into a series of English letters and numbers.

How Does This Lead to Phishing Attacks?

Malicious homographs utilize letters that look identical to their English counterparts to trick users into clicking on them. It’s an old trick, and most browsers have built-in fail-safes to prevent the issue. However, a security professional recently proved that the fail-safes in Chrome, Firefox, Opera and a few other less popular browsers can be easily tricked.

Without protection from your browser, there’s basically no way to know that you’re clicking on a Cyrillic URL. It looks like English, and no matter how skeptical you are, there’s no way to “ask” your browser what language it is. So you may think you’re clicking on apple.com, but you’re actually clicking on the Russian spelling of apple.com — which gets redirected to xn—80ak6aa92e.com. If that translated URL contains malware, you’re in trouble the second you click the link.

The Solution

Avoiding any kind of cybersecurity attack begins with awareness, and when it comes to phishing, that means treating every link you want to click with skepticism. If you receive an email from someone you don’t know, or a suspicious message from someone you do, always check where it leads. Sometimes that’s as simple as hovering your mouse over hyperlink text to see what the address is, but when it comes to homographs that’s not enough.

In the case of homographs, the solution is unbelievably simple: Manually type in the web address. If you get an email from someone you haven’t heard from in 20 years that says “Have you checked out youtube.com??”, until your browser announces a fix, typing that URL into your browser’s address bar is the only way to be totally sure you’re safe.

For most, this trend feels like yet another development that justifies giving up on cybersecurity altogether. But for small- and medium-sized businesses that have outsourced their technology support and management to a competent and trustworthy IT provider, it’s just another reason to be thankful they decided against going it alone. If you’re ready to make the same decision, call us today at 800-421-7151.

When Did You Last Update Your Firmware?

Most IT consultants constantly remind clients of how important it is to update and patch their software, but neglect the importance of updating hardware. We don’t mean replacing it with new hardware; we mean updating the applications and settings coded into the physical IT powering every modern office.

What is Firmware?

Firmware is a very basic type of software that is embedded into every piece of hardware. It cannot be uninstalled or removed, and is only compatible with the make and model of the hardware it is installed on. Think of it like a translator between your stiff and unchanging hardware and your fluid and evolving software.

For example, Windows can be installed on almost any computer, and it helps users surf the internet and watch YouTube videos. But how does Windows know how to communicate and connect with your hardware router to do all that? Firmware on your router allows you to update and modify settings so other, more high-level, pieces of software can interact with it.

Why is Firmware Security so Important?

Firmware installed on a router is a great example of why addressing this issue is so critical. When you buy a router and plug it in, it should be able to connect devices to your wireless network with almost zero input from you. However, leaving default settings such as the username and password for web browser access will leave you woefully exposed.

And the username and password example is just one of a hundred. More experienced hackers can exploit holes that even experienced users have no way of fixing. The only way to secure these hardware security gaps is with firmware updates from the device’s manufacturer.

How Do I Protect Myself?

Firmware exploits are not rare occurrences. Not too long ago, a cyber security professional discovered that sending a 33-character text message to a router generated an SMS response that included the administrator username and password.

Unfortunately, every manufacturer has different procedures for checking and updating firmware. The best place to start is Googling “[manufacturer name] router firmware update.” For instance, if you have a D-Link or Netgear router, typing “192.168.0.1” into a web browser will allow you to access its firmware and update process, assuming you have the username and password.

Remember that routers are just one example of how firmware affects your cyber security posture. Hard drives, motherboards, even mouses and keyboards need to be checked. Routinely checking all your devices for firmware updates should be combined with the same process you use to check for software updates.

It can be a tedious process, and we highly recommend hiring an IT provider to take care of it for you. If you’re curious about what else we can do to help, give us a call today at 800-421-7151.

Back Up your Mobile Devices Now

Mobile phones’ sizes and styles went through massive changes in the last few years. And as their looks and dimensions changed, so did their functions. With better capacity and bigger storage, mobile phones turned into veritable mini-computers that businesses were quick to adopt as a vital office tool. Naturally, hackers got the memo. With new schemes targeted specifically towards mobile devices, you’d be well served backing up the files in your mobile device, now.

Malware On Mobile

More than 50% of the world’s adult population use a mobile phone with internet connection, so dangers in these handy devices are to be expected. Scarier than the thought of being offline is being online and exposed to malware.

If you use your mobile devices as an extension of your work computers, backing up is a must. Mobile phones have become as vulnerable to malware as laptops and desktops have, especially if you consider the fact that many professionals and business owners use them for emailing confidential documents and storing business-critical files.

Device Disasters

Other than malware, other types of disasters can happen on your device. Because you carry it wherever your go, your device can easily be stolen, misplaced, or damaged. They may be easily replaceable, but the data contained in them may not. Having completely backed up data on your devices helps prevent a minor inconvenience from turning into a disastrous situation.

Backup Options

Performing backups in iPhone and Android devices is a seamless process. Their operating systems require only minimal effort from users, and backing up entails nothing more than logging into their Apple or Google account. However, other users have different devices with different operating systems, slightly complicating the process.

Mobile devices’ safety is essential to business continuity plans. So whether your office users are tied to a single operating system or prefer different devices, there are options to back up all your organization’s mobile devices. There are cloud backup services that enable syncing of all devices and that back up files, contacts, photos, videos, and other critical files in one neat backup system. These mobile backup tools are offered on monthly or lifetime subscription schemes, which provides small businesses with enough flexibility to ensure protection.

Mobile phones have become so ubiquitous to how people function that many feel the need to have two or more phones, mostly to have one for personal use and another for business. With all these options on hand, there’s no excuse for not backing up data on your mobile devices.

Our experts can provide practical advice on security for your business’s computers and mobile devices. Call us for mobile backup and other security solutions today.