What Businesses Can Learn from Google’s Hefty GDPR Fine

Google was fined $57 million for not complying with the General Data Protection Regulation. Learn why Google was penalized so you can avoid the same data-privacy mistakes in your company.

Although it has only been enforced since May 25, 2018, companies are already being fined for not complying with the European Union’s General Data Protection Regulation (GDPR). In January 2019, Google was fined $57 million [USD] by France’s data protection authority, the National Data Protection Commission (CNIL). Google is the first US technology company to be penalized for GDPR noncompliance.

Learning why Google was fined can help you better understand what companies need to do to comply with data-privacy regulations. It is important for all businesses to have this basic understanding because legislation similar to GDPR is being passed in other parts of the world. For instance, in June 2018, the California State Legislature passed the California Consumer Privacy Act (CCPA). It gives California residents some of the strongest data-privacy protections in the world. CCPA will start being enforced in January 2020.

Why Google Has Been Fined

GDPR was created to provide data-privacy rights to EU citizens and protect them from data breaches. For example, EU citizens have the right to find out the types of personal data that companies are collecting about them, how the data is being used, and where it is being stored. Furthermore, businesses must ask customers for permission to collect and process their personal information. Companies must also make it easy for customers to withdraw their consent.

Two digital-rights advocacy groups made formal complaints to CNIL about Google’s data processing practices, especially when it comes to personalizing ads. Here is what CNIL found when it investigated the complaints:

Information is not easily accessible. CNIL found that is not easy for Google users to learn essential information about the types of data being collected about them, how that data is being used, and how long it is being stored. According to CNIL, the information is excessively disseminated, forcing users to access multiple documents and perform many steps to get it.

Some information is unclear and inadequate. CNIL discovered that, in some instances, Google’s explanations about how it is using the collected data are too vague, which impedes users’ ability to fully understand the purposes for processing that data. Similarly, the types of personal data being collected and processed is sometimes unclear. Plus, Google does not always specify how long it keeps the data.

There is a lack of valid consent regarding personalized ads. Although Google states that it obtains users’ consent to collect and process data for ad personalization purposes, CNIL found that it is not being validly obtained for two reasons:

  • Users are insufficiently informed about the total amount of data being collected and processed to make an informed decision. To personalize ads, Google collects data from many of its websites, apps, and services. However, Google does not tell users the specific sources from which their data is collected and how the various pieces of information are combined to provide personalized ads.
  • The consent is not specific. GDPR mandates that companies get customers’ specific, clear-cut consent to collect and use their personal data for each desired purpose. For instance, if a company wants to collect and process customers’ personal data for the purposes of displaying personalized ads and offering speech recognition services, it needs to ask customers for their consent for each purpose individually. Moreover, customers have to give their consent using a clear affirmative action, such as checking a box. (The box cannot already be preselected by the company.) According to CNIL, Google is not following these requirements. To create a Google account, users must select the boxes “I agree to Google’s Terms of Service” and “I agree to the processing of my information as described above and further explained in the Privacy Policy”. By doing so, users are giving their consent for all of Google’s various data collection and processing purposes (e.g., for ad personalization, for speech recognition services). While users can later configure their settings to stop their personal data from being collected and processed for the purpose of displaying personalized ads, this option is not easy to find. Furthermore, the option giving consent is preselected by Google.

Based on these findings, CNIL fined Google $57 million. The tech giant has already announced that it will appeal the penalty. Even if the appeal succeeds, Google will have likely spent a considerable amount of money and resources challenging the fine. For this reason and others (e.g., less prone to data breaches, increased customer satisfaction), it is a good idea for businesses to make sure they comply with GDPR if they have customers in the European Union.

 

Although Google Was the First, It Won’t Be the Last

Other well-known tech companies might be following in Google’s footsteps. Complaints have been levied against FacebookTwitter, and several streaming service providers(including Apple, Netflix, Spotify, and YouTube). Complaints and fines are not limited to large tech companies. Any business that processes or stores the personal data of EU citizens is required to comply with GDPR, regardless of its size or industry.

New Ransomware Is Masquerading as Apps and Games

Anatova has gained security experts’ attention. Besides being the first new ransomware in 2019, it poses a serious threat. Discover why it is so dangerous and how to protect your business from it.


A new form of ransomware is disguising itself as apps and games to trick people into downloading and launching it on their devices. Since January 1, 2019, cybercriminals have been using this dangerous ransomware, known as Anatova, to hold victims’ files for ransom. It has been found worldwide, with the largest number of victims in the United States.

 

How Anatova Works and Why It Is So Dangerous

Anatova typically masquerades as the icon of an app or game to trick people into downloading it. During installation, it requests administrative rights. After the ransomware makes sure it is on a legitimate computer, it encrypts the files on the machine. It also encrypts the files on any network shares connected to the device. Once all the files are encrypted, the victim is presented with a ransom note asking for 10 Dash. Dash is a type of cryptocurrency — 10 Dash is worth around $700 [USD] at the time of this writing. Victims are allowed to decrypt one JPG file for free as proof that the files can and will be decrypted if they pay the ransom.

While Anatova sounds like many other ransomware programs, security experts are warning that it is a serious threat. One reason why Anatova is so dangerous is that uses a variety of methods to prevent detection. For example, it uses dynamic calls that have been designed to not raise suspicion. Similarly, it uses techniques to deter analysis, such as memory cleaning functions.

Even more troubling is that cybercriminals can easily add new functionality to Anatova because of its modular architecture. Thus, they can quickly adapt Anatova to make it more effective. For instance, they might add new techniques to evade detection or new spreading mechanisms. The latter is of particular concern. Currently, Anatova has only been found on private peer-to-peer networks, but researchers believe it could be spread other ways in the future.

 

How to Protect Your Business

To avoid having your business become a victim of Anatova or another ransomware variant, you need to educate employees about ransomware. Topics to cover include:

  • What ransomware is and how cybercriminals commonly spread it. Besides covering how Anatova is being distributed through downloads, it is important to cover how ransomware can be spread through other methods, such as phishing emails.
  • Warn employees about the dangers of downloading and opening executables (e.g., apps, games) and files (e.g., PDF files) from peer-to-peer networks and the Internet. This is a good time to discuss your company’s policy regarding when employees are permitted to download executables and files and the sources where employees are allowed to get them.
  • Tell employees about other dangerous practices that can lead to a ransomware infection, such as clicking links and opening attachments in emails, especially if the emails are from unknown senders.
  • Stress the importance of avoiding any content flagged as a potential security threat by security software or web browsers, as it might contain malicious code.

Besides educating employees, you need to take other measures, including:

  • Making sure your security software is being updated on every computer in your business
  • Regularly updating the apps installed on your computers so that known security vulnerabilities are patched
  • Making sure you have restorable backups of your data in case a ransomware attack occurs

We can make sure that your business has covered all the bases so that it will be protected from Anatova and other ransomware variants.

Blackmail Emails Are Being Sent to the Workplace

Blackmail emails that were previously sent only to personal accounts are now being sent to business accounts. Find out what the emails are saying so you can be prepared in case you receive one.

In 2018, people were receiving emails in their personal accounts that tried to blackmail them into paying a ransom. People are now reporting that they are receiving similar emails at work.

In the emails, the blackmailers state they have evidence that the recipient has viewed a video on a pornography website because they hacked into the recipient’s computer. Specifically, they claim to have recorded what the recipient was watching and doing while viewing the video by using the device’s screen-capturing capabilities and webcam. The blackmailers then threaten to send the recording to everyone in the recipient’s email and social-media contact lists if the person does not pay the specified ransom.

 

The Blackmail Emails Are Actually Phishing Scams

The blackmail emails that people have been receiving at work and at home are actually phishing attacks being sent out by cybercriminals. The emails contain several classic signs of phishing scams:

  • Generic greeting. The emails do not include the recipients’ names in the salutation. Instead, they use a generic greeting such as “Good Morning my friend” or no greeting at all. In some cases, the recipient’s email address (or a shortened version of it) is used in the salutation.
  • Generic content. The emails do not contain any specifics about the incidents that were supposedly recorded. For example, they do not mention which websites the recipients were supposedly visiting when the recordings were made.
  • A sense of urgency and fear. To get people to fall for the scam, the emails try to create a sense of urgency and fear by first letting the recipients know that compromising recordings have been made and then telling them the recordings will be shared with their coworkers, friends, and family if the ransom is not paid.
  • Misspellings and grammatical errors. The emails contain misspellings and grammatical errors.

In some of the blackmail emails, the cybercriminals have been including a password that the recipient currently uses or has used in the past as “proof” they have hacked the person’s computer. However, email address-password pairs are often stolen in data breaches and can be easily purchased on the dark web. So, although alarming, the inclusion of a password does not prove the recipient’s computer has been compromised.

 

What to Do If You Receive This Phishing Email

If you receive a phishing email like this (or any other type of phishing email), here is what you should and shouldn’t do:

  • Do not panic or respond to the email.
  • Do not open any email attachments. In one instance, a blackmail email included an attachment. Opening an attachment could lead to spyware or another type of malware being installed on your computer.
  • Do not click any links in the email. Although the blackmail emails thus far have not included links, cybercriminals continually change their attack methods. Clicking a link could lead to malware being installed on your computer.
  • Follow company policy on how to deal with phishing emails if you receive one at work (e.g., forward it to the IT help desk, simply delete it).
  • Change your password if necessary. If the email includes a password that you currently use, change that password. If you used the password for multiple accounts, be sure to change each instance to a unique, strong password.

Scan your device for malware using your device’s security software as a precaution.

Don’t Let Your IT Policies and Procedures Fall by the Wayside

IT policies and procedures are not “set and forget” documents. Discover why they need to be reviewed regularly and learn some tips on how to do so.

Businesses sometimes create IT policies and procedures and then forget about them. Reviewing IT policies and procedures is important for several reasons, including:

  • Keeping IT systems running optimally. Companies create IT policies and procedures to help keep their IT systems running efficiently and securely. If these documents are not updated to reflect changes made to the systems, problems might arise. For instance, if a company starts collecting additional personal data from customers, it should update its privacy, data governance, and other applicable policies and procedures. Otherwise, the data might not be properly collected, cleaned, secured, used, and stored. This could lead to security vulnerabilities (e.g., improperly stored data) or data integrity issues (e.g., the new data cannot be combined with existing data because of formatting inconsistencies).
  • Complying with regulations. Regularly reviewing and updating certain types of policies is necessary for compliance to some regulations. For example, businesses that process or store the personal data of European Union (EU) citizens must comply with the General Data Protection Regulation (GDPR). One of the main requirements is that companies have privacy policies that tell EU citizens what data it is being collecting about them and how their data is being used, secured, shared, and stored. So, if a business starts collecting additional personal data from EU citizens but fails to update its privacy policy, it could be fined for noncompliance with GDPR.
  • Avoiding lawsuits. Businesses can be held liable for outdated, vague, and inconsistently enforced policies. For instance, a US jury awarded $21 million in damages to a woman who was struck by a Coca-Cola delivery driver who had been talking on her cell phone at the time of the accident. The plaintiff’s attorneys successfully argued that the company’s mobile phone policy for its drivers was vague and that Coca-Cola was aware of the dangers of distracted driving but withheld this information from its drivers. As this example illustrates, it is important for companies to periodically review their IT policies to make sure they are clear, current with the times, and consistently enforced throughout the workplace.

At least once a year, you should review your company’s existing IT policies and procedures to make sure they are up-to-date and relevant. This is also a good time to determine whether any new policies need be written. For instance, if you recently permitted employees to use their personal smartphones for work, you can use this opportunity to discuss the need for a Bring Your Own Device (BYOD) policy to govern the use of employee-owned phones in the workplace.

In addition, it is a good idea to test certain IT policies and procedures before the review process if it has not been done recently. For example, you could test the IT disaster recovery plan and procedures by holding a drill. Besides identifying problems with the plan and procedures (e.g., phone numbers that are no longer correct), the drill will allow employees to become familiar the process. This will lessen employees’ stress in the event of an actual disaster, which can lead to a faster recovery time.

If changes need to be made to an IT policy or procedure, you should:

  • Assign someone to make the changes.
  • Make sure the updated documents are reviewed and approved by the appropriate people (e.g., human resources staff, legal team).
  • Share the updated versions of those documents with employees.

Retest the policies and procedures if applicable. Need help keeping your policies moving forward? Give us a call at 800-421-7151.

5 Things to Know If You Are Considering Getting Cyber Insurance

As cyber attacks continue to increase in number and sophistication, more and more companies are purchasing cyber insurance. If you are considering getting this type of policy for your business, here are five things to keep in mind.


Discovering that a hacker just conned your business out of a large amount of money is probably one of your worst nightmares. For one organization, this nightmare came true. In December 2018, the Connecticut-based Save the Children Federation revealed that it fell victim to a business email campaign (BEC) scam the year before. The charity unwittingly transferred nearly $1 million to the hackers’ account.

Fortunately, the charity had cyber insurance, which covered most of the stolen money. The charity ended up losing only $112,000.

With BEC scams and other types of cyber attacks increasing in number and sophistication, more and more organizations are turning to cyber insurance to mitigate the risks and offset the costs of cyber attacks and other Internet- and IT-related liabilities. In the United States alone, the market is expected to grow from $2 billion to $15 billion in the next decade.

If you are considering purchasing cyber insurance for your business, here are five things to keep in mind:

  1. Cyber Insurance Is Continually Evolving

Cyber insurance is not new. Its roots are in errors and omissions (E&O) insurance policies. Around 20 years ago, add-ons were attached to tech companies’ E&O policies. These add-ons covered incidents such as a tech company’s software program bringing down another company’s network. Eventually, the add-ons evolved into separate policies that covered a lot more types of incidents (e.g., data breaches). As the kinds of coverages increased, so did the interest in these policies by companies outside the tech industry.

Nowadays, there are many different types of cyber insurance policies being purchased by many different kinds of businesses. And as the Internet, cyber crime, and IT systems evolve in the future, so too will the cyber insurance policies.

  1. Comparing Policies Can Be Challenging

Cyber insurance policies can be hard to compare because there is no set standard for underwriting this type of insurance. It is up to each insurance company to decide what it will cover and how to market that coverage. As a result, you might find that:

  • Some insurance companies simply add cyber insurance extensions to existing insurance policies. Most insurers, though, have separate cyber insurance policies. Stand-alone policies are usually more comprehensive than extensions, according to experts.
  • Some insurance companies put different types of coverages into separate policies. For instance, they might have a policy covering just data breaches and a policy covering cyber liability. In contrast, other companies offer one policy in which they include all their coverages (e.g., one policy covering both data breaches and cyber liability).
  • A few insurance companies offer different cyber insurance policies for different types of organizations. For instance, they might have separate policies for small businesses, tech companies, and public sector entities.
  • Like other types of insurance, the cost of the cyber insurance depends on many factors beyond the type of coverage provided. For instance, a business’s gross revenue, industry, and data risks are factored into the cost.
  1. Types of Expenses That Are Commonly Covered

Although there is no standard for underwriting cyber insurance policies, they cover many of the same types of expenses. Insurance companies typically cover cyber incidents caused by both internal actors (e.g., errors and omissions by employees) and external actors (e.g., cyber attacks by hackers). Examples of items usually covered include:

  • Lost revenue due to network downtime or a business interruption resulting from a cyber incident
  • Cyber extortion costs (e.g., ransomware payment)
  • The expenses incurred from a forensics investigation of a cyber attack
  • The costs incurred to restore data and systems after an attack
  • The expenses associated with notifying customers and other parties about a cyber incident
  • The cost of hiring a PR firm to minimize a cyber incident’s impact on a company’s reputation
  • Regulatory fines
  • Defense costs to handle lawsuits levied by individuals or businesses adversely affected by a cyber incident or a lawsuit imposed by a government entity (e.g., a state’s Attorney General)
  • Legal settlements from lawsuits

As this list shows, cyber insurance usually covers expenses incurred by the insured business as well as third parties adversely affected by the cyber incident. This is referred to as first-party coverage and third-party coverage, respectively.

  1. What Is Usually Not Covered

There are some costs and types of incidents that are not typically covered in cyber insurance policies. They include the loss of future revenue due to a cyber incident, costs to improve internal IT systems, bodily injury, and property damage.

In addition, it is important to know that a claim can be denied if a company misrepresents its security measures. Businesses are usually required to fill out an application that includes questions about the security measures they have in place. If a company submits a claim and the insurer can prove that the business did not have the specified security measures in place, the insurer can deny the claim.

  1. Where to Start If You Want to Get Cyber Insurance for Your Business

Before shopping for cyber insurance, experts recommend that you start by identifying the following for your business:

  • The types and sensitivity of the data used in your business
  • The kinds of cyber threats your company faces
  • How susceptible your business’s operations are to a network interruption and how much revenue you would lose every day if a cyber incident brought down your operations
  • Whether your business must adhere to any cyber-related laws or regulations (e.g., European Union’s General Data Protection Regulation, United States’ Health Insurance Portability and Accountability Act) and the cost of noncompliance
  • The contracts you have with suppliers and other business associates and what data they are able to access through joint business operations

With this information, you can get an idea of the types and amount of coverage needed. We can help you gather this information so you can get the best cyber insurance for your business.

Just Because a Mobile VPN App Is Popular Doesn’t Mean It Is Protecting Your Privacy

A study of the top free VPN apps available in Apple’s App Store and Google Play revealed that some of them might not be protecting your privacy as promised. Find out what the researchers discovered.

Using free public Wi-Fi networks at airports, hotels, and restaurants is convenient when traveling for business, but it can be risky. If you connect to an unsecured public Wi-Fi network, you run the risk of having hackers eavesdrop on your electronic conversations.

In theory, you can use a virtual private network (VPN) app to protect your privacy and data when using your mobile device within public Wi-Fi networks. In reality, that might not be the case if you are using a free mobile VPN app.

study of the top free VPN apps available in Apple’s App Store and Google Play revealed that most of them have no formal privacy policies or unacceptable ones. Plus, many of them are from obscure Chinese companies that deliberately make it difficult for people to find out anything about them. Equally concerning is that these apps often lack adequate customer support.

How the VPN Apps Were Selected

Researchers at Top10VPN.com selected the apps to study by searching for “VPN” in the App Store and Google Play for both the United States and United Kingdom sites. (Top10VPN.com is a VPN review site run by Metric Labs, an online security and privacy education company.) If a paid app appeared in the search results, the next one was selected. The top 20 VPN apps in each store at each site were listed, giving a total of 80 apps. Many of the apps appeared more than once in the list, so duplicate entries were removed. The end result was a list of the top 30 free VPN apps.

What the Study Found

For each app, the researchers investigated several elements, including the app company’s privacy policies, ownership, and customer support. One of the most concerning findings is that 86% of the apps are provided by companies that do not have any privacy policies or unacceptable ones. In regard to the latter, some of the companies have generic privacy policies that do not include any VPN-specific terms or policies that lack important details about data collection practices — both of which can give users a false sense of security. Other policies note that the companies track user activity and share it with third parties. Several policies even explicitly state that the companies collect and share users’ personal data with China.

Another troublesome finding concerns the companies providing the apps. “Our investigation uncovered that over half of the top free VPN apps [59%] either had Chinese ownership or were actually based in China, which has aggressively clamped down on VPN services over the past year and maintains an iron grip on the Internet within its borders,” said Simon Migliano, the head researcher at Top10VPN.com. Chinese legislation now forces local VPN providers to register with government authorities and obtain a license to operate. This is likely why some app privacy policies state that users’ personal data might be shared with China. For example, the privacy policies for the VPN Master, Turbo VPN, and SnapVPN apps state that “Our business may require us to transfer your Personal Data to countries outside of the European Economic Area (“EEA”), including to countries such as the People’s Republic of China or Singapore.” China’s VPN legislation coupled with the prevalence of Chinese hacking groups makes using VPNs provided by companies with links to this country risky to use.

The study also found that many of the top 30 apps have questionable user support. Specifically, 64% of the apps did not have dedicated websites for their VPN services. Several apps had no online presence whatsoever beyond their listings in the app stores.

Furthermore, 52% of the customer support email addresses specified in the app store listings were personal accounts (e.g., Gmail or Hotmail accounts). When the researchers sent emails to all the apps’ customer support email addresses requesting assistance, 83% of the emails were ignored. The emails were sent from the official top10vpn.com address and did not hide the researchers’ true identities.

You can find the details about all the apps investigated in the “Free VPN Apps: Chinese Ownership, Secretive Companies & Weak Privacy” report.

A VPN App Can Be Invaluable If You Pick the Right One

A VPN app can be invaluable if you use your mobile device within public Wi-Fi networks. It can protect your privacy and data if a network is not secured properly. However, when selecting a VPN app, it is important to do research and carefully evaluate the candidates, especially those that are free. If you need assistance selecting a safe VPN app for your mobile device, give us a call.

Reputation Jacking: Another Trick Up Hackers’ Sleeves

Reputation-jacking is on the rise. Discover what reputation-jacking is and why cyber criminals like to use it when attacking businesses.

Cyber criminals have another trick up their sleeves. Besides using phishing emails to steal money and data from businesses, some hackers are now employing an additional technique known as reputation-jacking — using popular, legitimate cloud storage services to deploy malware.

Security researchers at Menlo Labs uncovered a scam that showcases why using this technique is gaining popularity among hackers. In this scam, cyber criminals sent customized phishing emails to employees at banks and financial services companies in the United States and United Kingdom between August and December 2018. These emails used a convincing pretense to get the employees to download malicious files from the Google Cloud storage service.

Storing the files on Google Cloud likely gave the employees a false sense of security — the impression that the files were safe because they were on a popular, legitimate cloud service. Storing the files on Google Cloud also let the hackers circumvent possible security measures at the companies. If the hackers had attached the malicious files to the emails, they probably would have been caught by email security software since the files were Visual Basic Script (VBS) and Java Archive (JAR) files.

Downloading and opening the malicious VBS and JAR files initiated a process designed to infect the employees’ computers with remote access trojans. Cyber criminals use these trojans to gain control over compromised machines so that they can remotely run commands that will let them scout out companies’ networks. Hackers use what they learn to determine the best tools and techniques to deploy to accomplish their ultimate goal, which is often stealing money or data.

The security researchers who discovered the scam noted that reputation-jacking is on the rise. For this reason, it is important to discuss it when you are educating employees about phishing and business email campaign (BEC) scams. Let them know what reputation-jacking is and why hackers like to use it. Be sure to stress that anytime an email urges them to access a file, they should think twice about doing so. The file might be malicious, even if it is located on a legitimate cloud storage service. Call us at 800-421-7151 if it is time for some security training!

How to Customize the Startup Pages in Google Chrome and Microsoft Edge

If you have several websites you visit every day, you can configure your browser to automatically open those sites when you launch your browser. Here is how to customize the startup pages in Google Chrome and Microsoft Edge.

Most people have favorite websites they visit daily. If you are one of them, you can configure your web browser to automatically open those pages when you launch the browser. That way, you do not need to open each site every day, saving time and hassle.

To customize the startup pages in Google Chrome, follow these steps:

  1. Launch Google Chrome.
  2. Open the websites you want automatically opened when you start the browser.
  3. Click the icon that looks like a vertical ellipsis. It will be in the top right corner of the browser.
  4. Select “Settings” from the menu that appears. This will bring up the “Settings” web page.
  5. Scroll down to the “On startup” section at the bottom of the page.
  6. Click the “Open a specific page or set of pages” button.
  7. Select the “Use current pages” option.
  8. Close the “Settings” web page.

To customize the startup pages in Microsoft Edge, do the following:

  1. Launch Microsoft Edge.
  2. Open the websites you want automatically opened when you start the browser.
  3. Copy the sites’ addresses into a program such as Notepad or Microsoft Word.
  4. Click the icon that looks like an ellipsis. It will be in the top right corner of the browser.
  5. Select “Settings” from the menu that appears. This will bring up the “Settings” box.
  6. Find the “Open Microsoft Edge with” option.
  7. Select “A specific page or pages” from the drop-down list.
  8. Enter one of the site addresses you copied and click the save button (the button with the icon of a floppy disk).
  9. Use the “Add a new page” option to enter the other sites you want automatically opened.
  10. Click somewhere outside the “Settings” box to close it.

5 Noteworthy IT Trends That Will Affect SMBs in 2019 and Beyond

The IT industry is constantly changing. Because there are so many changes, it can be hard to discern which ones are most important. To help highlight the changes deserving attention, here are five IT trends that small and midsize businesses should know about.

Knowing the direction in which IT is headed can help companies prepare for the opportunities and challenges those changes might bring. However, many small and midsize businesses (SMBs) do not have the time or resources to keep up with IT changes since there are so many of them. Further, it can be hard to discern which ones are most important. To help highlight the changes deserving SMBs’ attention, here are five IT trends they should know about:

1. Data Privacy Regulations Will Become More Common

More data privacy regulations are likely on the horizon. The high rate of data breaches coupled with the controversial data-collection and data-sharing practices used by some companies (e.g., Facebook, Google) are prompting more people to rally around data privacy laws.

Some governing groups have already responded to people’s cries for more privacy. For example, the European Union passed the General Data Protection Regulation (GDPR), which went into effect in May 2018. A month later, the California State Legislature passed the California Consumer Privacy Act.

SMBs should keep abreast of the data privacy regulations being enacted and check to see whether they need to comply with them. The latter is not always readily apparent. For instance, companies do not have to reside in the European Union to fall under GDPR’s jurisdiction. Any organization that processes or stores the personal data of EU citizens is required to comply with GDPR, no matter it is located.

2. More SMBs Will Turn to Chatbots

To gain and retain customers, a company needs to quickly respond to their requests for information and answer any questions they might have. However, staffing a customer support desk 24 x 7 can be expensive.

One way companies are addressing this dilemma is by using chatbots, which are also known as virtual assistants or virtual agents. These software programs employ advanced technologies such as natural language processing and machine learning to simulate and automate conversations with humans. Chatbots can also help with routine tasks such as arranging meetings and collecting data.

Chatbots are becoming less expensive to purchase. Plus, companies have the option of buying prebuilt chatbots or building their own. Thus, chatbots are a practical solution for SMBs that want to be highly responsive to potential and existing customers.

3. Integrating Cloud and On-Premises Resources Will Become a Priority

With 96% of companies using at least one cloud service, it is safe to say that businesses have whole-heartedly embraced the cloud. However, companies’ cloud resources are not usually integrated with their on-premises resources. This can lead to a myriad of problems. For instance, a manager might want to break down product sales by customer age to analyze the buying habits of different generations. However, he might find that he is unable to do so because the customer data is stored in an on-premises legacy system while the product sales data is stored in the cloud, with no easy way to combine the two datasets.

In 2019, companies will begin to understand the importance of integrating on-premises and cloud resources, according to IDC experts. They predict that it will be a top IT spending priority for half of SMBs by 2021.

4. Companies That Want to Deploy Systems Using 5G Will Have to Wait

In December 2018, AT&T became the first wireless carrier to go live with a mobile 5G service in the United States. Although AT&T was the first, it won’t be the last. Other wireless carriers will likely follow suit.

Businesses are already looking forward to using this fifth generation of wireless networking technology because it is much faster, provides more bandwidth, and has lower latency than its predecessor, 4G. A survey by Gartner revealed that two-thirds of the polled organizations plan to deploy 5G by 2020. Ways they intend to use it include Internet of Things (IoT) device communications, video conferencing, and video analytics.

However, these companies will likely have to wait several more years. Gartner researchers expect that public 5G networks will not be capable enough to meet the needs of organizations by 2020 because wireless carriers will initially concentrate on providing 5G broadband services to consumers. They anticipate that an infrastructure capable of handling companies’ needs won’t be available until 2025 or later. Although companies could conceivably build their own private 5G networks in the meantime, the expense involved would not make it a viable solution for most SMBs.

5. The Proliferation of Data from IoT Devices Will Increase the Need for Edge Computing

Cisco estimates that IoT devices will generate a whopping 847 zettabytes of data by 2021. To handle the vast amounts of data generated by these devices, many companies will need to turn to edge computing.

With edge computing, the data from IoT devices is processed close to the location where it is being generated rather than being sent to a central location for processing. This allows the data to be analyzed and acted on in near real-time. Besides enabling such fast response times, edge computing helps companies significantly reduce the amount of data that needs to be sent to a central location, saving bandwidth.

Edge computing will be so crucial to handling IoT data that Gartner has ranked it as one of the top 10 strategic technology trends for 2019. And IDC researchers predict that, in key industries, a third of SMBs will be using IoT devices and edge computing to collect and evaluate data in near real-time by 2021.

7 Reasons Why IT Projects Fail

Projects frequently fail in businesses. Here are seven common reasons why IT projects fail and how you can avoid these pitfalls.

Having projects that fail is common in businesses. In one 2018 study, the Project Management Institute surveyed more than 5,500 companies and found that 15% of the projects they started failed. And these failures were costly — 9.9% of every dollar invested was wasted due to poor project performance.

Learning from other teams’ mistakes is one way to avoid failed projects. Here are seven common reasons why IT projects fail and how you can avoid making the same mistakes:

  1. Undefined Deliverables

While most project teams define the objectives for their IT projects, some teams do not define the projects’ deliverables. A common reason for this oversight is the belief that objectives and deliverables are referring to the same thing.

While objectives and deliverables are closely related, they are not synonymous. The objective describes what a team plans to accomplish with its project. Deliverables are things (e.g., reports, plans, processes, products) that the team will produce to enable the objective to be achieved. For example, suppose a project’s objective is to replace old printers with ones that will better meet the business’s needs. The deliverables might include a report detailing current and projected printer usage needs, an analysis determining whether it is best to buy or lease the printers, evaluations of at least three printer suppliers, a signed contract, installation of the printers, a training program for employees on how to use the new printers, and so on. A larger project might need separate objectives and deliverables for each phase in it.

Because deliverables often build on each other, they provide a roadmap that the team can follow to achieve the project’s objective. Deliverables also help the team more accurately estimate the time, resources, and funding needed to complete it.

  1. IT Project Too Large

Tackling IT projects that are too large in scope is a common reason why they fail. Large projects require large amounts of time, money, and resources to complete — all of which might be in short supply, especially in small and midsized businesses.

Projects with smaller scopes are typically more manageable and have a greater chance of success. So, for example, instead of undertaking a project to create a set of IT policies, it is better to narrow the scope by having the team create just the acceptable use policy. When that project is done, the team can then tackle the privacy policy, and so on.

It is important to note that an IT project might start out with a manageable scope, but then “scope creep” sets in. For instance, if a team is working on developing an intranet site for employees, having an ever-growing list of “must-have” and “nice-to-have” features might expand the project’s scope to the point where it is unmanageable. While changes to a project’s scope are sometimes necessary, they should be kept to a minimum. Significant changes might necessitate the need for the team to revise its deliverables, schedule, and budget.

  1. Unrealistic Schedules and Budgets

Sometimes, teams do not realize how much time or money will be required to complete IT projects. Other times, they are simply too optimistic.

Not taking the time to get accurate estimates of how much time and money a project will require can result in projects being late and overbudget. Even worse, it could lead to poor-quality deliverables. If a project’s schedule is unrealistic, people might rush to get things done or take shortcuts. Similarly, people might cut corners if a project’s budget is too small.

Having well-defined deliverables will help in the creation of realistic schedules and budgets. It’s important to build in a little extra time and money, though, in case any surprises pop up.

  1. Not involving the Right People

An IT project can run into trouble if the people involved do not have the necessary skills and knowledge. For example, having a technician head a project because he is knowledgeable in the project area can lead to failure if that person has no experience in managing projects or teams. Conversely, if no one on the team is knowledgeable about the latest IT technologies, the team might not consider a technology that could potentially be a good fit for the company.

It is important to make sure that each person involved in the project is capable of completing their assigned role. It is also important to make sure that at least one person on the team has sufficient IT knowledge in the project area. If no one in the company has the necessary know-how, the team should consider bringing in an outside expert.

  1. No Central Repository for Communications

For a project team to be successful, its members must be able to communicate effectively with each other and with other people inside their companies. To do so, they need good communication skills as well as effective communication tools.

Besides holding team meetings, project team members often use email to communicate with each other. While this is an effective tool, the emails are stored in the members’ inboxes, making it hard for other people (e.g., a new team member) to access the information discussed in them. Plus, if a team member forgets to copy the entire team on an email, some people might be inadvertently kept out of the loop.

A better approach is to have a central repository for project communications. This could be as simple as having project members store copies of their project-related emails in a shared folder on the company’s network. Ideally, though, teams should use collaboration software that enables them to communicate and collaborate with each other and that stores their communications and work in a central location.

  1. Not Monitoring and Tracking Progress

It is important monitor and track a project’s progress in terms of deliverables met, costs, and schedule. If a team fails to do so, a small glitch could turn into a big problem later on.

While manually monitoring and tracking a project is possible, it would be time-consuming. A better solution is to use project management software. That way, the team will always know exactly where the project stands and how much time and money has been spent on it thus far.

  1. Not Enough Testing

IT projects often include deliverables such as IT systems and IT products. Failure to thoroughly test these types of deliverables can result in their failure once they are implemented.

The team should not wait until the end of the project to conduct the tests. Testing needs to start early and be done often. This will allow small problems to be fixed before they grow into significant problems that will take much more time and money to fix.

If you have any other questions about upcoming projects you need done, give us a call at 800-421-7151. Our team will make sure your IT projects are executed successfully.

4 Misconceptions about Tech Support Scams

Despite being common, there are many misconceptions about tech support scams. Not knowing the truth can result in falling victim to this type of fraud. Here are four misconceptions set straight.

Tech support scams are common and costly. In 2017 alone, around 11,000 victims filed complaints with the Internet Crime Complaint Center (IC3). They reported losing nearly $15 million, which represents an 86% increase in losses compared to 2016.

Even though tech support scams are common, there are many misconceptions about them. Knowing the truth can help you become more adept at recognizing and avoiding this type of fraud. Toward that end, here are four misconceptions set straight:

  1. Tech Support Scammers Always Call

In the past, scammers frequently cold-called potential victims. They often identified themselves as tech support staff from a well-known tech company such as Microsoft. They then spun a tale of how they detected a problem on the person’s computer that should be fixed immediately, which they offered to do.

Nowadays, scammers are more apt to use other means to reach potential victims, including:

  • Pop-ups. When people visit a website, a message pops up that says their computers are infected with malware, have an expired software license, or have some other problem. The visitors are then urged to call a bogus hotline or go to a fake online tech support center to get the problem fixed.
  • Phishing emails. People receive emails that do not mention anything about their computers having a problem. Instead, some other pretense is used to try to get them to click a link. For example, security researchers found that some phishing emails were made to look like notifications from online retailers (e.g., Amazon) and professional social-networking sites (e.g., LinkedIn). Clicking the linking sent people to a malicious website that mimicked the legitimate one that supposedly sent the email. The site then deployed various scare tactics (e.g., pop-up messages saying there is a malware infection) to trick people into calling or visiting a phony tech support center.
  • Redirects to bogus tech support websites. In some cases, malicious ads (or links in other types of web content) redirect visitors to tech support scam sites. According to security researchers, these malicious ads are usually found in questionable websites, such as those that host illegal copies of media and software.
  1. If It’s Free, It Isn’t a Scam

The goal of many tech support scams is to make money. Scammers try to con you into paying for bogus software or services. Having someone notify you, out of the blue, that your computer has a serious problem, which they can fix — for a price — is a classic sign of a tech support scam.

However, you cannot assume the person is legitimate if they offer to fix the problem for free. Sometimes scammers have different goals. For example, they might want to change the settings on your computer so that it becomes part of a botnet. Or, they might want you to install their free software because it contains spyware.

  1. Baby Boomers Are Most Likely to Fall Victim to Tech Support Scams

A common misconception is that Baby Boomers are most likely to fall victim to tech support scams because they are less familiar with technology. However, a 2018 Microsoft study found that Gen Z’ers and Millennials are twice as likely to initially fall for a tech scam (e.g., click a link in a phishing email or call the number given in a pop-up) than Baby Boomers. And the Gen Z’ers and Millennials are five times more likely to lose money to tech support scammers (e.g., pay the digital con artists for bogus software or services).

The researchers attribute the higher vulnerability of Gen Z’ers and Millennials to several factors:

  • They engage in more risky online activities (e.g., use torrent sites, download movies, music, and videos) than the older generations.
  • They tend to be overconfident in their online abilities, causing them to be less cautious and more susceptible to scams. In the study, the Gen Z’ers and Millennials gave themselves high ratings in web and computer expertise.
  • They are more likely to believe that it is normal for reputable tech companies to make unsolicited contact than the older generations. In the study, 33% of the Millennials and 30% of the Gen Z’ers said unsolicited contact was normal compared to 18% of the Baby Boomers and 22% of the Gen X’ers.
  1. It’s Difficult to Defend against Tech Support Scams

Fortunately, the notion that it is hard to defend against tech support scams is a misconception rather than the truth. Besides understanding how tech support scams work, you can take some surprisingly simple measures to protect yourself.

For starters, you should not disable your web browser’s pop-up blocker. Most modern browsers automatically block pop-ups. For example, Google Chrome blocks not only pop-ups but also redirects by default. Manually disabling this functionality might result in you seeing more messages that try to scare you into calling or visiting a bogus tech support center.

Equally important, you should not visit questionable websites. Plus, you should heed the security warnings issued by your web browser and security software. These programs often flag or block content they know or suspect is unsafe. Resisting the urge to visit questionable sites and access flagged or blocked content can help reduce the number of tech support scam pop-ups and malicious ads in your web browser.

Another measure you can take is making sure your email app, web browser, and security software are being updated regularly. These programs are typically configured to automatically update, but it is a good idea to make sure that is the case. With the updates installed, they will be better able to identify and deal with security issues. For example, email apps usually include filtering tools that help weed out phishing emails. The more current the filtering tools, the more effective your email app will be at snagging phishing emails. Similarly, your browser and security software will be better able to identify unsafe content when they are updated.

You also might consider using ad blockers to eliminate the malicious ads that could send you to bogus tech support sites. These programs remove or alter all advertising content on web pages. Some ad blockers replace ads with content, such as news. Others simply leave holes where the ads would have been. However, there is one caveat with ad blockers. They might inadvertently block non-ad content, causing web pages to display improperly or not at all.

There are other, more-advanced measures you can take to protect yourself from tech support scams, such as using advanced email filtering solutions and configuring your DNS to block ads before they enter your network. If you would like to learn about these measures, contact us at 800-421-7151.

How to Stop Those Annoying Website Notification Boxes in Chrome Browsers

Are you tired of having websites asking you if they can send you notifications? Here is how to stop these notification boxes from popping up in Google Chrome web browsers.

If you use the Internet regularly, you have probably encountered them — those pesky boxes that pop up when you visit a website for the first time and it wants to send you notifications.

Although it is easy enough to refuse, having to do so for multiple sites can be annoying. And if you clear your browsing data, you will have to again refuse the notifications for the sites you visit often.

Fortunately, it is easy to stop these notifications from appearing if you use the Google Chrome web browser. Open your browser and follow these steps:

  1. Click the icon that looks like a vertical ellipsis. (It will be in the top right corner of the browser.)
  2. Select “Settings” from the menu that appears. This will bring up the “Settings” web page.
  3. Scroll down to the bottom of the page and click “Advanced”.
  4. Click the “Content settings” option. (You will need to scroll down a bit more to see this option.)
  5. Choose “Notifications” in the list that appears.
  6. Click the “Ask before sending (recommended)” option. The option will now read “Blocked”.
  7. Close the “Settings” web page.

If you should later want to receive notifications from websites, you can repeat these steps. The only difference is that in step 6, you will need to click the “Blocked” option. It will then toggle back to “Ask before sending (recommended)”. After you perform these steps, you will again be presented with notification boxes.

Office 2019 or Office 365: Which Is a Better Fit for Your Business?

Do you want to replace an old version of Microsoft Office on your company’s computers or add this productivity suite to some new machines? If so, you might be wondering whether it is better to use Office 2019, which Microsoft released in the fall of 2018, or Office 365. Here is what you need to know to make the best decision for your business.

The Fundamental Differences

There are a few fundamental differences between Office 2019 or Office 365:

Office 2019. Office 2019 is an on-premises product that you purchase upfront for use on a single computer. You can use this suite’s apps for as long as you want – whether it is three years or three decades. However, Microsoft will not be offering any upgrade options for Office 2019 in the future. This means that if you want to upgrade to the next major on-premises Office release (say Office 2022), you will have to buy it at full price. (Despite rumors to the contrary, Office 2019 will not be the last on-premises version of Office, according to company officials.)

Microsoft offers three Office 2019 suites available through volume licensing: Office Professional Plus 2019, Office Standard 2019, and Office Standard 2019 for Mac. If you need fewer than five licenses, you can use Office Professional 2019 or Office Home & Business 2019, both of which are licensed for business use.

All these suites (except Office Standard 2019 for Mac) need to run on Windows 10 computers. So, if you are running older Windows versions on your computers, you will not be able to use Office 2019.

If you have Mac computers, you can use either Office Standard 2019 for Mac or Office Home & Business 2019. These suites are compatible with the three most recent versions of macOS, which are 10.14, 10.13, and 10.12 at the time of this writing. The next time Apple releases a new major version of macOS (say 10.15), Microsoft will drop support for the oldest of the three versions (10.12) and support the newest version and its two predecessors (10.15, 10.14, and 10.13). The Office apps will still work on computers running the dropped version (10.12), but the apps will not receive any updates.

Office 365. Office 365 is a cloud service that you subscribe to on a per-user basis. Businesses have many subscription plans from which to choose, based how many employees need to use Office 365 and the apps, services, and other options those users will need. With most of the business subscription plans, each licensed user can install the Office apps on five desktop computers (Windows or Mac), five tablets, and five smartphones. With Office 365, you do not need to worry upgrading because users will always have the most up-to-date versions of the apps.

Office 365 is billed either monthly or annually. You pay a higher per-user fee if you choose to pay each month. When you stop paying, the users’ licenses to run the Office apps expire. The apps that are installed on users’ devices do not immediately stop working, though. They usually continue to work for 30 days thanks to a grace period.

Unlike Office 2019, Office 365 will work on computers running older versions of Windows. Office 365 is compatible with Windows 10, Windows 8.1, Windows 7 Service Pack 1, and the two most recent versions of macOS.

Functionality and Support

Not surprisingly, Office 2019 offers more functionality than its predecessor Office 2016. For example, in Office 2019, Microsoft added a text-to-speech feature to Word and funnel charts to Excel.

However, Office 2019 provides less functionality than the current Office 365 apps. The Office 2019 apps do not include many of the cloud- and artificial intelligence (AI)-based features that Microsoft has added to Office 365 apps the past few years. For instance, in Office 2019, Word does not include the Editor feature, even though it is available in the Word app provided through Office 365. This feature uses machine learning and natural language processing to make suggestions on how to improve your writing.

Further, with Office 2019, you will not get any new features delivered through updates. The updates will include only security and stability patches. In contrast, Microsoft will continue to add new features to Office 365 through updates. These updates will also include security and stability patches.

There is another difference in how Microsoft supports Office 2019 compared to Office 365. As long as you subscribe to Office 365, you will receive mainstream support. With Office 2019, Microsoft will provide only five years of mainstream support and two years of extended support.

The Bottom Line

What is best for your company will largely depend on your comfort level with cloud computing. If you are comfortable with using cloud services, subscribing to Office 365 might make more sense. It offers more features and better support than Office 2019. Plus, Office 365 apps work on older versions of Windows. However, Office 2019 is a viable alternative if using cloud services is not a good fit for your business. Contact us at 800-421-7151 if you have any questions about Office 365 or Office 2019.

Small and Midsized Businesses Continue to Be Common Targets in Ransomware Attacks

Ransomware continues to pose a significant threat to small and midsized businesses, according to a Datto survey of 2,400 managed service providers (MSPs). More than half of the MSPs reported that a least one of their clients experienced a ransomware attack in the first half of 2018. Although the average ransom was only $4,300, the attacks cost the businesses an average of $46,800 due to the downtime they caused.

How the Attacks Were Delivered

The Datto study explored how the ransomware was delivered to the small and midsized businesses. It found that the top three delivery methods were:

  1. Phishing emails. Cybercriminals often send phishing emails to employees at small and midsized businesses to spread ransomware. These emails use a convincing pretense to lure recipients into clicking a link or opening an attachment. All it takes is one employee to fall for the ruse to initiate a ransomware attack.
  2. Malicious websites or ads. To deliver ransomware, hackers build malicious websites or post malicious ads (aka malvertising) on legitimate sites. If employees visit one of these sites, code is installed on their computers without their knowledge. The code then kicks off a series of events that can ultimately lead to a companywide ransomware infection.
  3. Web pages often include clickbait — text links (“You won’t believe …”) and thumbnail image links designed to entice people to follow a link to web content on another web page. While clickbait is typically used to increase page views and generate ad revenue, cybercriminals sometimes use it to send people to malicious websites that spread ransomware.

Because all three delivery methods depend on someone performing an action (e.g., clicking a link), it is important for small and midsized businesses to teach employees about the hidden dangers associated with seemingly innocuous actions.

Key Elements to Cover When Educating Employees about Ransomware

While each company will want to customize its ransomware training program to meet the its unique needs, it is a good idea to cover the basics:

  • Let employees know what ransomware is and the methods cybercriminals commonly use to spread it (e.g., phishing emails, clickbait).
  • Discuss the elements commonly found in phishing emails, such as generic greetings, spoofed email addresses, and messages that try to create a sense of urgency (i.e., act now or pay the consequences). If employees know about these common elements, they will be better able to spot any phishing emails that make it through email filters.
  • Warn employees about the dangers of clicking links and opening attachments in emails, especially if they are from unknown senders.
  • Show employees real-world examples of clickbait and let them know the dangers that might be lurking if they are enticed into clicking the links.
  • Stress the importance of avoiding any web content flagged as a potential security threat by web browsers or security software, as it might contain malvertising or other malicious code.

Other Measures to Take

Businesses need take other measures as well, such as regularly updating their computers’ software so known vulnerabilities are patched. Equally important, they need to make sure they have restorable backups of their data in case a ransomware attack occurs.

If you need a security audit or know an area you are lacking, give us a call at 800-421-7151. We can make sure that your business has covered all the bases so that it will be protected from ransomware and other types of cyberattacks.

Why Cryptojacking Is More Dangerous Than Many Businesses Realize

 

Cryptojacking might not seem as dangerous as ransomware or data breaches since cybercriminals are stealing a computer’s processing power rather than money or data. However, companies that dismiss this threat might be putting their businesses at risk. Cryptojacking malware is becoming increasingly sophisticated, which could spell trouble for companies unprepared for it.

The Changing Face of Cryptojacking

Cryptojacking was born from people’s need for more computing power so they could mine (aka earn) cryptocurrencies such as Bitcoin and Monero. These “miners” typically used website scripts that siphoned processing power from a visitor’s computer, without that individual’s knowledge or consent. When the person left the site, the siphoning stopped.

It wasn’t long before cybercriminals started using these scripts to get computing power for their exploits. Sometimes, they added these scripts to their own malicious web pages. Other times, they hacked into legitimate sites and insert the scripts there.

Since cybercriminals have entered the scene, cryptojacking malware has become more sophisticated. In addition, the hackers are becoming more creative in ways to deliver it.

Take, for example, the cryptojacking malware known as PowerGhost. When it was first discovered in July 2018, Kaspersky Lab researchers found that cybercriminals used phishing emails to gain initial access to a computer. Once the machine was infected, the malware used credential-stealing and remote-administration tools to spread itself to other machines in the local network. To make matters worse, some newer versions of PowerGhost have the ability to disable antivirus programs such as Windows Defender.

Another sophisticated program is PyRoMine, which Fortinet researchers found in April 2018. Besides stealing processing power, it creates a backdoor account with administrator-level privileges, enables the Remote Desktop Protocol (RDP), opens the RDP port in the Windows Firewall, and makes several other system changes so that the cybercriminals can remotely access the computer at a later time. The program even configures the Windows Remote Management Service to allow the transfer of unencrypted data.

As PowerGhost and PyRoMine illustrate, cryptojacking malware can create footholds in computers that hackers can later exploit. They could, for example, use these footholds to infect the computers with a different kind of malicious program, such as ransomware.

This might already be taking place. Companies infected by cryptojacking malware were found to have a larger number of other types of malware infections compared to businesses that did not experience any cryptojacking attacks, according to Fortinet’s “Quarterly Threat Landscape Report” for Q3 2018. However, this is only circumstantial evidence that cryptojacking leads to other malware attacks, which the Fortinet researchers acknowledged. They noted, “We attempted to establish a definitive causal relationship, and while those tests showed statistically significant results, they fell short of the burden of proof needed for a guilty conviction.” The researchers are planning to further explore this relationship in future reports.

How to Guard against Cryptojacking

In the past, you just had to prevent malicious scripts from running in web browsers to guard against cryptojacking. Nowadays, a more widescale approach is needed, including:

  • Making sure that computers’ operating system software and apps are updated so that known security vulnerabilities are patched. Both PowerGhost and PyRoMine exploit unpatched security vulnerabilities in Windows operating system software to create their footholds.
  • Making sure your security software is up-to-date. This can help guard against known cryptojacking code. It can also help protect computers from other types of malware that might be installed through footholds created by cryptojacking malware.
  • Educating employees about phishing emails and unsafe web browsing habits. As PowerGhost demonstrates, phishing emails can be used to gain initial access to a computer. So, employees need to know the dangers associated with clicking links in emails and opening files attached to them. Similarly, they should be taught about unsafe browsing habits, such as clicking links without knowing where they lead and visiting questionable websites.
  • Using ad or script blockers in web browsers to prevent malicious scripts from loading. There are also third-party tools available that are designed specifically for blocking cryptojacking scripts.
  • Inspecting your website. If your business hosts a website, you might want to make sure that hackers have not placed a cryptojacking script on it.

There are also other measures you can take, such as monitoring your computer systems and network for unusual activity. We can evaluate your business and provide specific recommendations on how to defend against cryptojacking and other types of malware.

Avoid Data Loss in Office 365

Microsoft understands the value of business data and the costly repercussions of losing it. That’s why they’ve released a slew of security and compliance tools for Office 365 subscribers. But given the increasing sophistication and frequency of data breaches, these cloud security solutions aren’t enough to protect your files. You’ll need to follow these seven security tips to prevent data loss in Office 365.

Take advantage of policy alerts
Establishing policy notifications in Office 365’s Compliance Center can help you meet your company’s data security obligations. For instance, policy tips can warn employees about sending confidential information anytime they’re about to send messages to contacts who aren’t listed in the company network. These preemptive warnings can prevent data leaks and also educate users on safer data sharing practices.

Secure mobile devices
Since personal smartphones and tablets are often used to access work email, calendar, contacts, and documents, securing them should be a critical part of protecting your organization’s data. Installing mobile device management features for Office 365 enables you to manage security policies and access permissions/restrictions, and remotely wipe sensitive data from mobile devices if they’re lost or stolen.

Use multi-factor authentication
Don’t rely on a single password to safeguard your Office 365 accounts. To reduce the risk of account hijacking, you must enable multi-factor authentication. This feature makes it difficult for hackers to access your account since they not only have to guess user passwords, but also provide a second authentication factor like a temporary SMS code.

Apply session timeouts
Many employees usually forget to log out of their Office 365 accounts and keep their computers or mobile devices unlocked. This could give unauthorized users unfettered access to company accounts, allowing them to steal sensitive data. By applying session timeouts to Office 365, email accounts, and internal networks, the system will automatically log users out after 10 minutes, preventing hackers from opening company workstations and accessing private information.

Avoid public calendar sharing
Office 365’s calendar sharing features allow employees to share and sync their schedules with their colleagues. However, publicly sharing this information is a bad idea because it helps attackers understand how your company works, determine who’s away, and identify vulnerable users. For instance, if security administrators are publicly listed as “Away on vacation,” an attacker may see this as an opportunity to unleash malware on unattended computers.

Employ role-based access controls
Another Office 365 feature that will limit the flow of sensitive data across your company is access management. This lets you determine which user (or users) have access to specific files in your company. For example, front-of-house staff won’t be able to read or edit executive-level documents, minimizing data leaks.

Encrypt emails
Encrypting classified information is your last line of defense to secure your data. If hackers intercept your emails, encryption tools will make files unreadable to unauthorized recipients. This is a must-have for Office 365, where files and emails are shared on a regular basis.

While Office 365 offers users the ability to share data and collaborate, you must be aware of potential data security risks at all times. When you work with us, we will make sure your business keeps up with ever-changing data security and compliance obligations. If you need help securing Office 365, we can assist you, too! Contact us today for details at 800-421-7151.

Browser Security for Business Data

The internet isn’t for the naive. It’s a wild place of dangerous creatures like polymorphic viruses, ransomware, scammers, and malicious hacker organizations. As  any business owner today would know, data is everything. If you or your employees browse the net unprotected, this valuable resource is threatened by cyber criminals on the lookout for easy targets. One way to protect your business’ data is to secure your browsers. It is easy enough for every small- and medium-sized business to do.

Data stored on desktops, servers and in the cloud, doesn’t make it safe. If anything, it makes it available to anyone who has the desire and capabilities to hack into your system and cause mayhem for your business operations.

One thing you should be doing to protect your data – and your company – is to make use of privacy-protecting browser extensions. Depending on the nature of your business, both you and your employees are likely to be online at least some, if not all, of the working day. What are some of the browser extensions that can make the experience more secure?

Prevent browser tracking

If you don’t like the idea of a third party (reputable or otherwise) being able to track your browsing habits, try installing a tool for private browsing. These programs offer protection against tracking by blocking third-party cookies as well as malware. Some extensions also boast secure Wi-Fi and bandwidth optimization and can guard against tracking and data collection from social networking sites such as Twitter, Facebook or Google+.

Blocking adverts

While online ads may seem harmless, the truth is they can contain scripts and widgets that send your data back to a third party. A decent ad blocking program will block banner, rollover and pop-up ads, and also prevent you from inadvertently visiting a site that may contain malware.
Many blockers contain additional features such as the ability to disable cookies and scripts used by third-parties on a site, the option to block specific items, and even options to ‘clean up’ Facebook, and hide YouTube comments. The major blockers work with Google Chrome, Safari, and Firefox and you’ll be able to find everything from user-friendly solutions to more advanced tools that are customizable down to the tiniest degree.

Consider installing a VPN

Unfortunately, browser tracking, malware, and adware are not the only internet nasties that you need to be concerned about. but the good news is that there a number of other extensions that you can download to really get a grip on your online safety. A VPN (Virtual Private Network) is something else to consider. VPNs encrypt your internet traffic, effectively shutting out anyone who may be trying to see what you’re doing.

Commonly used in countries where the internet is heavily censored by the powers that be, a VPN allows for private browsing as well as enabling users to access blocked sites – in China’s case that’s anything from blogs criticizing the government to Facebook and Instagram. There are hundreds of VPNs on the market so do a little research and find one that suits you best.

Finally, it goes without saying that having anti-virus and anti-malware software installed on your PC, tablet, and even your smartphone is crucial if you want to ensure your online safety.

Is browsing at your workplace secure? Would you like a more comprehensive security system for your business? We can tell you all about it and help your business protect itself from online threats. Get in touch with us today at 800-421-7151.

5 Cloud Security Tips for Business Owners

Cloud computing marketing can be deceiving. When you see an image of the cloud, it’s often a happy, bubbly, white puffball floating delightfully in front of a blue sky background. Its presence is both calming and reassuring, which makes you believe that anything is possible. Security would never be an issue, right? Ask one of the nearly seven million Dropbox users who had their accounts hacked, and they’ll give you a definitive answer. Sure, not every cloud provider has had security breaches, but that doesn’t mean we can take cloud security lightly. Here’s what you can do to protect yourself as a business owner.

Ask your IT provider what cloud security policies they have in place

This is probably the single most important security measure you can take. Find a trusted IT provider and have a candid conversation with them about their cloud security policies.

Ask about Security Training

The number one point for anything security related is user training. A Smart user is 90% of the way there to protecting themselves.  You can have all the browser extensions and ad blockers you want but if the plugins are out of date or compromised it might make things worse.   The content of this document, and all the other emails and blog entries you send out are helping to Train the user.  A Smart user will understand why and how to use the technology to help protect themselves and the company.

Ask where the physical cloud servers are located

When you have “the conversation,” don’t forget to ask about this. Believe it or not, some cloud servers may not even be located in your own country. Wherever they are, it’s wise to make sure they’re located in a safe data center with proper security afforded to them. Otherwise depending on your type of business you may be out of compliance with regulations such as Sarbanes-Oxley.Create unique usernames and passwords

Your login credentials represent one of the cloud’s main security vulnerabilities. Think of a better password than “12345” or “football.”

Use industry standard encryption and authentication protocols

AES (Advanced Encryption Standard), IPsec (Internet Protocol Security) and EAP (Extensible Authentication Protocol) are reliable technologies. IPsec is primarily used for a secure VPN connection.

Encrypt data before it’s uploaded to the cloud

Encryption is a must, and can be done by you or your cloud service provider. Should hackers manage to access your data, they’ll find it useless because they can’t make heads or tails of it.

When it comes to trusting the security protocol of a cloud service provider, transparency is key. They should take security seriously, be able to explain their security policies clearly, and be willing to answer any questions. If they can’t do one of these, that’s a red flag telling you to find another vendor.

Are you ready to talk cloud security and transition your business into the cloud? Call us today at 800-421-7151. We’re happy to answer all your questions.

5 Proactive Defenses Against Cyber Attacks

As IT security consultants, we’re stuck between a rock and a hard place. Managed IT services providers (MSPs) such as ours want to provide clients with enterprise-level IT, but that requires that we specialize in overwhelmingly intricate technology. Explaining even the most fundamental aspects of cybersecurity would most likely put you to sleep instead of convince you of our expertise. But if there’s one topic you need to stay awake for, it is proactive security.

Understand the threats you’re facing

Before any small- or medium-sized business (SMB) can work toward preventing cyberattacks, everyone involved needs to know exactly what they’re up against. Whether you’re working with in-house IT staff or an MSP, you should review what types of attacks are most common in your industry. Ideally, your team would do this a few times a year.

Reevaluate what it is you’re protecting

Now that you have a list of the biggest threats to your organization, you need to take stock of how each one threatens the various cogs of your network. Map out every company device that connects to the internet, what services are currently protecting those devices, and what type of data they have access to (regulated, mission-critical, low-importance, etc.). You should never spend more money than the vault of the asset or data that you are protecting.

Create a baseline of protection

By reviewing current trends in the cybersecurity field and auditing your current technology framework, you can begin to get a clearer picture of how you want to prioritize your preventative measures versus your reactive measures.

Before you can start improving your cybersecurity approach, you need to know where your baseline is. Devise a handful of real-life scenarios and simulate them on your network. Network penetration testing from trustworthy IT professionals will help pinpoint weak spots in your current framework.

Finalize a plan

All these pieces will complete the puzzle of what your new strategy needs to be. With an experienced technology consultant on board for the entire process, you can easily synthesize the results of your simulation into a multi-pronged approach to proactive security:

  • Security awareness seminars that coach all internal stakeholders – train everyone from the receptionist to the CEO about effective security practices such as password management, proper mobile device usage, and spam awareness
  • Front-line defenses like intrusion prevention systems and hardware firewalls – scrutinize everything trying to sneak its way in through the borders of your network
  • Routine checkups for software updates, licenses, and patches – minimize the chance of leaving a backdoor to your network open
  • Web-filtering services – blacklist dangerous and inappropriate sites for anyone on your network
  • Updated antivirus software – protect your data and systems against the latest and most menacing malware
  • Physical Access – minimize your risk by restricting physical access to network critical devices such as servers and switches behind a locked server closet.

As soon as you focus on preventing downtime events instead of reacting to them, your IT infrastructure will increase your productivity and efficiency to levels you’ve never dreamed of. Start enhancing your cybersecurity by giving us a call at 800-421-7151 for a demonstration.

Office 365 Stops Billions of Phishing Emails

Sending phishing emails is the most common method hackers use to distribute malware and steal information. In fact, there are billions of phishing emails sent every year, and millions of people keep falling for them. However, if you’re subscribed to Office 365 there’s a good chance that you won’t see harmful messages in your inbox, and here’s why.

Effective anti-phishing solutions must be able to recognize the key elements of a phishing attack, which includes spoofed (or forged) emails, compromised accounts, unsafe links, and harmful attachments. In April 2018, Microsoft upgraded Office 365’s Advanced Threat Protection (ATP) features so it can better detect these elements and prevent a wide variety of phishing scams. These enhancements include:

  • Anti-impersonation measures – ATP will now look for potential phishing indicators in an email, including the sender’s address, name, and links, to identify whether the user is being impersonated. You can specify high-profile targets within your organization, such as managers and C-level executives, so Office 365 can protect these users from email impersonation. Office 365 also utilizes machine learning to analyze a user’s email patterns and flag suspicious contacts that have had no prior correspondence with your company.
  • Anti-spoofing technology – This feature reviews and blocks senders that disguise their true email address. You can even enable safety tips that flag certain email domains that have strange characters. For instance, if your real domain is Acme.com, a spoofed domain could be Acḿe.com.
  • Email link scanning – Office 365 launched Safe Links, which scans emails for fraudulent links and redirects users to a safe page in case it does contain harmful materials. This feature also applies to email attachments, ensuring you’re protected against all types of phishing scams.

Due to these improvements, Office 365 had the lowest phish rate among other well-known email services between May 1 and September 16, 2018. The company has stopped over five billion phishing attempts and protected users against seven billion potentially malicious links. If you’re looking for a secure email platform, Office 365 is the best option for your business.

That said, it’s not a substitute for good security awareness. No matter how secure Office 365 is, employees still need to be adequately trained to recognize a phishing email when they see one. Hackers are constantly changing their tactics to evade Office 365’s detection systems, so it’s important that everyone is alert at all times.

If you need a well-fortified email service, we can implement and manage Office 365 for you, and include Mimecast for extra protection. We even offer practical security advice to make sure your business, employees, and assets are safe and sound. Contact us now at 800-421-7151.

Keep the Cloud Affordable with These Tips

Small and medium sized businesses and firms globally are adopting cloud technologies. However, there are hidden costs that some business owners might not be aware of. They might not seem like much at first, but those costs could eventually snowball. Follow these five tips to keep the cloud from breaking the bank:

No standalones

Cloud services come in various shapes and sizes, many of which are standalone platforms with rates that increase over time. Opt for a service provider that offers a suite of products that all work together. They are often less expensive than a group of standalone products. Another benefit of working with a cloud provider is that you receive a single point of contact to resolve your issues quickly and effectively.

Experience matters

If you plan on integrating a standalone cloud service into your system, make sure you hire an experienced integration consultant to facilitate a smooth transition. Integration mishaps can cause serious downtime and cost a lot of money.

Backups are important

Unnecessary or inefficient backups will waste cloud storage space. Examine your cloud storage data by asking the following questions:

  • How many versions of this data do I need to store long-term? The more versions you store, the more it costs. This is known as Recovery Point Objective or RPO which is determined by looking at the time between data backups and the amount of data that could be lost in between backups.
  • What regulatory demands do I need to meet? Some data may need to be accessible for up to three years, whereas other data can be deleted after 30 days.
  • How quickly do I need to access my backups? If it can wait for a day or two, archive that data to a less expensive service or offline at the provider’s data center. This is known as RTO, or Recovery Time Objective, which is the target time you set for the recovery of your IT and business activities after a disaster has struck.

Remove users

Many cloud service providers charge by the number of users in your system. By neglecting to manage the list of users, you could end up paying for people who no longer work for you. Implement processes that remove users when they are terminated and consider scheduling a regular audit. Ideally, this should be once every six months to a year, to ensure your cloud user list is up-to-date.

Monitor proactively

Ask your cloud provider whether they can proactively monitor your account and notify you of potential issues before they cause problems. This is especially important if you have a pay-as-you-go license that charges based on resource or storage consumption.

Utilizing the right technology resources is vital to your business’s success, and so is knowing how to prevent them from racking up an overwhelming monthly bill. If you wish to enjoy all the benefits of cloud computing without breaking the bank, give us a call at 800-421-7151 and we’ll be happy to help.

Is CRM Software Essential to your Business?

The right technology investment can lead to business success. With customer relationship management (CRM) software at the helm of your sales and marketing efforts, you can nurture long-lasting business relationships and improve your bottom line. If you need more convincing, we’ve compiled five more reasons why your business needs CRM.

Grows with your business

The ol’ Rolodex may have been useful for managing a few clients, but you’ll need a much better solution if you plan to maintain relationships with hundreds, possibly thousands, more. CRM scales with your business, meaning it can handle larger data sets and more clients as you expand your sales operation.

Organizes your data

CRM software acts as a central database for all your sales records and transactions. This means important customer information can be retrieved in just a few clicks rather than by rifling through thousands of documents, sticky notes, and disorganized cabinets. And since CRM is hosted in the cloud, sales data, customer interactions, and other actionable information are available for the entire company.

Improves customer service

Your sales team could be the most persuasive individuals in the world, but this means nothing if they can’t recall anything about their clients and their preferences. When your sales staff follows up on leads or existing customers, CRM will automatically retrieve contact history, past purchases, and customer preferences from your client database and display them on a single page during the call.

Armed with detailed customer information, sales representatives will be able to recommend products and services that meet the client’s needs. So instead of struggling through a sales call, marketing employees can focus on delivering a professional sales pitch.

Streamlines your sales funnel

CRM comes equipped with workflow management functions, supporting your sales pipeline in a number of ways. For example, you can configure your CRM to send instant follow-up emails when a lead visits a particular product page. You can even use automation to track where certain leads are in the sales pipeline and delegate the task to one of your sales closers.

Analyzes sales data

With real-time sales information, business managers can track marketing campaigns and adjust their strategy accordingly. For instance, you might notice that click-through-rates for promotional emails and company newsletters are higher during Tuesday afternoon than Friday night. Having this information can help you focus your marketing efforts and message to generate more leads.

In addition, you can use CRM to analyze customer calling activity, market demographics, lead conversion rates, and key performance indicators to influence future business decisions.

Understanding your customers can put you several steps ahead of the competition. If you need to manage contacts, eliminate time-consuming procedures, and improve your sales performance, CRM is the perfect business solution.

Contact us today to find out whether CRM is the right fit for your business.

 

What is App Virtualization?

Small- or medium-sized business (SMB) owners may be overwhelmed by their company’s IT demands. Fortunately, virtualization services are giving them a fighting chance to stay on top. Some technology vendors even recommend app virtualization services because many SMBs use it. Learn if it’s right for you by understanding the basics.

What are non-virtualized apps?

To understand app virtualization, first you need to understand how non-virtualized apps are installed.

When you install an application like Skype or Slack onto a computer, the installer program puts most of the files required for the app to run on your hard drive’s Program Files folder. This process is usually fine for personal use but may become problematic if you install similar apps on your device.

For instance, if two similar apps are installed on the same file destination, there’s a chance that they might conflict with each other and inevitably crash. Likewise, if you uninstall a program without knowing that it shares important files with another application, you run the risk of breaking the other one.

The solution to this is app virtualization.

What is app virtualization?

App virtualization involves running a program in an environment separate from the physical server, allowing you to run programs that are normally incompatible with a certain operating system (OS). In other words, virtualized apps trick your computer into working as if the application is running on a local machine, but in fact, you’re actually accessing the app from somewhere else.

Advantages of app virtualization

App virtualization offers numerous advantages for SMBs, including:

  • Quick installation times and less money spent on local installation
  • Allowing incompatible applications to run on any local machine. For instance, if your laptop is dated and can’t run the latest apps on its own, you can lighten the load on your CPU by accessing virtualized apps instead.
  • Mac users can run any Windows apps if your company’s local server runs Windows OS.
  • Applications on your computers won’t be in conflict with each other since virtual apps are installed in a separate location.
  • Upgrading is easy because your IT team won’t have to upgrade applications in individual desktops, they just have to upgrade the virtual application within the company’s local server.
  • Applications can be accessed from any machine, allowing your employees to work from home or on the go if they choose to.

Things to consider

Before you start deploying app virtualization solutions, you need to have a stable network connection so users can smoothly stream apps. Note that some apps like antivirus programs are difficult to virtualize since they need to be closely integrated with your local OS.

Virtualizing a workplace is no easy task, and that’s where we come in. If you’re convinced that your company can benefit from app virtualization, get in touch with our IT experts today.

Be Aware of these 4 Types of Hackers

Hackers come in all shapes and sizes. From kids wanting to gain notoriety on the internet to political groups trying to send a message, the motives for a cyberattack vary widely. So how can you protect yourself? It all starts with getting to know your enemy a little better. Here’s a profile of four different types of hackers.

Script Kiddies

Skill-wise, script kiddies (or skids, for short) are at the bottom of the hacker totem pole. Their name comes from the fact that they use scripts or other automated tools written by others. Most of the time, script kiddies are young people on a quest for internet notoriety. Or, more often than not, they’re simply bored and in search of a thrill. Many never become full-time hackers; in fact, many script kiddies end up using their skills for the greater good, working in the security industry.

Though lacking in hacking know-how, script kiddies shouldn’t be dismissed so easily, as they can cause businesses much damage. In May 2000, for instance, a couple of skids sent out an email with the subject line “ILOVEYOU” and ended up causing a reported $10 billion in lost productivity and digital damage.

Hacktivists

Hacktivists are primarily politically motivated, and they often hack into businesses and government systems to promote a particular political agenda or to effect social change. These so-called “hackers with a cause” steal confidential information to expose or simply disrupt their target’s operations.

If you’re a small- or medium-sized (SMB) owner, don’t think for a second that you’re immune to hacktivist attacks. This is especially true if your company is associated or partnered with organizations that are prime hacktivist targets. Or, if your business provides services that can be seen as unethical, you may targeted by hacktivists as well.

Cybercriminals

When a hacker breaks into digital systems or networks with malicious intent, they are considered a cybercriminal. Cybercriminals target everyone from individuals to SMBs to large enterprises and banks that either have a very valuable resource to steal or security that is easy to exploit, or a combination of both.

They can attack in a number of ways, including using social engineering to trick users into volunteering sensitive personal or company data, which they can then sell in underground markets in the dark web. They can also infect computers with ransomware and other malware, or use digital technology to carry out “conventional crimes” like fraud and illegal gambling.

Insiders

Perhaps the scariest type of hacker is the one that lurks within your own organization. An insider can be anyone from current and former employees to contractors to business associates. Oftentimes their mission is payback: to right a wrong they believe a company has done them, they’ll steal sensitive documents or try to disrupt the organization somehow. Edward Snowden is a prime example of an insider who hacked his own organization — the US government.

Now that you know what motivates your enemy, and you think you might be a target, it’s time to secure your business from the different types of hackers out there. Get in touch with our experts today to learn how.

Forget These Disaster Recovery Myths

Disaster recovery (DR) isn’t what it used to be. Long gone are the days when a DR solution cost over a hundred thousand dollars and relied predominantly on tape backups. Cloud computing has dramatically changed the DR landscape. Unfortunately, there are still many misconceptions about DR. Here are a few of the myths that no longer apply.

Tape Backups are the Best DR Solution
Backup tapes are physical objects that deteriorate over time. Don’t believe us? Try listening to a cassette tape from the ‘90s. Over time, tape backups become distorted and stop working. Deterioration is slow and may only affect some files in the early stages, so don’t settle for a mere cursory check. Tape backups are not the best for DR solutions, but they are an excellent price for offline storage. Super DLT Tape II can store up to 600GB of data and has a shelf life of 30 years if stored in the right environment; much longer than any backup medium.

Aside from backups in your office, another set of tape backups needs to be stored outside your premises. In case a natural disaster damages your office, not all your data will be wiped out. But if your storage space isn’t safe from the elements, this could also be a problem.

BUT,  a cloud backup solution is a much better DR solution.  The backups are always available,  online and ready when you need them for the disaster.  The right DR solution can get you back online in minutes, while the tape backups take much longer to restore data.   A Tape backup is not a good DR solution. Unlike tape backups, a cloud-based backup saves you time. Data is automatically backed up online, and you don’t need to spend time managing boxes of tapes. Your time is better spent on your assigned tasks, not IT management.

The RTO you want will be too expensive
Recovery time objectives (RTO) are essential to any DR plan. You need to get everything up and running again as quickly as possible to avoid serious losses. In the days before the cloud, a swift recovery time could cost you well into six figures. Today, cloud and virtualization solutions have made this much more affordable, and faster than ever before.

Most DR providers can back up your critical data in an hour or two. And if you ever need to recover it, most services can do so in less than a day. That’s the power of the cloud. And when it comes to DR, it truly has changed everything.

Disaster recovery is for big business, not SMBs
The cloud has made this valuable service affordable for businesses of all sizes. From dental offices to small retail operations, SMBs can now take advantage of the best DR solutions on the market. Advances in IT and the cloud have eliminated the obstacles of complexity, costs, and insufficient IT resources.

We hope that by dispelling these myths, we’ve demonstrated to you that disaster recovery is more affordable and efficient than ever. If you’d like to learn how our DR solutions can safeguard your business, send us a message at info@wamsinc.com or call us at 800-421-7151 and we’ll gladly fill you in.

Which Business Computers are Best?

We know that IT plays a big role in reaching your small- and medium-sized business (SMB) milestones. When it comes to hardware, you don’t need to be an IT expert to find the best possible solution. Here’s a concise and helpful guide to the best hardware for your firm.

Portability

Laptops allow you to keep working when you don’t have an electrical outlet. However, this ability to take your work anywhere can be counterproductive by creating more stress on employees who think they must work all the time.

Memory/Speed

Desktop computers used to have more memory and faster processors than laptops. And although high-powered laptops have caught up, they are more expensive. If work is limited to word processing and emailing, affordable less-powerful laptops should be enough. Anything more will probably require a desktop machine.

We also recommend SSD hard drives to increase speed. These offer a huge increase in performance and should be considered for desktops and laptops.  Most modern laptops will come with a SSD, but they do cost a bit more.

Security

Data security is necessary not only against data leaks but as protection from litigation, reputation damage, and loss of business. With a network security system and IT staff, vulnerabilities are easier to address for desktop computers within office premises. They’re also less likely to be stolen.

For laptops, however, mobility makes them more vulnerable. Data loss is a real risk as laptops may be connected to unsecured networks and hotspots or be lost or stolen. You should consider hard drive encryption.  This way if the laptop is stolen the thief won’t be able to access anything on the laptop without the encryption password. Given the fact that they are so much smaller and more portable, keep in mind that laptops are also much easier to steal. NEVER and we mean NEVER leave your laptop in your car. Protecting your laptops require special safeguards, and consequently more time and money.

Price

Laptops and desktops come in varying prices according to preferences. On the cheaper end of the price range spectrum, there are notebook-style laptops that are limited to word processing and web browsing capabilities. Desktops have affordable equivalents as well. The deciding factor when it comes to price is your IT service provider or hardware supplier. With the right partner, you should be able to get a good bulk deal on powerful but affordable desktops or laptops.

Longevity

Laptop computers may provide the convenience of mobility, but it’s much harder to upgrade their components as they get older. Laptops are also easier to drop or damage and more expensive to replace or repair. Being in a fixed location, desktops are less prone to this. And unlike laptops, many desktops are not always pre-assembled. Many desktops can be custom built with parts that are easily removed, replaced, or upgraded. You should also consider hard drive encryption.  This way if the laptop is stolen the thief won’t be able to access anything on the laptop without the encryption password.

Final Recommendation

A growing company really needs a combination of both types of computers. However, a desktop computer will be generally more reliable for the fledgling company owner. Laptops should be added as budget permits to provide that extra portability and convenience, especially for managers who work remotely.

If you have other questions regarding enterprise hardware, give us a call at 800-421-7151. We’d be happy to recommend the best solution according to your company’s business needs and objectives.

4 Social Engineering Scams to Watch Out For

Experts are constantly creating new security systems to protect individuals and businesses from hackers. From those who want to attend popular events like the Olympics to avoiding an angry boss, hackers are preying on gullible victims to circumvent network security systems and steal sensitive information. If you don’t want to be the next victim, read about the most common social engineering scams here.

Phishing

This is the most frequently used social engineering attack, especially against small businesses. Check out these frightening statistics:

How is phishing carried out? Criminals make use of emails, phone calls, or text messages to steal money. Victims are directed to phony websites or hotlines and are tricked into giving away sensitive information like names, addresses, login information, social security, and credit card numbers.

To protect yourself, be wary of emails from people you don’t know that offer you a prize, come with attachments you didn’t request, direct you to suspicious sites, or urge you to act quickly. Phishing emails usually appear to come from reliable sources, but they are wolves in sheep’s clothing.

One of the most infamous and widespread examples of phishing was during the 2016 Summer Olympics in Rio, where victims received fraudulent emails for fake ticketing services that stole their personal and financial information.

Be aware of Whaling as well. Whaling and Phishing are both very similar:

Phishing is more automated, hoping you go to their fake website and type a real username/password so they can access your data.

Whaling is the same thing, but a real person is behind the email making it look legitimate and harder for filters to block it. They often ask for bank transfers or something similar. They will also respond quickly if you respond to the email to start a conversation and suck you in.

Tailgating

What’s the fastest and easiest way for criminals to enter a secure office? Through the front door, of course! Tailgating happens when an employee holds the door open for strangers and unauthorized visitors, allowing them to infiltrate an organization. This simple act of kindness enables fraudsters to enter restricted areas, access computers when no one is looking, or leave behind devices for snooping.

Quid pro quo

Here, scam artists offer a free service or a prize in exchange for information. They may lure their victims with a gift, concert tickets, a T-shirt, or early access to a popular game in exchange for login credentials, account details, passwords, and other important information. Or hackers may volunteer to fix their victims’ IT problems to get what they want. In most cases, the gift is a cheap trinket or the tickets are fake, but damages from stolen information are all too real.

Pretexting

Fraudsters pretend to be someone else to steal information. They may pose as a telemarketer, tech support representative, co-worker, or police officer to fish out credit card information, bank account details, usernames, and passwords. The con artist may even convince the unsuspecting victim to apply for a loan over the phone to get more details from the victim. By gaining the person’s trust, the scammer can fool anyone into divulging company secrets.

Also, and we cannot emphasize this enough, be aware of shoulder surfing. Shoulder surfing happens when someone is standing over your shoulder and watching the keystrokes that you enter while typing your password. Often this happens fairly quickly, and you may not even notice it. We all know that if someone obtains your password, they have access to your entire online life; keep an eye out for people nearby when typing in your passwords.

In spite of the many security measures available today, fraudsters and their social engineering schemes continue to haunt and harm many businesses. Thus, it’s best to prepare for the worst. To protect sensitive information, educate yourself and be careful. Remember: If anything is too good to be true, it probably is!

To shield your business from social engineering attacks, don’t take chances! Get in touch with us today by calling 800-421-7151.

4 Questions You Should Ask Any IT “Expert” Before Letting Them Touch Your Network

As businesses have become ever more dependent on technology, IT services providers have been popping up left and right. They’ve all got different strengths, capabilities and price points to consider. Some charge you by the hour and, while available to address any concerns you may have, they are pretty hands-off. Others are working on your network around the clock but charge more in turn. Many may boast an impressive record when working with a broad range of companies, but lack the experience necessary to understand the ins and outs of your specific industry. Some cost way too much month-to-month, while others try the “bargain bin” approach, but as a result, can’t afford to field the staff needed to respond to issues in a timely fashion.

There’s certainly a lot to consider when looking for an IT services provider for your business. And if you’re not particularly knowledgeable about information technology yourself, it can sometimes feel like you’re going into the process blind.

To suss out whether an IT company will mesh with your business’s workflow and industry specific requirements, it’s important to vet them thoroughly. The key is to ask the right questions. Here are four that will allow you to zero in on any IT company’s priorities and strengths, and help you determine whether or not they are a good fit for your organization.

1.DO YOU TAKE A PROACTIVE OR ‘BREAK-FIX’ APPROACH TO IT?

When your car breaks down, you take it to the shop and you get it fixed. The mechanic charges you for the work done and for the parts, and then sends you on your way. Many business owners consider their computer network to be the same kind of deal. Why not just wait until an outage happens and then call up somebody who charges by the hour to fix it? That way, they imagine, they won’t be paying for “extra” services they think they don’t need.

But unfortunately, unlike your car, when your network is out, you’re losing dollars every single minute. The

cost of a network outage is difficult to overstate – not only will it bring your business to its knees while it’s out, but it’ll frustrate customers and employees and result in a cascading set of problems.

Instead of a “break-fix” technician on hand, you need a managed IT services provider. These experts work directly with your company to optimize your network and its security at every turn, and are available nearly any time to address your concerns. And they’re genuinely invested in providing the best service possible, since it’s in their best interest as well.

2. WHAT IS YOUR GUARANTEED RESPONSE TIME?

We’ve all needed something fixed before and had to wait for hours, days or even weeks before anyone bothered to come by and solve the problem. Don’t let that happen to your business. If a company can’t guarantee a response time, it’s probably not a company you want to be working with.

3. WHAT WILL COST ME EXTRA?

This question is particularly important if you’re looking at a managed services provider (which you should be). The last thing you need is for a crisis to strike, only to discover you need to shell out a bunch of surcharges to get your network back up and running. Make sure the costs and services included are crystal clear before you sign anything.

4. HOW MUCH EXPERIENCE DO YOU HAVE?

As scrappy as the “new kid on the block” may be, you don’t want them in charge of one of the most important aspects of your business. Make sure any IT professionals you do business with have extensive experience not only in IT, but in your particular industry as well. That way they’ll know exactly what to do to optimize processes and keep your data under lock and key.

If you feel that your IT company is not transparent about all of this, it may be time to look elsewhere. Call us at 800-421-7151 today with any questions and you will receive only the most honest answers from account managers who are more than happy to help!

A Quick Guide to Choosing a Mouse

The good ol’ two-button mouse just won’t cut it anymore. They’re unresponsive, uncomfortable, and the cord somehow ties itself up every time you put it in your bag. However, buying a new mouse can be confusing, so if you’re having difficulty picking the right one, here are some things you should keep in mind.

Cable or wireless?

Choosing between a wired or a wireless mouse is a factor you have to consider if you’re planning on purchasing a new mouse. Wireless mice are generally more comfortable since your range of movement isn’t limited by a cable and they’re usually travel friendly. However, they tend to be less responsive, which can be frustrating.

In some cases, wireless mice can also interfere with other wireless devices nearby, and most require batteries, which can create problems when they run out of juice. And, if you use the same mouse for both work and home, you run the risk of losing the tiny USB receiver for your wireless mouse when you travel.

On the other hand, wired mice are cheaper and easy to plug-and-play. The only problem you’ll have to worry about is dealing with tangled wires. So when you’re deciding on a new mouse, think about whether you’re looking for comfort or convenience. Always keep in mind that wireless mice tend to be slightly heavier due to the battery that must be included to keep it running. It may not seem like much, but it will affect the way you work with it. If you have sensitive wrists or are prone to carpal tunnel, you may want the lightest mouse possible.

Ergonomics matters

You’re going to be using the new mouse for a while, so it’s important to choose one that feels comfortable in your hands. When deciding on the right mouse, focus on the size and the grip of the device. The size of the mouse usually comes down to hand size. For example, someone with smaller hands might find larger mice quite unwieldy.

Certain mice can also accommodate different types of grips — fingertip grip, palm grip, and claw grip. Users who want high-precision control of their cursor should opt for a mouse with fingertip grip, those needing comfort should get a palm grip mouse, and if you want both control and comfort, the claw grip mouse is the way to go. Another feature to be mindful of is the side scrolling wheel; this may be beneficial if you work frequently with large excel spreadsheets and pivot tables as this makes navigating through them much easier.

DPI (dots per inch)

Higher sensitivity is necessary for precise mouse movements, especially if you’re editing images, videos, or audio files. Mice with 1200 DPI or greater guarantee finer control.

Although mouse specifications like DPI might be the last thing on your mind when it comes to buying new hardware, your comfort is important. A good mouse with the right fit can make you more efficient and reduce the risk of injury.

If you need assistance setting up the best hardware for your company, give us a call at 800-421-7151. We’re happy to help.

Master Microsoft Excel with these 3 Tips

Digital literacy is all about mastering essential computer skills like navigating search engines and word processors. But one of the most crucial you need to learn is Excel. Check out these tips to be an Excel master.

Pie and Sunburst Charts

Everyone knows that bombarding stakeholders with endless numbers and decimal points is the wrong approach. You need to compile data and develop comprehensive pie or sunburst charts to make life easier for clients and investors.

Here’s how to create a pie chart:

  1. Select your data.
  2. Click on the Recommended Charts tool to see different style chart suggestions for your data.
  3. Click on the Chart StylesChart Filters, or Chart Elements button in the upper-right corner of the chart to personalize its overall look or add chart elements, such as data labels or axis titles.

Steps to create a sunburst chart:

  1. Select all your data.
  2. Click Insert > Insert Hierarchy Chart > Sunburst.
  3. Go to the Design and Format tabs to tailor its overall look.

Pivot Tables

Pivot Tables might be one of the most powerful yet intimidating data analysis tools in Excel’s arsenal. It allows you to summarize huge chunks of data in lists or tables without using a formula. All you need to do is to:

  1. Select the data, which must only have a single-row heading without empty columns or rows.
  2. Click Insert > PivotTable.
  3. Under Choose the data that you want to analyze, click Select a table or range.
  4. In the Table/Range box, validate the cell range.
  5. Under Choose where you want the PivotTable report to be placed, click New worksheet, or Existing worksheet and enter the location where you want to place the PivotTable.

Conditional Formatting

This tool highlights essential information within your dataset. For instance, you’re presenting the latest numbers on project efficiency and you use Conditional Formatting to highlight any number lower than 80%. The highlighted data will capture the audience’s attention, allowing them to identify the bottlenecks in your projects. To customize how the data is displayed, simply:

  1. Select the cell.
  2. Click Home > Conditional Formatting.
  3. Click Format.
  4. Change your formatting preference in the Color or Font style box.

Excel is one of the most commonly used business software on the market, yet not everyone knows how to fully utilize it. If you want to learn more about other handy Excel features, give us a call today at 800-421-7151 and we’ll elevate your user status from beginner to pro with some training!

5 Simple but Effective Cybersecurity Tricks

Can you name five cybersecurity best practices? Most people can’t, and few of those who can, actually follow them. Unfortunately, cyberattacks are far too common to be lax about staying safe online. Your identity could be stolen, or even worse, you could expose private information belonging to your company’s clients. There are many ways you can protect yourself, but this list is a great starting point.

1. Multi-factor authentication (MFA)

This tool earns the number one spot on our list because it can keep you safe even after a hacker has stolen one of your passwords. That’s because MFA requires more than one form of identification to grant access to an account.

The most common example is a temporary code that is sent to your mobile device. Only someone with both the password and access to your smartphone will be able to log in. Almost any online account provider offers this service, and some let you require additional types of verification, such as a fingerprint or facial scan.

2. Password managers

Every online account linked to your name should have a unique password with at least 12 characters that doesn’t contain facts about you (avoid anniversary dates, pet names, etc.). Hackers have tools to guess thousands of passwords per second based on your personal details, and the first thing they do after cracking a password is to try it on other accounts.

Password manager apps create random strings of characters and let you save them in an encrypted list. You only need one complex password to log into the manager, and you’ll have easy access to all your credentials. No more memorizing long phrases, or reusing passwords!

3. Software updates

Software developers and hackers are constantly searching for vulnerabilities that can be exploited. Sometimes, a developer will find one before hackers and release a proactive update to fix it. Other times, hackers find the vulnerability first and release malware to exploit it, forcing the developer to issue a reactive update as quickly as possible.

Either way, you must update all your applications as often as possible. If you are too busy, check the software settings for an automatic update option. The inconvenience of updating when you aren’t prepared to is nothing compared to the pain of a data breach.

4. Disable flash player

Adobe Flash Player is one of the most popular ways to stream media on the web, but it has such a poor security record that most experts recommend that users block the plugin on all their devices. Flash Player has been hacked thousands of times, and products from companies like Microsoft, Apple, and Google regularly display reminders to turn it off. Open your web browser’s settings and look for the Plugins or Content Settings menu, then disable Adobe Flash Player.

5. HTTPS Everywhere

Just a few years ago, most websites used unencrypted connections, which meant anything you typed into a form on that site would be sent in plain text and could be intercepted with little effort. HTTPS was created to facilitate safer connections, but many sites were slow to adopt it or didn’t make it the default option.

HTTPS Everywhere is a browser extension that ensures you use an encrypted connection whenever possible and are alerted when one isn’t available on a page that requests sensitive information. It takes less than one minute and a few clicks to install it.

If you run a business with 10 or more employees, these simple tips won’t be enough to keep you safe. You’ll need a team of certified professionals that can install and manage several security solutions that work in unison. If you don’t have access to that level of expertise, our team is available to help. Give us a call today at 800-421-7151 to learn more.

Watch Out for this Persuasive Phishing Email

Anglers catch fish by dangling bait in front of their victims, and hackers use the same strategy to trick your employees. There’s a new phishing scam making the rounds and the digital bait is almost impossible to distinguish from the real thing. Here are the three things to watch out for in Office 365 scams.

Step 1 – Invitation to collaborate email

The first thing victims receive from hackers is a message that looks identical to an email from Microsoft’s file sharing platform SharePoint. It says, “John Doe has sent you a file, to view it click the link below…”

In most cases, the sender will be an unfamiliar name. However, some hackers research your organization to make the email more convincing.

Step 2 – Fake file sharing portal

Clicking the link opens a SharePoint file that looks like another trusted invitation from a Microsoft app, usually OneDrive. This is a big red flag since there’s no reason to send an email containing a link to a page with nothing but another link.

Step 2 allows hackers to evade Outlook’s security scans, which monitor links inside emails for possible phishing scams. But Outlook’s current features cannot scan the text within a file linked in the email. Once you’ve opened the file, SharePoint has almost no way to flag suspicious links.

Step 3 – Fake Office 365 login page

The malicious link in Step 2 leads to an almost perfect replica of an Office 365 login page, managed by whoever sent the email in Step 1. If you enter your username and password on this page, all your Office 365 documents will be compromised.

Microsoft has designed hundreds of cybersecurity features to prevent phishing scams and a solution to this problem is likely on the way. Until then, you can stay safe with these simple rules:

  • Check the sender’s address every time you receive an email. You might not notice the number one in this email at first glance: johndoe@gma1l.com.
  • Confirm with the sender that the links inside the shared document are safe.
  • Open cloud files by typing in the correct address and checking your sharing notifications to avoid fake collaboration invitations.
  • Double check a site’s URL before entering your password. A zero can look very similar to the letter ‘o’ (e.g. 0ffice.com/signin).

Third-party IT solutions exist to prevent these types of scams, but setting them up and keeping them running requires a lot of time and attention. Give us a call today at 800-421-7151 to learn more!

How to Make Sure You Never Fall Victim to Ransomware

Late last March, the infrastructure of Atlanta was brought to its knees. More than a third of 424 programs used nearly every day by city officials of all types, including everyone from police officers to trash collectors to water management employees, were knocked out of commission. What’s worse, close to 30% of these programs were considered “mission critical,” according to Atlanta’s Information Management head, Daphne Rackley.

The culprit wasn’t some horrific natural disaster or mechanical collapse; it was a small package of code called SAMSAM, a virus that managed to penetrate the networks of a $371 billion city economy and wreak havoc on its systems. After the malicious software wormed its way into the network, locking hundreds of city employees out of their computers, hackers demanded a $50,000 Bitcoin ransom to release their grip on the data. While officials remain quiet about the entry point of SAMSAM or their response to the ransom, within two weeks of the attack, total recovery costs already exceeded $2.6 million, and Rackley estimates they’ll climb at least another $9.5 million over the coming year.

It’s a disturbing cautionary tale not only for other city governments, but for organizations of all sizes with assets to protect. Atlanta wasn’t the only entity to buckle under the siege of SAMSAM. According to a report from security software firm Sophos, SAMSAM has snatched almost $6 million since 2015, casting a wide net over more than 233 victims of all types. And, of course, SAMSAM is far from the only ransomware that can bring calamity to an organization.

If you’re a business owner, these numbers should serve as a wake-up call. It’s very simple: in 2018, lax, underfunded cyber security will not cut it. When hackers are ganging up on city governments like villains in an action movie, that’s your cue to batten down the hatches and protect your livelihood.

The question is, how? When ransomware is so abundant and pernicious, what’s the best way to keep it from swallowing your organization whole?

1. BACK UP YOUR STUFF
If you’ve ever talked to anyone with even the slightest bit of IT knowledge, you’ve probably heard how vital it is that you regularly back up everything in your system, but it’s true. If you don’t have a real-time or file-sync backup strategy, one that will actually allow you to roll back everything in your network to before the infection happened, then once ransomware hits and encrypts your files, you’re basically sunk. Preferably, you’ll maintain several different copies of backup files in multiple locations, on different media that malware can’t spread to
from your primary network. Then, if it breaches your defenses, you can pinpoint the malware, delete it, then restore your network to a pre-virus state, drastically minimizing the damage and totally circumventing paying out a hefty ransom.

2. GET EDUCATED
We’ve written before that the biggest security flaw to your business isn’t that free, outdated antivirus you’ve installed, but the hapless employees who sit down at their workstations each day. Ransomware can take on some extremely tricky forms to hoodwink its way into your network, but if your team can easily recognize social engineering strategies, shady clickbait links and the dangers of unvetted attachments, it will be much, much more difficult for ransomware to find a foothold. These are by far the most common ways that malware finds it way in.

3. LOCK IT DOWN
By whitelisting applications, keeping everything updated with the latest patches and restricting administrative privileges for most users, you can drastically reduce the risk and impact of ransomware. But it’s difficult to do this without an entire team on the case day by day. That’s where a managed services provider becomes essential, proactively managing your network to plug up any security holes long before hackers can sniff them out.

The bad news is that ransomware is everywhere. The good news is that with a few fairly simple steps, you can secure your business against the large majority of threats. Give us a call at 800-421-7151 for more information on how we protect you from ransomware.

How Business Continuity Plans Can Fail

Just because your IT provider has a plethora of awards and certifications under its belt doesn’t mean that you can blindly hand over your business’s future to them. Often times, there are some aspects in your business continuity plan that tend to be overlooked by your provider. We have rounded up some of these issues on your business continuity plans.

Over-optimistic testing

The initial testing attempt is usually the most important. It’s when IT service providers can pinpoint possible weak points in the recovery plan. However, what usually happens is that they test the system in full, instead of via a step-by-step process. This results in them missing out specific points, with too many factors overwhelming them all at the same time.

Insufficient remote user licenses

A remote user license is given by service providers to businesses so that when a disaster strikes, employees can log in to a remote desktop software. However, a provider may only have a limited number of licenses. In some cases, more employees will need to have access to the remote desktop software than a provider’s license can allow.

Lost digital IDs

When a disaster strikes, employees will usually need their digital IDs so they can log in to the provider’s remote system while their own system at the office is being restored. However, digital IDs are tied to an employee’s desktop, and when a desktop is being backed up, they are not automatically saved. So when an employee goes back to using their ‘ready and restored’ desktop, they are unable to access the system with their previous digital ID.

Absence of a communications strategy

IT service providers will use email to notify and communicate with business owners and their employees when a disaster happens. However, this form of communication may not always be reliable in certain cases, such as when the Internet is cut off, or there are spam intrusions. Third-party notification systems are available, but they are quite expensive, and some providers sell them as a pricey add-on service.

Backups that require labored validation

After a system has been restored, IT technicians and business owners need to check whether the restoration is thorough and complete. This validation becomes a waste of time and effort when the log reports are not easy to compare. This usually happens when IT service providers utilize backup applications that do not come with their own log modules, and have to be acquired separately.

These are just some reasons why business continuity plans fail. It is important for business owners to be involved with any process that pertains to their IT infrastructure. Just because you believe something works doesn’t necessarily mean that it works correctly or effectively. If you have questions regarding your business continuity plan, get in touch with our experts today at info@wamsinc.com and 800-421-7151.

Upgrading to a Dual Monitor System

Small businesses and firms are always searching for ways for their employees to be more effective computer users. But before you go out and buy bigger hard drives and faster processors, you should consider upgrading your desktops to a dual monitor system. Read on to find out about the advantages of using two monitors per desktop.

Enhanced productivity
Published studies conclude that by working with dual monitors, overall productivity increases by 20-50%. Computer programmers, for example, can use one screen for source coding and the other for programming; by using dual monitors, they no longer need to toggle back and forth between tabs. This reduces error and frees up time to complete more projects.

Better multitasking
Efficient multitasking requires adequate screen space to keep multiple applications simultaneously visible — a view that single monitors alone simply cannot accommodate. Workers who require computers, like customer service reps and web designers, would no longer waste time switching between tabs and resizing windows to fit the limited space; they could now focus on completing their tasks accurately and efficiently.

Easier cutting and pasting
This reason resonates with jobs that call for creating newsletters, complex documents, or PowerPoint presentations. Dual monitors would eliminate the need for alternating between tabs and scrolling up and down as you work. Also, the enhanced visibility reduces chances of making mistakes and thus losing more time fixing them.

Image and video editing
With dual monitors, the days of stacking numerous editing tools on top of the image or video you’re working on are long gone. Instead of your screen looking like a game of Mahjong, you can put the editing tools on one screen and leave the image on the other. With better visibility, you’re less likely to commit errors and more likely to be finessed, and you’re not sacrificing valuable working time in the process.

Dual monitors benefit almost every industry because of the enhanced visibility, larger screen space, and how you can briefly nap behind them without getting caught Using dual monitors can enhance even your leisure time activities as well.

Broaden your horizons by getting in touch with us at 800-421-7151 or info@wamsinc.com. We’ll answer any questions you have.

4 BYOD Security Risks You Should Prepare For

Personal computing is with us wherever we go. Thanks to the rise of the mobile industry, smartphones and tablets allow us to take work home with us. And with the bring your own device (BYOD) strategy, businesses have never been so productive. However, BYOD can pose a number of security risks if you’re not careful. Here are some BYOD security issues you should know before implementing it.

Data leakage

The biggest reason businesses are wary of implementing a BYOD strategy is because it can leave the company’s system vulnerable to data breaches. Personal devices are not part of your business’s IT infrastructure, which means that these devices are not protected by company firewalls and security systems.

Employees might also take work with them to places outside of your company premises that don’t have adequate security settings, thus leaving your system vulnerable to inherent security risks.

Lost devices

Another risk your company has to deal with is the possibility that employees will lose their personal devices. If devices with sensitive business information get lost and fall into the wrong hands, anyone can gain unauthorized access to valuable company data stored in that particular device. Therefore, you should consider countermeasures and protocols for lost devices, like remotely wiping a device of information as soon as an employee reports it missing or stolen.

Possible hacking

Personal devices tend to lack adequate data encryption to keep other people from snooping on private information. On top of this, your employees might not regularly update their devices’ software, rendering their devices and your IT infrastructure susceptible to infiltration.

Connecting to open WiFi spots in public places also makes your company vulnerable and open to hackers, because hackers may have created those hotspots to trick people into connecting. Once the device owner has connected to a malicious hotspot, attackers can see your web activity, usernames, and passwords in plain text

Vulnerability to malware

Viruses are also a big problem when implementing BYOD strategies. If your employees use their personal devices, they can access sites or download mobile apps that your business would normally restrict to protect your system.

As your employees have the freedom to choose whatever device they want to work with, the process of keeping track of vulnerabilities and updates is considerably harder. So if you’re thinking about implementing BYOD strategies, make sure your IT department is prepared for an array of potential malware attacks on different devices.

BYOD will help your business grow, but it comes with IT security risks that you should be prepared to handle.
Need help mitigating these BYOD risks? Call us today at 800-421-7151, and let’s find the best IT security solutions for your company.

Server Administration 101: Temperature

Servers are the heart of many firms and businesses.  And with the strain that most businesses put on their servers, one of the most important maintenance variables is temperature management. Understanding why keeping your servers cool is vitally important and could save you from an expensive crash, troubling data loss, or reduced hardware reliability.

How does temperature affect my servers?

High temperatures in server hardware can result in different types of damage. A server that completely crashes for any reason results in costly data loss and service interruptions, but the unbiased advisory organization Uptime Institute warns that overheating that doesn’t always result in total failure. Every 18 degrees higher than 70 degrees Fahrenheit, hardware reliability decreases by 50%. This decrease in reliability can be just as, if not more, expensive for your hardware budget in the long run.

Cooling methods can’t just be implemented and forgotten; they must be closely monitored to ensure the health of your server hardware in the short and long term. Options for temperature management range from simple low-budget solutions to expensive outsourced alternatives. Determining your server management budget will greatly depend on what types of methods you intend to implement at your SMB.

Cooling methods

Which system you use to cool your server largely depends on how much power your hardware is using. The more watts a computer needs to operate, the harder it’s working. This number will determine the scope of your temperature management needs.

For example, PCWorld says passive temperature control is adequate for any equipment operating at less than 400 watts. This includes simple solutions like positioning your server away from walls, low ceilings, cable clusters, and anything else that can block hot air from dissipating naturally.

For computers using between 400 and 2,000 watts, strategic ventilation becomes a necessity. Adding passive ventilation is viable up to 700 watts, but fan-assisted ventilation will be required above that and up to 2,000 watts. With the increased power consumption, temperatures will rise, and air movement needs to be more closely managed. At this stage, simple vent and oscillating fans will suffice.

Anything higher than 2,000 watts needs dedicated cooling solutions. This means air-cooled units to actively reduce server room temperature. Depending on the size and arrangement of the space, a simple self-contained unit may be enough to reduce temperatures to acceptable ranges. But if you’re not sure, you should schedule a consultation with a vendor to consider more drastic cooling and monitoring methods.

Keeping your servers running at ideal temperatures means smoother data operations, lower hardware budgets, and one less thing to worry about at your firm or business. As your business continues to grow and develop, keep close tabs on increasing server loads — it could save you from devastating data loss. If you need more detailed advice about server management, or have any other questions about your hardware setup, contact us today at 800-421-7151 or info@wamsinc.com.

How to Make the Most of Microsoft Word

Microsoft Word has become the go-to word processor for businesses big and small. It is used by every department and almost every type of personnel, but its constant updates and huge number of features mean there are lots of functions unknown to most users. Here, we uncover some of the most useful tricks with Word to help you get the most from it.

Edit simultaneously
You and your colleagues can now edit the same Word document at the same time. Just save yours in the cloud on OneDrive, click Share, then send the link to your colleagues. You’ll even be able to see them editing in real time.

Continue your work with Word Online
Don’t have the Word app on your computer, tablet, or smartphone? Go to word.office.com, sign in with your Microsoft account, and open Word Online, the browser version of Word. By clicking the blue Share button, your colleagues can access your document using Word Online or the Word app, which means anyone with the link and an internet connection can jump right in

Keep editorial control
With the Track Changes function, Word monitors all the edits that everyone makes to your document so you can go through the changes and accept or reject them accordingly.

To turn on Track Changes, click on the Review tab then select Track Changes. When reviewing a colleague’s edits, you have control to click on Accept or Rejectas you see fit.

Format the easy way: Write first, format later
The Style Gallery in Word makes it easy to format your document, despite the huge number of font types, sizes, colors, and effects to choose from. After finishing writing and editing your document, click the Home tab and you will see the Style Gallery prominently on top. Select the appropriate Headings in the font, size, and color that you like, and change any other text in any way you like — just make sure you don’t make any changes to the actual content that’s already been edited!

Insert photos faster, more conveniently
No need to open your browser to look for photos for your document. Just place the cursor on the area where you intend to insert the photo, click on the Insert tab, select Online pictures (type “clip art” on the search box if that’s what you need), select a photo, then click Insert.

Edit a PDF file
Click on the File menu, select Open, and choose Browse. Highlight the PDF you want to edit, then click Open. Word will convert files to the new format using text recognition, so double-check if the conversion is correct. Make the appropriate changes, then click File, then Save As, then Browse. A “Save as type:” dropdown menu will appear at which point you will choose “PDF” then click Save.

These tips may seem straightforward, but over time they can make a big difference in helping you work faster. Want to learn more Word tricks and tips? Get in touch with our Microsoft Office experts today!

New Spectre-Style Attack Discovered

Security experts are constantly discovering new potential threats, and quite recently, they’ve found a new type of Spectre-style attack more dangerous than the original. Here’s a quick rundown of the new Spectre variant.

Spectre 101
For those who don’t know, Spectre is a vulnerability in modern computer chips like Intel and AMD that allows hackers to steal confidential information stored in an application’s memory, including passwords, instant messages, and emails. Malicious code running on a computer or web browser could be used to exploit this vulnerability, but ever since Spectre was discovered, Microsoft, AMD, Intel, and other tech companies released a series of updates to fix it.

What is NetSpectre?
To perform Spectre attacks, malware would have to run on a targeted machine to extract sensitive data. But in late July, Austrian security researchers found a way to launch Spectre-style attacks remotely without locally installed malware. The new attack is called NetSpectre and it can be conducted over a local area network or via the cloud.

So far, it’s impractical for average hackers to use this method to steal data. In tests, researchers were able to steal data at a rate of between 15 to 60 bits per hour, which means it would take days to gather corporate secrets and passwords. As such, NetSpectre will probably be used by hackers who want to target specific individuals but don’t want to resort to obvious methods like phishing scams or spyware.

Experts also warn that while NetSpectre may be impractical now, hackers may develop faster and more powerful variants in the future.

How should you protect your business?
NetSpectre attacks exploit the same vulnerabilities as the original Spectre so it’s important to install the latest firmware and security updates. You should also secure your networks with advanced firewalls and intrusion prevention systems to detect potential NetSpectre attacks.

Last but not least, working with a reputable managed services provider that offers proactive network monitoring and security consulting services can go a long way in protecting your business from a slew of cyberthreats.

If you’re looking for a leading managed security services provider, talk to WAMS! We provide cutting-edge security software and comprehensive, 24/7 support. Call us today at 800-421-7151 for more information.

Cloud: 4 Common Myths Debunked

Overhyped reports of cloud hacks and server failures can lead some small business owners to be wary of a service that has so much to offer. So what are these common misconceptions about cloud computing? Here are a few myths people believe about the cloud.

#1. Cloud infrastructures are unsecure

Information security is a necessity for every business. And the most prevalent misconception about the cloud is the idea that cloud services lack appropriate security measures to keep data safe from intruders. Most users also think that the data stored in the cloud can be easily accessed by anyone, from anywhere, and at any time.

But the truth is it’s actually more secure for small businesses to use cloud services. Small companies usually can’t afford to hire an IT department let alone train them to deal with online security threats. Cloud providers, on the other hand, offer services such as multi-layered security systems and antivirus protection that not only specialize in keeping infrastructures safe from hackers but are available at a price that is much lower than you would pay for in-house IT staff.

Additionally, large cloud-based services such as G Suite and Office 365 are supported by an infrastructure that constantly installs updates and patches, which helps manage security breaches. This frees you from the burden of installing the updates yourself and managing the overall security of your system.

Users should understand that no company is completely safe from security threats regardless of their IT infrastructure. But data is likely to be more secure in the hands of cloud providers as they are the most prepared and qualified to protect your digital property.

#2. The cloud lacks proper encryption

Most people misunderstand how encryption is implemented to keep your data safe. For example, encryption is generally used for data in transition, where data is protected from anyone seeing it as it travels from one internet address to another. But encryption can also be applied to data at rest, where data is encrypted on a storage drive.

With this in mind, you should understand what types of encryption your business and its data require. When it comes to choosing the right cloud service, it is best to inform yourself about the security measures that a cloud infrastructure implements and look at how it can protect your company’s digital property.

#3. With the cloud you are no longer responsible for data security

While cloud security is important, protecting data ultimately rests on the users who have access to it. Misplacing unlocked mobile devices can leave your data vulnerable and compromise your entire cloud infrastructure. This is why we recommend strong verification mechanisms in place for devices that are used to access the cloud.

#4. The cloud is never faulty

Like many IT services, cloud-based services are not immune to technical difficulties. For example, some cloud businesses have suffered outages and server failures which corrupted files and may have lost data in the process.

Hacking is another reason why some cloud services fail. Using a less than optimal cloud service that is vulnerable to attacks can lead to stolen or deleted data, which would be near impossible to recover if you did not have any offline backups.

Before signing up for any type of cloud service, clarify with its provider what is guaranteed. Most cloud providers make promises about a service’s uptime or its safety from provider-related breaches.

Security is truly one of the biggest barriers to the adoption of cloud computing in a small business. But as cloud services expand and encryption technologies advance, cloud adoption is increasingly becoming the most cost-effective solution to meet the small business owner’s IT demands. Contact us today to learn how your business can take advantage of all the cloud has to offer.

5 Tips for Buying a New Computer

There are so many different types of computers out there, each with varying specifications and capabilities – how do you find the best one for your needs? Whether you’re purchasing a computer for yourself or for your family, here are a few things to keep in mind that will help you make the right decision.

Desktop or Laptop?

This depends on your working style and environment. The rule is quite simple: if you rarely work out of the office, get a desktop PC. If you need to work at home, on the go, or at client meetings, then go for a laptop. It’s worth noting that desktops are generally cheaper than laptops at similar specifications, have a longer usage life, and make for easier changing or upgrading of components. Laptops, on the other hand, are very portable due to their compact size, they consume less energy, and they offer a more flexible user experience.

Processor

If you want a computer that loads programs in a flash, completes tasks almost instantly, and runs smoothly at all times, then we recommend you invest in the strongest processors available. The performance of a processor is determined by its number of cores and speed, so the bigger the number, the better. These days, most users go for the latest octa-core processors, specifically if your tasks involve rendering high-definition images, animations, graphics, and analysis. For optimum results, get a processor with the higher number of cores.

RAM

Random Access Memory (RAM) allows your computer to perform multiple tasks at once without a hitch. Just like processors, the amount of RAM your computer has will determine how fast it will run when you work on several programs simultaneously. Nowadays, standard computers come with at least of 4GB of RAM, with 8GB being ideal for most users — to navigate smoothly between tasks such as email browsing, Internet surfing, and working on word processing documents and spreadsheets.

Hard Drive

The bigger the hard drive, the more space you have to store files. If you plan on using your computer with no peripherals, you’ll want to choose a computer that offers the biggest hard drive. But remember that you can always purchase an external hard drive to transfer or store files if your current hard drive is running out of space. Due to recent price changes making them more affordable, it is also a better option to use an SSD (Solid State Drive) as your main form of storage.

Operating Systems

Picking an operating system is a big decision when it comes to choosing a new computer. You’ll probably want to stick with an operating system you’re already familiar with, since it can take some time to adapt yourself to a new OS. Here are some of the popular options available on the market:

  • Windows 10
  • Mac OS X
  • Linux

Most people will just go for either Windows or Mac OS, because the complexity of Linux mean it is not popular among everyday users and we do not recommend them.

Want more hardware tips and tricks? Get in touch with our technology experts today at info@wamsinc.com.

IT Security Policies your Office Needs

When it comes to Internet security, most small businesses don’t have security policies in place. And considering that employee error is one of the most common causes of a security breach, it makes sense to implement rules your staff needs to follow. Here are four things your IT policies should cover.

Internet

In today’s business world, employees spend a lot of time on the internet. To ensure they’re not putting your business at risk, you need a clear set of web policies. This must limit internet use for business purposes only, prohibit unauthorized downloads, and restrict access to personal emails on company devices. You can also include recommended browsing practices and policies for using business devices on public wifi.

Email

Just like the Internet policy mentioned above, company email accounts should only be utilized for business use. That means your employees should never use it to send personal files, forward links, or perform any type of business-related activities outside their specific job role. Additionally, consider implementing a standard email signature for all employees. This not only creates brand cohesion on all outgoing emails, but also makes it easy to identify messages from other employees, thus preventing spear phishing.

Passwords

We’ve all heard the importance of a strong password time and time again. And this same principle should also apply to your employees. The reason is rather simple. Many employees will create the easiest to crack passwords for their business accounts. After all, if your organization gets hacked, it’s not their money or business at stake. So to encourage employees to create strong passwords, your policy should instruct them to include special characters, uppercase and lowercase letters, and numbers in their passwords.

Data

Whether or not you allow your employees to conduct work on their own devices, such as a smartphone or tablet, it is important to have a bring your own device (BYOD) policy. If your employees aren’t aware of your stance on BYOD, some are sure to assume they can conduct work-related tasks on their personal laptop or tablet. So have a BYOD policy and put it in the employee handbook. In addition to this, make sure to explain that data on any workstation is business property. This means employees aren’t allowed to remove or copy it without your authorization.

We hope these four policies shed some light on the industry’s best security practices. If you’d like more tips or are interested in a security audit of your business, give us a call at 800-421-7151.

Regularly Evaluate Your Cybersecurity

Experts estimate that the global market for cybersecurity products this year will exceed that of last year. At first glance, an increase in spending seems necessary and shows that businesses are becoming more aware of cybersecurity issues. But a closer look may prove otherwise. Learn why your company could be investing in cybersecurity products the wrong way.

Uncover threats and vulnerabilities

Every business should evaluate the current state of its cybersecurity by running a risk assessment. Doing so is one of the easiest ways to identify, correct, and prevent security threats. After discovering potential issues, you should rate them based on probability of occurrence and potential impacts to your business.

Keep in mind that risk assessments are specific to every business and there is no one-size-fits-all approach for small business technology. It all depends on your line of business and operating environment. For instance, manufacturing companies and insurance groups have totally different applications to secure.

After tagging and ranking potential threats, you should identify which vulnerabilities need immediate attention and which ones can be addressed further down the line. For example, a web server running an unpatched operating system is probably a higher priority than a front desk computer that’s running a little slower than normal.

Tailor controls to risks

Instead of spending time and money evenly on all systems, it’s best that you focus on areas with high risk. You should address these issues immediately after an assessment, but also put plans in place to evaluate their risk profiles more often.

Assess existing products

Chances are, your organization has already spent a great deal of money on security products and their maintenance and support. By conducting risk assessments more often, you can improve the strategies you already have in place and uncover wasteful spending. You may discover that one outdated system merely needs to be upgraded and another needs to be ditched. Remember, your existing products were purchased to meet specific needs that may have changed immensely or disappeared altogether.

It’s much harder to overcome cybersecurity obstacles if you’re not regularly evaluating your IT infrastructure. Contact our experts at 800-421-7151 for help conducting a comprehensive assessment today!

The Benefits of Virtualization in 2018

The relationship between computer hardware and software can be frustrating. Both require the other to function properly, but both also require individual attention. Virtualization makes this relationship more flexible, and we’ve got a rundown on a few of the best examples.

More technology uptime
Virtualization vendors use fancy names for the features of their technology, but behind all the technobabble are some revolutionary concepts. Take “fault tolerance” for example. When you use virtualization to pool multiple servers in a way that they can be used as a single supercomputer, you can drastically increase uptime. If one of those servers goes down, the others continue working uninterrupted.

Another example of this is “live migrations,” which is just a fancy way of saying that employee computers can be worked on by technicians while users are still using them. Let’s say you’ve built a bare-bones workstation (as a virtual machine on the server), but you need to upgrade its storage capacity. Virtualization solutions of today can do that without disconnecting the user and restarting their computer.

Better disaster recovery
Data backups are much simpler in a virtualized environment. In a traditional system, you could create an “image” backup of your server — complete with operating system, applications and system settings. But it could be restored to a computer only with the exact same hardware specifications.

With virtualization, images of your servers and workstations are much more uniform and can be restored to a wider array of computer hardware setups. This is far more convenient and much faster to restore compared to more traditional backups.

More secure applications
In an effort to increase security, IT technicians usually advocate isolating software and applications from each other. If malware is able to find a way into your system through a software security gap, you want to do everything in your power to keep it from spreading.

Virtualization can put your applications into quarantined spaces that are allowed to use only minimum system resources and storage, reducing the opportunities they have to wreak havoc on other components of the system.

Longer technology lifespans
The same features that quarantine applications can also create customized virtual spaces for old software. If your business needs a piece of software that won’t work on modern operating systems, virtualization allows you to build a small-scale machine with everything the program needs to run. In that virtual space, the application will be more secure, use fewer resources, and remain quarantined from new programs.

In addition to software, virtualization also encourages longer life spans of old hardware components. With virtualization, the hardware an employee uses is little more than a window to the powerful virtual machine on the server. Employee computers need only the hardware required to run the virtualization window, and the majority of the processing takes place on the server. Hardware requirements are much lower for employees and equipment can be used for several years.

Easier cloud migrations
There are several ways virtualization and cloud technology overlap. Both help users separate processing power from local hardware and software, delivering computing power over a local network or the internet. Because of these similarities, migrating to the cloud from a virtualized environment is a much simpler task.

There is no debate about the benefits of this technology. The only thing standing between your business and more affordable, efficient computing is an IT provider that can manage it for you. For unlimited technology support, virtualization or otherwise, on a flat monthly fee — get in touch with us today at 800-421-7151!

How to Reduce Your PC Power Consumption

Every home or office has a computer. In one year, a typical desktop that’s on 24/7 releases carbon dioxide that’s equal to driving 820 miles in an average car. To save energy, you don’t need drastic changes; you can start with making small adjustments that will ultimately accumulate to significant savings.

1. Disconnect your external devices

Devices that connect to your PC like printers, sound systems, and webcams consume power, too. That’s why you should disconnect or remove these devices from your PC as soon as you’re done using them.

2. Use a smart strip, especially for computers you cannot turn off

A smart strip is a series of several electrical outlets in one strip, with circuits to monitor and maximize your gadgets’ power consumption. By connecting your PC and its peripherals (printer, speakers, scanners, etc.) to the smart strip, you don’t need to unplug your equipment when you’re not using them.

3. Adjust your computer’s energy settings

You can also consume less energy by adjusting your PC’s power settings. For example, you can make sure your hard drive and monitor go into “sleep” mode when they’re left idle for a few minutes. Lowering the screen brightness will also help you save electricity.

4. Shutdown and unplug your computer when not in use

If you are not yet using a smart strip, then it’s best to shut down the computer when you’re not using it. Also, make sure to unplug it, as leaving it plugged consumes standby power.

5. Use a charger only when charging your laptop

When we charge our laptops, it’s easy to just leave them there and forget about them. This results in the eventual degrading of the battery. Leaving the charger plugged on the wall also consumes standby power. So either use a wall outlet with a timer, or plug your charger on a smart strip instead.

6. And should you be in the market for a new PC, choose one that’s Energy Star compliant

Energy Star is the U.S. Environmental Protection Agency (EPA)’s symbol for energy efficiency. Every product that earns the Energy Star symbol is guaranteed to deliver quality performance and energy savings. Studies have shown that a single Energy Star compliant computer and monitor can save from $7 to $52 per year in electricity bills.

Saving energy is a combination of smart choices in hardware plus developing good energy-conservation habits. These tips should help you achieve that. If you need assistance in choosing the best hardware for your needs, call us and we’ll be glad to help you out.

Malware Strain Infects 200k More Devices

Yet another global malware infection has been making headlines and the story just took a turn for the worse. When the news of VPNFilter broke, experts warned that 500,000 devices were already infected, but now they believe that number is much higher. Thankfully, it’s not too late to protect yourself.

VPNFilter recap

A team of security researchers from Cisco released a report that a strain of malware had been discovered on hundreds of thousands of routers and network devices. Originally, researchers believed it affected only Linksys, MikroTik, Netgear, and TP-Link devices.

Like many malware strains, VPNFilter infects devices that use default login credentials. But it’s worse than the average cyberattack because it can destroy router hardware and cannot be removed by resetting infected devices.

As if destroying 500,000 routers wasn’t bad enough, VPNFilter lets its creators spy on networks and intercept passwords, usernames, and financial information.

What’s new

Just two weeks after VPNFilter was discovered, security experts announced that it targets 200,000 additional routers manufactured by ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE. Worse yet, VPNFilter can alter data passing through infected routers. That means when you enter a username and password into a banking website, hackers could steal that information and show you an incorrect account balance to hide fraudulent deductions.

How to stop VPNFilter

Rebooting a router won’t remove the malware, you need to factory-reset the device. Usually, all this requires is holding down the Reset button on the back of the device for 10-30 seconds. If your router has no reset button or you’re unsure whether pressing it did the trick, contact a local IT provider immediately.

Cybersecurity threats have become so prevalent that even large enterprises struggle to keep their digital assets safe. Outsourcing IT support to a managed services provider like us will give you enough capacity to deal with issues like VPNFilter as soon as they arise. Call us today at 800-421-7151 to learn more.

Industries that Need Virtual Desktops

Apart from the cloud, one of today’s biggest IT trends is virtualization. And why not, it has helped countless businesses in more ways than one. An emerging model of virtualization is virtual desktop infrastructure (VDI), which involves hosting a desktop operating system and making it available on almost any device. It is most effective in the following use cases:

Legal

The legal industry is relying more and more on virtual desktops due to the mobility that they provide. Attorneys work long hours on cases and often have a home office, occasionally work from other offices, or need to access important information at a moment’s notice. With the right virtual desktop, attorneys can access the information that they need safely and under compliance. Virtual desktops are changing the way law firms are able to operate.

Healthcare

In an industry where every file is sensitive, the importance of confidentiality can’t be overstated. With VDI, rules and permissions can be customized based on the individual virtual desktop. As such, every medical professional can only view patient records relevant to them. It also allows them to log into their virtualized desktop while working across a variety of locations and devices.

Academic institutions

By leveraging VDI, a school’s IT team can create a virtual desktop — with the necessary restrictions implemented — for each student. If each classroom has a set of workstations, students’ desktop experiences will be consistent throughout their day. Even though they’ll be using different hardware every hour or two, they’ll always see the same desktop.

Companies with shift workers

In most cases, shift employees don’t really need one designated computer to fulfill their task because one computer is shared by multiple users. VDI makes it easy for companies to manage several desktop accounts on fewer devices. Workers can log into any devices, access their own virtual desktop, work as they do every day, and log off at the end of their shift.

Users with multiple computers

Depending on the nature of work, some positions require working with several computers on a regular basis. With VDI, they can integrate desktops and maintain it across two or more devices.

Field or remote staff

Employees that work remotely or in the field need access to tools and applications when on the job. A secure and reliable way to do it is through VDI. A complete VDI solution makes access to a consistent desktop experience possible anytime, anywhere, and using any device. It allows your remote or field workforce to operate effectively, no matter the circumstances.

Of course, these are just a few situations where VDI is helpful. Any business can enjoy security and productivity enhancements with a team of virtualization experts on call. Contact us today at 800-421-7151 to find out how we can help.

Tips to Reduce Risks After a Security Breach

No company is completely safe from data breaches. For proof, look no further than companies like Yahoo, AOL, and Home Depot, which compromised millions of personal customer information. That said, no business is completely helpless, either. The following steps can minimize the risks to your business in the event of a large-scale data breach.

Determine what was breached

Whether its names, addresses, email addresses, or social security numbers, it’s critical to know exactly what type of information was stolen before determining what steps to take. For example, if your email address were compromised, you’d take every precaution to strengthen your email security, which includes updating all your login credentials.

Change affected passwords immediately

Speaking of passwords, change yours immediately after any breach, even for seemingly safe accounts. Create a strong password comprised of alphanumeric and special characters, and make sure you never reuse passwords from your other accounts.

Once you’ve changed all your passwords, use a password manager to help you keep track of all your online account credentials.

If the website that breached your information offers two-factor authentication (2FA), enable it right away. 2FA requires two steps to verify security: usually a password and a verification code sent to a user’s registered mobile number.

Contact financial institutions

In cases where financial information was leaked, call your bank and credit card issuers to change your details, cancel your card, and notify them of a possible fraud risk. That way, banks can prevent fraud and monitor your account for suspicious activity.

Note that there are different rules for fraudulent transactions on debit cards and credit cards. Credit card transactions are a bit easier to dispute because they have longer grace periods. Debit card fraud, on the other hand, is more difficult to dispute, especially if the fraudulent transactions happened after you’ve notified the bank.

Place a fraud alert on your name

Hackers who have your personal information can easily commit identity fraud. To avoid becoming a victim, contact credit reporting bureaus like EquifaxExperian, or Innovis and request that a fraud alert (also called credit alert) be added to your name. This will block any attempt to open a credit account under your name and prevent unauthorized third parties from running a credit report on you.

Putting a credit freeze on your name might result in minor inconveniences, especially if you have an ongoing loan or credit card application. Still, doing so will greatly reduce your risks of getting defrauded.

These steps will ensure you don’t fall victim to identity theft in the event of a large-scale data breach. If you want to take a more proactive approach to protect your sensitive information against breaches, contact our cybersecurity experts today.

HTTPS Matters More for Chrome

HTTPS usage on the web has taken off as Chrome has evolved its security indicators. HTTPS has now become a requirement for many new browser features, and Chrome is dedicated to making it as easy as possible to set up HTTPS. Let’s take a look at how.

For several years, Google has moved toward a more secure web by strongly advocating that sites adopt the Secure HyperText Transfer Protocol (HTTPS) encryption. And last year, Google began marking some HyperText Transfer Protocol (HTTP) pages as “not secure” to help users comprehend risks of unencrypted websites. Beginning in July 2018 with the release of a Chrome update, Google’s browser will mark all HTTP sites as “not secure.”

Chrome’s move was mostly brought on by increased HTTPS adoption. Eighty-one of the top 100 sites on the web default to HTTPS, and the majority of Chrome traffic is already encrypted.

Here’s how the transition to security has progressed, so far:

  • Over 68% of Chrome traffic on both Android and Windows is now protected
  • Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
  • 81 of the top 100 sites on the web use HTTPS by default

HTTPS: The benefits and difference

What’s the difference between HTTP and HTTPS? With HTTP, information you type into a website is transmitted to the site’s owner with almost zero protection along the journey. Essentially, HTTP can establish basic web connections, but not much else.

When security is a must, HTTPS sends and receives encrypted internet data. This means that it uses a mathematical algorithm to make data unreadable to unauthorized parties.

#1 HTTPS protects a site’s integrity

HTTPS encryption protects the channel between your browser and the website you’re visiting, ensuring no one can tamper with the traffic or spy on what you’re doing.

Without encryption, someone with access to your router or internet service provider (ISP) could intercept (or hack) information sent to websites or inject malware into otherwise legitimate pages.

#2 HTTPS protects the privacy of your users

HTTPS prevents intruders from eavesdropping on communications between websites and their visitors. One common misconception about HTTPS is that only websites that handle sensitive communications need it. In reality, every unprotected HTTP request can reveal information about the behaviors and identities of users.

#3 HTTPS is the future of the web

HTTPS has become much easier to implement thanks to services that automate the conversion process, such as Let’s Encrypt and Google’s Lighthouse program. These tools make it easier for website owners to adopt HTTPS.

Chrome’s new notifications will help users understand that HTTP sites are less secure, and move the web toward a secure HTTPS web by default. HTTPS is easier to adopt than ever before, and it unlocks both performance improvements and powerful new features that aren’t possible with HTTP.

How can small-business owners implement and take advantage of this new interface? Call WAMS today at 800-421-7151 for a quick chat with one of our experts to get started.

Should you Worry About the New IoT Malware?

A malware infection is one of the worst things that could happen to your Internet of Things (IoT) devices. But some users don’t even know there are IoT-targeted attacks that threaten computers, networks, and data. Rebooting an IoT device is a simple way to remove malware, but for those already infected with the latest strain, it’s not that simple.

What is the Hide And Seek malware?

The Hide and Seek (HNS) malware has created a “botnet” by quietly infecting thousands of devices using advanced communication methods. Without getting too technical, a botnet adds or “recruits” computers to their network to carry out malicious acts, such as overloading a network by telling every infected device in the botnet to try and connect at the same time.

The new HNS can’t be removed by resetting the infected device, which is the solution for most IoT malware strains. The new strain can also exploit a greater variety of devices and in less time than its predecessors. Experts believe it has already compromised more than 90,000 IPTC cameras and other devices.

IoT devices are easily hacked if they connect to the internet, which is home to opportunistic cybercriminals. And because businesses and consumers are expected to acquire and use more IoT devices (the market is expected to reach $1.7 trillion by 2020), it’s imperative to take cybersecurity precautions.

How can I protect my IoT devices?

Luckily, there are steps you can take to keep your devices — and ultimately your network and data — safe from HNS and other forms of malware.

  • Turn off your IoT devices when not in use to reduce their exposure to fast-spreading malware.
  • Take simple precautions to keep your WiFi networks safe, like changing your network’s default settings (including your network’s name), and using complex passwords that are changed from time to time.
  • For those who use a large number and variety of devices, install a threat management system that will block intruders and secure common threat entry points.
  • Be sure that your IoT devices are updated with the latest firmware. If the device is old and not supported, or new firmware is not being release, these devices should be replace with more reliable devices.

With HNS and other malware strains expected to increase in number and complexity, it’s more important than ever to take a multi-layered approach to security. Call us today at 800-421-7151 to learn more about which cybersecurity solutions are right for your business.

Debunking the Top 4 Virtualization Myths

Unless you work in IT, you don’t need to understand the intricacies of most business technology. Complicated explanations usually just lead to misunderstandings, which is especially true for virtualization. Many of the things you’ve heard about it are false.

Myth #1 – Virtualization is too expensive for SMBs

Many people assume that the more advanced an IT solution is, the more expensive it is to install and maintain. That’s not the case for virtualization, which is a strategy to boost hardware efficiency and cut costs.

Sure, a virtual server requires more support than a traditional one, but the capacity boost means you won’t need to purchase a second server for a long time – resulting in a net reduction of hardware and IT support expenses. Furthermore, managed virtualization services usually follow a pay-as-you-go model that costs just a few bucks per hour. It is important to also note the savings regarding power and cooling requirements; the lest physical servers you have, the less you are affected by these costs.

Myth #2 – Virtualization adds workplace complexity

Most people feel comfortable with the traditional computing model – one set of hardware equals one computer – but that doesn’t mean a new model has to be more complicated. With virtualization, one “traditional” computer can run as two or more virtual computers. The technical aspects of how that’s accomplished may be confusing, but the good thing is business owners don’t need to bother with those details.

Virtualization actually reduces complexity because it allows business owners to expand their IT systems whenever necessary without having to worry about hardware limitations.

Myth #3 – Support is hard to come by or inconvenient

You may be more familiar with The Cloud than with virtualization, but that doesn’t mean the latter is a niche technology. The value of the virtualization market in 2016 was $5.6 billion and supported by IT providers all over the country. It’s also a technology that works well with remote support, which means technicians can install upgrades or resolve issues without having to travel to your office.

When you choose to invest in the cloud, everything is virtualized. Amazon, Microsoft Azure, and Citrix are the most common vendors; any cloud service provider should steer you toward one of these.

Myth #4 – Software licensing is more difficult

There’s a misconception that if your server is running three virtual Windows 10 computers, you’ll have to jump through extra licensing hoops. In reality, virtualization follows the same licensing rules as traditional computing: one desktop, one license, which means you won’t need to rethink your software budget.

It’s natural for new technologies to cause confusion, and virtualization does require a new way of thinking about IT hardware. But as long as you have certified technicians like ours on hand, everything will run smoothly. Give us a call today at 800-421-7151 to find out how we can lower your hardware costs and simplify your IT support.

AI-Powered Advances in Customer Support

High-quality products and services can make a business successful, but exceptional customer service is what makes customers come back. This is why companies constantly try to innovate their customer service strategy — and some do it by adding artificial intelligence (AI) into the mix.

How AI capabilities enhance customer service

AI has two capabilities that enhance customer service: machine learning and natural language processing.

Machine learning studies historical customer data in your systems and equips your customer service staff with all the information they need to address concerns much faster and provide personalized product suggestions, discounts, and offers. It’s the same mechanism that enables Facebook to suggest friends and brands to add or follow, and allows Amazon to personalize product recommendations.

On the other hand, AI’s natural language processing capabilities make it possible for businesses to deploy computerized customer service systems that don’t require human support staff. AI-enabled systems can ‘talk’ to customers via software similar to that of Apple’s Siri, Google’s Alexa, and Windows’ Cortana.

Automated, accurate, and agile responses

Although well-trained employees can multitask and solve customer problems, humans make mistakes. Automated systems like chatbots provide accurate and quick responses because they can be programmed to respond rapidly and accurately, handle large volumes of queries, and be available 24/7.

For example, a restaurant chain that often receives queries about a branch’s opening hours can use a chatbot to handle questions about store hours, reservations, and other simple concerns. A retail store chatbot can also make online ordering seamless by answering questions about product sizes and/or availability.

Overall, AI-enabled chatbots can reduce or eliminate pain points commonly encountered with human customer service representatives, such as long wait times, inefficient escalation of complex concerns, and negative human emotions from irate customers, all of which affect customer satisfaction levels.

Cost-efficient support

Businesses spend thousands of dollars to hire and train customer service representatives. But based on studies, the high attrition rates in the call center industry cost them a lot of money. Some companies even let operations staff handle customer support, which then affects productivity and reduces profitability.

AI-powered platforms reduce the time and money spent on customer service because you don’t need to hire more support staff in case of business expansion. Instead, you can reprogram customer service software so that queries about new products or new business locations can be easily addressed.

Many customers still prefer to have their problems solved by humans. And for banks, hotels, hospitals, and businesses where complicated concerns require human customer service agents, an AI-powered support system can facilitate seamless issue resolutions.

Fortunately, there are plenty of technology options to make customer service and other functions more efficient. Call us today for innovative business technology solutions.

New Malware Infects SOHO Routers Worldwide

Talos recently warned that at least half a million routers have been endangered by a new form of malware called VPNFilter. After an earlier version targeted devices in Ukraine, VPNFilter has spread rapidly in around 54 countries, affecting home and small business routers.

How VPNFilter Works

Talos cited the vulnerable devices as Linksys, MikroTik, Netgear, and TP-Link networking equipment, as well as network-attached storage (NAS). Upon infecting a small office home office (SOHO) router, VPNFilter deploys in three stages.

In stage 1, the malware imposes its presence by using multiple command-and-control (C2) infrastructure to capture the IP address of the existing stage 2 deployment server. This makes VPNFilter so robust that it can deal with any unpredictable changes in C2. This stage of the malware persists through a reboot, which makes preventing reinfection tough in stage 2.

Stage 2 involves deploying modules capable of command execution, and data collection and exfiltration. According to the United States Department of Justice (DOJ), this can be used for intelligence gathering, information theft, and destructive or disruptive attacks. Moreover, stage 2 malware has a “self-destruct” feature that once activated by the hackers will overwrite a critical area of the device’s firmware so it stops functioning. This can happen on almost every infected device.

In Stage 3, a module with packet-sniffing capabilities is added to enable monitoring of internet traffic and theft of website credentials. And yet another module is installed to deploy communication support for the Tor network, which can make communicating with the C2 infrastructure harder.

Taking Action

According to Talos, the likelihood of the attack being state-sponsored is high, something the DOJ later backed up. The DOJ attributed it to a group of actors called Sofacy (also known as APT28 and Fancy Bear), the Kremlin-linked threat group believed to be responsible for hacking the Democratic National Committee computer network two years ago.

On the night of May 23, the FBI announced that they have seized a domain which is part of VPNFilter’s C2 infrastructure used to escalate the malware’s effects. This forces attackers to utilize more labor-intensive ways of reinfecting devices following a reboot. With the seizure, the government has taken a crucial step in mitigating VPNFilter’s impact.

Stopping the Malware

Researchers agree that VPNfilter is hard to prevent. While vulnerability has been established, patching routers isn’t easy, something average users might not be able to do on their own. But as with any malware, the impact of VPNFilter can be mitigated, which is done by terminating the C2 infrastructure used.

To minimize exposure, the FBI recommends all SOHO routers be rebooted, which, according to a statement from the DOJ, will help the government remediate the infection worldwide. The justice department, along with the FBI and other agencies vowed to intensify efforts in disrupting the threat and expose the perpetrators.

For their part, Talos offers the following recommendations:

  • Users of SOHO routers and/or NAS devices must reset them to factory defaults and reboot them in order to remove the potentially destructive, non-persistent stage 2 and stage 3 malware.
  • Internet service providers that provide SOHO routers to their users should reboot the routers on their customers’ behalf.
  • If you have any of the devices known or suspected to be affected by this threat, it is extremely important that you work with the manufacturer to ensure that your device is up to date with the latest patch versions. If not, you should apply the updated patches immediately.
  • ISPs will work aggressively with their customers to ensure their devices are patched to the most recent firmware/software versions.

Combat the VPNFilter malware by rebooting affected devices. For more tips, contact our team.

What to Tweak when Setting Up Windows 10

There are steps that need to be taken after unboxing a new laptop. After installing Microsoft’s Windows 10, you need to unlock its full potential by tweaking some important settings. The best thing to do is get help from a technician, but there are a few things you can do without assistance.

#1 Check for updates

Your new laptop should check for updates automatically, but you can also check manually. Just click the gear icon above the Start button to go to the Settings, choose Update & Security > Windows Update and then click the Check for updates button. (Or, just type “updates” into the search box and click Check for updates.)

#2 System restore

If something goes wrong with your laptop, you can save a lot of time and hassle if you have a “restore point,” which is like a backup of your entire operating system.To set up a restore point, search for “restore” from the taskbar and click Create a restore point. You’ll be taken to the System Protection tab of the System Properties window.

From there you can choose what you want to be included in the back and then click the Configure button. Select the radio dial to Turn on system protection if it’s not already on. And then you can choose how much disk space to reserve, usually no more than 2 or 3 percent.

#3 Power plan

If you want to prolong your laptop’s battery life, one of the best things you can do is switch the Power Saver, High Performance, and Balanced power plans based on your needs. To choose a plan, right click the battery icon in the lower-right corner of your screen and click Power settings. Next, click Additional power settings to select a power plan.

#4 App installation tolerance level

To restrict which apps can be installed on your laptop, you can disallow anything that isn’t in the Windows Store. Go to Settings Apps Apps & features and you can choose whether to permit installations from only the Windows Store, any app installations (with a warning), or unrestricted app installations.

#5 Remove bloatware

Vendors package new laptops with lots of trial apps, which are mostly unnecessary and unwanted software called bloatware.

Windows 10 offers an easy way to see which apps are installed on your new laptop and a quick way to uninstall those you don’t want. Head to Settings Apps Apps & features and peruse the list. If you don’t want an app and are 100% certain your computer doesn’t need it, click the Uninstall button.

#6 Anti-ransomware

Ransomware is a form of malicious software (or malware) that makes all your data inaccessible until you pay a fee to hackers.

To combat it, type ‘Windows Defender Security Center’ into the search bar at the bottom of your screen, click it and go to Virus & threat protection > Virus & threat protection settings. Here, you’ll be able to enable a new option called Controlled folder access, which protects you against ransomware attacks. By default, the Desktop, Documents, Music, Pictures, and Videos folders are protected, but you can add others too.

Do you know what settings to change and update to optimize your laptop? This article barely scratches the surface of Window 10’s security and efficiency settings. Call us today at 800-421-7151 for a quick chat with one of our Microsoft experts about taking yours to the next level.

Protect your Facebook and Twitter from Hackers

In the wake of Facebook’s worldwide privacy scandal, it’s time to revisit some social media best practices. Your information is incredibly valuable, and you can’t rely on social media platforms to keep it safe from hackers. Heed these tips to make sure your Facebook and Twitter accounts are well secured.

Lockscreens Exist for a Reason

Make sure all your computing devices lock the moment you stop using them. This way, you are safe from the simplest hack of all: someone opening a browser on your computer that has your social media login saved. As long as your password isn’t your birthday or anniversary, you’ll be forcing hackers to work for access to your account.

Strong Passwords are Never Out of Fashion

Unlocking your phone may be limited to a six-digit passcode, but you’ll need something much more complicated for your account password. The first thing you’ll need to do is create a password that isn’t used for any other account. Because data breaches have become such a regular occurrence, hackers probably have a long list of your favorite passwords from other websites and platforms.

In this case, it is best to use a password manager like an app or online service that allows you to generate and retrieve complex passwords.

Another measure that you can take is to enable two-factor authentication, which requires you to type in a secondary code sent to your phone. Even if hackers have your password, they won’t be able to log in without your phone.

Make Use of Social Media Features

Facebook offers functions that help you keep tabs on who’s accessing your account and from where. To use this feature, click the down arrow in the upper right corner of your Newsfeed and select Settings. Then click Security and Login to get more information. If you sense an imposter, click the right-hand icon to give you the option of logging out remotely or reporting the person.

From there, turn on Get alerts about unrecognized logins to be notified via Facebook, Messenger, or email if someone is logged into your account from an unrecognized browser. Unfortunately, Twitter doesn’t have the same option (that makes the two-factor authentication extremely necessary).

While it may be difficult for a hacker to barge into your Facebook or Twitter account through a third-party service that you have given access to your profile, it’s still advisable that you check what you have approved.

  • Facebook: Go to Settings > Apps and Websites to view and manage outside service with access to your account
  • Twitter: Go to Settings and Privacy > Apps to check and edit the list

Last, be sure to check the permissions mobile apps like Facebook and Twitter have on your smartphone or tablet.

  • Android: Go to Settings > Apps > tap the icon in the upper right and then tap App permissions
  • iOS: Go to Settings > Privacy to manage which service can access which parts of your phone

Less Personal Info, Fewer Problems

These steps are just the beginning of the security that you should take advantage of. Next, you should consider limiting the personal data you input into your social media accounts. If you have to put a ton of information, then be sure you read this blog from the top… and then read it again.

With a little practical knowledge, you can prevent Facebook and Twitter hackers from doing what they do. Cybersecurity is a sprawling issue and social media privacy is such a small sliver of your online life that you need to stay on top of. For 24/7 support, call our team of experts today at 800-421-7151.

Overheating Laptop? Here’s How to Prevent It

If you own a laptop, chances are you’ve noticed how hot it can get. You might not know it, but your laptop may already be overheating, which will lead to decreased efficiency and a shorter lifespan. Here’s how to protect your laptop from further damage due to overheating.

Causes of overheating

Laptops create heat during their normal operation. That’s why they’re designed with internal fans that blow out hot air and suck in cooler air. When your laptop keeps shutting down or suffers serious slowdowns, chances are it’s overheating.

One of the most common causes of overheating is when the fan doesn’t operate normally. This may be due to dust and grime clogging up the fan, preventing it from rotating properly. It’s also possible that the air vents are being blocked, preventing air from flowing into the laptop.

Another thing to consider is the age of your laptop’s battery, which relies on lithium to store electricity. This chemical naturally decays over time, no matter how carefully you use it. The older the battery, the less efficient it is and the more heat it generates.

Software use can also contribute to overheating. Too many apps and programs running in the background can overwork your laptop.

What to do if it’s overheating

The first thing you should do is check your hardware. Turn your laptop off and inspect the vents and your fan for any dirt, grime, or other possible causes of blockage. Also check whether the fan itself is not physically dented, which can slow down its rotation.

Sometimes overheating is simply caused by bad habits. Do you use your laptops in bed or on the carpet? Do you use pillows as padding? Uneven or soft surfaces often block the air vents, leading to overheating. Always place your laptop on a hard, even surface.

Aside from the hardware, check your software. Are there a lot of apps and programs that start automatically when you switch on your laptop? If yes, then you may need to limit them.

Keeping it cool

To prevent your laptop from overheating, always make sure that there’s adequate airflow for your laptop. Better yet, invest in a cooling pad. These pads lift your laptop and add more fans to facilitate better airflow.

Limit the number of programs that run when you start your laptop. Change your settings to “power save.” And shut down your laptop whenever you’re not using it.

It’s easy to take laptops for granted because they’re billed as plug-and-play devices. However, with a little extra care and attention, your devices will last much longer. If you have any questions about your hardware, call us today at 800-421-7151.

Be Smart and Back Up Your Valuable Data

Storing copies of your business data in the cloud will help you avoid the risks associated with broken hard drives, lost or stolen devices, and human error. That’s because entrusting your data to an expert service provider means you’ll have trained professionals handling the backup of your business assets online.

How should you go about choosing a cloud backup provider? Let’s take a look:

Learn more about their storage capacity

Before partnering with a cloud backup provider, ask them where they store their data. Many providers use cloud servers over which they have little control, which could be hazardous as it makes it harder to monitor activity and respond to anomalies. To avoid this fate, choose a backup service that operates their own cloud-based servers.

Next, you will have to determine whether your business assets can be backed up, since some cloud storage providers do not have the capacity to save bigger files like videos or other multimedia files. By asking these questions, you can find a cloud backup service that fits your business needs, and more importantly, can take care of all your files.

Get details on their security

It will be important for the cloud backup provider to explain in no uncertain terms how they will store your files. They should be encrypted and stored on multiple servers because redundant storage ensures your data has multiple copies saved online and can be retrieved at will. Even if an uncontrollable disaster befalls your company or the backup provider’s system, you’ll still be safe.

Compare your budget and backup costs

Before considering any cloud backup provider, you need to know how much the service is worth to you. How much money would you lose if your server crashed and all the data it stored was irretrievable? Compare that amount with the cost of a provider’s service, which could be charged by storage tiers, per gigabyte, or on a flat-fee unlimited plan.

When asking about the price of cloud backups, make sure to clarify any service limitations or restrictions. For example, how quickly can your storage capacity be upgraded? Is it possible to run out of storage? These are not things you want to discover in the middle of hurricane season.

Clarify data recovery timelines

Although storage availability is important, how quickly backups can be created and restored is also an essential factor. Ask providers how often backups will be created (e.g., hourly, daily, weekly), and how long it will take to restore them (e.g., hours, days, etc.). If those timelines are too long, it may be time to look for a better provider.

The most important thing is to know your needs before meeting with a potential provider. Let them know your business needs, budget, and recovery timelines. Our solutions and pricing are flexible and customized to your needs so you’re not stuck in a cookie-cutter plan.

Give us a call at 800-421-7151 to find out more about backup services and other dynamic ways to protect your data.

5 Steps to Enabling Virtualization on a Local Computer

Keep in mind that virtualization is one of the most effective ways to significantly reduce IT expenses, while simultaneously increasing efficiency and flexibility. But are issues hindering you from enjoying virtualization on your PC? Here are detailed answers for you to fix these problems.

#1 Enable Virtualization in Your BIOS

In most cases, virtualization won’t work because it’s disabled in your computer’s Basic Input/Output System (BIOS). Though most modern computers support the feature, it’s often disabled by default. Thus, you should take a look to make sure it is enabled on your computer.

#2 If You Don’t See It – Update Your BIOS

If you don’t see an option for virtualization in your BIOS, there’s a chance the manufacturer has provided an update that includes it. This may not be the case for all machines, but it doesn’t hurt to check.

To find a BIOS update, you can use the manufacturer app included with your PC or manually search the internet for it.

#3 Disable Hyper-V

Professional editions of Windows include a Microsoft program called Hyper-V. This is Microsoft’s own virtualization software, like Oracle’s VirtualBox or Dell’s VMware. Unfortunately, Hyper-V can hijack your computer’s virtualization privileges, blocking you from using other virtualization apps.

You don’t need Hyper-V unless you really want to use it, so removing it from your computer will let your virtualization app of choice work properly.

#4 Confirm Your PC Supports Virtualization

If you’ve tried all the above steps and virtualization still won’t work, chances are your machine doesn’t support it. It’s worth confirming this before you give up, though.

If you have an Intel CPU, download the Intel Processor Identification Utility. It’s a handy tool that helps you know features, package, intended frequencies and actual operating frequencies of your Intel processor. Those with AMD processors should download the equivalent AMD tool instead.

#5 I’ve Enabled Virtualization, but…

Maybe you’ve gotten virtualization to work after following the advice above, but still have issues with performance or getting a virtual machine (VM) started. Here are some other things to try:

  1. Make sure you download the right version of the operating system you want to run in a VM to avoid compatibility issues.
  2. Make sure you have enough free disk space, or your host computer could run low on space. This can cause performance problems.
  3. Ensure you have enough RAM to dedicate to the VM.

At WAMS, we offer server virtualization much more to our clients due to the benefits that this strategy offers. These benefits include:

  1. Reduced Hardware Costs
  2. Faster Server Provisioning and Deployment
  3. Greatly Improved Disaster Recovery
  4. Significant Energy Cost Savings
  5. Increased Productivity

Virtualization is important, easy-to-implement technology that companies of any size can take advantage of. And if you feel overwhelmed with anything related to this topic, just call us today at 800-421-7151 for a quick chat with one of our certified virtualization technicians who might help you out.

Browser-Based Biometrics Boosts Security

Earlier this month, the World Wide Web Consortium, announced plans to begin allowing users to log into online accounts with fingerprints, facial scans, and voice recognition. This will not only boost security, but also make account management much simpler.

Authenticate Your Profile on Your Mobile Device

Chrome OS, Windows, and MacOS, Linux, and Android are all adding features to help users safely log in using biometric identification via USB, Bluetooth, and NFC devices connected to smartphones and tablets. With such convenience, users can verify their accounts on the go.

Preventing Cyber Attacks with Browser-based Biometrics

Passwords are notoriously bad at protecting users’ accounts and the information they store. Facial scans, fingerprints and voice recognition would make it exponentially harder for hackers to commit identity theft. That means you’re also less likely to be duped by an email from a hacker pretending to be your boss asking for the company credit card.

Enjoy More Secured Online Transactions

Biometric verification will also retire the need for logging in your information when shopping online, streaming video, using cloud applications, and other internet-based transactions. Windows 10 has already adopted features that offer limited account management with fingerprints and facial scans. But none of the big-name technology vendors have offered solutions to achieve this on mobile devices as of yet.

Browser-based biometrics could revolutionize and streamline the steps of verifying an online account. It promises to add more security and ease in logging in and transacting on the internet. To ensure that you are operating as securely as possible, give us a call at 800-421-7151 now.

Should You Worry About Facebook’s Security Breach?

Facebook is the most popular platform for developing brand awareness because it allows businesses to target users based on what they have posted in the past. But after the recent data breach scandal, is your data still safe? Read on to find out if you need to worry about your privacy.

Last month, news broke that a firm known as Cambridge Analytica collected private data from over 50 million Facebook users. The British company supposedly used this information in 2016 to influence voter behavior during the US presidential election and UK’s Brexit campaign.

How did they harvest the data?
In 2015, a Facebook personality quiz app called “This is Your Digital Life” was created by Cambridge psychology professor Aleksandr Kogan. Around 270,000 Facebook users signed up and gave information about themselves in exchange for humorous results.

What users didn’t know was that Kogan’s firm, Global Science Research, struck a deal with Cambridge Analytica to share the information that was gathered. Aside from collecting information about the Facebook users, the app also mined some data about the users’ friends.

Information collected was based on:

  • Data from other platforms that are also owned by Facebook, including Instagram and WhatsApp
  • Advertisers and other third-party partners
  • Apps and websites which use Facebook services
  • Your location
  • The devices you use for Facebook access
  • Payments handled by Facebook
  • Your Facebook connections and networks
  • Messages, photos and other content that other users send to you
  • The information you disclose to Facebook
  • Your activities on Facebook

What happened to the sourced information?
Cambridge Analytica analyzed the collected data to create psychological profiles and invent better political drives to influence whom people would vote for. Although there is still a huge debate about how effective this plans were, there’s no doubt that tens of thousands of users were manipulated into signing away their data without knowing it.

What can I do to keep my information safe?
Remove third-party apps that use your Facebook account. Visit your “Settings” menu and go to “Apps”. You should see the list of all the services that are using information about your Facebook profile. Check on each app, and if you don’t need it or use it anymore, delete it to revoke its access.

If you need more information on how to keep your data secure, feel free to give us a call today at 800-421-7151!

Safety Tips for Watering Hole Attacks

Bad news, internet users: Cybercriminals have developed more advanced tricks to compromise your systems. While you may be familiar with attacks involving suspicious emails, the new kid on the block known as watering hole attacks are far more nefarious and effective. Fortunately, there are a few things you can do to keep yourself safe.

What are watering hole attacks?
Much like phishing, a watering hole attack is used to distribute malware onto victims’ computers. Cybercriminals infect popular websites with malware. If anyone visits the site, their computers will automatically be loaded with malware.

The malware used in these attacks usually collects the target’s personal information and sends it back to the hacker’s server. Sometimes the malware can even give hackers full access to their victims’ computers.

But how does a hacker choose which websites to hack? With internet tracking tools, hackers find out which websites companies and individual users visit the most. They then attempt to find vulnerabilities in those websites and embed them with malicious software.

Any website can fall victim to a watering hole attack. In fact, even high-profile websites like Twitter, Microsoft, Facebook, and Apple were compromised in 2013.

You can protect yourself by following these tips.

Update your software
Watering hole attacks often exploit bugs and vulnerabilities to infiltrate your computer, so by updating your software and browsers regularly, you can significantly reduce the risk of an attack. Make it a habit to check the software developer’s website for any security patches. Or better yet, you should have a managed IT services provider to keep your system up to date.

Watch your network closely
To detect watering hole attacks, you must use network security tools. For example, intrusion prevention systems allow you to detect suspicious and malicious network activities. Meanwhile, bandwidth management software will enable you to observe user behavior and detect abnormalities that could indicate an attack, such as large transfers of information or a high number of downloads.

Hide your online activities
Cybercriminals can create more effective watering hole attacks if they compromise websites only you and your employees frequent. As such, you should hide your online activities with a VPN and your browser’s private browsing feature.

At the end of the day, the best protection is staying informed. As cyberthreats continue to evolve, you must always be vigilant and aware of the newest threats. Tune in to our blog to find out about the latest developments in security and to get more tips on how to keep your business safe.

New Security Features on Office 365

To bolster users’ safety, Microsoft recently added security features to Office 365. These enhancements give home and business users peace of mind whenever they send an email, share a link, or forward an attachment. There’s no such thing as being too secure, so we recommend staying abreast of them now.

Files Restore in OneDrive

Previously available only to Office 365 business users, Files Restore allows users to conveniently recover files in OneDrive within the last 30 days. Home and personal users can now easily retrieve and restore all their files at a specific point in time, which is useful in instances where files are accidentally deleted, corrupted, or compromised by ransomware or other malware. It is certainly not a replacement for a backup, but it isn’t a bad supplement to have on your side.

Ransomware detection notification for Office 365

You receive notifications and alerts for a variety of things on your PC or mobile devices, but rarely for something as immensely important as a ransomware attack. Office 365’s ransomware detection and recovery feature sends desktop notifications, email alerts, and mobile alerts in case of any possible ransomware attack on your system so you can act fast.

Aside from being notified about a detected ransomware, you’ll also be guided on how to recover your files before they were infected, based on the timestamp recorded by Files Restore. This is also not as strong as a firewall, but a smart supplement being implemented by Microsoft.

Password-protected link sharing in OneDrive

Whenever you share a link — whether to a file or folder — in OneDrive, there’s no guarantee that it won’t be shared to unauthorized users. A password-protected feature solves this dilemma by giving you an option to set and require a password for every file or folder you share.

Email encryption in Outlook

Intercepting email has become many cybercriminals’ preferred method of stealing critical information, so it’s more crucial than ever to ensure email safety. With Outlook’s end-to-end encryption, users can rest easy knowing that the email they send won’t be easily intercepted after all. This is not the same as email security, but a strong secondary form of protection.

Email encryption works by requiring non-Outlook email recipients to choose between receiving a single-use passcode or re-authentication to open an email from an Outlook email sender. On the other hand, an Outlook-to-Outlook email exchange — whether Outlook on desktop, mobile (iOS and Android), or Windows Mail app — doesn’t require any further action for the email to be opened.

Prevent Forwarding

This function restricts email recipients (both Outlook and non-Outlook users) from forwarding or copying email. It also provides an option to prevent certain recipients from opening an attachment from a forwarded email, which will come in handy when a person needs to send an email to more than one recipient, but wants to restrict access to an attachment to just a few recipients.

These new capabilities greatly reduce the effort to secure your files and communications, and Microsoft is sure to roll out a few more soon. If you want to optimize these Office 365 security features or explore other security methods that your business will benefit from, call us today at 800-421-7151.

5 Tips on Keeping Mobile Workers Connected

Due to increasing connectivity and technological advances, mobile workers are increasingly becoming the norm in almost every industry. Business owners need to ensure these workers stay connected, so we’ve got some helpful tips on how to effectively apply mobile performance management.

The ability to manage the workforce out in the field requires a modern support infrastructure called mobile performance management. It includes the top five tips to keep field workers connected: optimizing traffic, applying control, measuring performance analytics, simplifying data security, and identifying the root cause of connectivity issues.

Optimize

Although the latest apps on the market can maximize productivity for the mobile workforce, these apps come with a certain risk: stability issues that could lead to the apps crashing while out in the field. If you are your company’s IT decision-maker, be cautious of untested apps, and consider blocking heavy bandwidth apps to streamline data flow when signal strength is weak. Your IT company will also advise you on which applications should and shouldn’t be trusted.

Control

Another thing you can do with mobile performance management solutions is blocking personal apps and unsafe WiFi networks. Both of these create serious security risks that could lead to costly data theft or loss.

Analyzing performance

Field workers mostly rely on GPS location data for more efficient scheduling, route-planning, and effective control of fuel consumption. This is possible only if there are reporting tools that confirm that the GPS capability is working. Performance analytics show you what mobile workers are experiencing, gaining access to robust data, network and app usage reports, inventory analysis, coverage maps and device maps as needed.

Simplify security

IT should tightly restrict access without making security complicated for mobile workers. IT administrators need to create a highly flexible and programmable secure mobile strategy. You must be able to restrict which apps can access company data and remotely wipe data from the device if it is lost or stolen.

Identifying the root cause of connection issues

Organizations need to be fully prepared for connectivity issues involving their mobile devices. Organizations of all sizes should be able to afford remote diagnostics to gather complete troubleshooting information to allow IT to identify the root cause of the problem quickly, without relying on workers, who have no idea about how to run tests and answer questions regarding these issues.

For any organization with workers in the field, the ability to implement performance management structures and policies is a must. For other tips on how to keep your employees connected, engaged, and efficient, give us a call at 800-421-7151 and we’ll be happy to advise.

Phishing Hits Businesses at Tax Time

Phishing schemes abound every season, and tax season is no exception. It’s an important time of year in the corporate world and cybercriminals are looking to take advantage of it, which is why your business must ensure that your confidential data is kept under lock and key.

Phishing baits to watch out for

Phishing attacks often consist of fabricated or compromised emails sent to finance/payroll or human resources employees that are made to look like they’re from an executive in your company. The message might contain a request to forward employee records, including their W-2 forms, but that’s not all…

Another common scheme, which doesn’t only happen during tax season, involves getting a call from a person declaring to be an IRS employee. And no, caller IDs won’t save you because they can forge that, too. The phisher will inform you that you owe them cash from back taxes and they will threaten legal action if you don’t pay via credit card at that instant.

Always remember, the IRS will never contact you on the phone to let you know that you owe them money. And they certainly won’t threaten you or demand payment over the phone. If they really need to notify you of such matters, they’ll use the postal service and will give you a chance to discuss payment terms.

Standard protection protocols

Don’t worry, the usual security measures against these phishing scams are pretty easy to integrate into your business. Begin by developing a policy that bans the request of private details through email. If an employee ever requires such info, they should get in touch with the person directly, follow your established protocols for the transfer of sensitive information, and minimize the number of people involved in the transaction.

Taking security a step further

Data loss prevention (DLP) systems are also valuable weapons against these types of phishing attacks. They evaluate traffic going in and out of your company, such as web usage, emails and instant messages, and virtually anything sent on your network. DLP systems can filter out private details, including Social Security numbers, and stop them from being sent out.

But beware, DLP systems come with a minor drawback, as they can also block legitimate traffic, like when your accounting department sends tax info to your CPA. Fortunately, an MSP like us can properly segregate the good and the bad traffic to avoid confusing and/or frustrating your employees.

Phishing schemes may be a normal occurrence during tax season, but that doesn’t mean you can’t do anything about it. Don’t let the vulnerabilities in your business, particularly the human element, fall prey to cybercriminals. Call us at 800-421-7151 right away and we’ll conduct an assessment of the security of your business, as well as design a risk management plan to help counter future complications.

3 Tips to Maintain a Secure Facebook Account

In March 2018, disturbing reports circulated on the web that revealed a company named Cambridge Analytica harvested confidential details of 50 million Facebook accounts. If you’re concerned that your private details are being passed around by private companies, consider the following 3 tips to maintain a confidential Facebook profile.

Download your Facebook data

The thought of a complete stranger going through your account is pretty disturbing. Yet, you’re probably curious about the amount of information you uploaded to your social media sites over the years. Fortunately, Facebook allows you to download a copy of all your data. You simply have to log in to its web version and…

  • On the site’s main navigation, click on the down button right next to the Quick Help icon
  • A menu will pop up and you’ll find Settings right above the Log Out option
  • Click on Settings and you’ll automatically be redirected to General
  • Within the General page, press Download a copy of your Facebook Data
  • It will redirect you to a different page where you’ll need to press Start My Archive button to proceed with the download process

Once that’s done, you’ll be able to see an archive of all your Facebook activity, such as the statuses you’ve posted, messages you’ve sent, and ads you’ve clicked on.

Change your privacy settings

After going through all your data, you might realize that everything you shared is harmless. But, that doesn’t mean it won’t end up in the hands of cybercriminals who can use it against you.

We suggest going back to the Settings page and clicking on Privacy. That’s where you can modify whether you want your posts to be seen by the public or only by your friends. You can even control who’s allowed to send you friend requests, view your friends list, and most importantly, decide whether search engines are allowed to link to your profile.

Check or delete apps

You know those personality quizzes that you and your friends always had a ball answering? Apparently, Cambridge Analytica gathered all the responses from one of those app developers. Luckily, you can stop them from further accessing your profile. In Settings, click on Apps to see all the apps linked to your profile. Beside each one, you can choose Edit Settings to review its authorizations or click Remove to completely get rid of it.

Your recent love-hate relationship with Facebook has you second-guessing. If you want to take data security up a notch, we can always provide more tips and tools, and even assess your current level of security. Just give us a call at 800-421-7151 and we’ll take care of your privacy so you don’t wind up breaking up with your favorite social media site.

Keeping Cloud Costs Under Control

One of the most well known benefits of the cloud is it boosts cost efficiency. By moving to the cloud, small- and medium-sized businesses no longer have to worry about purchasing high-end equipment or maintaining full-scale data centers. However, there are quite a few costs associated with the cloud, so it’s important you know how to keep them under control.

Don’t go for standalone services
Standalone services are the biggest price trap in the cloud. Spending on a standalone cloud software may seem harmless now, but if you decide to purchase similar services, the costs can quickly pile up. Then, there’s the issue of integrating these systems together, which costs even more time and money.

The best way around this is to find a service provider that offers a suite of products that work seamlessly together. Platforms like Office 365 or G Suite are great examples, and offer you differently priced packages based on the size and requirements of your business.

Team up with integration experts
If you do need to subscribe to a standalone service, you’ll want to integrate it with the rest of your cloud platform. But if you have limited experience with integrations, mistakes are likely to happen and cause downtime, which will inevitably cost you time and money.

The more economical option is to partner with a cloud integration expert, as they can quickly configure and deploy your systems with zero mistakes.

Understand cloud backup costs
While cloud backups are great for keeping your data secure, you must know how much you’re paying for them. If you plan on storing your data for a long time, you may be charged more. At the same time, if you store more versions of your data, it will cost you more.

One way you can keep costs down is to ask yourself whether certain files even need to be stored in the cloud. Mission-critical files like customer information, legal document, and business plans should be stored in the cloud so you can retrieve them right away after a disaster, but routine documents like timesheets can probably be stored in less expensive data centers.

Remove unnecessary accounts
Most cloud service providers charge you based on the number of users per month, so if you’re not diligent about removing accounts when employees have left your company, you could be throwing your money down the drain.

To avoid this, you need to have deprovisioning procedures in place for when an employee’s contract is terminated. Create a spreadsheet of each employee in your payroll and note down their cloud subscriptions. When an employee leaves your company, you must delete all their business accounts and give the relevant manager access to all their documents.

It’s also a good idea to schedule regular audits to make sure you’re not paying for people who’ve already left your company.

Work with a trustworthy provider
Last but not least, you’ll want to partner with a cloud services provider that not only gives you the best deals on cloud solutions, but also proactively monitors your account and warns you about any issues regarding the computing resources and storage space you’re using.

If you’re looking to keep cloud costs under control, talk to us today at 800-421-7151. We’re certified and experienced with all aspects of cloud technology, and we can show you how you can truly benefit from it.

Don’t Ever Let Your IT Company Do This To Your Computer Network

Today, when companies need to be lean, nimble and brutally efficient to survive in a competitive marketplace,cutting unnecessary costs is paramount. Unfortunately, it can be easy when you’re on a tight budget to accidentally strip away components of your business that may seem gratuitous but are actually essential to your success.

One of the first things that often ends up on the chopping block in the frenzy to save money is IT. Instead of continually investing in managed IT services, where professionals carefully maintain, protect and update your network month to month, some businesses decide that the best way to keep their technology running smoothly is to simply leave it alone, calling up a professional only when something breaks down.

Of course, this approach forgoes monthly costs and shaves off a fair few dollars from your technology budget in the short run. But while this approach may seem cost-effective, it opens up your business to a huge variety of technological crises, from expensive network outages to cyberattacks that may cripple the very future of your company.

The Problem With A ‘Break-Fix’ Strategy

It can be hard to imagine the huge list of problems that might arise within your network. So, it’s an understandable strategy to wait to do something until an issue becomes a serious problem. At that point, they bring in a professional who – charging by the hour – attempts to suss out and repair whatever may be broken.

It seems like a logical approach, but unfortunately, it’s littered with huge hidden costs. If you’re calling an IT expert only when something in your network is broken, only your most urgent technological needs are

addressed. When your technician is being paid an hourly wage to fix a specific issue, there’s no incentive to be proactive with your system. They won’t recommend important, money-saving upgrades or updates, and they will rarely be able to detect a crisis before it happens.

What’s more, the approach “If it ain’t broke, don’t fix it” very likely leaves huge holes in your security and drastically magnifies the costs of an IT meltdown. If they’re only arriving in the midst of crisis, there’s hardly ever an opportunity for the break-fix technician to strengthen the barriers between you and the hordes of hackers clamoring for your data. They’re on the clock, being closely monitored to fix the problem and then go away. Meanwhile, the security landscape is constantly changing, with criminals and security experts in a back-and-forth arms race to stay abreast of the latest developments.

Without someone managing your system on a regular basis, your protective measures are sure to become woefully out of date and essentially useless against attack.

Why Managed IT Services Are The Answer

When you turn your IT needs to a managed services provider (MSP), you’re entrusting the care of your network to a team of experts who have a real interest in your success. MSP engineers regularly monitor the health of your system, proactively preventing disaster before it enters into the equation and hurts your bottom line.

Beyond this preventative care, MSPs do everything they possibly can to maximize the power and efficiency of your equipment, implementing only the best practices and the latest software and updates.

When you invest in an MSP, you may have to invest more funds initially, but likely you’ll save tens of thousands of dollars in the long run by avoiding cyber-attacks, downtime and hourly rates wasted on a technician who doesn’t really care about the future of your business. When you choose an MSP, you’re not just choosing a superior and healthier network – you’re choosing peace of mind. Call us today at 800-421-7151 to learn more about our Managed Services. 

Does Private Browsing Secure Your Data?

If you’re getting targeted with surprisingly relevant ads, there’s a chance your internet activity is being tracked and analyzed by market researchers. While this doesn’t bother most people, private browsing mode can offer you some protection against online marketers and would-be data thieves.

What is private browsing?
Your web browser – whether it be Chrome, Edge, Firefox, Safari, or Opera – remembers the URLs of the sites you visit, cookies that track your activity, passwords you’ve used, and temporary files you’ve downloaded.

This can be convenient if you frequently visit certain pages, can’t remember your login details, or if you’re trying to recall a website you visited a few days ago. But if someone else uses or gains access to your computer, your most private (and embarrassing) internet activities are exposed for anyone to see.

With private browsing – also called Incognito Mode in Chrome and InPrivate Browsing in Edge – all the information listed above does not get recorded. In fact, all the websites and information you accessed in the private browsing session is immediately discarded without a trace as soon as you close the browser. This can come in handy when you’re using a public computer because you’re instantly logged out of all the accounts after closing the window.

Your cookies also won’t be tracked. In a normal browsing session, sites like Facebook will inundate you with highly targeted ads based on the sites and pages you’ve visited. But in private browsing mode, your internet activity won’t be used against you by marketing companies.

Another benefit of private browsing is you can use it to log in to several accounts on the same site, which is useful if you need to log into two different Google accounts at the same time.

Limitations of private browsing
Although private browsing does prevent your web browser from storing your data, it doesn’t stop anyone from snooping on your current activities. If your computer is connected to the company network, system administrators can still keep track of what you’re browsing even if you’re in Incognito Mode.

Also, if spyware or keylogger malware is installed on your computer, hackers will still be able to see what you’re doing online. Even though private browsing has quite a few benefits, you shouldn’t solely depend on it for online privacy.

Your computers must be equipped with Virtual Private Networks that encrypt your internet connection and prevent anyone from intercepting your data. And don’t forget to scan your computer for viruses with a strong anti-malware program to keep spyware and other malicious web monitoring software at bay.

If you want to know where you can get these solutions or learn more about web browser security, call us today at 800-421-7151. We have the tools and expert advice you need to prevent anyone from snooping on your internet browsing.

Prep for IT Incidents with External Support

Regardless of your best office IT strategies, it’s nearly impossible to thwart every type of cyberattack. And when they do happen, most businesses depend primarily on their internal resources and personnel. On the other hand, some organizations have realized the risks and complexities involved and have sought external support from leading industry specialists. Here are reasons why you should, too.

Access to new technologies and industry experts
Managed Services Providers (MSPs) are equipped with resources most small businesses can’t afford. They employ teams of experts in fields ranging from cybersecurity to data management to networking – all available for you on an outsourced basis. For example, an MSP provides advanced security software and applications that can help your business avoid the risks of cyberthreats.

They also work with industry tech leaders who provide insights into upcoming hardware and software products in the market. This ensures you receive updated recommendations on the latest technologies so you can use them in your business, and they often come with deals that you wouldn’t normally have access to.

Knowledge from past breaches
External IT support providers have been helping businesses recover from all kinds of tech disasters since the dawn of hackers. They now have enough knowledge to prepare Data Backup and Disaster Recovery plans for you. This way, you and your team would still be up and running after suffering from an IT emergency without disrupting much of your business operations.

External support providers’ experience with data protection will ensure your systems are monitored around the clock so your security systems are always functioning properly to keep cybercriminals at bay.

Run your business with ease
You don’t specialize in technology, so you don’t have the skill or the experience in dealing with digital felons. You also know how vulnerable your business is online and won’t dare do anything to jeopardize it. That’s why external support is such a great asset – you’ll be able to manage your business without any worries because your external IT provider will keep it protected. Give us a call at 800-421-7151 to see how we can keep your mind at ease.

Best Uses of Alexa in a Business Setting

Individual users find plenty to like about Amazon’s AI technology Alexa. It’s a great way to control smart home devices and perform small tasks like make shopping lists and answer phone calls. But Alexa also gets things done for business users, and here we’ll list some of the most useful.

Create and manage to-do and shopping lists
You have meetings to attend and deadlines to meet. Alexa has a straightforward To-do List feature that helps you stay on top of all your tasks. It’s ideal for busy professionals who prefer a no-frills checklist that allows them to simply view completed items, or to edit or delete items on the list.

You can also seamlessly sync third-party applications like Any.do and Todoist, which offer more features for organizing tasks, adding subtasks and folders, creating reminders, setting due dates, attaching files, and prioritizing items.

To connect to a third-party app:

Go to alexa.amazon.com or access the Alexa app
Go to Settings > List, click Get Skill
Click Enable
Log in to authorize the app
Alexa also has a default Shopping List that works exactly like the To-do List. It lets you add or delete items that can be browsed in the Amazon store and searched for in Bing.

Reorder office supplies
Ordering supplies on an Amazon smart home device is especially convenient because you would have already set up an Amazon account. When voice shopping with Alexa, you can either add items to your Amazon cart (“Alexa, add toner to my cart”) or directly order a single item (“Alexa, reorder toner”) without having to lift a finger.

When you place an order, Alexa checks product availability, walks you through Amazon search results, and asks you to confirm or cancel the order. Voice shopping is enabled by default, but it can be disabled in Settings > Voice Purchasing in the Alexa app.

Sync your calendars
One of the best ways to maximize Alexa in the office is to sync it up with your calendars. You can view scheduled appointments, set meetings, or have Alexa read the day’s entries with simple commands like “Alexa, what time is my next meeting?” or “Alexa, when is the company barbecue?”.

To add a calendar:

Go to alexa.amazon.com or access the Alexa app
Click Settings > Calendar
Select a calendar from the available platforms: Google (Gmail and G Suite), Apple (iCloud), or Microsoft (Office 365 or Outlook)
Log in to your account
Set a timer
A Pomodoro timer is a productivity enhancement tool that works by prescribing ideal work intervals and breaks. For example, you can set a timer that reminds you to take a 15-minute break for every hour worked, and setting this up in Alexa is easy.

To set a single timer:

Say “Alexa, set a work timer for 60 minutes.”
After the work timer finishes, say “Alexa, set a break time for 15 minutes.”
To set several timers at once, say:

“Alexa, create a work timer for 60 minutes.”
“Alexa, create a break timer for 15 minutes.”

But of course, due to the listening technology of Alexa, users should not expect 100% privacy. Here are a few ways that you can protect yourself from Alexa hearing and recording anything you don’t want her to hear:

Always Mute your Echo when Not in Use – The mute/unmute button can be located at the top of the device. Unmute and Alexa is no longer listening.
Don’t connect sensitive accounts to your Echo – This has proven to be a problem for users on multiple occasions.
Erase old recordings – If your Echo is connected to your Amazon account, as it should be to get the most out of it, you can manage recordings. This can be done by logging into Amazon’s website and navigating to “Manage my device.” You can delete both individual queries and/or the entire search history.

The commands we’ve included here work for simple instructions, but you can modify them and use tons of other Alexa commands to suit your purpose. If you need recommendations on how you can work smarter with AI and other productivity tools, get in touch with us today at 800-421-7151.

Outlook Tips to Increase Productivity

Microsoft is constantly updating and improving its Outlook email program, and some users struggle to keep up with all the new and exciting features. Look no further if you wish to catch up on the latest productivity-enhancing tricks.

Clean Up your inbox
No matter inbox how meticulously organized your Outlook inbox is, there’s always room for improvement. For a little computer-assisted help, try the ‘Clean Up’ feature.

From your Inbox, click the Home tab and choose from Outlook’s three Clean Up options:
Clean Up Conversation – Reviews an email thread or a conversation and deletes redundant messages.
Clean Up Folder – Reviews conversations in a selected folder and deletes redundant messages.
Clean Up Folder & Subfolders – Reviews all messages in a selected folder and its subfolder, and deletes redundant messages in all of them.

Ignore (unnecessary) conversations
An overstuffed inbox is often caused by group conversations that aren’t relevant to you. The Ignore button helps you organize your inbox and focus on relevant emails.

Select a message, then click Home > Ignore > Ignore Conversation. You can also do this by opening a message in a new window and clicking Ignore under the Delete function. To recover an ignored message, go to the Deleted Items folder, and click Ignore > Stop Ignoring Conversation.

Send links instead of a file copy
Help your colleagues save storage by sending a link to a cloud version of a file instead of the file itself. This is particularly useful when sending massive files. You can also set permissions to allow recipients to edit and collaborate on linked files in real time.

Upload the file you wish to send on OneDrive and send it to your recipients. From the message box, click Attach File > Browse web locations > OneDrive.

Improve meetings with Skype and OneNote
Outlook allows you to combine Skype’s HD video and screen-sharing features with OneNote’s organizational and project planning functions. It’s easy:

Go to the Meeting tab in Outlook, then click Skype meeting and send the link to participants. After the meeting has started, select Meeting Notes (under the Meeting tab) and choose whether you want to Take notes on your own or Share notes with the meeting.

Tag contacts
To get the attention of a specific person in a group email message, use the @Mention function. This works particularly well for mails to multiple recipients or for if you simply want to convey the urgency of your message.

In the email body or meeting request, type the ‘@’ symbol followed by the first and last name of the person you wish to tag (e.g., @firstnamelastname).
To search for emails you’re tagged in, select Filter Email from the Home tab and choose Mentioned, then choose Mentioned.

These are just a few strategies for getting more out of Microsoft’s email platform. To unlock Outlook’s true potential, you need the support of certified IT professionals. Give us a call today at 800-421-7151.

HTTPS is Something to Care About

For all the time we spend discussing the complexity of internet security, there are a few simple things you can do. Avoiding websites that aren’t secured with the HTTPS protocol is one of them. It’s a habit that can be developed with a better understanding of what the padlock icon in your web browser’s address bar represents.

HTTPS Encryption
Older web protocols lack data encryption. When you visit a website that doesn’t use HTTPS, everything you type or click on that website is sent across the network in plain text. So, if your bank’s website doesn’t use the latest protocols, your login information can be intercepted by anyone with the right tools.

HTTPS Certificates
The second thing outdated web browsing lacks is publisher certificates. When you enter a web address into your browser, your computer uses an online directory to translate that text into numerical addresses (e.g., www.google.com = 8.8.8.8) then saves that information on your computer so it doesn’t need to check the online directory every time you visit a known website.

The problem is, if your computer is hacked it could be tricked into directing www.google.com to 8.8.8.255, even if that’s a malicious website. Oftentimes, this strategy is implemented to send users to sites that look exactly like what they expected, but are actually false-front sites designed to trick you into providing your credentials.

HTTPS created a new ecosystem of certificates that are issued by the online directories mentioned earlier. These certificates make it impossible for you to be redirected to a false-front website.

What this means for daily browsing
Most people hop from site to site too quickly to check each one for padlocks and certificates. Unfortunately, HTTPS is way too important to ignore. Here are a few things to consider when browsing:

If your browser marks a website as “unsafe” do not click “proceed anyway” unless you are absolutely certain nothing private will be transmitted.
There are web browser extensions that create encrypted connections to unencrypted websites (HTTPS Everywhere is great for Chrome and Firefox).
HTTPS certificates don’t mean anything if you don’t recognize the company’s name. For example, goog1e.com (with the ‘l’ replaced with a one) could have a certificate, but that doesn’t mean it’s a trustworthy site.

Avoiding sites that don’t use the HTTPS protocol is just one of many things you need to do to stay safe when browsing the internet. When you’re ready for IT support that handles the finer points of cybersecurity like safe web browsing, give our office a call at 800-421-7151.

New Scam Freezes Browser to Panic Users

New Scam Freezes Browsers to Panic Users

Con artists have created a new method of deceiving users by freezing their browsers and displaying a security notification with bogus tech-support contact details. This adware scam has been found to affect users in both Windows and macOS. Their ultimate goal is to scare potential victims and trick them into dialing the fake hotline number on the screen.

The End Game
The scam works by displaying an error message indicating a bogus security breach incident that renders a browser unusable. It appears to be an important security message. These scammers capitalize on the fact that a serious crash can’t be solved by simply closing the site, thereby sending the users into a panic. This encourages them to dial the number listed on the warning message.

On the other end of the line, the scammers would pose as Microsoft or Apple representatives to convince users into surrendering their credit card details to repair a non-existing security issue. Whatever you do, please do not call the phone number for support because it is not Microsoft’s but rather a group of scammers waiting to rob you of hundreds of dollars under false pretenses. The scams are generally carried out through legitimate sites or malicious ads that have been hacked.

The Ingenious Process
This new scam operates against your browser by corrupting the window.navigator.msSaveOrOpenBlob programming interface, which basically uses it as a form of distraction. The hackers manipulate the browser and forces it to save a random document on a disk repeatedly at super fast intervals that are impossible to notice. After five to 10 seconds, your browser will be completely unresponsive.

The Easy Fix
To recover, Windows users simply have to open Windows Task Manager (press ctrl + shift + esc keys) and stop the process there. On the other hand, macOS users just need to wait until a system message prompts them to close the unresponsive Chrome tab. Typically, the latter is a more appealing option since users would have the freedom to close only the corrupted page. Manually closing the whole browser means possibly losing unsaved files in any open Windows.

When faced with IT-related issues, you need to determine how you can approach them calmly. The threats in the digital world may be terrifying and intimidating, but causing a panic in your workplace isn’t the answer. Call us at 800-421-7151 as soon as any problems arise, and we’ll help you as soon as we can. We can even hook you up with other security measures to beef up your network security.

Top Tips for First-Time Virtualization Users

Unlike most solutions, virtualization technology is not plug and play. It requires you to understand your IT environment and know which aspects could and should be virtualized. This is not something we expect first-time virtualization users to grasp right away, so if you’re planning to implement it, follow these tips.

Conduct an assessment
Evaluating your IT environment is an important step in the implementation process. After all, you can’t just go around virtualizing everything without a plan. An IT assessment performed by an impartial managed services provider (MSP) like us helps you understand what type of virtualization solution you need.

For example, if the report found that computers don’t have enough processing power to run certain apps, desktop virtualization — which consolidates operating systems and apps into a single powerful server — is an ideal solution.

From there, you should be able to estimate costs and set realistic timelines for the implementation.

Don’t forget about hardware
Just because virtualization frees up space in your server room, does not mean hardware is no longer an issue. No matter what type of solution you opt for, the servers you use must be strong enough to support the entire company’s computing demands.

This means you must take stock of your apps and their hardware requirements and make sure your server has all the processing power, RAM, network capacity, and storage necessary to run them.

Underutilized servers are excellent candidates for virtualization, but purchasing new equipment may pay dividends in the long run. If you choose the latter option, ask your provider for recommendations. Chances are they’re partnered with virtualization-optimized hardware vendors that offer top-of-the-line servers.

Prevent VM sprawl
Virtualization allows you to deliver computing resources to workstations in your network via virtual machines (VMs), which can be created on a server in just a few minutes. While this lets you scale and provision resources quickly, there are risks if you don’t have someone regularly reviewing which VMs are worthwhile and which are outdated. You could be losing out on cost savings and efficiency benefits.

When too many VMs are created, they can quickly consume all server resources and complicate licensing and asset management.

To prevent sprawl, you must establish policies and restrictions for VM creation. For instance, users must have a good justification for creating a VM (e.g., testing software or provisioning apps for new users).

Prioritize business continuity
You must also protect the hardware running your virtual servers. Make sure to lock up server rooms and have secondary servers available in case the first one breaks down. While you’re at it, take advantage of automated backup solutions that make copies of your VMs and their files regularly.

Work with experts
Building and maintaining a virtual infrastructure is no simple task. That’s why you’ll want to work with a virtualization specialist who can guarantee a seamless implementation and provide ongoing management services.

For more tips on virtualization, call our experts today!

Cryptojacking: How to Protect Yourself

Over time, your computer will work slower as software requirements become more demanding. But if you have a relatively new computer, and are experiencing performance problems after clicking a link or visiting a website, you might be the victim of a new cyberattack scheme known as cryptojacking.

Hijacked hardware
Cryptojacking secretly uses your computer to calculate complex mathematical problems to generate cryptocurrency. They get inside by using phishing emails to lure victims into clicking on a link, which then runs malicious cryptomining programs on the computer. Any cryptocurrency produced then gets delivered to the hacker’s private server.

But hackers have developed an even more insidious tactic. By infecting websites with ads and plugins that run cryptojacking code, any visitor who loads the web page instantly gets infected with the malware, sending their computer’s processor into overdrive trying to generate cryptocurrency.

Unlike most malware, cryptojacking software won’t compromise your data. But it will hijack your hardware’s processing power, decreasing performance while increasing your power and cooling bills. So instead of paying for the computing power themselves, hackers can simply use thousands of compromised computers.

Surge in cryptojacking
It’s difficult to tell how much hackers are making with cryptojacking, but there’s a good chance that this type of attack will be as popular as ransomware was in 2017. In fact, for as little as $30, anyone can purchase a cryptojacking kit from the dark web to force other computers to generate Bitcoin or Monero for them.

According to several reports, even sites like The Pirate Bay, Openload, and OnlineVideoConverter are allegedly using cryptojacking exploits to diversify their revenue streams.

The biggest reason why this is becoming so popular is because it’s a low-risk, high-reward scheme. Instead of extorting money directly from the victim, hackers can secretly generate digital currencies without the victim knowing.

If it is detected, it’s also very hard to track down who initiated the attack. And since nothing was actually “stolen” (other than a portion of computing power), victims have little incentive to apprehend the culprit.

Prevention and response
To avoid cryptojacking, you need to incorporate it into your monthly security training sessions. Teach your employees to practice extra caution with unsolicited emails and suspicious links. Using ad-blocker or anti-cryptomining extensions on web browsers is also a great way to stay protected.

Beyond prevention, use network monitoring solutions to detect any unusual behavior with your computers. For example, if you notice a significant number of PCs running slower than usual, you should assume that cryptojacking is taking place.

If you’ve confirmed that it is, advise your staff to close browser tabs and update browser extensions as soon as possible.

Cryptojacking may seem less threatening than some malware we’ve discussed in the past, but it can incur real power, cooling, and performance costs to your business when several systems are compromised. To make sure you don’t end up enriching any hackers, call us today at 800-421-7151. We offer hardware solutions and cybersecurity tips to keep your business safe and sound.

5 Ways Your Employees Will Invite Hackers Into Your Network

Whether they’re criminals or heroes, hackers in the movies are always portrayed as a glamorous group. When it comes down to the wire, these are the individuals who crack into the ominous megacorporation or hostile foreign government database, hitting the right key just in the nick of time. They either save the day or bring down regimes, empty the digital vault of the Federal Reserve or disable all the power plants in the country. It’s always a genius up against an impenetrable fortress of digital security, but no matter what, they always come out on top.

In real life, it’s rarely that difficult. Sure, if you look at the news, you might believe hackers are close to their Hollywood counterparts, stealing data from the NSA and nabbing millions of customer records from Equifax. But the majority of hacks aren’t against the big dogs; they’re against small to mid-sized businesses. And usually,this doesn’t involve actually hacking into anything. A lot of the time – approximately 60% according to the Harvard Business Review – an unwitting employee accidentally leaves the digital front door open.

The biggest threats to your company aren’t teams of roaming hackers; they’re your employees. Here’s why.

1 They’ll slip up because they don’t know any better.

With the proliferation of technology has come an exponential rise in digital threats of such variety and complexity that it’d be impossible for the average person to keep track of it all. Each of your employees’ lives are a labyrinth of passwords, interconnected online accounts and precious data. If their vigilance slacks at any point, it not only leaves them vulnerable, but it leaves your company vulnerable as well. For this reason, most cyber-attacks come down to a lack of cyber security education.

2 They’ll let you get hacked on purpose.

It’s a sad fact that a huge portion of digital attacks are the result of company insiders exposing data to malicious groups. Whether it’s info vital for your competitive advantage, passwords they can sell to hacker networks to make a quick buck or sensitive data they can make public simply to spite your organization, it’s difficult to protect against a double agent.

3 They’ll trust the wrong person.

For many hacks, little code is needed whatsoever. Instead, hackers are notorious for posing as a trusted member of your own team. And if you believe that you’d be able to spot an impostor from a mile away, you may want to think again. Not only is it easier than ever to crack individual users’ e-mail passwords and login credentials, personal info is now littered throughout social media. A simple visit to Facebook can give a hacker all they need to know to “social hack” their way into the heart of your business.

4 They’ll miss red flags while surfing the web.

Clickbait is more than a nuisance plaguing your social media feeds. It can be a powerful tool for hackers trolling for easy prey. If an employee doesn’t understand what exactly makes a site or link look dubious, they may open themselves – and your company – to browser exploits or other types of attacks.

5 They’re terrible at passwords.

According to Entreprenuer.com, “3 out of 4 consumers use duplicate passwords, many of which have not been changed in five years or more.” Even more of those passwords are simply weak, inviting easy access for unsavory elements. Many people brush off the importance of strong passwords, but the risks posed by the password “123456” or “password” cannot be overstated.

When it comes to defending your precious assets against digital threats, it can seem impossible to protect yourself at every turn. But there is one way you can make a concrete change that will tighten up your
security more than you realize: educating your people. Through a comprehensive security training program, including specific examples of methods hackers use – particularly phishing – you can drastically
minimize the risk of an employee accidentally opening up a malicious e-mail or posting sensitive info. When you make a concerted effort to make the entire organization vigilant against cyber-attacks, you’re much less likely to be targeted. Email us at info@wamsinc.com to learn more!

How to Enjoy Your New Laptop

Did you just get the newest laptop? New tech toys are always very exciting, but before you start showing off your new purchase, there are five steps you should take to make your laptop experience even more enjoyable and long-lasting.

1. Update your laptop’s operating system
One of the first things you should do before using your laptop is upgrade its operating system. Assuming you did not purchase the laptop right when it was released, your laptop will still be running an older operating system. With important patches and fixes released in each new update, it is recommended that you install the latest one to ensure your laptop is free of any vulnerabilities.

2. Remove bloatware
Opening your laptop for the first time, you might notice that there are already several preloaded software in the system — some of which you will probably never use. These are known as bloatware.

These apps take up a lot of your valuable drive space, so consider getting rid of them. The easiest way to do this is by downloading a bulk uninstaller, which allows you to check all the bloatware apps you don’t want and remove them in one fell swoop.

3. Install protection software
It’s no secret that the world we live in is unsafe. And with so much confidential information nowadays becoming digitalized, it is necessary to protect yourself against losing important data from your computer. The solution to this is very simple. By installing antivirus software that can automatically — or manually — scan your computer at a scheduled time, potential attacks can be thwarted before they become more serious.

Not only is your laptop’s data vulnerable to cyberattacks, there is always a chance your laptop can get lost or stolen. While there are preventive steps you can take — such as being mindful while using your laptop in public places — another solution would be to install anti-theft software. Security features such as “Find My Device” for Windows 10 and “Prey” for other operating systems can help you locate your device if it’s ever stolen or misplaced.

4. Optimize your power settings
One of the most frequent problems that laptop users have is that their batteries run out of juice too fast. However, you can actually extend the battery life by making a few tweaks to your power settings.

Reduce your display brightness, but not so much that it causes eye and mental fatigue
Use the Sleep or Hibernate mode for your operating system

5. Set up a backup plan
Imagine spending months working on an important project and suddenly finding it nonexistent the next day just because your laptop crashed. Deadlines will be missed. Profit margins will decrease. Customers will leave unhappy. And if worse comes to worst, you’ll be out of business.

Why add more unnecessary stress if you can prevent it from happening in the first place? By setting up an automatic backup system, you can regularly save all your important files; that way, you’d still have access to the data anytime were anything to happen to the original file.

Getting a new laptop can be fun, but the joy might be short-lived if you don’t set up any preventive measures from the start. Call us at 800-421-7151 for information on how we can help you secure your company’s laptop today.

Distributed Spam Hides Illegal Activities

Cybercriminals are fairly experienced at avoiding detection. By the time you notice they’ve infected your computer with malware or hijacked your account, serious damage has most likely already been done. To make matters worse, they have another way to hide their illegal activities, and it involves sending thousands of spam emails.

Understanding DSD
Distributed Spam Distraction (DSD) is designed to inundate your inbox with thousands of nonsense emails. There are no dangerous links, ads, or attachments involved, just random excerpts of text stolen from books and websites. What’s more, the email and IP addresses used are all different so victims can’t simply block a specific sender.

These attacks last anywhere from 12 to 24 hours and can flood inboxes with as many as 60,000 messages. While they may seem like harmless annoyances, the true purpose of DSD is to draw victims’ attention away from what hackers are doing behind the scenes.

And what they’re doing is exploiting your personally identifiable information (PII) to make unauthorized purchases or pilfer cash directly from your accounts. The DSD acts as a sort of smokescreen to hide payment confirmation messages behind a deluge of spam messages.

New tactics
Over the years, hackers have developed new tactics involving DSD. Several reports have shown that, instead of nonsensical emails, hackers are using automated software to have their targets sign up for thousands of free accounts and newsletters to distract them with authentic messages. This allows DSD blasts to slip past spam filters that have been designed to weed out malicious code and gibberish text used by traditional DSD attacks.

What’s even more worrying is that any ill-intentioned individual can go to the dark web and pay for DSD services. They just have to provide a hacker with their target’s name, email address, and credit card numbers — all of which can also be purchased in the dark web — and pay as little as $40 to send 20,000 spam messages.

How to stop it
DSD is a clear sign that one of your accounts has been hijacked, so whenever you receive dozens of emails in quick succession, contact your financial institutions to cancel any unfamiliar transactions and change your login credentials as soon as possible. It’s also important to update your anti-spam software (or get one if you don’t have one already) to protect your inbox from future DSD attacks.

Hackers only initiate DSD attacks after they’ve obtained their target’s email address and personal information, so make sure your accounts and identity are well protected. This means you should regularly change your passwords and pins, enable multi-factor authentication, set up text alerts for whenever online purchases are made in your name, and be careful about sharing personal information.

For more tips on how to deal with DSDs or other cyberattacks, call us today at 800-421-7151. We offer powerful tools and expert advice that will ensure your business’s safety.

WARNING: Your Business Is More Likely To Be The Victim Of Cybercrime NOW Than Ever Before…Take These Steps Today So You Don’t Get Hacked!

Though we’re in the midst of an unprecedented rise in high-profile cybercrime incidents, it’s easy to assume that our own much smaller businesses are safe. Sure, we think, hacking into the data stores of J.P. Morgan, the U.S. Government, or Virgin America can net hackers millions and millions of dollars.  Why would they bother with a small business?
But unfortunately for all of us, hackers actually do bother with small businesses across the country — these attacks just don’t make the news. By some estimates, including one reported in Media Planet, more than half of small businesses have had their data compromised. According to StaySafeOnline.org, these attacks, targeting small to midsize companies, now comprise over 70% of all data breaches. What’s worse, this digital onslaught shows no sign of slowing. In fact, ransomware attacks alone have increased 250% since 2016, accompanied by higher rates of malware, phishing, and other forms of cybercrime.
Once you see these numbers, it’s easy to understand why hackers seek the little guy. These days, massive corporations like Google or Citigroup employ incredibly sophisticated digital measures. Their digital vaults, though containing ludicrously attractive sums of potential money to grab, are located at the end of a virtual labyrinth covered in traps, with a final, inches-thick steel door protecting their assets for good measure. In contrast, the digital assets of small businesses are often hidden behind nothing more than a single, often weak,
password. With thousands of business owners going about their day-to-day, utterly oblivious to their paper-thin security, the question turns from “Why would hackers bother with my small business?” to “Why wouldn’t they?”
Though cybercriminals may come away with less than they might have had they targeted a Fortune 500 company, it certainly isn’t going to seem cheap to you. According to one TechRepublic analysis, an average
cyber-attack on a small business can cost as much as $256,000. Is that a sudden cost your company can weather?
Luckily, there is hope. Though small business owners often assume that effective cyber security solutions lie far outside their budget range, robust digital security is now more affordable than ever. By investing in comprehensive protection, small businesses can deflect even the most persistent hackers.
Today, a cyber-attack on your business is almost statistically inevitable. And when that attack comes, you’ll definitely want to be prepared. If you haven’t needed a doctor for the past two years, does that mean you’re
going to abandon your health insurance coverage? Of course not. What about car insurance? Does it become unnecessary in the absence of a crash? No, because even if you’re the best driver in the world, sometimes a collision is out of your control. What’s more, both your body and your car require regular upkeep and maintenance to remain in peak condition. It’s no different with your network security. As technology hurtles forward at an ever-increasing speed, the ways that hackers can infiltrate your network multiply. The best digital security platforms constantly update, enabling them to anticipate these shifts and prevent them from becoming liabilities. This way, you can be proactive prior to a digital crisis, ensuring that no matter what comes, your network is protected.
Even as digital crime climbs at a staggering rate, and hundreds of small businesses are forced to close their doors for good, thousands of owners fail to notice, assuming they’ll somehow be spared from an attack. Don’t be one of them. Invest in regularly maintained, powerful cyber security, and ensure the future of your company. Call us at 800-421-7151 to take the first step.

The “Not Me!” Problem…And Why This Is Almost Guaranteed TO Happen To You

Security this, password that – now they want a password with 14 characters with two symbols? And I have to change it every three months? As difficult as it is to remember 24 different passwords, four PIN numbers and a slew of new cyber security processes, we still manage to instantly recall most of the tangible things in our lives. The code for the company door and alarm system, the passcode to our phones, the garage code, the other garage code – you get the idea.

But these numbers are based upon a time when the most “real” threat seemed to be someone busting in our door and threatening our families in the middle of the night. In 2018, those kinds of physical threats are far less

statistically prevalent than cybercrime. In fact, data breaches and identity theft are occurring at three times the rate that home burglaries occur in the U.S. according to a 2016 study by the University of Kentucky.

Don’t succumb to the “Not me!” approach to the shift in crime. Understand that it can happen to you, and approach all aspects of physical and electronic security with the attention they deserve. Have any questions about your security? Call our experts at 800-421-7151 today!

Fortify Your Data, Physically

Truly optimized security settings and software are beyond the capacity of most business owners. You just don’t have time to tinker with your office IT. Instead, try these quick and easy tips before calling us.

Cover Up Your Webcam

There must be some credibility to doing this if Facebook founder, Mark Zuckerberg, former FBI director, James Comey, and NSA whistleblower Edward Snowden all believe their webcams could be compromised. This is not just another paranoid celebrity reaction to ruthless paparazzi, there’s a genuine reason behind it. Kindly take a moment to consider the following scenario: hackers using your webcam to spy on you.

Though it might sound unrealistic, this actually happened on several occasions. Sometimes for purely voyeuristic reasons and sometimes what appeared to be espionage. This is a very real threat with disturbing repercussions. Hackers aim to gain personal information based on your surroundings, deduce your location, as well as spy on the people you’re with, ultimately using this information to hold you ransom, threatening to broadcast your most intimate and vulnerable moments if you don’t pay up.

Fortunately, guarding yourself against such danger is really easy and some painter’s tape over your webcam should do the trick. If you’re not confident about regular tape, you can purchase a cheap webcam cover online or at any hardware store.

Purchase a Privacy Shield

Think of privacy guards as those iPhone scratch protectors, but with an anti-snooping feature. These are thin covers you put on your computer, laptop or smartphone screen to limit viewing angles. Once installed, anyone trying to look at your screen from anywhere – except straight-on – sees nothing. Privacy filters are commonly used to protect work devices, particularly which display or contain critical files with sensitive data or confidential information. However, less sensitive, personal devices are still vulnerable to ‘shoulder surfing’ – the act of peeking at someone else’s screen, with or without ill intent, which is why we recommend using these protectors on all your devices.

Use a Physical Authentication Key

Requiring more than one set of credentials to access sensitive resources is common sense, and has become standard practice for established online services. With something called two-factor authentication in place, you gain access to your account only after you’ve entered the authentication code, which the website sends to your smartphone once you’ve entered your account credentials. Until recently, two-factor authentication relied mostly on text messages that were sent to mobile phones. But professionals have now realised that phones can be hijackedto redirect text messages.

Moreover, authentication codes can be stolen, or users can be tricked into entering these codes via a convincing phishing website. If you’re looking for authentication services that cannot be hijacked, stolen or lost, your best bet is a USB or Bluetooth key you can carry on your keychain. This means nobody — not even you — will be able to access your account without the physical key. Ultimate security at your fingertips.

If you need help setting up two-factor authentication, or any IT security services, contact our experts at 800-421-7151 and experience true peace of mind as we fortify your data to no end.