Posts

Showing posts from 2018

Cybercrime: In-house protection that only YOU can provide

Image
Cybercrime: In-house protection that only YOU can provide From the political world to the corporate, all we hear about is hacking, hacking, hacking. Everyone gets hacked, data is stolen, etc. So, the cry goes up for better security protections for everyone's data. Firewalls, virus software, etc., etc., etc. Want to know one of the best ways to protect your data? Train your employees to stop opening any emails or links unless they absolutely know they are safe. Scam emails that try to trick you into opening a link to a bogus site, or worse, trick you into providing your password or ID for a known site are exceptionally effective ways for hackers to get into your internal system and compromise data. Yes, ransomware is a serious issue, and malware is out there, but employees naively opening phishing emails remain one of the biggest risks to data security. Talk to your employees on an on-going basis and provide training and tips on how to ID phishing scams

VoIP: A money saving solution for your company’s technology backbone

Image
VoIP: A money saving solution for your 
company’s technology backbone
When small business managers think about their IT infrastructure, they think about their employee’s mobile devices, cabling, Wi-Fi, laptops, a printer, and Internet connectivity. These are the basics of their IT infrastructure. However, there is one other aspect of a modern corporate IT infrastructure and that is an internal phone system that can connect “voice” over the internet, rather than traditional copper wires. Once upon a time, every office had an internal phone system that connected to the world via wire/cable/fiber. That wire/cable/fiber then connected a person in your office to a person somewhere else via the local phone company and a long distance carrier. And they did it for a per minute fee. And a very high per minute fee if you called internationally. A VoIP phone system eliminates the phone company’s per minute connection, sidestepping them and running the voice call over the Internet.  Talk to your mana…

SAFETY PUP SAYS Update

Image
SAFETY PUP SAYS…. Update
One thing smaller firms and individuals are often reluctant to do is download updates to their operating systems and individual apps and programs. Why? Well, because it takes time and you have to reboot the device. Other reasons are a fear that the newest update will have a bug and cause problems. The perception is that it is better to wait a few weeks. Finally, there is a fear that anytime you update a program or OS, something always starts acting weird. All of these may have a certain legitimacy. Even procrastination has its defenders. But why should you download updates ASAP? Because they are not only about new features and a new gadget - they include patches to security issues that have been identified. One of the easiest ways to protect yourself from hacking malware and other nefarious online viruses is to always update your software. Do it the day the update comes out, because it may be released specifically due to the discovery of a brand new malware or r…

With Ransomware, The ONLY Cure Is Prevention

Image
With Ransomware, The ONLY Cure Is Prevention It just keeps showing up in the news. Ransomware seems to just not come to an end. If you haven't heard, ransomware is a particularly nasty virus that freezes access to your data and then demands a ransom, usually in bitcoin. The worst thing about it is that once you are hit, there is almost nothing you can do. There are only 2 options: don't pay the ransom and lose your data, or pay it. There is no "downloadable" fix. You are stuck. With ransomware, the ONLY cure is prevention. In the case of ransomware you need to be constantly updating your data and securing it in isolation from your network. Even then, if your backup system overrides your older data each time it backs up, you can actually save the virus if it has infected your system at the time of the backup. To make sure you are as protected as you can be, we strongly recommend you contact a technical security expert to consult on the best way to protect against ransom…

Business Trade Shows Part III: After the Event

Image
So, you made it back home from the show. You're exhausted and work has backed up in your absence. Here is where the entire investment in the show can go down the drain. Follow-up is critical. Every one of those prospects need to have follow-up. Lots of it. One contact isn't going to be enough. First, send out a short email drip that includes a 'thanks for visiting us at the trade show.' The second should be a 'call to action' email. Send an invitation to meet via phone or in person, and add something for them to download. The download can be a whitepaper, or even just your brochure, but it is always good to attach something. Now comes the really hard work. Contacting prospects. No one is going to just mail you revenues. You need to actively market to your trade show visitors. If some seem uninterested, put their names in a tickler file to try back in 6 months. Just be sure not to just let them drop; the situation may change in the future. In summary, look at a tra…

Business Trade Shows Part II: During the Event

Image
We're back. In the last post, we talked about building momentum toward a trade show exhibition. Today, let's look at your efforts during the show itself.

You already should have sent out a reminder the morning of the show in posts on all your social media accounts, an article on your website blog, and a general email that you're exhibiting. Now it is time to work the booth. First, recognize that your goal is to use this show to develop as large a list of prospects as possible. That means you not only want visitors at the booth, you need their contact information. The proven way to get attendees contact information is to offer them something for free, or run a contest for something worthwhile. Most booths will offer some give way, coffee mug, etc. at the booth if visitors sign a contact info sheet. People can't resist free stuff, no matter how much they don't need another mug or could afford to buy them on their own by the caseload. Therefore, have give a ways. You can…

Business Trade Shows Part I: Before the Event

Image
​ Going to a tradeshow for the first time? Don't make the mistake of viewing this as a 1-2 day discreet marketing event. Instead, view your exhibit at a tradeshow as the central feature of a much longer and holistic marketing plan that builds to the event, and then culminates in the successful post­show follow up that signs on new customers. In the next few posts, we are going to break down the tradeshow marketing plan into three bite size pieces. Today, the pre-show build up. The goal of your pre­show marketing is to attract visitors to your booth at the show. You want them to know about all about you before they take that first walk around the exhibit hall. Take advantage of all the marketing opportunities that the show planner offers. This may include access to an attendees list. If so, use this to send out a few introductory emails prior to the show including your booth number. Send one the day of the show reminding the reader where you are.Sponsorships are also an opportunity, i…

Is Your Website Mobile Optimized?

Image
Smaller firms often struggle just to keep up with maintaining a website. Worrying about a scaled­ down version for mobile users seems like just too much trouble. Today's blog is all about why this matters to you and why should you bother with a mobile version. A bit of background: Mobile sites are versions of your website that can be easily read and used on a small mobile screen. What is readable on a laptop of desktop monitor can be too tiny to use on a small screen. Also, the buttons and fields on your forms become impossible to use. Why does this matter? Three reasons Showing up in search rankings. If you want to be found in a search and appear high in the ranking, you need to have a "mobile optimized" site. Google has now included the failure to have a mobile optimized site as a specific reason to lower a website in its search rankings. If you don't have a mobile optimized site, you slip lower in the ranking. Slip lower in the rankings and fewer people ever find you…

Password Basics That Are Still Ignored

Image
You can have all the locks on your data center and have all the network security available, but nothing will keep your data safe if your employees are sloppy with passwords. There are many ways data can be breached, and opening some link they shouldn't is one of the most serious security sins employees can commit, but today we’ll just talk about passwords. Here are some basic practices that you should require your employees to follow. These are basic tips. System administrators should implement other policies, such as those that forbid using passwords previously used and locking accounts after a few failed attempts to login. But just for you as a manager, here are a few tips. Change Passwords - Most security experts recommend that companies change out all passwords every 30 to 90 days.Password Requirements - Should include a of mix upper and lowercase, number, and a symbol.Teach employees NOT to use standard dictionary words (any language), or personal data that can be known, or coul…

You're Fired! Now Give Me Your Password

Image
"You're FIRED!" ( now give me your password)Losing an employee is not usually a good experience. If they leave voluntarily, you lose a valuable asset. If they have to be fired, you have the arduous task of the progressive discipline process and the final termination meeting. But there are other concerns that arise when an employee leaves. Those concerns are security and their access to company data. Here are some considerations regarding passwords and voluntary termination (A.K.A. resigned) or involuntary termination (A.K.A. fired.) It is important you have a process in place so that whenever a termination occurs, nothing slips through the cracks regarding corporate data security. When you dismiss an employee, you should immediately change out all passwords for anything the employee had access to. Because almost all terminations should be planned, you should also define the process for canceling access. It is unwise to cancel prior to the termination meeting. If you do tha…

IT Defense in Depth Part II

Image
Defense in Depth Part IIIn our last blog we started talking about the different layers of security necessary to fully defend your data and business integrity. Today we will look at the human aspect of it, and network defenses. The human layer refers to the activities that your employees perform. 95% of security incidences involve human error. Ashley Schwartau of The Security Awareness Company says the two biggest mistakes a company can make are "assuming their employees know internal security policies: and "assuming their employees care enough to follow policy". Here are some ways Hackers exploit human foibles: Guessing or brute-force solving passwordsTricking employees to open compromised emails or visit compromised websitesTricking employees to divulge sensitive information For the human layer, you need to:Enforce mandatory password changes every 30 to 60 days, or after you lose an employeeTrain your employees on best practices every 6 monthsProvide incentives for securi…

IT Defense In Depth Part I

Image
In the 1930s, France built a trench network called the Maginot Line to rebuff any invasion. The philosophy was simple: if you map out all the places an enemy can attack, and lay down a lot of men and fortifications at those places, you can rebuff any attack. The problem is, you can't map every possible avenue for attack. What does this have to do with IT security? Today many business owners install an antivirus program as their Maginot Line and call it a day. However there are many ways to get into a network that circumvent antivirus software. Hackers are creating viruses faster than antivirus programs can recognise them (about 100,000 new virus types are released daily), and professional cybercriminals will often test their creations against all commercially available platforms before releasing them onto the net. Even if you had a perfect anti­virus program that could detect and stop every single threat, there are many attacks that circumvent anti­virus programs entirely. For exampl…

Data Security: A People Problem

Image
Phishing Scams – A People ProblemThere are some things that only people can fix. There are many security risks to which your data is susceptible, but there is one method that remains a wonderfully effective hacking tool. That is the phishing scam. This is a legitimate looking email that asks the reader to click on a link. If clicked, the link can infect the user’s computer with malicious software that can steal passwords, logins, and other critical data. Alternatively, the email appears to be from a legitimate source, perhaps even duplicating a legitimate webpage. The distinction is that the phishing email asks the user to enter personal information, including passcodes. In either case, that is how hackers easily get into your systems. What's the best defense against this one? The single biggest defense is education. Training your people to be constantly wary of all the emails they receive. One way some firms are educating their people is by sending out their own "fake" p…

What is Ransomware and How Can it Affect Your Business?

Image
This cyberattack scheme hasn't garnered nearly as much attention as the usual "break-in-and-steal-data-to-sell-on-the-Internet version," but it can be even more debilitating. Ransomware attacks have begun appearing in the last few years and its practitioners are so polished that in few cases they even have mini­call centers to handle your payments and questions. So what is ransomware? Ransomware stops you from using your PC, files or programs. The business model is as old as the earliest kidnapping. They hold your data, software, or entire PC hostage until you pay them a ransom to get it back. What happens is that you suddenly have no access to a program or file and a screen appears announcing your files are encrypted and that you need to pay (usually in bitcoins) to regain access. There may even be a Doomsday-style clock counting down the time you have to pay or lose everything. Interestingly, one of the more common "market segments" being targeted in the US has…

Data Breaches are a Question of When, Not If

Image
You hear on the news all of the time about big cyber attacks on large corporations, and even government agencies. The trouble with this news coverage is that is suggests a distorted view of where cyber attacks are taking place. These attacks are not solely hitting large organizations. Small firms represent a significant portion of those who face cyber attacks. Being small by no means keeps you immune. In fact, small firms can be used as conduits to larger organizations. That is likely what happened in the case of Target Corporation back in 2013 If  you're a small business, then you're a target for cyber criminals. Last year, 71% of small to medium size businesses were the victims of cyber attacks. Today's concern is how you would respond to an attack. 31% of small to medium businesses do not have a plan of action for responding to IT security breaches, and 22% admit that they lack the expertise to make such a plan. A data breach is disastrous. Your response determines whether…

Penetration Testing vs. Vulnerability Testing Your Business Network

Image
Hearing “all of your confidential information is extremely vulnerable, we know this because...” is bad news, but whatever follows the ellipses determines just how bad. Consider two scenarios.“All of your confidential information is extremely vulnerable... we know this because a hacker took all of your customers’ credit card info and locked all of your files behind ransomware.”

“All of your confidential information is extremely vulnerable...we know this because we did a vulnerability scan of your network, and have some suggestions on how you can improve.” 61% percent of small businesses are victimized by cyber attacks each year, and one in five victims do not survive. It is financially worthwhile to make sure that you end up being the person hearing the latter sentence.Scenario 2 describes the statement after you have had a vulnerability test conducted. A vulnerability test is a comprehensive audit of security flaws that a hacker could exploit, and the possible consequences. This is the…

Benefits of Using VoIP Technology

Image
Benefits of Using VoIP Technology More and more businesses are implementing Voice over Internet Protocol or VoIP technology because of its versatility, flexibility and cost effectiveness. With new developments in this technology, the scope of its applications is widening. It is becoming more than just voice communications technology. That is why businesses of all sizes are migrating at an increasing rate. Here is a short list of some of the benefits. Versatility/Flexibility: There are many VoIP service companies that have been working feverishly to enhance the use of this technology. They are bundling up other communication applications into a single unified communication platform to increase the efficiency for businesses. This means all modes of communication such as voice, fax, video, web conferencing and emails can be utilized, using a single software application. The ability of this application to convert voice into an email or fax into an email can bring a tremendous amount of effi…

BYOD: Why is This Concept So Attractive to Employees?

Image
BYOD: Why is This Concept So Attractive to Employees? Bring Your Own Device, or BYOD, to work was an idea a few years ago that is becoming a reality very fast. To use your personal smartphone, tablet or laptop for work seems increasingly natural. Employees are embracing this concept without any serious reservations. As more and more business activity becomes technology driven, to have electronic gadgets right by your side all the time make sense. According to a survey conducted by Logicalis about 75% of employees in high growth markets such as Brazil and Russia and 44% in developed markets bring their own devices to work. Let's examine all the factors causing people to want to use their own devices at work. Familiarity: This may be the most relevant reason for someone to bring their own tablet or laptop to work. It may be the operating system, web browser, or other apps on their devices that they know so well and feel comfortable using.Convenience: Companies have been providing their…

VoIP: A New Dimension in Communication for SMBs

Image
VoIP: A New Dimension in Communication for SMBs Voice over Internet Protocol or VoIP is about a decade old technology that is gaining popularity among individual subscribers and businesses. In conventional systems, phone calls are made using telephones or handsets that are connected by phone cables. These calls are routed using the Public Switched Telephone Network (PSTN,) carrying a signal from one telephone to the other. But instead of connecting telephones to the phone cables through phone jacks in the walls, VoIP uses the internet where phones can be connected to broadband devices, adapters or PCs using broadband. With this system, voice is converted into a digital signal and carried over the Internet. Let's take a look at all the options that are available to make calls using VoIP. Make Calls from a PC: Using this platform a call can be placed from your PC. Your computer is connected to the Internet via broadband. A specially designed software app allows you to place and receiv…

SMBs: It is Hackers v. You - Don't Let Them Score

Image
SMBs: It is Hackers v. You - Don't Let Them Score Selling stolen IDs and other personal data is a lucrative trade for hackers. They are always looking for sources where vital information is stored. As a small to midsize business you store your client's personal information, collected from different sources, on your computers and servers. Your Point-of-sale (PoS) terminal and some website transactions can be completed by use of electronic banking, credit cards or debit cards only. Your customers have to key-in their pins or passwords to make payments. That information has to be saved. Also, depending on the kind of services or products you provide, you may be collecting Social Security numbers, addresses, driver's license numbers and DOBs of your clients. Information that personal is as important as it can get. Any source of that information is like a gold mine for a hacker. All this means only one thing for you: A data security nightmare. Here are the channels hackers can us…