Cyber-attacks right under the Christmas Tree!!!!

2016 has been filled with news of cyber-attacks and hacking.

  • In February the Central Bank of Bangladesh was the victim of a cyber heist that resulted in $81 million in losses and another $850 million in halted transactions.
  • In July, the Democratic National Committee’s email servers were breached. The resulting leaked emails caused much embarrassment and lead to the resignations of some of the organizations key officials.
  • In September, Yahoo announced that half a billion of its users’ accounts were hacked back in 2014 thus gaining access to names, email addresses, phone numbers, dates of births, and in some cases, even security questions and answers. This event alone exposed 500 million people to potential identity theft.
  • In October, major websites went down due to a massive attack on one of the backbones of the internet; thus leaving Twitter, PayPal, Spotify and many businesses hosted by Amazon Web Services unable to function.
  • Over Thanksgiving weekend, the San Francisco rail system was hacked allowing riders to ride for free while a hacker held the system hostage with the use of Ransomware.
  • Most recently, Google announced that upwards of 1 million user accounts were compromised with the use of “Googlian” malware on Android powered smart The company warns that 13,000 additional devices are being infected every day.     christmas-bulb

The news is continuously flooded with reports of cyber-attacks and it is clear at this point that no one and no business is immune to the dangers of the hacker community.  With the onslaught of cyber-crimes, what is a SMB owner to do?  You have taken what you feel are the necessary steps to keep yourself safe; installing firewalls and communicating to employees the importance of strong passwords.  Even though you have taken these steps, you could still be victim of a hackers.  Here are five clues that you and your network might have become victims:

Clue 1) Slow internet connection. When hackers gain access to your network they begin to use your bandwidth for their own purposes.

Clue 2) Unauthorized programs have been installed on your network.  If you notice an unfamiliar program that was not authorized, documented or installed by anyone within your organization, that’s a sure sign that a hacker has invaded your network.

Clue 3) Spam emails are being sent from your company computers and email accounts.  Spam emails look legitimate because they are coming from your trusted email address.  Many of your customers may open them, annoying your subscribers and possibly leaving them open to security threats of their own.

Clue 4) Unfamiliar programs are requesting access to your network; or your Firewalls or other security programs have been uninstalled.  If your security systems are dismantled, unfettered access to your systems may be allowed to wreak havoc in your network.

Clue 5) Visitors to your home page are redirected to another site or antivirus solutions are flagging your site.  An internet search for your site results in error messages that warn the searcher that malware has been detected on your site.  This warning means that hackers have certainly uploaded some sort of malicious software to your system.

If you have noticed ANY of these signs, do not wait any longer.  Contact Net Works.  We are cyber-security experts and will perform a full security audit on your entire system.  We live in a complex connected world; you cannot afford to face downtime or data loss due to hackers.  Threats are everywhere, don’t try to take on the hacker community on your own.  Contact Net Works today!

 

Understanding Office 365 and what it can do for you

Running a business is a 365 day a year job. While you focus on running your business let Net Works focus on keeping you up-to-date on the latest developments in information technology. In the fourth quarter of 2015 Microsoft launched Exchange Server 2016 and implemented updates to its Office 365 service and software suite. While both feature improved security, there are several key differences, which is crucial to understand when making the appropriate choice for your business.

office365-2

Office 365

Office 365 is Microsoft’s cloud based subscription service and therefore is no need to purchase any additional hardware. The low monthly subscription structure makes it a cost effective option for many small to mid-sized businesses in industries who need to comply with all current privacy and regulatory guidelines. Many business owners do not realize that free email services, such as Gmail, Yahoo, and AOL are not compliant with certain security and privacy regulations. Any company that is found to be non-compliant in regulated industries may face a government fine, as well as have to pay a service to get them back in industry compliance.

In addition to meeting confidentiality requirements, the email service in Office 365 has an added feature called “Clutter.” Clutter utilizes smart technology to learn patterns in users email. If it sees that emails from a specific sender are consistently never opened or immediately deleted it will send those messages to the Clutter folder rather than the inbox.

Unlike Office 365, Exchange Server 2016 is Microsoft’s most up to date and secure email software for on premise options. Some business owners prefer to keep their email server on premises rather than Office 365 due to a higher level of internal control. Depending on your particular business’ needs, it can offer higher performance than Microsoft’s cloud based service. There are some cases where an on premises server is the best, such as businesses that require large capacity file shares (50GB in size or more) or operations that would be bandwidth-prohibitive in a cloud scenario. Offices that have less infrastructure access to the internet would be wise to take this into account during their decision making process.

Exchange 2016 offers all of the same security features as Office 365 and is fully compliant with all privacy guidelines. However, it does not have the Clutter feature that Office 365 users are able to utilize. If you are currently using a now unsupported, or soon to be unsupported version of Exchange, it is past time to upgrade; preparing to move to Exchange 2016 is a must. Any business currently running a version of Exchange Server earlier than 2010 will need to perform an additional step as they upgrade. Files must be moved to Exchange Server 2010 as an interim step as newer versions cannot co-exist with any framework developed prior to 2010. It is important to remember that Microsoft will be terminating all support of any version of Exchange prior to 2010 on April 11, 2017. If your internal IT department has their hands full managing your day to day operations or if you do not have an internal IT department, Net Works can help you ensure a smooth transition as you migrate to the Exchange 2016 environment.

office365-3

Office 365

How do you know which option is the right choice for your business? Net Works can help you navigate the confusing world of information technology. You focus on what you do best and let Net Works handle the IT. Contact Us Today!

Is your business network haunted?

Let us rid you of those Witches, Ghosts, and Goblins!

 

With layered network security and 24/7/365 monitoring those monsters will have no chance to invade your space, taking away valuable time for your staff to be productive. Combine that with some great training and education on how to most effectively use your technology we’ll have you home in plenty of time for those trick or treaters coming to your door. If you’re like me you’ve already got your costume ready.

Don’t let your your current technology plan “suck the life” out of your business!

Downtime…Downtime… Who has time for downtime???????

Your days are filled with making decisions that will guide your business into the future.  It is easy to put your IT needs on the backburner, but that will lead to days spent putting out IT fires rather than focusing on your growth.  In the 21st century technology is at the center of any business.  Your entire operation can grind to a halt due to one computer snag; costing you lost productivity and the potential for lost clients.  According to recent research by CompTIA, the proactive monitoring that a managed service provider offers, reduces your costs by 50% per downtime incident.  Outsourcing your IT needs to Net Works is the best way to ensure that your business is running smoothly.  We have the Enterprise level software applications to support your business as well as the wealth of knowledge of multiple IT professionals at your immediate disposal.
Gone are the days where all you needed concern yourself with was a slow internet connection or a finicky printer.  The information technology environment of today is endlessly the complex; a major firewall breach that threatens your data, your VPN failing, or your VOIP is not allowing any calls to be made are just three problems you could face.  The costs for keeping a modern office running efficiently on your own can be endless as well.  You need to be confident that all of your hardware and software will continue to work for you and not against you.  This is a job too big for just one computer expert to handle.  It is no longer practical, nor preferable, to be a jack of all trades.   At the very least a help desk employee and a systems administrator are required.  The average combined salary of these positions is $90,000-$120,000 annually, plus the costs of keeping their training and certifications up to date.  Even these employees would not be able to handle every computer glitch you are likely to face. In addition to the peace of mind that contracting with Net Works provides, there are many less obvious financial benefits such as leaner overhead, bulk purchasing and leasing options for hardware and software, and software licenses, as well as compliance with government regulations.
Outsourcing lets you focus on your core competencies while Net Works focuses on ours. Instead of just the experience of one person, you gain the knowledge of Net Works’ team of IT professionals.  By working with Net Works you benefit from our experience of working with 100’s of clients.  We have already seen most of the IT issues you will face and know exactly what is necessary to fix them in a timely manner.  At Net Works we let you focus on your business while we manage the Information Technology your business needs to be successful.

Delta IT Disaster!!!

Angry customers, negative media coverage, frustrated employees, untold revenue lost, lingering anger from customers: that’s the status for Delta Airlines this week.  Of course this is not news to anyone; unless you have been living under a rock you have heard the numerous news reports detailing the Delta computer disaster.  Whether caused by a minor power outage at Delta headquarters or an internal computer hiccup, the airline was forced to cancel over 500 flights causing gridlock across America’s airports at the height of vacation season. You may not be running an international transportation corporation, but imagine what would happen to your clients if you had an unexpected IT failure.  Think something like this can’t happen to you; think again.  The problem that Delta airlines faced was not the power outage at their headquarters, it was an inadequate IT Disaster Recovery Plan.  As a business owner you don’t want to be caught off guard in the middle of an IT nightmare.  While an IT Disaster Recovery Plan may sound like a great idea you might not even know what one looks like, let alone where to start.  Here at Net Works we are your IT partner and are ready to put together a comprehensive IT Disaster Recovery Plan.

The goal of any good plan is fivefold, it should:

Team of technicians using digital cable analyser on servers in large data center

Net Works team backing up client servers.

•    Minimize the disruption of business operations
•    Minimize risk of delays
•    Ensure a level of security
•    Assure reliable backup systems
•    Aid in restoring operations with speed

Net Works has a plan for you!

At Net Works, we are your information technology partner.  We will work with you to ensure that your unique IT Disaster Recovery Plan focuses on prevention, anticipation, and mitigation.  Before any plan is deployed we will: perform a comprehensive risk assessment, prioritize your processes and operations, inventory all equipment and technology resources.  Once these steps have been completed we will create a step-by-step IT Disaster Recovery Plan unique to you and your specific IT environment.  Don’t get caught off guard.  Disaster could strike at any time and, if you are not properly prepared, you too could experience the pain and disruption we now see for Delta.  Contact us today to discuss a customized IT Disaster Recovery Plan.

Cyber Liability and protecting yourself

Cyber Liability:  Then and Now

 

The term “cyber-liability” is certainly one that is at the forefront of everyone’s minds as it continues to dominate the headlines.  Both the new-age age criminal and the reliance on electronic data has forced companies to alter their risk management plans to include protection against data breaches.  In the past, cyber liability policies were only requested and purchased by companies providing professional IT services and those who handled a wide variety of computer systems and software.  As cyber security awareness has increased, coverage has become broader and coverage has become a necessity for businesses in every industry.

 

Prior to any laws that would hold companies accountable for private records being leaked, the only requirement for carrying privacy liability might be contractual stipulations.  The first law that was enacted that raised awareness of this was the Health Insurance Portability and Accountability Act (HIPAA), which most of us have heard of.  In 2003, a privacy rule went into effect for the private sector, protecting personal healthcare information under HIPPA regulations.  The introduction of these privacy requirements introduced a new concept of responsibility for those who store personal records.  Since the enactment of the HIPAA privacy rule, there have been 48 out of 50 states that have state laws or codes that require companies to notify a consumer if their personal identifiable information (PII) was breaches.  With a new century, comes a new exposure.

 

Prior to modern day philosophies and availability of industry-tested cyber liability products, companies would purchase policies that would provide coverage for alleged wrongful acts arising from their professional [technology] services.  The definition of wrongful act may or may not include breach of security or invasion of privacy, which are areas that are protected by acts, such as HIPPA.  Post-HIPPA privacy laws have made it necessary for non-technology companies to reevaluate their current insurance program and consider adding cyber liability coverage.  A modern cyber liability policy will include both Third Party liability coverages, along with First Party coverage.  Third party liability coverage provides coverage for damages to consumers.  This coverage provides protection against wrongful acts, loss of employee/customer information, failure to prevent the entrance or spread of a hacker/virus, and personal injury from your website content.  As mentioned earlier, most states are requiring companies to notify consumers when their information goes missing or is hacked and every state has a different notification requirement.  This is an unwelcomed expense and headache that many business owners would prefer not to shoulder.  A well-equipped cyber liability policy will help offset these expenses by providing first party coverage to pay for consumer notification expense, computer/legal forensic expenses, business interruption, and regulatory defense and penalties incurred.  (It is important to note that no two cyber liability policies are alike and terminology can often be confusing as there is not a standard policy form that has been accepted by the courts.)

 

The cyber liability marketplace has come a very long way since its introduction in the early 2000s, but it hasn’t been tested nearly as much as the other insurance products.  As breaches become a greater risk to all businesses, insurance companies can expect to see more claims and the need for capacity to support these claims.  It is vital to make sure that you work with an advisor who is very knowledgeable about the cyber liability arena and knows the marketplace well.  While many insurance carriers have found solutions to protect your business if and when a breach occurs, it is still difficult to stay ahead of the technology market.  As networks and enterprises move to the “cloud,” hackers will follow.  It is very important to consult with an IT professional to discuss proactive ways to prevent breaches/hacks and to formulate a continuity plan should you fall victim to one.  With a strong IT infrastructure, solid continuity plan, and a strong cyber liability program, you should be able to weather the storm if you face a network security breach.

 

About the Author

 

Alan Sisk is a Sr. Risk Advisor with Geny Insurance Group.  Alan partners with commercial clients to proactively identify ways to create and increase the value of their businesses through insurance and risk management techniques. He brings a creative approach to his clients and the field of insurance by challenging old conventions and applying new philosophies.  Alan is very knowledgeable of the cyber exposures that businesses face today and well-informed of the latest trends in the marketplace.  Should you have any questions, please contact Alan at 615.515.3218 or alan@genyinsurance.com.

 

About Geny Insurance Group

 

Celebrating its 30th year anniversary, Geny Insurance Group (Nashville, TN) has been a full-service independent insurance agency devoted to serving the needs of individuals and businesses. As one of the most respected independent insurance agencies in Middle Tennessee, they strive to provide a customized risk management solution that protects their client’s most critical assets and supports their future goals. Geny Insurance Group is the Nashville office and headquarter location for SouthPoint Risk Advisors, which operates out of 6 offices throughout TN & KY and offers Personal & Commercial Insurance, Risk Management, and Employee Benefits.

Are “Zombie” servers draining your precious resources?

Technology-Zombie-Infographic-Image-Header

Have you ever heard that loud rumbling noise coming from your server room?  Is it your IT infrastructure hard at work helping you to increase profits or is the sound of the “zombie” server?  A zombie, or comatose, server is a physical server that is running but has no external communications or visibility and contributes no computer resources; essentially it consumes electricity but serves no useful purpose.  For something you have most likely never heard of; it is a big problem.  An estimated one in three servers in North America falls into the “undead” category.  Given those odds, chances are most businesses are running servers that are no longer doing anything relevant and could be decommissioned.  IT is not only at the center of your organization’s operations it is also a key line item in your budget.  You certainly do not want to cut corners when budgeting for your IT needs; but are you wasting your money on equipment that is giving you no value whatsoever?  Enter the nefarious “zombie” server.  According to the Wall Street Journal, estimates show upwards of 10,000,000 unused servers remain plugged in and drawing power.  The 4 Gigawatts of power consumed by these undead machines is equivalent to the “power from eight large power plants; power used by 3,200,000 households, roughly the number in New York City”.
But these zombies are not just a drain on your electric bill.  There are a myriad of other costs you must consider.  These include but are not limited to: cooling/heating, data center space if applicable, Network Ports, SAN Connections, Back Ups, Monitoring, Operating System licensing, Database Licensing, Maintenance agreements, Administration and support.  In fact, according to the Federal Data Center Consolidation Initiative, the average cost to support a mid-tier server is $2,000 per year.
All business owners know that their IT needs change over time, as does their IT infrastructure.  With changes in IT, sometimes no one is really clear what the server does.  If an employee does know what a particular piece of equipment does and believe it can be decommissioned they often do not do so out of fear.  Fear of creating downtime, or interrupting something that may be relevant.  In reality, many servers can be re-purposed, licenses put back into the pool, and physical parts and storage space can be reclaimed.  The more servers you have, the more consolidation you’ve done, the more the risk that this is an issue in your organization!  Think about the efforts you go through to save a few hundred dollars here and there.  You cannot afford to continue to overlook this potential drain on your resources.  While you realize now that identification and eradication of zombies is important, even in a small business it could easily add up to many thousands of dollars.  But you do not have the time nor the expertise to go through and audit your servers, in search of zombies.  You need to get Net Works on your side.  As experts in the area of IT Cost Optimization we can not only identify where zombie servers are wasting your IT budget dollars; we can help you to strategically procure or negotiate your complex

Cyberattack

Cyberattacks and the real impact they have on Small Business!!!

Most small business owners believe cyberattacks are the concern of large corporations, however nothing could be further from the truth. According to Verizon Data Breach Investigations Report 71% of cyberattacks occur at businesses with less than 100 employees.[1]  However smaller organizations are often not as concerned as they need to be, added Kevin Haley, a Symantec director in charge of relaying security information to Symantec customers. “They are also typically under the illusion that cyber-attackers are only interested in large companies, which we have found is not the case,” Haley said.

Even though it turns out SMB’s have a larger target on their backs than they realize, two thirds of SMBs surveyed by Symantec say they’re not concerned about cyber threats; and more than 80 percent have no formal cyber security plan. Although more than 95 percent of businesses are considered small or medium-sized, almost all security solutions are designed for enterprise businesses with large IT departments and big budgets. Many of these security products are just too complex and costly for a resource-strapped SMB. To protect themselves, many SMBs use a patchwork of multiple products that defeat separate elements of the threat. But these are often improperly managed because these small businesses don’t have the time or expertise to create a proper web of protection. The result is a disjointed and ineffective security network that puts IT managers and security budgets under even tighter scrutiny.

“Smaller companies are easier to hack,” said Clay Calvert, director of security at MetroStar Systems, a Virginia-based firm. “They don’t have the resources to set up protective barriers.” Big companies, which have the financial resources to upgrade their security, have become less vulnerable. But this needs to change! The average cyberattack costs a business $188,000! You can no longer wait for hackers to target you. The rise of organized cyber hackers is definitely a scary trend but it doesn’t have to be the end of the world. There are some things that a SMB owner can do to help:

  • The first step you need to take is to think like the hackers. Ask yourself: Who are my adversaries? Are they after my intellectual property and trade secrets? Do they want my customers’ credit-card information? Or do they view my business as the weak link in some larger application? This exercise can help you see where your vulnerabilities lie and also help you understand which measures you can take to protect your software.
  • Make sure your code is clean. Many commercial applications use open-source code as components. The National Institute of Standards and Technology’s National Vulnerability Database discloses more than 4,000 vulnerabilities in these components. Security software companies, can help you identify and fix any problems with your applications’ source code.
  • Outsource your security operation. While most small organizations can’t afford to build sophisticated IT security systems, has the scale and know-how to protect your operations and sensitive data.

At Net Works we have the knowledge base and the commitment to service to ensure that your IT security is up to date. We offer best in class cybersecurity protection. Unlike other managed service providers who rely on point of service solutions; we employ Unified Threat Management, an all in one security solution. UTM is a fully integrated, multifaceted approach to protect against network threats. Your IT infrastructure is too important to settle for a less than optimal cybersecurity plan. Contact us today to get started on your cyber security audit. Don’t take a chance and go it alone, get Net Works in your corner.

[1] Verizon Data Breach Investigations Report 2012. 2012 Accessed April 20, 2016