Are Passwords Leaving Your Network Unlocked?

Passwords today are like spare keys that have been given out to too many friends and neighbors. Common password content like birthdays, favorite sports teams, or names of children or pets are easily found on social media accounts. With Thanksgiving around the corner and Black Friday sales emails flooding your inbox, you may not notice when a hacker poses themselves as a retailer in order to gain access to your accounts. Is your business prepared to take on the holiday hackers?

 

Cybersecurity is vital to a successful business, especially as these hackers try to exploit the companies they expect to be the least protected: small-to-medium sized businesses. Your accounts need an extra layer of protection so that your business network does not fall into the wrong hands. This is where multi-factor authentication comes in. Multi-factor authentication requires two or more pieces of evidence before a user is granted access to a protected account or device. We see this in practice all the time. For instance, at the ATM, the user must present both the correct debit card, and enter the right PIN. This is an example of two-factor authentication at work. The system works by requiring information the end user possesses, like a PIN or a password, with an object the intended user should have on hand.

 

Today’s businesses rely on cloud storage. The cloud is an incredible efficiency tool that empowers your workforce to access what they need when they need it. With that ease of access comes a risk that your information could be accessed by the wrong individuals, especially if you have not taken every precaution to secure it. When your sensitive business accounts and databases are secured only by passwords, you are putting yourself at risk, even when the passwords are complex and changed frequently. You need backup protection in the event that passwords are compromised.

 

There are many products that help you add this layer of protection to your network. Trying to sift through, select, and implement these products can be time consuming and confusing. At the same time, you know that an upfront investment of time and resources into cybersecurity can make all the difference when hackers strike. Multi-factor authentication creates more work for the hackers, and more opportunities for your defenses to protect your network. If someone is trying to invade an employee’s email account, guesses the password, but then needs to enter a randomly generated code that went to your employee’s phone or workplace computer, they may move on to invade a less protected network. Unlike a PIN, which suffers many of the same pitfalls of a password, these codes may only work for a limited period of time and have no personal connection to the user, meaning they cannot be guessed. This type of system gives you greater confidence that the people accessing your network are the ones meant to be there.

 

Setting up multi-factor authentication can have some unforeseen complexities, and is best handled by IT professionals who have the expertise and skill-set to implement this useful protection for your business.

 

Net Works has the experience and cybersecurity expertise you need to ensure your network is as secure as possible. Contact us today to talk about your next steps.

 

Attack of The Zombie Servers: Are Your Precious Resources Being Drained?

 

As Halloween approaches, you probably wouldn’t be too surprised to see a zombie or two. What you may not know, however, is that there are millions of zombies lurking in offices and data centers around the country year-round. These zombies might not hunger for brains, but they are scary for their own reasons.

 

Zombie servers are a common IT issue that is rarely discussed or addressed, despite its prevalence. The term is used to describe a server that’s physically running, but not performing any functions, and can refer to either physical or digital servers. While this might not seem like too big a concern, zombie servers can be a huge money sink, and in some cases, even compromise your network’s security.

Because physical servers can use up a lot of space and electricity, it’s incredibly wasteful to have them running when they’re not offering you or your business any benefit. Digital servers might not use up electricity, but they still often require costly fees to keep running. Potentially even more worrisome is the fact that zombie servers are often forgotten about, meaning they’re rarely updated or patched, and therefore vulnerable to malicious attacks or viruses. In these cases, they make easy prey of anyone trying to gain access to your data or network. To make things worse, some haven’t even been configured with an IP address – making them virtually impossible to discover without physically inventorying your data center. Because of this, it can be difficult to even realize that they’re there, making them even more difficult to sort out. This problem is primarily one with large data centers, but it’s one that can affect smaller businesses as well, where it can be even more imperative to save resources.

 

Now that you know the dangers of zombie servers, you might wonder how you can discover them at your own business. At Net Works, we know the risk zombie servers pose to your business’ efficiency and security, and we’re prepared to help. By partnering with us, we’ll perform a thorough examination of your IT infrastructure to analyze your existing systems to root out any zombie servers hiding in the shadows. Net Works will also create a personalized plan to remove any unnecessary redundancies, resolve any security risks, and keep your digital assets functioning as efficiently as possible.

 

Zombie servers can be the result of new systems being added without the older ones being shut down, servers not being decommissioned properly, or even just incorrectly estimating how necessary the server will be for whatever purpose it serves. Whatever the cause, the best way to prevent them is to have a dedicated and proficient Managed Service Provider monitoring your network to make sure all your IT resources are accounted for and serving a purpose. We are fully equipped to handle undead servers, as well as a number of other IT concerns.

 

Contact Net Works today, and we’ll make sure the only zombies lurking around your business this Halloween are the ones in costume.

 

New Threats you should know…. and be concerned with!

Is Your Business Ready To Face The Threat Of Ransomware Attacks?

Ransomware can be very profitable — if you’re a hacker. For example, according to a report by the security firm Sophos, the SamSam ransomware attacks, which target healthcare providers, have net the creator of this ransomware $6 million. The largest ransom paid so far was $64,000. Could your business afford an attack like that? As you can see, with stakes this high, hackers have plenty of motivations to utilize ransomware attacks. What can you do in the face of this threat?

First, it is important to understand what happens during a ransomware attack. There are two types of ransomware. In one type, your screen will be locked, and in the other, your files will be encrypted. In both cases, a ransom is demanded to either unlock your devices or decrypt your files. Often included is a ticking clock, and if you do not pay the ransom within a certain time frame, your files will be destroyed. Sometimes, it can spread to other devices in your network even without a user taking any action. Your files may be backed up, but you may not be out of the woods just yet. Some ransomware attacks can disrupt the ways in which your applications run, affecting your entire device. What is even worse is that in some cases, ransoms are paid without files ever being unlocked or decrypted. We are dealing with cyber-criminals who are known to be untrustworthy actors, yet businesses often find themselves left with no choice but to pay the ransom. With such devastating consequences, you need a plan in place to prevent these attacks and minimize consequences if prevention fails.

In order to understand how to prevent attacks such as these, you need to know how the hackers infiltrate your network. The most common method is through phishing emails, which makes your employees your first line of defense. A trusted IT partner like Net Works can help you and your team learn how to recognize suspicious emails. We can also help you navigate the decisions that must be made should your net-work become compromised by ransomware. With Net Works working on your behalf, you will not be facing these attacks alone. You will have a team of IT experts working for you who have seen it all.

Take the first step to protecting your business from the threat of ransomware. Contact Net Works. Together, we will build a strategy to fight off ransomware attacks, reduce downtime in the event of an at-tack, and minimize potential damages. We will help you understand all of your options so that you can avoid paying a ransom that may not even get your system unlocked. Our team is ready to defend your business, contact us today.

Is your business data on personally owned devices?

Is a Bring Your Own Device (BYOD) Policy Right for Your Business?

 

We are in the business of making sure you are prepared for what the changing technology environment will throw your way. One of the biggest current trends in business IT is Bring Your Own Device, or BYOD. This practice can happen with a clear, deliberate strategy and set policies, or it happens incidentally, with employees checking their work email on their personal computers, or accessing your cloud storage platforms from their phones or iPads. As a decision-maker, you need to determine how your business will handle this trend. Will you allow BYOD as long as employees follow a set policy, or will you insist on your team members using employer-provided devices? There are pros and cons to both. We at Net Works are here to help you navigate this and any other business IT concerns you might have.

 

First, it’s important to understand the benefits of BYOD practices for your team. BYOD empowers more flexibility for employees, allowing them to work when they feel inspired, access files when an emergency comes up, and work with the devices they feel most confident and comfortable using, rather than adjusting to, for example, Windows products at work while using Apple devices at home. Relying on the same device for work and personal use can also help alleviate small inconveniences, like going home for the weekend and realizing you forgot to send yourself an important file that is stored on the workplace desktop (this can also be solved through cloud storage solutions). Your employees may also enjoy small perks like having workplace software on their personal devices while being part of your team. For example, maybe an employee wants to get better at Adobe InDesign and practices on the weekend using the company account on their computer. As an employer, you benefit from employee morale boost. If bringing their own devices makes your team more productive, efficient, and happy, it may be worth considering.

 

Another benefit of BYOD is potential cost reduction. Instead of buying new hardware when you onboard employees, through implementing BYOD you may only need to cover supplemental software costs that get them up and running, and avoid lost productivity as the employee will not have to adjust to a new, unfamiliar device.

 

As you can see, there are many benefits to BYOD, but it is not without risk. Users tend to be more lax in security protocols for their own devices, and your business can end up paying the price for innocent mistakes made by your employees. Without proper cybersecurity practices in place, BYOD can leave your business network infected by viruses or infiltrated by hackers. When a team member leaves the company, they bring their device with them, and may forget to delete or turn over sensitive business information like passwords. Because of these risks, if you are going to allow BYOD, you need a set policy with guidelines for your team to follow. There is a good chance that your team is already using their own devices without realizing they could be putting your company at risk. It is time to take action.

 

Armed with this information, how do you move forward? Your first step is to call Net Works. We will help you explore the pros and cons of BYOD and identify whether it makes sense for your unique business. If it does, we will help you find the right tools and software to stay safe, and work with you to build a policy for your team to follow. Contact Net Works today to get started!

Declare Independence from Business IT Issues

Declare Independence from Business IT Issues

 

Are business IT issues affecting your productivity? As a business owner, you have enough on your plate just to keep your company moving forward and getting ready to face new challenges. In fact, you may be ignoring your business IT environment, keeping your fingers crossed and hoping for smooth cybersecurity sailing. That is the surest way to end up in the middle of an IT disaster. This Fourth of July, as we celebrate our nation’s independence, we’re here to help you declare your independence from business IT worry!

 

How can you ensure that you are moving your company in the right direction when so much of your work day can get bogged down by having to troubleshoot business IT issues? You want to be prepared to take advantage of new opportunities when they come your way. Worrying about whether your files are backing up, or if your employees will be able to access what they need when working remotely can be a major distraction.

 

It’s time to free your mind of that concern and declare independence from business IT worry. Instead of worrying about your IT, or ignoring it until something breaks, let us handle it for you. Partner with Net Works to manage your overall business IT strategy; we will make sure that you can rest easy knowing that we have your back. When you know we have your IT covered, you can devote more focus to other elements of your business, and you will be able to put your business IT in the back of your mind, where you want it to be.

 

Finding the right IT partner means creating more mental bandwidth to give to other aspects of your business, and the freedom to focus on those aspects that most matter to your overall strategic goals. Never again will you have to spend valuable time ensuring your hardware is running properly or attempting to fix any IT snags that come up. At Net Works, our technicians hold the most up to date certifications and are skilled at both anticipating and managing any business IT issues that arise. You will know who to call the moment something goes wrong.

 

We will also handle all of your updates and security protocols. Worrying if all your software is up to date or if you are vulnerable to malware because of a missed patch install will all be a thing of the past. Aside from that, if you ever had to face a disaster (natural or otherwise) you can rest easy knowing that your data will be safely backed up, so that your team can continue to function even if your physical location is compromised.

 

Partner with Net Works and declare independence from surprise IT costs. We will work with you to map out a comprehensive plan for your technology infrastructure, including disaster planning. With a plan in place you will know how all of your future technological needs will be met, with no surprises.

 

Business IT is constantly evolving. It is time to become independent from having to keep up with the latest trends. You will never again have to wonder if your organization is falling behind the technological curve. We’ll have you covered. We have the knowledge and the resources to allow you to take advantage the newest technological advances. You will always be one step ahead of your competitors.

 

You are an expert at your business. At Net Works, we are information technology experts. Pass the IT side of your operation to us so that you can focus on building your business. Declare your freedom from business IT worries. Contact us today and get us on your team!

Tech Support Scams and what to watch out for!

Don’t Get Fooled by Tech Support Scams

 

Are your employees trained to recognize tech support scams? These nefarious phishing attacks attempt to play on the trust you have established for reputable companies and scare you into giving up sensitive information.

 

Tech support scams are extremely common. Do you know how to recognize the signs?

 

It usually starts with an unexpected phone call. The caller claims to be from the tech support department of a well-known company you trust – typically Apple or Microsoft. Inciting a sense of urgency, this person informs you that your device is infected with a virus, throwing in many technical terms in order to confuse you. “You need to take immediate action,” they say. That’s when they ask for remote access to your device to perform a security scan.

 

Many people panic, and that’s what the hackers are counting on. These calls are designed to catch you off guard and scare you. Panic makes users less likely to second-guess the story they are being told, and more likely to grant the hackers the access they want.

 

This exchange may not always begin over the phone. Hackers also use pop-ups. You are familiar with pop-ups from your operating system that remind you to perform a software update, or notifications from your antivirus provider. A tech support scam pop-up is designed to look more alarming than these routine notifications, and will often provide a phone number for you to call – something you will never see from the legitimate sources mentioned above. Once you call the number, they will work to convince you they need sensitive information, like credit card details for anti-virus software, or remote access to your device to find and purge the virus.

 

The hacker’s goals are usually to:

 

  • Change the computer settings to make the device more vulnerable
  • Collect credit card information to charge the user for fake cybersecurity services
  • Collect personal information like the user’s social security number and date of birth that can help them hack additional accounts

 

Like many types of phishing attacks, in tech support scams, the hackers rely on user error in order to infiltrate your network. That means that well-trained employees are your best line of defense. If you or one of your employees sees a pop-up or get a phone call like this, don’t panic. Instead, hang up, or say you will call them back, and ask to take down their phone number. Then, call a trusted Managed Service Provider like Net Works. We can walk you through the steps to identify if your device is really at risk, or if this is an attempted phishing attack. It is always safer to contact a trusted Managed Service Provider instead of dialing a phone number from a pop- up or granting remote access to an unexpected caller. When it comes to network security, you can never be too cautious.

 

Even with training, mistakes happen, and you will need a backup plan. You will want to have a protocol in place in case your network is exposed. Managed Service Providers like Net Works can help you shore up your defenses. We help you and your employees recognize common hacking tactics, and we can monitor your network so that attacks are caught as soon as possible.

 

Hackers want to take advantage of you and your employees, but you don’t have to let them exploit you or your team. Contact Net Works to defend your business.

Are Mobile Devices Putting Your Company at Risk?

Are Mobile Devices Putting Your Company at Risk?

 

Did you know that mobile malware attacks are on the rise? According to Symantec, mobile malware variants have increased by 54% in just the first four months of 2018.

 

As their screen size, speed and performance have increased, smartphones have begun to replace devices like laptops and desktop computers. Hackers have caught on, and your business cannot afford to put mobile security on the back burner. In 2018, mobile security must be a key element of your cyber-security plan.

 

Cyber criminals are a practical bunch; as more and more users install banking, credit card, and corporate apps onto their mobile devices, these thieves are simply following the money. It is expected, as we move forward in 2018, that more malware will begin targeting banking and other financial apps through mobile devices.

 

Your employees may have learned to recognize suspicious emails, and you may have implemented requirements that have them your team changing their passwords at regular intervals. Yet, as business technology evolves, so do cyber-security best practices. Do you have a plan in place to handle the risks mobile devices pose to your business? If not, it is time to find a partner to help you craft one. Mobile device users are now more vulnerable to phishing attacks than desktop users, and that vulnerability leaves your network exposed.

 

Given the trends in today’s workforce, you can depend on your employees accessing your network from a variety of devices. It is safe to say that most mobile device users are not as vigilant about ransomware or phishing attacks as they would be when working on a desktop.

 

We can help your team stay protected in the face of mobile attacks.

 

Here are four cybersecurity steps your workforce can take today:

 

  1. Make sure employees working remotely are connecting through a Virtual Private Network (VPN). Do not connect to public Wi-Fi networks on a company device.

 

  1. Require regular software updates so that devices have the latest security patches.

 

  1. Lock devices with strong PINs and/or Touch ID. Just as we all know not to use “password” as the password for our bank account, we need to take the same care with locking our mobile devices in case they fall into the wrong hands.

 

  1. Update your apps. Just as you need to update your operating system to take advantage of security patches, users must do the same with their apps so that hackers cannot exploit known flaws that a patch would have fixed.

 

These are only the first steps. Don’t overlook mobile security. Contact Net Works today to protect your network.

Should You Outsource Your Business IT Needs?

Should You Outsource Your Business IT Needs?

 

National Small Business Week begins on April 25! Today’s businesses run on technology, so this is a great time to take stock of your business IT.

 

Your days are filled with making decisions that will guide your company into the future. With all of the other items on your agenda, putting your IT considerations on the back-burner is easy, even understandable, particularly if your system seems to be running smoothly. But your entire operation can grind to a halt due to one computer snag, one phishing attack, or one data loss disaster, costing you productivity and even creating the potential for lost clients.

 

Today’s information technology environment is endlessly complex. Maybe a major firewall breach threatens your data, your VPN is failing to connect, or your VOIP is not allowing outgoing calls. These are just a few among many technology problems that could disrupt your work day. Who would you call to solve these problems?

 

Some organizations choose to hire in-house IT staff, but this can be a major expense for a small or medium-sized business. At the very least, a help desk employee and a systems administrator would be required. The average combined salary of these positions is $90,000 to $120,000 annually, as well as the costs of keeping their training and certifications up to date. Is this the best option for your business?

 

What if you could get more IT experts in your corner, with more combined experience and at a lower cost? By partnering with a Managed Service Provider like us, you can have all of these benefits without any of the downsides.

 

Outsourcing your IT needs to Net Works is the best way to ensure that your business technology is running smoothly and can scale with your business. We have the Enterprise level software applications to support your business, and the wealth of knowledge of multiple IT experts at your immediate disposal. Our vast experience working with different businesses means that we have already seen most of the IT issues that you will face, and we know exactly what is needed to resolve them in a timely manner.

 

Net Works can help you with every IT problem that may arise. With leaner overhead, bulk purchasing and leasing options for hardware and software, and assured compliance with government regulations, outsourcing your IT maintenance and special projects with us can lead to major cost savings. Even if you already have IT professionals on-staff, you may benefit from outsourcing specific tasks to us in order to alleviate pressure from your staff and create efficiencies.

 

You and your staff want to focus on your core competencies. Let Net Works handle the complex world of business technology for you. We stay up to date on all the latest best practices, understand how to fix common problems that disrupt productivity, and know how to prepare you for and protect you from hackers and their tactics. Partner with us instead of having one or two overwhelmed in-house IT staff. You will have a team of experts ready to respond to your technology needs. Contact us today to discuss how we can support your technology needs.

How Hackers Steal Your Business Data

How Hackers Steal Your Business Data

 

World Backup Day is March 31, so this is a perfect time to examine your cybersecurity strategy. What makes your business vulnerable? Hackers have many tactics they can use to infiltrate your network, and small to medium-sized companies are often the easiest to hack. Here are four ways hackers steal data:

 

1) The Guessing Game: Passwords and PINs

Passwords and PINs are meant to protect you, but could they actually be putting you at risk? We all know that we need to change our passwords frequently, and avoid using common or obvious phrases and keywords. Today, features like Touch ID and facial recognition are useful because the user does not have to remember a complex password, and the hacker has greater difficulty stealing that complex data. Many of our passwords are simply too easy to guess. Some of the contents of our most common passwords, like a maiden name or birthday, are easily exposed during data breaches. Other hints can be found on our public social media profiles. For example, does your employee’s Instagram account have a picture of his or her dog with the name mentioned in the caption? Now the hacker knows to try different variations of the pet’s name. Complex passwords and two-factor authentication are good defenses against these guessing games, but are no guarantee.

 

2) The Digital Disguise: Phishing Attacks

In phishing and spear phishing attacks, users in your network receive communications like emails or page redirects, which are designed to look like trusted organizations. These methods are known for tricking users into giving up sensitive information like credit card details or social security numbers. Hackers even create falsified login pages that look like banking institutions or other trusted organizations. Once a user has inputted a password into one of these false login pages, other accounts may become vulnerable because of the tendency to reuse passwords. These attacks typically rely on creating a sense of urgency, oftentimes by tricking victims into thinking an account has been compromised and immediate action must be taken, In order to recover the account.

 

3) Imposter Syndrome: Social Engineering

Hackers are using social engineering tactics to further exploit the tried and true human error. Have you ever heard of the Tech Support Scam? This is a common attack in which a caller poses as someone from Microsoft Tech Support and convinces the recipient to grant remote access to their device. Posing as someone from a trusted organization, the caller acts concerned and sympathetic about the user’s cybersecurity issues, building on the false trust they gained through name recognition to infiltrate their device or network. Social engineering tactics are not limited to remote attacks; they can even include a physical infiltration of an organization’s IT infrastructure. In this scenario, someone may come to the office and pose as an external IT partner there to perform maintenance.

 

4) Personal Problems: Human Error

The overarching theme of each hacking tactic outlined here is a strong reliance on human error. Even with well-trained and well-meaning staff, mistakes are inevitable. These days, as your employees get smarter, unfortunately so do the hackers. The hacking arsenal continues to grow more sophisticated, and it can be challenging to keep up with the latest tricks. That’s where Managed Services Providers, or MSPs, come in.

 

Outsourcing your cybersecurity operation to an MSP makes great business sense. While most small organizations do not have the resources to build sophisticated IT security systems, Net Works has the scale and expertise to protect your operations and sensitive data. We also offer best-in-class cybersecurity protection because your IT infrastructure is too important to settle for less. By partnering with us, you will have trusted experts in your corner if disaster strikes. Contact Net Works today and be ready for whatever hacking tactics come your way.

Phishing……Tricky Tricky

Spear Phishing Gets More Sophisticated

Elon Musk’s Tesla roadster is currently floating through space, most of us have a virtual personal assistant that lives in our pockets, and we’re having lengthy customer service conversations with chat bots. Technology has gotten more sophisticated in every way (aside from that printer that never seems to work). In this climate of innovation, hackers have learned a few lessons, too. Spear phishing attacks have become so complex that they have the power to trick even the most savvy user. Is your business ready?

 

What is Spear Phishing?

 

A study released by the Better Business Bureau in October 2017 revealed that 90 percent of cyberattacks on businesses come through phishing emails. All phishing attacks rely on trust. Hackers design fraudulent emails that create a sense of urgency, inciting panic and causing people to give up sensitive information before thinking of possible risks. These messages are disguised to look like critical security alerts or important work-related information. There are many giveaways that help employees recognize these attacks, from too many typos to generic greetings like, “Dear Customer.” In a spear phishing attack, hackers target specific users, tailoring their messages with personal information to make their requests seem legitimate. Recently, they’ve taken these tactics to the next level.

 

Three Spear Phishing Trends

 

  • Playing the long game

Hackers can be very patient. They may obtain one employee’s login information, then monitor their emails to learn about your organization. They will determine who the decision makers are at your business and learn what types of attachments employees tend to send and receive so they can mimic them. By gaining access to one employee’s email account, the hackers gain enough information to make their next move. They may even use the compromised email address to contact others in your workforce, which brings us to the second trend on the list.

 

  • Hijacking email threads
    Would you be suspicious of an email coming from one of your employees? Hackers may take over an employee’s email account, then look for an existing company email chain. Posing as the trusted employee, the hacker then tries to convince the others in the conversation to download an attachment, installing malware that infects their devices and network.

 

  • Bypassing your spam filters

Don’t depend on your email filters to catch spear phishing attempts. Hackers have figured out how to bypass those filters and end up in your main inbox. They have done this by impersonating trusted sources like Google Drive links and Microsoft SharePoint URLs that trick systems like Gmail and Office365 into thinking the links are coming from their own products. In this environment, how can you know the difference between a trusted communication and a spear phishing attack? Partner with an MSP like Net Works. We can help you identify suspicious communications. If you’re ever unsure, it’s always a good idea to check in with your trusted IT experts.

 

Spear Phishing in the News

 

In February 2018, hackers targeted Netflix subscribers, sending emails saying the user’s accounts had been deactivated because the billing information could not be validated. The emails greeted the recipient by name, and the message instructed them to click on a link to reactivate the account. The link took them to a fake Netflix login page. After “logging in,” they would be prompted to provide credit card details, an updated address, and their mother’s maiden name. Because people often recycle passwords, or use very similar passwords with slight variations, the hackers could use those login credentials to gain access to the user’s other accounts. Imagine if this happened to one of your employees using their work email for their Netflix account.

 

We Can Help You Protect Your Business

 

Spear phishing attacks are frequent and they are getting harder to recognize. You don’t have to face these attacks alone. We are here to help you protect your business. Contact Net Works today.