What Is Changing? This year has been far from typical, but it started out “normal”. Businesses had time to set their technology budgets for 2020, but when the pandemic hit those plans were either tabled or thrown out entirely. Unfortunately, in times of crisis, cybercriminals strike, and with many businesses looking to cut costs where they can, security was, somewhat surprisingly, one place businesses borrowed from, weakening security at a time when most would assume that attacks were about to increase. What has happened in the interim has surprised many industry analysts. While many businesses cut their security spending, businesses have continued to invest in the right places to mitigate attacks. Businesses actually saw data breaches fall by a third in the first six months of 2020. This has led many businesses to question whether all the capital they were pumping into their cybersecurity strategies are actually necessary. Tried and True Solutions With thoughts about cybersecurity spending shifting, there are some strategies that are imperative to keep your business secure from threats. They include: Endpoint protection – setting policy that works to secure entrypoint onto your network is essential to keeping threats off your business’ network. Today, there are some very sophisticated attacks and being able to detect, analyze, thwart, and contain attacks is extremely important. Employee training – phishing attacks account for the majority of cyberthreats companies encounter. Ensuring that employees are cognizant of what constitutes a phishing threat, and what to do (and not to do) with it once it is received is paramount to keep data and networks secure. Encryption for remote connections – If your business relies on remote workers, keeping the connection they use secure is extremely important. You never know what your staff has on their PC, and if you don’t want to find out you need to find a reliable remote access software or outfit each member of your remote team with an enterprise VPN. Mobile access management – The smartphone has become more important than ever for businesses, but any environment that is being used as much as most people use their mobile devices needs to be secured against. These four platforms will go a long way toward helping your business maintain security of its digital assets. Where We Go From Here Now that organizations are being a little more selective about what they spend their capital on, you will see strategies emerge that are designed to combine the lessons from the past several years with the stripped-down financial obligations they’ve been working with during the first half of 2020. This means that businesses will be looking to build their cybersecurity platforms on efficiency. Here are three strategies you will see more of in the future: Building resilience – In order to be successful building cyber-resilience, companies will want to tear down the barriers that separate departments. A unified strategy for all to comply with reduces support overhead and promotes continuity throughout your organization. Establish good cyber-hygiene – Many organizations are disorganized when it comes to managing access to their digital resources. Moving to more consistent methods of managing access is advantageous for workers and administrators, alike. Lean on cooperation – One notion that has been reinforced during the pandemic is the need for cooperation between departments. Strategies in combating cybercrime and […]
Attacking Businesses During COVID-19 The deadly novel coronavirus is still in the forefront of most people’s thoughts, and as a result, many people remain home. With so many people kept from going out, people are relying on the Internet. Some businesses have shifted to remote, some haven’t but rely on online orders and support, and many others are effectively out of work, putting a lot of people online at once. For scammers and hackers, this is an ideal situation. They have taken this opportunity to set up spoofed websites that are designed specifically to get people to let their guard down enough so they can gain access to their accounts, including their business’ accounts. Unfortunately, this has become extremely common. Of the 1.2 million new COVID-19-related domains that have been built during the time spanning March 9-to-April 26 nearly 86,600 malicious websites have been created. 80 percent of those distribute malware if interacted with. An incredible amount of COVID-19 spam and phishing messages have also appeared. Some fraudulent email campaigns have claimed to come from the IRS, the CDC, healthcare organizations, and other companies. Protecting Your Business from Scams What are you to do with so many obvious (and some not-so-obvious) scams? You need to stay vigilant and remember that even though you are at home, on your home computer, that you need to function like you are on your workstation in the office. All the best practices you’ve been trained on in the office apply now and should be maintained. They include: Watch out for phishing – Whether it’s through email, messaging, or social media, keeping a skeptical eye out for phishing emails and spoofed websites will go far in keeping your business secure. Use strong passwords – Managing your passwords and keeping them up-to-date with the latest security best practices can go a long way toward securing your business. Keep data backed up and safe – Just because you are working from home doesn’t mean that your data is any less important. Keep it backed up and secured with antivirus and a comprehensive firewall. The IT professionals at SRS Networks have the experience needed to keep your business’ network secure during these hard times. Call us today at (831) 758-3636 to learn more.
The stimulus is not the first time that the U.S. Government has distributed stimulus checks, but as online banking has become more commonplace, the treasury has been distributing millions of checks via direct deposit and it has given online scammers the opportunity to try and steal money that by right will come to you. Here are five ways that they are going about scamming people: Avoid anything that has you sign up for stimulus money – Chances are that you don’t have to sign up to receive stimulus dollars, so be wary of anyone who contacts you claiming that you need to fill out information to enroll you. Scammers don’t just act online – There has been evidence of people getting postcards in the mail with a password printed on it and addressed to an individual. The card asks the user to go online to “access” or “verify” the individual’s payment information (bank account, routing number, etc.) Similar scams have been sent through traditional phishing messages via email, however, so read your correspondence thoroughly. You can’t get your money faster – Scammers have also contacted people promising that for a small fee, they can get their money to them faster. Reputable tax companies have services like this around tax time, so it may be just enough to fool some people. No, you aren’t getting more – There have also been reports of scammers sending people checks for more than they are owed. Later the scammer will call to apologize for the mistake and ask the person to return the difference in cash, gift cards, or a wire transfer. If the check isn’t coming from the U.S. Treasury, and you weren’t expecting another check, it is surely a scam. IRS correspondence – It’s true that some people have had to fill out forms on the IRS website in order to get their checks sent to them or deposited in their bank accounts. Scammers have set up webforms much like the ones on the IRS’ Economic Impact Payment website. The IRS typically contacts people through the mail, so if you get a message or an email from the IRS asking you to take action, it’s best to ignore it. Knowledge is the best defense against scammers. If you haven’t yet received your CARES Act stimulus money, you need to go to the official IRS website to find out why (or more likely when) you will receive your stimulus check. Have you seen any scams looking to steal people’s money? Leave your story in the comments below and check back to our blog for more information about cybersecurity, and the practices you need to know to avoid being a victim of cybercrime.
Prepare Proactively Just as with any move, strategizing the day that you are supposed to shift to your new location isn’t an option. You need to take everything into account ahead of time, and adapt your plan as new information becomes available and circumstances change. You should also keep in mind that the moving process is going to be a lengthy one, and that it will require investments of both time and capital. Therefore, you need to prepare yourself and your organization for all of these considerations ahead of time. Deciding On A Space Of course, if you plan to move, you need someplace to move to. This means that you have to make quite a few decisions concerning where your new space should be and how it will be financed. You have the option to rent out space in a business park or purchase a new building for yourself. You could also lease space, if you don’t want to purchase property but plan to stay in the same area for some time. Your budget and your business plan will dictate which option is the best for you. Understanding Any Rules If you do elect to rent or lease space, you also need to know what your host building requires of its tenants as they move in. You may only be allowed to move in after normal business hours, or need to request access to a service elevator. Understanding these rules will allow you to better plan for your move. Determining The Floor Plan Once you have decided upon a space, you will have to decide how your employees and their resources will be distributed in your new office. How will your workspace be laid out? Will you use an open plan that encourages collaboration, a closed plan that provides increased privacy, or a modular plan that serves as a hybrid of the two? Do you need private conference rooms and other meeting areas? What about a break room, a server room? Your particular industry could easily impact these needs and your priorities as well. Determining Your ISP Nowadays, Internet service is essential for a business’ operations, so you need to make sure that you sign up for a service plan that fits your needs–both current, and projected. Investigate your available providers and compare what they have to offer to get your business the best deal. Planning Your IT and Office Communication Systems As soon as you have established when your move is to take place, you need to begin preparing your organization’s IT for your move. In doing so, you should keep a comprehensive inventory of your hardware and software, and what the plan for each component is to be. This will cover all workstations, storage solutions, and communication tools, like VoIP solutions. Moving into a new space is a big process, so why not let someone else take care of a few parts of it? SRS Networks can help you with your move where your technology is concerned. To learn more about our many IT services, give us a call at (831) 758-3636.
Here are some of the situations that businesses can benefit from proper data recovery maintenance: “…Oops.” At the end of the day, the most prolific threat to your data is your staff, the people you’ve hired to put all that data to use, including the person who looks back when you look in a mirror. I know, what a plot twist. However, it doesn’t make it any less true. Human error is one of the most common reasons that a company experiences data loss on any scale, mainly because there are so many ways for someone to make a mistake. Maybe someone deletes something accidentally, or takes the only copy of something offsite only for it to be lost or damaged. Therefore, it is crucial that you educate your users on proper practices for handling data, in addition to maintaining a comprehensive backup of your data to draw from if the need should arise. “In today’s weather…” Natural disasters can certainly live up to their name where your business’ data is concerned. Regardless of what the forecast says, your on-site infrastructure and any data it holds can be put at risk if a storm is severe enough. Taking this into consideration, any good provider will make sure that your data isn’t only saved in one location. Look at it this way… what good is a data backup, if that backup is wiped out by the same disaster that made it necessary in the first place? This is precisely why we always recommend that at least one copy of your data is preserved safely off-site. “Wait, my computer isn’t working right…” There are plenty of ways that an issue with a device itself can lead to data loss. Viruses can infect critical systems and take up the resources you need to be productive (and to save your data), drives can fail at the worst times, and the data stored on your system can be corrupted. If this is the case, keeping a backup can help save data that would likely have been lost without the backup. Finally, many small businesses assume that their size protects them from the interest of hackers. Unfortunately, they assume wrong. With many attacks now automated, cybercrime has become far easier to perpetrate. Threats like ransomware and other attack vectors can often require businesses to wipe their infrastructure to remove the infection. In these cases, a backup can prevent these actions from being a “mutually assured destruction” kind of strategy. Data recovery comes in handy in situations of any size and importance. SRS Networks can help you implement the solutions necessary for you to maintain a proper data recovery strategy. Learn more by giving us a call at (831) 758-3636.
Wearing Too Many Hats Many business owners make the mistake of taking on too much responsibility for themselves. It is almost as if these business owners forget that they aren’t running a sole proprietorship, that they are running a business – which means they have employees to leverage and delegate tasks to. If they don’t, they need to prioritize building a team they can trust, allowing themselves to focus on their top-tier responsibilities. Misunderstanding Your Audience So, you’re doing your best to understand your audience better, and so you’re doing research into their preferences – specifically, whether they prefer Coke or Pepsi. You spend weeks running surveys, conducting market research – you analyze every bit of data you can – all to determine which variety of cola your audience prefers. Unbeknownst to you, however, your target audience actually prefers ginger ale. While this is admittedly a silly example, too many business owners make assumptions about the people they are trying to attract, inadvertently disregarding them or worse… driving them away. Curse of Knowledge Bias Whatever business you’re trying to open, you know your stuff. You’re more familiar with the ins-and-outs of your offering than you are with the back of your hand. It is perfectly fair and accurate to describe you as a subject matter expert – but there are cases in which this isn’t always a good thing. Have you ever had an expert try to explain something to you, only to have it go completely over your head? This was likely because the expert is so familiar with their subject, they subconsciously assume that everyone else is, too. As a result, they’ll gloss over crucial details and key facts (after all, these are all a “given” to them). This is a habit that needs to be identified and broken, if only to avoid frustrating your clients. Treating Employees Like a Corporation Can No matter their size, all businesses rely on their employees in order to function. However, larger businesses and corporations have the advantage of being far more able to attract and hire new employees (primarily due to their visibility) as compared to SMBs – which means that turnover is less of a concern for them. In order to not lose the people you’ve hired, you need to make sure you aren’t stifling your staff. Encouraging them will only benefit your business in both the short and long-term. Cutting the Wrong Costs When starting a new business, there’s considerable financial commitments to be made. Many entrepreneurs short-change some of these commitments at first, whether that means they’re postponing their marketing or they’re turning to resources found on the Internet rather than professionals. This kind of behavior is risky at best, as making the wrong cuts could wind up costing you and your business far more in the future. If you do need to cut costs, make sure it is done with a lot of consideration and predictive analysis. Not Leveraging Technology Technology solutions are known as solutions for a reason: they are intended to assist a business in accomplishing their goals by fixing problems. By not using them, a business owner is hamstringing their own operations. SRS Networks can help you avoid making this mistake, at least. To learn more, reach out to our team at (831) 758-3636.
A recent survey found that, despite the increased awareness and investment into cybersecurity concerns, sixty percent of interviewed organizations had been breached in the past two years – often via vulnerabilities that had already been patched. Approximately one-third of the organizations surveyed didn’t even know what hardware or software they were running. It is pretty obvious that this isn’t an ideal situation. Patch Mismanagement Isn’t a New Problem You may recall the WannaCry and NotPetya attacks that created a significant stir back in 2017. Technically speaking, these attacks shouldn’t have been nearly as newsworthy as they were, as the vulnerability they relied on (the EternalBlue exploit) had been patched by Microsoft two months before WannaCry struck. Unfortunately, the responsibility for this falls squarely on the organizations that were ultimately affected by these attacks and the fact that patches simply aren’t being applied as they should be to these business’ endpoints. All it takes to create a sufficient vulnerability is a single device that hasn’t been properly updated. How Can This Be Improved? There are a few practices that you can endorse in your business to ensure that your patches remain well-managed. Have a Patch Management Policy Let me ask you something: would you rather an emerging cyberthreat catch you on your laurels and make you stressfully scurry around to apply a patch that you just found out about, or, would you rather have a strategy laid out ahead of time so your team can efficiently test and apply the needed patches when they are published? A patch management policy allows you to accomplish the obviously preferable second scenario, outlining processes and responsibilities so that everyone knows what they need to do, and when they need to do it. As a result, your patch management becomes much, much simpler. Test Your Patches While properly patching your solutions is serious business, you need to go about it in a collected way. Shooting from the hip (or in other words, just deploying the patch and forgetting it) could potentially create some problems with your other components or solutions. Instead, test new patches as much as you are able, and if you don’t have the resources to do that, roll out the patch gradually to help catch and minimize the damage done by any issues. Leverage Automation Automation can help with the efficacy of many business IT processes, and your patch management is no exception. Some patch management tools offer automation capabilities built in that allow you to cover more of your bases with less worry on your team’s part. Remember, Time is of the Essence Let’s look behind the curtain for a moment: the developers of your IT solutions and hackers are always in a race, developers to secure the solutions they have created against threats, and hackers to find new methods of getting attacks in. As a business who uses these solutions, and should be trying to avoid threats, promptly patching should be a priority. Do You Need Help Managing Your Business’ IT Solutions? When it all boils down to it, proper patch management is just one facet of a sufficient IT security strategy. SRS Networks can help you identify and deploy any other security needs your company may have, keeping your data and overall success rate protected against threats. Have concerns […]
Security Of course, any business that hopes to have any success is going to need to have effective security to keep its resources safe. The first step to doing so is to evaluate your IT so that you can identify any shortcomings that exist in your infrastructure as it is. An IT risk assessment is an effective way to do so, as it provides insight into where the biggest, riskiest security flaws are. Both enterprise organizations and SMBs can then leverage similar tools to resolve these flaws, including firewalls, antivirus, and multi-factor authentication measures. With the increased use of cloud service providers in the SMB space, much of this should be attended to by the provider. Having said that, any business that leverages the services of a third-party needs to ensure that the third-party is meeting their end of the service-level agreement. If they are, an SMB can find that they can accomplish comparable security as an enterprise could without expending an enterprise-sized portion of their operating budget. Data Storage While their budgets put enterprise businesses in a much more favorable position to create an infrastructure that can contend with their operational needs, this is not to say that SMBs are left without any options. Any good data storage solution will perform well based on a few benchmarks: how well it works, how often it works, how easily it can be accessed, and how easily its contents can be searched. The enterprise business has quite a few options to leverage, such as data tiering (where data of differing importance is stored on different servers) and higher-performing data storage solutions. If this is starting to sound expensive, it is – but again, thanks to the cloud, SMBs aren’t left without options, either. With scalable Infrastructure-as-a-Service and Platform-as-a-Service being available for a much more affordable rate, SMBs are able to leverage the advanced tools that would otherwise only be available to corporate-level businesses. Interested in leveraging some of these capabilities in your business, or want to find out more? Reach out to the professionals at SRS Networks! We have the experience necessary to bring your information technology to the corporate level. Reach out to us at (831) 758-3636 to learn more.
What Is Considered a Business Disaster? There is quite a diverse mix of events that can easily be called disasters when they strike a business, particularly one that is reliant on its technology. These events can be categorized into three different classifications of disaster: natural, technological, and manufactured (or those directly caused by human behavior). Let’s discuss these classifications in a little more detail: Natural Disasters – Any business needs to be concerned about some kind of extreme weather event or other environmental conditions, as there is effectively nowhere on the planet that doesn’t experience at least some. Without any kind of mitigation, floods, earthquakes, and storms of all kinds can severely impact business-as-usual. Technological Disasters – Unfortunately, things break on occasion, even if they’ve been impeccably maintained. What’s more, many of the technological issues that are apt to strike a business come from outside of the business’ control. What happens if a tree takes down the line that supplies your business with its power? Probably very little work, and unless you have some alternative source of power, you’ll almost certainly lose any work that wasn’t saved before power was lost. What if your vendors mess up, and fail to deliver a crucial infrastructure piece? You’ll likely be stuck, your operations suspended. Human-Manufactured Disasters – As it happens, one of your most crucial business resources is also the one that has the potential to be the most problematic: your employees. Your current workforce could potentially create some disaster scenarios, as could a former employee. This is all in addition to the adverse effects of a workplace accident. Even more personal events can impact your business – what if a key member of your staff fell ill or otherwise couldn’t be in the office for some time? What Disasters Should You Be Worried About? While any of these disasters could have a serious impact on a business, leading to ramifications to its processes and overall success, some are more likely to strike your business than others. As a result, your first efforts should be to determine which events are most likely to actually impact you. With your business’ priorities mapped out more logically, you will be able to more effectively spend your time and energy making plans to avert business disasters. What Your Disaster Preparedness Plans Need to Accomplish Any plan you create needs to focus on three basic goals – otherwise, it simply won’t be effective if (or when, if we’re being realistic) some kind of disaster strikes. These goals are as follows: Keeping your employees and infrastructure safe Keeping your data and proprietary information from being lost Keeping your operational downtime to a minimum, if not maintaining business continuity These goals should shape your planning process. This process should be carried out proactively to further minimize the impact that an issue could have. In other words, your backup plans need to outline exactly how your backed-up data is maintained and managed, how to ensure that your backups aren’t affected by the disaster at hand, and how you will be able to replace your key resources post-disaster. Ensuring Your Entire Business is Prepared Once your backup practices and policies are firmly established, you need to be sure that your entire team is brought up to speed and prepared for a […]
Data security isn’t a matter to be taken lightly, as too many businesses have found out the hard way. Unfortunately, there are far too many simple ways to correct common security issues – enough that it’s foolish not to do so. We’ll review a few ways to fix security issues, after discussing one of, if not the, most egregious security failings in modern history.