msp

Is that Email a phishing scheme?

feature_phishing.png

Research has revealed that over half of all users end up opening fraudulent emails and often even fall for them. Phishing is done with the aim of gathering personal information about you, generally related to your finances. The most common reason for the large number of people falling for fraudulent emails is that the phishing attempts are often so well-disguised that they escape the eyes of a busy email reader. Here are a few tips that help you identify whether that email really came from your bank or is another attempt at defrauding you…

1. They are asking for personal information - Remember, no bank or financial institution asks you to share your key personal information via email, or even phone. So, if you get an email where they ask for your ATM PIN or your e-banking password, something’s amiss.

2. The links seem to be fake - Phishing emails always contain links that you are asked to click on. You should verify if the links are genuine. Here are a few things to look for when doing that:

  • Spelling - Check for the misspellings in the URL. For example, if your bank’s web address is www.bankofamerica.com, a phishing scheme email could misspell it as www.bankofamarica.com or www.bankofamerica-verification.com
  • Disguised URLs - Sometimes, URLs can be disguised…meaning, while they look genuine, they ultimately redirect you to some fraudulent site. You can recognize the actual URL upon a mouseover, or by right clicking on the URL, and selecting the ‘copy hyperlink’ option and pasting the hyperlink on a notepad file. But, NEVER ever, paste the hyperlink directly into your web browser.
  • URLs with ‘@’ signs - If you find a URL that has an ‘@’ sign, steer clear of it even if it seems genuine. Browsers ignore URL information that precedes @ sign. That means, the URL www.bankofamerica.com@mysite.net will take you to mysite.net and not to any Bank of America page.

3. Other tell-tale signs - Apart from identifying fake URLs, there are other tell-tale signs that help you identify fraudulent emails. Some of these include:

  • Emails where the main message is in the form of an image, which, upon opening, takes you to the malicious URL.
  • Another sign is an attachment. Never open attachments from unknown sources as they may contain viruses that can harm your computer and network.
  • The message seems to urge you to do something immediately. Scammers often induce a sense of urgency in their emails and threaten you with consequences if you don’t respond. For example, threat of bank account closure if you don’t verify your ATM PIN or e-banking password.

Finally, get a good anti virus/email protection program installed. It can help you by automatically directing spam and junk mail into spam folders and deactivating malicious attachments.

Click, Click, BOOM – You're in Business But Is Your Technology Ready?

pexels-photo-327540.jpeg

It's a fast business world. Brilliant business ideas can be conjured up at some hipster-filled vegan coffeehouse, a website is thrown together, and poof... in no time at all there is a living, breathing, small business venture accessible from anywhere in the world.

But as your head hits the pillow at night, with visions of becoming the next Mark Zuckerberg dancing in your head, understand that many obstacles will greet you on your road to entrepreneurial success. A fresh innovative idea is merely a start. For every successful startup like Groupon, there are even more that have faltered. Some great, even revolutionary, business concepts that just faded into obscurity; leaving behind nothing but tales of what could've been and insurmountable debt.

Failed business technology is often a big reason for this. Many startups think big but tend to operate small-minded to keep overhead and costs down. They then find themselves completely unprepared to meet the demands of growth, particularly when it comes to their IT infrastructure. There is no one-size fit all approach to how to manage technology for optimal efficiency, uptime, and profitability. Especially given the challenges of limited budgets and the need to keep overhead down.

So exactly how do SMBs make sound decisions regarding their technology infrastructure? Choices that are cost-effective enough to get their business off the ground and running without screwing them over once it truly takes off?

Combine On-Site and Off-Site Support for the Best of Both Worlds

Over 45% of SMBs have no dedicated in-house IT staff and no contracted IT consultant regularly monitoring and managing their technology. Roughly only 7 percent of SMBs have a full-time onsite IT technician on payroll. The rest rely on third-party on-call IT companies who appear only when technology goes haywire and disrupts business. These on-call companies can sometimes take a day or two to even show up, which means issues aren't resolved in a timely and efficient manner. And did we mention they're expensive?

Most SMBs say they simply can't afford full-time in-house support. Even those who do budget for it face overwhelming challenges. They often experience a revolving door of on-site help who leave for a larger company and better salary once they've beefed up their resume. And those hires that do remain loyal often feel as if they have no reliable help and become overworked and frazzled as the business and their responsibilities grow. Discontent may even set in if wages aren't raised proportionately to the added responsibilities, or if they grow bored of doing the same mundane repetitive work everyday.

But today's SMB has access to technology that won't drain resources. In particular, the evolution of cloud computing and managed services can either automate or re-assign a lot of the day-to-day caretaking of technology to remote employees, leaving onsite support available for more meaningful and potentially profitable projects.

Better yet, it saves money on equipment costs.

Whenever possible, a mix of on-premise and off-premise IT support is the best way to make your technology scalable and prepared for growth.

Password Basics

loginscreen.png

You can have all the locks on your data center and have all the network security available, but nothing will keep your data safe if your employees are sloppy with passwords.

There are many ways data can be breached, and opening some link they shouldn't is one of the most serious security sins employees can commit, but today we’ll just talk about passwords.

Here are some basic practices that you should require your employees to follow. These are basic tips. System administrators should implement other policies, such as those that forbid using passwords previously used and locking accounts after a few failed attempts to login. But just for you as a manager, here are a few tips.

  1. Change Passwords - Most security experts recommend that companies change out all passwords every 30 to 90 days.
  2. Password Requirements - Should include a of mix upper and lowercase, number, and a symbol.
  3. Teach employees NOT to use standard dictionary words (any language), or personal data that can be known, or could be stolen: addresses, tel numbers, SSN, etc.
  4. Emphasize that employees should not access anything using another employee's login. To save time or for convenience, employees may leave systems open and let others access them. This is usually done so one person doesn't take the time to logout and the next has to log back in. Make a policy regarding this and enforce it.

These are just a few basic password tips, but they can make a big difference in keeping your business's sensitive data safe.

Keep Your IT Guy and Outsource IT Services, Too

pexels-photo-440581.jpeg

Everyone in the office loves Eric. Sporting a different ironic t-shirt everyday, Eric is the one we call when technology spits in our face. Whether it's a slow system, a bug that needs to be squashed, a website issue, or a crash that results in unexpected downtime and data loss, Eric is right there. Not only does he get to the bottom of any issue but he also rights the ship like he's some sort of miracle-working captain who just happens to have a pretty wickedly funny Peter Griffin from Family Guy impersonation.

But business is growing and Eric is overworked. Eric has certain skills that you'd love to use to develop innovative applications and revenue-generating projects-- but he's too busy running around fixing things that break. Or he's performing the most mundane and routine tasks day-in-and-day-out just to keep things secure and running smoothly.

You get a sense that Eric's overburdened and he's saddled with too many responsibilities. His demeanor has changed from pleasant to moody. He's listening to angrier metal and punk music and you're noticing cracks in his work. You fear Eric is being pulled in too many directions and the reliability of your server, network, and applications, as well as the integrity of your data, are all at risk.

Someone who has watched a bit too much of Donald Trump on The Apprentice might think Eric should be fired. We're not going to fire Eric. But we're also not going to hire a full-time salaried Robin to his Batman or Cheech to his Chong. We're going to help Eric by exploiting IT automation and managed services to handle many of the monotonous tasks making Eric hate his job right now.

Let's help Eric.....

  • Focus Primarily on Cost-Cutting and Revenue Increasing Projects: First things first, Eric has to realize that he can't do everything himself. Where are his skills best used? Whether it's processes that help drive down costs or ones with the potential to raise revenue, evaluate the projects in the queue and rank them by what impacts the bottom line the most.

    Once that's done, look at the day-to-day processes designed to keep things running securely and efficiently. What can be off-loaded from Eric? Determine which of those tasks can be automated either through the cloud or managed services.
     
  • Take to the Cloud: Some IT people fear the cloud spells the end to their job security. Meanwhile, the cloud can actually help them take on a more prominent contributing role in the company's success.
    The cloud should be seen as another tool that further eliminates the mundane yet necessary daily drudgery from their workday. Those who work WITH the cloud will find that they have more available time to take on more meaningful cost cutting or revenue generating projects. 
     
  • Use a Managed Service Provider: Using outsourced managed services not only alleviates much of Eric's pressure and stress, but also boosts productivity and gives the company a much improved ROI (Return-on-Investment) on their technology investment.

    While technology has gotten easier for the end user, it has become more complex on the backend with the advent of virtualization, cloud computing, and advanced infrastructure.

    Using an MSP gives Eric access to a trusted adviser, a 24/7 help desk, remote monitoring and management tools, and much better disaster recovery and business continuity solutions. All without the overhead that comes with hiring more help for Eric. MSPs offer a consistency to not just your end-user but also your main IT guy who will certainly appreciate the help.