Posts

This Is What Complete Cybersecurity Looks Like

No good deed goes unpunished. Not in Greek mythology, anyway.

Take the case of Prometheus as a prime example. A hero among men and the object of the gods’ wrath. One god, in particular. The one you really don’t want to cross. Zeus.

In fairness to Prometheus, Zeus started it. Zeus hid fire from humanity. Not a fire. All fire. Which, of course, made for some cold nights. Being the clever, crafty problem-solver that he was, Prometheus decided to fix the situation. He stole fire from Zeus, returning it to humankind.

Zeus did not take the news well.

He sent Pandora to earth. She brought some fun things with her, like hard labor, disease and evil. And that’s not the worst of it.

As a more personal form of punishment, Zeus had Prometheus chained to a mountain where every day a giant eagle ate his liver. Because Prometheus was immortal, every night his liver regenerated . . . only to be eaten again the next day.

All because Zeus couldn’t tolerate theft, even though he kind of did it first.

Getting all philosophical.

Granted, the Greek gods were a trainwreck of soap opera-like antics. None of them, including Zeus, seemed to be above rash decisions, vengeance or debauchery. And yet, it’s not that hard to understand why both Prometheus and Zeus did what they did.

It is uniquely frustrating to be the victim of theft.

In fact, the Greek philosopher Aristotle believed there are some things that are always wrong, no matter the circumstances. His list? Things like murder, adultery and, of course, theft.

It doesn’t matter if we’re talking about the bully who stole your lunch in second grade or reaching for your car keys only to find your vehicle isn’t where you left it. It’s not fun when something that belongs to you gets stolen.

And when it comes to your business, few things are as upsetting as stolen information.

Why cybersecurity might be the most important thing you do.

Cybersecurity is a hot topic right now. You can’t turn on the news without hearing about a new ransomware attack or (yet another) data breach. The entire nation is still reeling from that massive Equifax breach, and we will be for years to come.

Of all the important things you do as a business leader, cybersecurity might be the single most important. That’s because cybersecurity impacts three different core elements of your business.

1. Your Data

With the kinds of cybersecurity disasters that tend to make national headlines, it’s easy for SMB owners to assume they’re relatively safe. If cyber thieves are going after the big fish, the pond is relatively safe for everyone else, right? Actually, no.

43% of cyber attacks are directed at small businesses. Let that sink in.

Just because your organization doesn’t have a global footprint doesn’t mean you’re automatically safe. Your company’s data still has value. There’s still a risk.

2. Your Productivity

Let’s consider a surprisingly grim hypothetical. You experience a cyber attack. The attack leaves your staff unable to work for a few business days. On the surface, that may not seem like a big deal—until you run the numbers.

22% of small businesses hit by a single successful ransomware attack have to stop all business operations completely. Even if they’re able to recover the same day, that downtime can get expensive fast.

– CNN

Downtime is a profitability-killer. You can’t afford it. No one can.

3. Your Reputation

Successful cyber attacks kill something else, too. Your customers’ opinions of your business.

As Security Magazine warns, “The harm done to brand reputation can be long-lasting and hard to control . . . The appearance of negligence, repeat attacks or unpredictable fallout from a breach can significantly unravel public goodwill that took decades to build.”

Even small breaches make you look bad in the eyes of potential customers. And when the damage is done, it’s done. Then you have to rebuild, even if it takes years. It’s so much easier to avoid the damage to your reputation to begin with.

Getting your cybersecurity up to par.

So what does it take to protect your company?

In one sense, that’s a tough question to answer. It depends on so many unique variables. That’s why a lot of business owners prefer to work with a cybersecurity expert than to go at it on their own. It makes the process easier, and it dramatically improves the level of security protecting your organization.

But if you don’t have the money or inclination to call in a pro, there are still things you can do. And here’s where we share a bit of good news. The core elements of solid cybersecurity are pretty easy to break down.

Make sure you address all four of the following areas.

Cover the Basics

First things first—make sure you have the bare-bones essentials. We’re talking antivirus software on every PC, anti-spam protection for your email server and a firewall. These are the very same layers of protection you have at home (we hope!), so this shouldn’t be unfamiliar territory.

Back Up Everything

Onsite backups are important because they allow for the fastest possible recovery if you need them. Offsite backups are important in case something happens to your computers and your onsite server. Restoration is slower with cloud backups, but at least you don’t lose your data.

— smallbiztrends

And that’s why backups are so critical. Without secure, redundant backups, you have no safety net. Anything from a corrupt file to a natural disaster can mess with your primary copy. Always keep a backup.

Restrict Access

Some smaller companies don’t give a lot of thought to access. When your employee count is lower, it seems easier to grant everyone access to everything. After all, members of your staff likely wear a variety of hats. It’s easier to just open the digital doors wide.

Easier, but not wise. Every employee who has access to software, cloud services, servers and databases is a potential point of breach.

We know—that sounds really negative. Your employees are assets, not liabilities. That absolutely true, but it’s also true that it’s in your best interest to minimize cybersecurity risks. If your bookkeeper doesn’t need access to your sales database, don’t grant it.

Educate Your Employees

We’ve saved the most important point for last. Nothing will do as much to boost your cybersecurity as employee education.

Did you know that cyber criminals use one devious tactic to start 91% of breaches? Phishing emails. Phishing emails look like legitimate messages from trusted sources, but there’s all kind of potential malware hiding behind those seemingly innocent links and download buttons.

Ransomware attackers love phishing emails.

Just taking the time to help your employees understand how important it is to be careful when opening emails (and surfing social media sites) can go a long way to making your network more secure.

Protection matters.

Don’t wait until you experience a breach or a ransomware attack to get serious about cybersecurity. Start taking steps today to protect your company. Even if you plan to partner with an expert (we recommend it), get started now with the tips included here.

Your data is the lifeblood of your business. Keep it safe.

Ransomware: The Elephant in the Room

You’ve probably heard the story of the blind men and the elephant. In western culture, we’ve adjusted the tale, often simplifying it by reducing the number of blind men. But the point is more or less the same.

In the original story, six blind men encounter an elephant—but only specific parts of the beast.

One of the blind men, for example, discovers the elephant’s trunk. After feeling it he remarks that the elephant is very much like a snake. Another of the blind men wraps his arms around one of the elephant’s legs. To him, the elephant is more like a tree.

One by one, each of the blind men gets only part of the story. And because they only have part of the story, none of them has a full understanding of what an elephant actually is.

The whole elephant

This parable is a powerful example of how misleading a lack of information can be. We see that all the time in our line of work, and nowhere is it more dangerous than when it comes to ransomware.

Speaking candidly, it really doesn’t matter if you understand the ins and outs of how ransomware works. You don’t need to know how to code, or even how to set up all the appropriate protection for your network.

That’s what we’re here for. We’ll handle all the technical heavy lifting. What you do need to know is how to avoid exposing your company to risk.

Why ransomware works

Brace yourself for several unsettling facts.

According to Kaspersky, every 40 seconds a different company experiences an attempted ransomware attack. This year alone, two headline-making attacks have played out: WannaCry and Petya.

Ransomware attacks are basically what they sound like. Cyber criminals take your data hostage and hold it for ransom. It works because most ransomware victims pay.

How ransomware gets in

One of the most common delivery methods for ransomware is email. In fact, 93% of all phishing emails contain ransomware.

Phishing emails are fake emails. They often include hidden bits of code, like ransomware. Cyber criminals just want the end user (that’s you and your staff) to open the email or click a link. That’s all it takes to infect your network.

And get this. An estimated 97% of people can’t spot a phishing email.

Most folks are like the blind men trying to understand the elephant. They only see part of the issue. They understand ransomware is bad, but they don’t understand how easily a careless click can backfire.

Stopping ransomware at your company

If you’re serious about stopping ransomware, you need to be serious about educating your employees. Here’s are three basic anti-ransomware tips to get you started.

1. Watch where you click.

If you aren’t certain an email came from a source you know to be safe (or the sender’s email address just looks strange), do not click on any links. Don’t even open the message. Just trash it or send it to spam. Those cute cat pictures aren’t worth the risk.

2. Pop-ups can be dangerous, too.

Emails aren’t the only danger. Pop-up ads can sneak in malware, too. Cultivate a sense of awareness when you’re online. Always know where a link is taking you before you click.

3. Oh, and social media.

Hackers have started using social media, as well. In fact, social media phishing is up by as much as 500%. A Facebook link isn’t safe just because it’s on Facebook. Be careful everywhere.

The next step

As you might suspect, there’s more to protecting your network than being careful about where you click. A full cybersecurity plan is an intricate, complex thing. If you want full protection, we recommend working with a professional.

The experts at Intelligent IT would be happy to help out. Just give us a call if you’d like to get the process started.

However you address your security needs, please address them. Ransomware is a global problem. It won’t stop until all of us do our part to make it impractical for cyber criminals to be successful. The most powerful first step you can take is educating your employees.

6 Things Managed Services Can Do for Your SMB

There’s an old fable, often attributed to Aesop.

A small community of mice lived in the same home where there was also a cat. The cat was a skilled hunter, and the mice were afraid for their lives. But a clever, young mouse had a solution.

“We should tie a bell around the cat’s neck,” the young mouse said. “Then we’ll hear her coming and we can hide before she finds us.”

The other mice readily agreed that this was a good plan, until the oldest mouse in their community raised a weary paw.

“That is a fine plan,” the old mouse said. “I see only one problem. Who will bell the cat?”

Belling the cat.

All too often, the problem with good ideas isn’t finding them. It’s implementing them.

Like belling the cat, the best IT strategies in the world won’t do you any good if you don’t know how to make them a reality. That’s why you need managed services.

Stuff that works.

Legendary author Douglas Adams once said, “We are stuck with technology when what we really want is just stuff that works.”

Running an SMB is fraught with tough choices. What do you tackle on your own? When do you turn to experts for outside help? What’s the ROI of keeping things in-house versus outsourcing?

When it comes to the things you truly rely on, like your technology, you can’t afford to take chances. Even short periods of downtime cut into your productivity, hamper customer relations, and sap the enthusiasm from your employees.

You need the best possible performance from your network. But . . . who’s going to bell that cat?

6 ways managed services help.

We have a solution. Instead of handling all of your IT solutions yourself, call on the support of a managed services provider. There are several reasons why that’s a smart move for any SMB leader.

We even made a list.

1. The beauty of a proactive approach.

Why wait for something to break to fix it? A managed services provider can proactively keep an eye on your network 24/7. If there are early warning signs of an issue, they can deal with it then instead of waiting until it slows you down.

2. Support when you need it.

Of course, some issues pop up without warning. When they do, who do you call? A managed services provider is there at all hours, ready and willing to step in with the solutions you need when you need them.

3. Security, security, security.

There’s no shortage of cyber crime. Recent headlines about ransomware attacks and data breaches don’t just spell trouble for huge companies. Small businesses are at risk, too. A managed services provider can help you take steps to mitigate those risks.

4. Just in case.

Even well-protected networks experience disasters – big things like successful cyber attacks and acts of God, as well as less spectacular interruptions like power outages and human error. A managed services provider can give you a plan for bouncing back from any incident.

5. The best possible IT solutions.

Technology is constantly changing. The solutions that work today will be outdated next year. Or next week. A managed services provider can help you keep pace with the best IT options for your business, making sure you always have a cohesive, smart technology strategy.

6. Sharpen your focus.

With your network in good hands, you’re free to focus your attention elsewhere. Grow your business, or cultivate better work/life balance. Your managed services provider will help with any IT hiccups so you can concentrate on what matters to you.

Managed Services with Intelligent IT

The experts at Intelligent IT take managed services seriously. We know what it takes to support SMBs. We’ve been doing it successfully for years.

Plus, we see the full picture. Running a business isn’t the only thing you do, and keeping your network online isn’t your only priority. We want to help make you a success in every way we can. Perhaps that’s why working with us is a unique experience.

We truly care.

If you’d like to learn more about managed services with Intelligent IT, feel free to give us a call. We’ll be happy to explore how our IT support can help you meet your goals.

Russia, Yahoo, Hacking and Your Business: Protecting Your Company in the Wake of Increasing Threats

With local news agencies warning businesses in their area to beef up digital security due to the Russian hacking of Yahoo!, there is more attention than ever on the danger of simply thinking you can do business without an appropriate measure of protection. Hackers today are no longer the unsophisticated individuals in their parents’ basement – today’s malicious digital breaches are perpetrated by massive, interconnected networks of automated computers who ceaselessly attack targets – no human administration is even necessary.

One of the most powerful and resourceful Internet companies in the world, Yahoo!, was targeted and successfully hacked in 2014 by Russian agents tied into domestic black hat hackers. The aftermath is stretching far into 2017. What is the takeaway? Even if you catch the perpetrators, the information that you lose may shatter the reputation of your company for years to come. Yahoo!’s breach completely stopped an acquisition by Verizon, causing massive upheaval in the Yahoo! C-suite and causing investor confidence to dwindle substantially.

Can you afford this level of scrutiny without the deep pockets and connections that Yahoo! has? Most companies smaller than Yahoo! need to prioritize their spending on marketing and R&D, not PR and legal fees. No, it is best to stop a breach before it starts by having the right security in place form the start.

Security compliance measures are in place for a reason. Are you paying attention to the measures that apply to your industry? If not, then you could be in immediate danger of a breach.

If you are looking for protection from an ever growing network of cyberthreats, Intelligent iT is your one stop shop for full scale resistance. Specialists in security audits, compliance and preventive measures, Intelligent iT gives you the fortress that you need to keep your proprietary ideas and information private. Give us a call or an email today – the bad guys are definitely not waiting on you.
Source:

http://www.11alive.com/news/local/atlanta-companies-should-increase-security-in-wake-of-yahoo-breach/423754691

http://www.foxnews.com/tech/2017/03/15/hackers-to-be-charged-in-yahoo-security-breach.html

Four Basic Steps to Obtain Network Security

Every small business’ computer network is vulnerable to any threat of viruses and malwares. It can cause destruction, theft and loss of data, and even malfunctioning of your company’s website. Not only do security software updates anticipate such threats, iT services also update their approach and do regular maintenance to ensure your network security.

There are lots of possible causes of network security threats but the main culprit is the unauthorized access of network, either through firewall, external gateway or SSL VPN appliance, or through a web server. This can also caused by unauthorized access on wireless networks and infected devices that connect directly to the LAN.

In order to protect your business from network security threats, here are some of the security measurements that iT experts (like us) can provide.

Network Security

To maximize your network security, iT services creates firewall rules. They can also create strict Wi-Fi security by limiting access to a particular MAC address.

Devices

Unwanted or unauthorized devices can also pose a great threat to your network. You can minimize this threat by scanning removable and new devices or data transfers. To protect your company, there is antivirus software available that are free or paid for extra features which we will not only set up to maximize efficiency but will keep updated to fight unwanted threats.

Outside Scanning

Included in iT services’ network security is the scanning of external IP address. This eliminates the threat of malicious links or websites that can harm your network.

Software

Using HTTPS (Hypertext Transfer Protocol Security) will add security to your password-control website. It prevents unwanted packet sniffing or picking up sensitive information from your website or users by an internet provider. It is best for Wi-Fi internet connections.

We all want and need network security and many times can’t do it all on our own. Intelligent iT is always available to perform the above tasks and further advanced security measures.

Intelligent iT NYC is an iT company that provides iT support and security for businesses in NY City.

5 Security Improvements in Windows 8

Windows Defender 2.0 – Post-Boot Security

Along with the update of the Windows 8, its Windows Defender also improved. Unlike the old Windows Defender which only protects you from spywares and adware, the updated Windows Defender will also protect you from malware and it now offers real-time protection.

While it may seem to compete with their own partners, Sunil Gottumukkala of Microsoft explained that 95 percent of the systems come with antimalware software. But the AV solution expires within 6 months which makes 25 percent of the systems vulnerable.

To continue business with their partners, Microsoft made the Defender not readily available in the taskbar upon the Windows 8’s installation. It functions as a background service and can only be found through manual search. This way, they do not compete with their partners while still protecting their users.

Early Launch Anti-Malware – Pre Boot Security

Most of us are still not aware that there are viruses that load even before Antivirus software and Windows starts up. This is the job of Windows 8’s Early Launch Anti Malware (ELAM); to start in advance before Windows boot loader becomes active and prevents any malicious code to take over. And to prove their support for their partner’s products, the ELAM driver will simply launch the currently installed and compatible anti-malware software. Chris Hallum said that Microsoft has collaborated with antivirus sellers to develop their own ELAM component.

Measured Boot

Microsoft is introducing a foundation in Windows 8 which is called “Measured Boot”. The whole booting process will be stored and signed in the TPM chip to prevent malware from infecting the system. This information can be validated remotely to determine the client’s security state. Microsoft offers a 1.8 MB whitepaper that explains the entire Measure Boot.

Internet Explorer 10

IE 10 features tabs that are completely isolated from each other. Meaning, one tab doesn’t affect another tab such as interfering or capturing data. Another feature is IE 10’s improved Address Space Layout Randomization or ASLR.

Application Security

This security protects you starting from the Windows Store to running apps.

Windows Store – Every apps in Windows Store has passed Microsoft’s screening to provide users malware-free products.

Installation – All the available apps are verified by Windows Store and by clients including Defender, Smart Screen, etc.

App Container – Microsoft extensively limits their apps’ privileges and access to resources. They provide “Contracts” to access data and other apps. It can be seen in Windows 8’s charms bar.

Need more information? We are here. Ask us questions via our helpdesk or when we stop in to update you (or your system) on Windows 8.