Keep your business safe with backup and disaster recovery

It’s essential to have the right IT backup and disaster recovery (DR) systems in place if you want to safeguard your company’s digital assets.

From cyberattacks and malware to hardware failures and natural catastrophes, having the right plan in place is essential. It can test your system, prevent loss and recover vital data in the event of a disaster.

The right strategy and solution

As an IT manager, you want an IT backup and stress test that can determine how well your system can withstand critical situations while at the same time operating at optimal capacity.

A good backup and DR strategy should include off-site/cloud storage of important information, regular data saving and backup, fireproofing, and protection against malware and viruses. It should also perform regular audits of your stress-testing recovery plan to ensure your data, servers, intranets and LANs are protected in an emergency.

A stress-testing recovery plan can identify weaknesses in your system and alert you to where improvements in your network’s defenses are required. This may then require data-loss-prevention and spam-filtering devices, mobile device management hardware, and firewalls for websites and applications.

Business processes and security applications

Before deciding on the best backup solution, consider your business processes and how a loss of computing capability could affect them.

It’s also vitally important to keep your antivirus software current on all workstations and servers within your internal LAN, and to ensure they are able to isolate an affected machine before the contagion spreads.

Keep all production servers/network devices up to date with the latest patches, and scan for vulnerabilities on a consistent basis. The best DR plans include regular backups of all production-critical devices, secure and accessible recovery of those backups and a step-by-step recovery procedure that relevant personnel can understand clearly and initiate in an emergency.

The good news for CIOs, CTOs and others responsible for ensuring IT infrastructure is up to date and resilient is that backup and DR systems have been converging for some years now.

Today’s data backup software and hardware are more tightly integrated – and there are converged hardware products that can back up and replicate applications, eliminating the need for separate software. As a result, backup and DR are moving closer to becoming one all-inclusive process.

Advertisements
Posted in Uncategorized | Leave a comment

Some ransomware strains are free to decrypt

Ransomware is everywhere. Over the last couple years, dozens of unique versions of the malware have sprung up with a singular purpose: Extorting money from your business. Before you even consider paying for the release of your data, the first thing you must always check is whether your ransomware infection already has a free cure.

The state of ransomware in 2017

It’s been almost 30 years since malware was first created that could encrypt locally-stored data and demand money in exchange for its safe return. Known as ransomware, this type of malware has gone through multiple periods of popularity. 2006 and 2013 saw brief spikes in infections, but they’ve never been as bad as they are now.

In 2015, the FBI estimated that ransomware attacks cost victims $24 million, but in the first three months of 2016 it had already racked up more than $209 million. At the beginning of 2017, more than 10% of all malware infections were some version of ransomware.

Zombie ransomware is easy to defeat

Not every type of infection is targeted to individual organizations. Some infections may happen as a result of self-propagating ransomware strains, while others might come from cyber attackers who are hoping targets are so scared that they pay up before doing any research on how dated the strain is.

No matter what the circumstances of your infection are, always check the following lists to see whether free decryption tools have been released to save you a world of hurt:

Prevention

But even when you can get your data back for free, getting hit with malware is no walk in the park. There are essentially three basic approaches to preventing ransomware. First, train your employees about what they should and shouldn’t be opening when browsing the web and checking email.

Second, back up your data as often as possible to quarantined storage. As long as access to your backed-up data is extremely limited and not directly connected to your network, you should be able to restore everything in case of an infection.

Finally, regularly update all your software solutions (operating systems, productivity software, and antivirus). Most big-name vendors are quick to patch vulnerabilities, and you’ll prevent a large portion of infections just by staying up to date.

Whether it’s dealing with an infection or preventing one, the best option is to always seek professional advice from seasoned IT technicians. It’s possible that you could decrypt your data with the tools listed above, but most ransomware strains destroy your data after a set time limit, and you may not be able to beat the clock. If you do, you probably won’t have the expertise to discern where your security was penetrated.

Don’t waste time fighting against a never-ending stream of cyber attacks — hand it over to us and be done with it. Call today to find out more.

Posted in Uncategorized | Leave a comment

Reasons to back up your mobile devices

It makes a lot of sense for electronics firms to pack a variety of functions into mobile devices and expand their usefulness. Instead of confining their use to communications, companies such as Apple, Samsung, and others have turned mobile phones into mini-computers that can serve as a substitute for your laptop, or as a storage device. If you’re using mobile phones as a communications and storage device, backing up now would be a wise move.

Malware on mobile

More than 50% of the world’s adult population use a mobile phone with internet connection, so dangers in these handy devices are to be expected. Scarier than the thought of being offline is being online and exposed to malware.

If you use your mobile devices as an extension of your work computers, backing up is a must. Mobile phones have become as vulnerable to malware as laptops and desktops have, especially if you consider the fact that many professionals and business owners use them for emailing confidential documents and storing business-critical files.

Device disasters

Other than malware, other types of disasters can happen on your device. Because you carry it wherever your go, your device can easily be stolen, misplaced, or damaged. They may be easily replaceable, but the data contained in them may not. Having completely backed up data on your devices helps prevent a minor inconvenience from turning into a disastrous situation.

Backup options

Performing backups in iPhone and Android devices is a seamless process. Their operating systems require only minimal effort from users, and backing up entails nothing more than logging into their Apple or Google account. However, other users have different devices with different operating systems, slightly complicating the process.

Mobile devices’ safety is essential to business continuity plans. So whether your office users are tied to a single operating system or prefer different devices, there are options to back up all your organization’s mobile devices. There are cloud backup services that enable syncing of all devices and that back up files, contacts, photos, videos, and other critical files in one neat backup system. These mobile backup tools are offered on monthly or lifetime subscription schemes, which provides small businesses with enough flexibility to ensure protection.

Mobile phones have become so ubiquitous to how people function that many feel the need to have two or more phones, mostly to have one for personal use and another for business. With all these options on hand, there’s no excuse for not backing up data on your mobile devices.

Our experts can provide practical advice on security for your business’s computers and mobile devices. Call us for mobile backup and other security solutions today.

Posted in Uncategorized | Leave a comment

How to extend your laptop battery’s power

Keeping your laptop plugged in all the time doesn’t solve your battery problems. It may keep your laptop fully charged for a day, but this practice may do more harm than good in the long run. Luckily, there are quick-and-easy fixes and long-term solutions to help save battery power on your laptop. Here’s a look at some of them.

Manage your laptop’s power settings

Computer manufacturers are aware that battery life is an important consideration for most users, which is why many Windows and Apple computers have settings that help reduce battery consumption. Windows laptops have a Power Plan setting that lets you choose either a standard setting or a customized power plan; Energy Saver under MacOS’ ‘System Preferences’ offers a setting that allows you to adjust display and sleep controls.

Adjust display and system settings

You can also make adjustments to your laptop’s display and system settings to reduce brightness, turn off screensaver, disable Bluetooth and Wi-Fi (when they’re not used), and trigger the system to hibernate instead of sleep. A “sleeping” laptop consumes a little energy, but a “hibernating” laptop consumes absolutely none.

Use a battery monitor and other maintenance tools

If you think your laptop battery drains unusually fast, access your system’s battery maintenance tool to check its status. If your laptop doesn’t have one, you can download an application that creates a battery health report. That report will include charge cycle count, which determines the number of charge cycles your laptop has; and battery life estimate, which states how much longer the battery will provide power based on its current settings.

Keep your laptop operating efficiently

One way to accomplish this is by managing your web browser usage. Having many tabs opened on your browser drains your battery’s power and reduces your productivity. If you really must have a handful of tabs opened, consider switching to power-saving browsers such as Windows Edge or Opera. When multitasking, close unused apps and programs — especially those that download files or play media, as they consume the most power. This not only helps reduce battery consumption, but also helps the user stay focused on the task at hand.

Handle your laptop with care

Laptops are delicate and require safe handling and a cool temperature. With the exception of a few models (e.g., Apple’s MacBook Air), many devices are designed with a cooling system that keeps its CPU, graphics processor, and other components from overheating; and not to mention, its battery from depleting fast.

For that reason, handling your laptop with great care ensures longer battery life and better overall performance. When using your laptop on-the-go, make sure you don’t block its vents from circulating air, which means you should never put it on a surface such as a bed or similar soft surface that could prevent its cooling fans from working. And while it may seem harmless — and appropriate — putting your laptop on your lap is actually unsafe.

For businesses with remote workers and/or bring your own device (BYOD) policies, a laptop that lasts all day allows employees to be more productive and saves your company from having to spend on new laptops or replace batteries as a result of neglect. For cost-effective strategies on business technology, call us today.

Posted in Uncategorized | Leave a comment

This fake Google app is really a phishing scam

If employee training and education isn’t an integral part of your cyber-security strategy, a recent scam might force you to reconsider. Instead of relying on complicated programming code to steal and destroy data, hackers are increasingly relying on human errors to get the job done. Even well-trained users are falling for the most recent ploy, take a look.

Broadly defined, “phishing” is any form of fraud in which an attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels.

These messages prey on users who click links, images and buttons without thoroughly investigating where they lead to. Sometimes the scam is as simple as an image with a government emblem on it that links to a website containing malware. Just hovering your mouse over the image would be enough to see through it. But some phishing schemes are far more difficult to recognize.

The Google Defender scam

Recently, an email spread to millions of GMail accounts that almost perfectly imitated a message from Google. The text read:

“Our security system detected several unexpected sign-in attempts on your account. To improve your account safety use our new official application “Google Defender”.

Below that was a button to “Install Google Defender”. What made this scheme so hard to detect is that the button actually links to a totally legitimate site…within Google’s own framework. When third-party app developers create GMail integrations, Google directs users to an in-house security page that essentially says, “By clicking this you are giving Google Defender access to your entire inbox. Are you sure you want to do this?”

Even to wary users, the original message looks like it came from Google. And the link took them to a legitimate Google security page — anyone could have fallen for it. The Gmail team immediately began assuring users that they were aware of the scam and working on eradicating it and any potential copycats.

There’s no happy ending to this story. Although vendors and cyber-security experts were able to respond to the crisis on the same day it was released, millions of accounts were still affected. The best way to prepare your business is with thorough employee training and disaster recovery plans that are prepared to respond to a breach. To find out how we can protect your business, call today.

Posted in Uncategorized | Leave a comment

Fileless malware: who are the targets?

Business owners have spent the last couple months fearful of cyber attacks from the “fileless malware” plastered across headlines. The reality of this new threat doesn’t actually call for panic…yet. Getting acquainted with this new malware today could save you from a headache in the future.

What is this new threat?

To oversimplify the matter, fileless malware is stored somewhere other than a hard drive. For example, with some incredibly talented programming, a piece of malware could be stored in your Random Access Memory (RAM).

RAM is a type of temporary memory used only by applications that are running, which means antivirus software never scans it on account of its temporary nature. This makes fileless malware incredibly hard to detect.

This isn’t the first time it’s been detected

Industry-leading cyber security firm Kaspersky Lab first discovered a type of fileless malware on its very own network almost two years ago. The final verdict was that it originated from the Stuxnet strain of state-sponsored cyber warfare. The high level of sophistication and government funding meant fileless malware was virtually nonexistent until the beginning of 2017.

Where is it now?

Apparently being infected by this strain of malware makes you an expert because Kaspersky Lab was the group that uncovered over 140 infections across 40 different countries. Almost every instance of the fileless malware was found in financial institutions and worked towards obtaining login credentials. In the worst cases, infections had already gleaned enough information to allow cyber attackers to withdraw undisclosed sums of cash from ATMs.

Am I at risk?

It is extremely unlikely your business would have been targeted in the earliest stages of this particular strain of malware. Whoever created this program is after cold hard cash. Not ransoms, not valuable data, and not destruction. Unless your network directly handles the transfer of cash assets, you’re fine.

If you want to be extra careful, employ solutions that analyze trends in behavior. When hackers acquire login information, they usually test it out at odd hours and any intrusion prevention system should be able to recognize the attempt as dubious.

Should I worry about the future?

The answer is a bit of a mixed bag. Cybersecurity requires constant attention and education, but it’s not something you can just jump into. What you should do is hire a managed services provider that promises 24/7 network monitoring and up-to-the-minute patches and software updates — like us. Call today to get started.

Posted in Uncategorized | Leave a comment

What exactly is preventive cyber-security?

There has been a movement among technology providers to promise “proactive” cyber security consulting. Small- and medium-sized businesses love the idea of preventing cyber-attacks and data breaches before they happen, and service providers would much rather brainstorm safeguards than troubleshoot time-sensitive downtime events. But it’s not always clear what proactive cyber-security means, so let’s take a minute to go over it.

Understand the threats you’re facing

Before any small- or medium-sized business can work toward preventing cyber-attacks, everyone involved needs to know exactly what they’re fighting against. Whether you’re working with in-house IT staff or an outsourced provider, you should review what types of attack vectors are most common in your industry. Ideally, your team would do this a few times a year.

Reevaluate what it is you’re protecting

Now that you have a list of the biggest threats to your organization, you need to take stock of how each one threatens the various cogs of your network. Map out every device that connects to the internet, what services are currently protecting those devices, and what type of data they have access to (regulated, mission-critical, low-importance, etc.).

Create a baseline of protection

By reviewing current trends in the cyber-security field, alongside an audit of your current technology framework, you can begin to get a clearer picture of how you want to prioritize your preventative measure versus your reactive measures.

Before you can start improving your cyber-security approach, you need to know where the baseline is. Create a handful of real-life scenarios and simulate them on your network. Network penetration testing from trustworthy IT professionals will help pinpoint strengths and weaknesses in your current framework.

Finalize a plan

All these pieces will complete the puzzle of what your new strategies need to be. With an experienced technology consultant onboard for the entire process, you can easily parse the results of your simulation into a multi-pronged approach to becoming more proactive:

  • Security awareness seminars that coach everyone — from receptionists to CEOs — about password management and mobile device usage.
  • “Front-line” defenses like intrusion prevention systems and hardware firewalls that scrutinize everything trying to sneak its way in through the front door or your network.
  • Routine checkups for software updates, licenses, and patches to minimize the chance of leaving a backdoor to your network open.
  • Web-filtering services that blacklist dangerous and inappropriate sites for anyone on your network.
  • Antivirus software that specializes in the threats most common to your industry.

As soon as you focus on preventing downtime events instead of reacting to them, your technology will begin to increase your productivity and efficiency to levels you’ve never dreamed of. Start enhancing your cyber-security by giving us a call for a demonstration.

Posted in Uncategorized | Leave a comment