Do You Know What to Do Now That Support for Windows 7 Is Ending?

Windows 7 End of Support

What to Do Now That Support for Windows 7 Is Ending

In just a few short months, support for Windows 7 will come to an end. Is your business ready?

If your business is currently operating Windows 7, it’s time to switch to Windows 10. Microsoft will be ending technical support for Windows 7 in January 2020.

 

An enormous number of businesses throughout the United States use Windows operating systems to run their companies. In fact, Windows famously runs the majority of the world’s entire population of computers — including those used in business and personal computers (PCs).

Each of these Windows computers has its own version of Windows’ operating system (OS). Right now, the most popular operating systems are Windows 7 and Windows 10. Windows 7 was originally released ten years ago in 2009, and Windows 10 was released in 2015.

Now, Microsoft is phasing out its support for Windows 7. According to the company, this was always the plan:

“Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009. When this 10-year period ends, Microsoft will discontinue Windows 7 support so that we can focus our investment on supporting newer technologies and great new experiences.”

So, when will this change take place?

According to the company, “The specific end of support day for Windows 7 will be January 14, 2020.”

They go on to say: “Microsoft strongly recommends that you move to Windows 10 sometime before January 2020 to avoid a situation where you need service or support that is no longer available.”

What Does the End of Windows 7 Support Mean for Your Business?

First off, it’s important to note that this change is definitely a big deal.

While the initial reaction of some companies and individuals may be that “end of support” doesn’t really matter, this assumption would be rather reckless. If you fail to update to Windows 10, Microsoft’s imminent cessation of support for Windows 7 has the possibility of causing your business huge problems. Specifically, the end of Windows 7 support means that Microsoft will no longer be providing any type of technical support and absolutely no software or security updates or fixes to this operating system.

As a result, if you run into a major technical problem with a computer running Windows 7 after the end-of-service date (January 14, 2020) or if your security is breached, you’ll get no assistance from Microsoft.

While this realization is shocking (and possibly rather annoying) for many, Microsoft has been warning users about the impending change for a long time. If you have Windows 7, you should have been receiving consistent advisories to this effect. Additionally, if you work with an IT service provider, they have likely been alerting you of the future change as well.

Security Issues With Microsoft 7 Moving Forward

One of the biggest reasons to update to Windows 10 is to ensure your company’s security in the face of possible cyberattacks.

When Microsoft says they’ll no longer be providing Windows 7 support, one of the things they’ll no longer be doing is providing security updates. Normally, Microsoft tracks security issues closely. When a specific cyberattack trend or weakness in their system becomes obvious, they release an update to fix the problem or better fend off would-be attackers.

On January 14, 2020, this will stop.

Unfortunately, cyber criminals are gleefully anticipating this date. They will take full advantage of the security gaps left in Windows 7 operating systems if they can. Those who fail to leave Windows 7 and move to Windows 10 will, of course, be the targets.

Have Questions About the Switch to Windows 10?

To be sure, Windows 10 promises to provide many useful updates and upgrades for Microsoft users. At the same time, the transition from Windows 7 to Windows 10 will certainly bring inevitable challenges. You and your employees will be forced to change some of your habits, and certain features you’re used to may become obsolete or have new properties.

If you haven’t already, now is the time to update your business’s software to Windows 10. Doing so sooner rather than later will allow for the fewest number of complications.

If you have questions or concerns about making a smoother transition from Windows 7 to Windows 10, speak to your IT service provider as soon as possible. There are steps you can take to make this transition less of a trial for yourself and your employees.

Can Outsourced Managed IT Services Improve Profitability?

Managed IT Services

Outsourcing Managed IT Services Improves Business Goal Achievement

Industry leaders require a laser-focus on profit-driving initiatives. Outsourcing an organization’s IT oversight saves time, money, and keeps everyone on task.  

Managed IT Services

Whether you are a decision-maker for an upstart, mid-sized, or large corporation, outsourcing IT support, maintenance, and cybersecurity oversight can improve your operation. Managed services conducted by a third-party outfit with experience and expertise, brings high-level knowledge to the table that most business team members lack.

That’s generally because industry leaders staff their organizations with people who deliver profit-driving benefits. Managing an in-house IT team tends to distract from the goal-achievement tasks that keep an operation competitive and successful. Owners, CEOs, and other captains of industry with heightened IT needs would be wise to consider these five benefits of outsourcing.

1: Risk Reduction

Every business operates with a certain degree of risk. Those risks include fines for not meeting changing government regulations or falling behind competitors in cost-effective technology applications, among others. But perhaps the greatest threat that businesses of all sizes and every sector face are data theft and hacks. Without a doubt, less-than-adequate cybersecurity applications, protocols, and employee preventative training present the greatest threat to your organization.

2: Cost Consistent Budgeting

Entrepreneurs working hard to grow fledgling operations often have thin budgets. Every dollar counts and financial constraints generally do not allow for overspending. People in the private sector are fully aware they cannot manage a thriving enterprise using the faulty methods of the federal government. Either you have the revenue, or you don’t.

Managed IT service contracts allow decision-makers to allot a specific sum toward computer network oversight. There are no excessive payroll taxes, or unexpected overtime hours to strain the company’s resources. You write one monthly check and renegotiate when your managed services agreement expires.

3: Heightened Expertise

Perhaps the greatest difference between hiring an in-house IT team and outsourcing is the improved access to specialized knowledge. Some small and mid-sized operations think it’s savvy to hire a recent technical school graduate who has been immersed in the latest trends and technologies. That thinking seems reasonable on its face.

But the inherent flaw is that your outfit often requires that person, or team, to focus exclusively on your system and operations. What you lose over time is their immersion in trends, new applications, heightened cybersecurity threats, and other pertinent issues. A third-party managed service provider invests its time, resources, and people into cutting-edge training. When a managed services expert reviews your system, they bring the latest knowledge to every task. It’s simply not cost-effective to pay an IT team and then have them attend far-away seminars for weeks at a time.

4: Avoid Potential Downtime

After cyber-theft and hacks, downtime ranks among the most costly setback a company can experience. Imagine for a moment, you are looking out over your offices and employees are unable to work because the system is down. Now imagine you are paying them to not perform the necessary tasks to meet the business’ financial necessities.

When you outsource your IT needs to a third-party provider, it’s not uncommon for them to conduct due diligence, and preventive maintenance while your profit-driving staff is not on the clock. Smooth functioning networks are a type of hidden benefit that companies gain by having 24-7 IT services.

5: Improved Business Focus

Goal-oriented thought leaders enjoy improved success when they are able to focus on the things that make a company successful. Unless you are running a managed services outfit, computer issues, cybersecurity, and managing an IT team is not the best use of your time and brainpower.

Business visionaries achieve goals and enjoy the fruits of their innovation and labor by maintaining a laser-focus on industry trends, cost reduction, improved production, services, and staying ahead of their sector’s learning curve. It’s essential not to get bogged down in seemingly peripheral issues such as IT. Maximizing your skillset and outsourcing IT maintenance and oversight to a professional is the smart play.

Maximizing budgetary resources in a way that delivers the cutting-edge IT needs of today’s business community may be best left to professionals. When industry leaders take the time to do the math on best practices and profitable outcomes, third-party managed IT services remain a tried-and-true practice.

Newly Discovered Security Flaws Put Windows Users at Serious Risk

Is Windows Secure

Microsoft Vulnerability Affects Most Recent Operating Systems

Learn about two recently discovered vulnerabilities that could put your company’s computers and operations at risk and what Microsoft is doing to fix the issue.

Is Windows Secure

Two newly discovered security vulnerabilities could put Windows users at risk of attack if they do not download and install security patches Microsoft recently issued.

What Are the New Microsoft Security Flaws?

Nicknamed DejaBlue, the two security flaws are designated CVE-2019-1181 and CVE-2019-1182. They are similar to the BlueKeep vulnerabilities Microsoft issued patches for in May 2019. The newest flaws, like Bluekeep, could allow hackers to create so-called “wormable” attacks that easily can be spread from one computer to another without any interaction from a user.

The main difference is that the newer security vulnerabilities are potential threats to newer versions of Windows products.

What Systems Does DejaBlue Affect?

There are potentially hundreds of thousands of computers that could be affected by the Windows worm. They sit within the Windows Remote Desktop Services (RDS) package. According to Microsoft, the vulnerabilities could affect the following systems:

  • Windows 7 SP1
  • Windows Server 2008 R2 SP1
  • Windows Server 2012
  • Windows 8.1
  • Windows Server 2012 R2
  • Windows 10 (all supported versions, including server versions)

That’s a massive number of potential targets that could be infected if the patches are not deployed and active monitoring tools are not in place.

Windows XP, Windows Server 2008 and Windows Server 2003 are not affected.

How Does DejaBlue Work?

Like with BlueKeep, the vulnerabilities can be used to exploit RDP, a tool that administrators use to connect to other computers on a network. Hackers could then use that exploit to code and load a worm that is automated. It would “jump” from one computer to another, potentially affecting millions of computers quickly.

What makes the DejaBlue and Bluekeep vulnerabilities so dangerous is that they can propagate without any user interaction.

What’s more dangerous is that the new vulnerabilities differ from BlueKeep, which targeted Windows 7 operating systems. The new exposures could affect Windows 7 and all recent versions of Microsoft’s operating systems. That amplifies both the risk and the potential impact.

“At this point, nearly every contemporary Windows computer needs to patch, before hackers can reverse engineer those fixes for clues that might help create exploits,” notes Wired magazine.

While a British intelligence agency, GCHQ, is credited with identifying BlueKeep, Microsoft notes that it identified the new threats itself. To date, no evidence that exists that indicates the vulnerabilities were known to third parties, the company said.

“These vulnerabilities were discovered by Microsoft during hardening of Remote Desktop Services as part of our continual focus on strengthening the security of our products,” Microsoft said in a release.

The scale of the potential damage is extraordinary. As of July 2019, there were as many as 800,000 computers worldwide that were still vulnerable to BlueKeep, with a much larger potential threat from DejaBlue.

What Can We Do to Protect Against Cybersecurity Threats?

The key to maintaining a secure network is developing a comprehensive, multilayered security strategy. A managed services provider can partner with you to develop a cybersecurity plan that includes:

  • Comprehensive network perimeter monitoring using next-generation firewalls to detect, contain, disable and destroy threats
  • Continuous monitoring of systems, endpoints and users
  • Automated downloading and installation of software and firmware updates, upgrades and patches that respond to emerging threats
  • Anti-malware, anti-spam and anti-virus software installed on each user’s machine or device, updated automatically, and analyzed to determine potential threats
  • Email and data encryption
  • Password security, including multifactor authorization
  • Mobile device management, including remote location finding, disabling and wiping functions
  • Cloud solutions for secure hosting of data, apps and operating systems
  • Business continuity and disaster recovery planning
  • Employee training

Having the right security in place greatly reduces your risk of being affected by a cyberattack that can debilitate your business, ruin its reputation and cost thousands to repair.

Everything You Need to Know About the Dark Web

The Dark Web

The Dark Web

What Is the Dark Web and How Can You Stay Off It?

Ever heard of the dark web? It’s definitely not a place you want your company’s information to be. Learn everything you need to know about the dark web here.  

Most people have heard about the dark web in one form or another. It’s a place where criminal activity happens — from the purchase of illegal drugs to the hiring of assassins.

Of course, there is a legal side to the dark web as well; though, most people don’t know about. In fact, the origin story of the dark web is entirely legitimate and is even linked to the government.

Still, as a business owner or CEO, your relationship with the dark web (should you unfortunately have one) will not likely be good. It’s a bad sign if any of your information is found there. That’s why it’s important to know about what exactly the dark web is: Where it came from, what’s on it, and what you should do to stay as far away from it as possible.

What Is the Dark Web?

The dark web is essentially one “section” of the Internet. Specifically, it’s a section that isn’t included in mainstream search engines like Google. So, when you search a normal search inquiry, such as, “Where’s the best hamburger joint in downtown Pittsburgh?” you don’t get results from the dark web.

Instead, this section includes all sorts of illicit goings-on. Mostly, it’s a marketplace for things you shouldn’t be buying because they’re illegal to sell and/or buy. For instance, you can buy lifelong access to Netflix for a small price (six bucks). You can hire someone to hack into someone else’s computer for you and download their data or track their keystrokes. You can purchase credit card credentials. You can obtain prepaid debit card numbers and security codes.

How Does One Access the Dark Web?

We’ll reiterate again that the dark web is not a place you want to find yourself (or your information). However, for the sake of knowledge, we’ll explain that in order to access the dark web, you must download what’s called the Tor browser.

Tor stands for The Onion Router. This is basically the software that makes the dark web operate in the dark.

Where Did the Dark Web Originate?

The dark web began in the late 1990s as a way for the United States Naval Research Laboratory (NRL) to better hide their online communications. At this time, The Onion Router or Tor was brand-new.

Soon after its initial creation in 2004, the dark web’s Tor software was released for public use. Since that time, it has ceased to be solely a government resource and has turned into the “back alley” of the Internet.

How Can the Dark Web Affect Business Owners?

The dark web is a potential danger to all businesses of all sizes and in all industries. In fact, it can be a potential danger to individuals as well. But let’s talk about your business and the dark web.

Basically, it has been found that 60% of the web listings on the dark web could harm a business. That’s because, these listings offer individuals searching the dark web ways to obtain things like the following:

  • Customer data
  • Tips for hacking computers
  • Tips for hacking networks
  • Malware
  • Financial data
  • Phishing advice
  • Operational data
  • Intellectual trade secrets
  • Tutorials for cyber crime
  • Remote access Trojans (RATs)
  • Espionage services
  • Credentials access

How Can You Keep Your Business Safe From the Dark Web?

The best way to keep your business safe from the dark web is to have the proper cybersecurity measures in place. This means hiring a cybersecurity team or a managed service provider (MSP) to handle your company’s cybersecurity. Even if you’re a small business, hiring an MSP to have on retainer is a good idea.

They will make sure that you have firewalls and other detectors of malware in place for adequate security. It’s also essential to back up your data and to make everyone who works for or with your company aware of how to avoid phishing attempts.

Lastly, your cybersecurity team should be monitoring the dark web to make sure that none of your information lands there. This goes for personal information for you and your employees, as well as overall company information. Taking these measures is the only surefire way to ensure that your company does not end up on the wrong end of the dark web.

How to Achieve Digital Success

Man Looking at IPad with Graph

As the business world continues to evolve, digital transformation becomes even more important for every company, regardless of the industry. However, successfully moving into the digital arena and remaining on top requires companies to make the right choices when it comes to their money and their time.

Man Looking at IPad with Graph

Below are some tips to help your company achieve ongoing digital success.

1. Create a designated budget for digital projects.

In order to become a digital success, monetary investment is always required. Carve out a section of your budget that will be dedicated to digital projects only. In general, your digital expenses should represent at least five percent of your annual expenses. However, depending on your situation, you may decide to scale this amount up or down.

2. Involve your employees.

Investing money in digital projects alone is not enough to guarantee your success. You must also involve your employees in these endeavors. Every employee on your staff should be aware of your goals with regard to digital projects, and some of your employees should be working exclusively in roles related to digital.

3. Stay on top of emerging technologies.

The digital world is always changing, with new technologies on the horizon every day. To be successful digitally, your company needs to be aware of the new technologies as they emerge so you can incorporate them into your operations when appropriate.

4. Consider digital when looking for new talent.

Bringing your current employees onboard with your digital projects can be helpful, but it isn’t enough to ensure lasting success in this arena. As digital continues to become more widespread, hiring employees who are comfortable with technology becomes even more important for every company. When looking for new talent to add to your team, make digital skills a priority.

5. Make use of data.

To improve customer experiences digitally, your company needs to invest in and utilize data. Data allows you to customize every customer’s interactions with your company so he or she can have the highest level of satisfaction possible. Data also allows you to gain valuable insights about every aspect of your business’ operations so you can identify strengths and weaknesses.

6. Seek professional assistance.

Bringing digital to your company successfully can be a challenge, especially if you aren’t an expert in this field and/or if you have many other responsibilities. If you aren’t sure how to incorporate digital into your daily operations, consider hiring a consultant or even a full-time digital team to help you make the most of your investments and your efforts.

These are just a few of the strategies you can use to make your company a digital success. Keep in mind that success rarely comes overnight, so ongoing effort will likely be required before you will see the results you desire.

How Do I Choose a Cloud Computing Model?

Cloud Computing

Cloud Computing

How Do I Choose a Cloud Computing Model?

No matter what your company or organization specializes in, it’s sure that you have some form or forms of data that needs to be stored, well, somewhere.

Before the invention of cloud computing, most company data was always stored on-site — that is, in the hard drives at a place of business. Additionally, some businesses may have had data stored on remotely-located hard drives or discs; but the majority of data was “in the building.”

Naturally, you can see how this would be dangerous — both for you as a business owner and your clients, customers, and investors. Sensitive data such as customer specs or financial information could be easily stolen, corrupted, lost because of a computer glitch, or even destroyed in a fire.

Today, with the advent of cloud computing. The bulk of these worries are gone. Nearly all major companies, organizations, governments, and many individuals use the cloud.

What is the cloud and what is “cloud computing”?

The first thing to know about “the cloud” is that it’s not a physical thing like a computer or a hard drive. Instead, this term refers to a virtual space or a select part of the Internet — the part that stores data.

Just as you can surf the web from anywhere in the world as long as you have an Internet connection, you can also access the cloud from anywhere in the world — plus whatever you store there. Again, you simply need an Internet connection. In this way, many people simply define the “cloud” as a metaphor for the Internet.

“Cloud computing” is the generally recognized term for all computing actions done in or via the cloud. Therefore, cloud computing refers to cloud-based data storage, but it also means cloud-based:

  • Data management
  • Content delivery
  • Access to applications and software
  • Delivery of services

Should your business be using cloud computing?

Before we dive into how to choose a cloud computing method, let’s talk about why you should be using cloud computing — and you absolutely should be.

Cloud computing provides numerous benefits that old-fashioned computing methods just can’t live up to. Specifically, cloud computing provides:

  • Mobility and Efficiency: You can work on the cloud from anywhere. Allow your employees, customers, clients, and investors to access the best that your company has to offer, without worrying about weighing down the system or collapsing your infrastructure.
  • Ultimate Security: The cloud provides the best security available when it comes to storing your sensitive data. Even when hardware and equipment fails, you know your data will be stored safely and backed up.
  • Scalability and Flexibility: With non-cloud computing solutions, you must anticipate the extent to which you’ll use your storage space and other computing needs beforehand. Cloud computing allows you to scale your cloud services up or down, based on your unique needs.
  • Strategic Value: Cloud computing methods are always updated with the latest software and the newest tech. This gives your company a competitive edge. Plus, there’s no need to toss outdated technology or revamp your entire network, which would otherwise set your company timeline back significantly.

What method of cloud computing should my business use?

This depends on the organization’s specifications, needs, and goals. There are three basic methods of cloud computing to choose from.

Private Cloud Computing

This model of cloud computing provides dedicated use to your company’s data and systems over a private IT infrastructure. This is a good model to choose if you are particularly concerned about confidentiality and security. Only a trusted third-party or your company’s internal resources team should manage a private model of cloud computing, and you should only give access to those within your company.

Public Cloud Computing

This method of cloud computing allows your business’s resources (software, platforms, infrastructure) to be available to the general public. In some cases, these types of cloud computing models are offered to the public for free, but they may also be sold by a pay-per-usage model.

Hybrid Cloud Computing

As the name suggests, the hybrid cloud computing model blends a public cloud and a private cloud. The hybrid model is mostly by companies who need to operate both models, and thus, the two are integrated into one overarching system.

Resources in the cloud are easier to access, manage, and recover after an equipment malfunction. By switching your business to one of the cloud computing models outlined above, you’ll have a competitive edge and complete control of your company’s data and systems.

Your MacOS Is Under Attack: 2019’s Biggest Malware Threats

MacOS and Malware

Your MacOS Is Under Attack: 2019’s Biggest Malware Threats

MacOS and Malware

The Mac operating system (MacOs) has frequently been hailed as one of the best systems for its resiliency to malware and typical viruses. But the days of MacOs standing strong and tall with no worries have really always been a misconception. Mac systems are just as vulnerable to the beefed-up, intelligent malware threats that are out there today.

SentinelOne published a lengthy review of the MacOs malware at the end of 2018, but in a new release, SentinelOne also stated that there has actually been an uptick in the numbers of new types out there attacking users. Here is a look at some of 2019’s biggest MacOs malware threats that every Mac-reliant business owner should know.

1. OSX.Siggen: A Malware Download from a Malicious Domain

Masquerading as a helpful app called WhatsApp, OSX.Siggen is actually a latched-on malware that slips in during a regular app download. WhatsApp is a fake social media platform, and the download looks super enticing when users come across it. However, once added to MacOs, the app runs with a backdoor designed to take administrative control over the system.

2. KeyStealDaemon: Password Hijacker

This dirty malware showed up in February of 2019, but by June it was still running strong. Apple allowed a patch several years ago designed for another purpose, but KeyStealDaemon can create administrative privileges for itself by slipping through. Unfortunately, this malware allows the person behind the scenes to get into the system and steal pretty much any password you have stored. The good news is, if you have properly updated your system, KeyStealDaemon can be booted out because it cannot break through.

3. CookieMiner Slips In and Steals Credentials

Toward the end of January 2019, a cryptominer showed up with its own installed backdoor to induce a threatening combination of technologies to steal cryptocurrency exchange cookies and passwords for Google Chrome. The worrisome thing about CookieMiner is this: experts believe that the malware could potentially have the rare ability to bypass things like authentication processes that involve multiple factors. If CookieMiner is capable of gathering enough cookies and credentials, cryptocurrency wallets can be virtually pickpocketed right in plain sight.

4. Mokes.B Puts On a Good Act

Persistence agents running amuck on your MacOs with familiar names may never be spotted, especially if they are calling themselves things like Firefox, Skype, or Chrome. This is precisely how Mokes.B avoids suspicion when it latches onto the operating system in application support folders and tracking files. Mokes.B is super-scary because it can gain the ability to take actual screenshots whole you are on pertinent screens, but it can also record keystrokes to steal date you are keying in.

5. A Variant of OSX.Pirrit Has Shown Up

OSX.Pirrit caused a lot of problems a few years ago, but this malware never really disappeared altogether. Instead, new family members under the old parent app are still being found on MacOs, and they are not being detected as they would otherwise be when acting as OSX.Pirrit. The aim of this malware is to make money from redirect actions that occur as a result of a browser infection, but there are rumors that PIRRIT is potentially capable of stealing data as well.

6. OSX.Dok Reroutes User Traffic

OSX.Dok gets into a system and installs a securely tucked-away Tor version location on a Mac system. User traffic hitting a site gets sent to an onion server instead of where it should be, which is a major problem for business owners needing to protect sensitive customer actions when they think they are on an e-commerce website. One of the scariest things about OSX.Dok is the fact that it can steal even SSL encrypted internet traffic maneuvers. Older versions of this software were thought to be banished, but new versions continually pop up.

Even though there are so many Mac users who think they are covered by some unseen immunity from malicious software, these risks are there and the growing list of 2019 proves that fact. Attackers deploying these software programs are targeting those easy-to-break barriers, so something like an improperly updated computer or even an unsuspecting employee can leave a business computer wide-open for an attack.

Building a Rock Solid Cybersecurity Plan

Cyber Security

Cybersecurity Plan

Cybercriminals may be going into a stealth mode, but that doesn’t mean that cyberattacks are slowing down — quite the opposite, in fact. According to the 2018 SiteLock Website Security Report, attacks increased by 59% and accelerated going into December. Record numbers of businesses are being infiltrated by hostile actors, with data breaches affecting hundreds of millions of users in a single attack. This all comes during a time when cybersecurity costs are accelerating as more organizations scramble to bring expensive systems and well-paid IT assets online to help protect their business from attack or assist with recovery. By the year 2021, damage to businesses is expected to exceed $6 trillion annually from cybercrime alone. It’s becoming increasingly difficult for businesses to manage the complexity required for a comprehensive cybersecurity plan alone, but these basics will give you a starting point to managing the risk to your organization.

Understanding “Current State” Security Practices

Many organizations begin crafting their cybersecurity plan by reviewing and documenting the current state of their risk-reduction efforts. This could include everything from data structures and storage locations, physical and cloud-based infrastructure models, third-party vendors and other connections. This “current state” report gives you a comprehensive view of the organization and allows you to capture potential risk centers that will need to be addressed in the future.

Balancing Security Needs with Business Requirements

It’s a fact of life that IT professionals are often in top demand, making it difficult to implement the full range of cybersecurity protections that proactive leaders feel are necessary. This balancing act may take place as ongoing negotiations between business and technology teams as the risks of not taking specific steps to tighten security are weighed against the potential benefits of new functionality. IT teams need to have a full understanding of how data and applications are utilized throughout the organization, including how remote partners or staff members are connecting into business applications and databases. Going through this process prompts conversation around the replacement value of particular platforms. Where an IT team may feel that an older platform could be deprecated without undue business impact, one particular unit may be utilizing that data in an unexpected way. In this instance, business and IT leaders will have to negotiate whether it makes sense to enhance the security or simply move to a newer alternative.

Crafting Your Plan and Training Your Staff

Understanding all of the various assets that your business has available allows you to gain a more holistic view of the business, a crucial element of any successful cybersecurity plan. Define replacement or bypass recommendations for each of your core business assets, and then fully document any changes that need to be made to reduce the risk of a breach or the effect of any malware or ransomware attacks. Having the plan in place also requires determining the training level that your staff will need. According to Cisco, the majority of malicious file extensions are made up of popular files such as Microsoft Word, Excel and PowerPoint, making ongoing training an important part of any cybersecurity strategy.

Small and mid-size businesses are the organizations least likely to have a formal cybersecurity plan in place, but these businesses are a high-risk target that is extremely attractive to hackers. Managing the complexity associated with the various platforms and data sources is often cited as a significant challenge for over-taxed IT personnel. Making regular cybersecurity reviews a priority can help your organization not only stay safe online but also identify processes challenges that need to be addressed to improve operational efficiency. Even with a rock-solid cybersecurity plan in place, that doesn’t mean your organization is completely safe. Instead, it means that you’re ready for an attack and are able to respond appropriately and in a timely manner — which can save your company hundreds of thousands of dollars in the event of a breach.

Ransomware’s Cruel Greed: Proven Security Protects Your Business

Ransomware

Ransomware

Cybercriminals lock victims out of computer and network files – sometimes destroying data – and extort cash to get that data back. That’s a ransomware attack, costing businesses billions worldwide.

Ransomware can spread by the simplest of user actions. Email phishing, or Business Email Compromise (BEC) – fraudulent and deceptive emails posing as legitimate messages – is perhaps the most common propagation method. Social media clickbait, particularly using fake accounts masquerading as friends or colleagues, is common also. Simply visiting an infected website can corrupt your system, even if the user doesn’t click anything on the web page.

How common is ransomware? There’s bad news and good news. The bad news: attacks are extremely common, with thousands of organizations being probed every day. The good news: savvy IT professionals are fending off attacks, so infections are still comparatively rare. However, attacks are on the rise and cybercriminals are growing more sophisticated.

Ransomware attacks are hitting businesses of all sizes, from a few employees to enterprise corporations. Individuals get infected also, especially those without good antivirus protection. Government agencies and health care organizations have become prime targets.

Data Loss and Financial Risk

Ransomware encrypts computer files and network drives, then demands a ransom in exchange for a decryption key. Most victims end up paying the ransom. Ransomware can be difficult, if not impossible, to crack, and paying the ransom can be the only way to get data back.

Costs of recovery can be enormous. The ransom itself can run from thousands to hundreds of thousands of dollars, even approaching $1 million dollars. The real cost of recovery runs easily into the millions. FedEx reported losses of more than $300 million before operations were fully restored. The total cost to US business is estimated at $75 billion or more per year, with downtime costing around $8,500 per hour.

Cybercriminals typically demand payment in Bitcoin. Cryptocurrency affords substantial anonymity, making it nearly impossible to track perpetrators. Even if they could be identified, cybercriminals often work over international borders. Jurisdiction issues makes prosecution almost impossible.

Preventing Ransomware

Ransomware protection is a complex endeavor involving technology, education and best practices. You need the right tools – the right information – and the right business processes.

Key steps to protect your data include:

  • Maintain up-to-date antivirus/malware protection, especially on email. Do your research for best programs, including buyer reviews on popular online retail sites.
  • Perform regular external backups, and quarantine them from your network as soon as they’re completed. Keep archival history as much as possible.
  • Train employees. Malware is most often spread by human behavior, e.g. clicking an email phishing link or social media clickbait. Proper training can minimize risk by educating staff about the risk of suspicious links.
  • Maintain strong firewall protection to minimize the risk of a single infected machine spreading malware into your network.
  • Keep all enterprise software updated with the latest releases and patches. Software firms are constantly improving security, and outdated software is riskier.
  • Administer IT user permission security so employees have access only to the software and functionality required for their job roles.
  • Disable macro scripts on files shared via email – an important component of training.

Along with preventative measures, create a contingency plan. If you are hit with ransomware, you’ll be better prepared to cope if you have plans in place to continue operations and speed up recovery.

Setting up a cryptocurrency wallet should be part of the contingency plan. If your business is hit – and you decide to pay the ransom – you’ll be able to pay much sooner if you already have this in place.

See these resources for more detail on what you can do to protect your business.

What to Do If Infected

More than half of targets don’t report ransomware attacks, according to FBI estimates. This is likely driven by concerns over bad publicity. Financial and business process recovery is bad enough without adding in a PR nightmare.

However, it’s critical to notify the FBI if your systems are infected. The FBI is the lead federal agency for cybercrime. Their investigative and technology capabilities are state-of-the-art, and no one is better equipped to help you understand your options and recover your data.

The FBI suggests that you do not pay the ransom. The decision is up to your company leadership, and it’s true that most victims do pay. In many cases, the cost of paying the ransom is far less than the potential losses from operational downtime.

Ransomware removal often involves wiping systems clean and restoring uninfected files from backups. It’s a delicate business best left to a professional cybersecurity company.

It Can Happen to Your Business

Ransomware and cybercrime are on the rise. Costs to businesses are going up.

Education and preparation are the best defenses against cybercrime. Responsible management needs to be proactive. Threats are real, cybercriminals are serious, and today’s IT professionals are armed with the tools and the knowledge to keep their companies safe.

Your Windows 7 Checklist

Windows 7 Checklist

Windows 7 Checklist

When you’re working hard to grow your business, you can get caught up in things that take your attention away from your technology. Before you know it, your IT system isn’t up to speed because you failed to update an operating system. We don’t want this to happen. This is why we’ve provided a checklist about Windows 7, its approaching End of Life (EOL), and what you should do.

It’s Time To Upgrade From Windows 7

Extended support for Windows 7 will end on January 14, 2020. This means that Microsoft won’t provide security updates for PCs running Windows 7. This could put your IT system at risk for security and reliability issues.

We recommend that you plan your upgrade now. And, if you run a business, we advise that you skip Windows 8 and upgrade to Windows 10 Pro.

Skip Windows 8 and Migrate To Windows 10 Pro

Windows 8 product enhancements (mainstream support) ended back on January 9, 2018. And reliability and security patches will end on January 10, 2023 (the end of extended support). This may seem like a long time from now, but if you’re upgrading anyway, shouldn’t you use the most current Windows program? Windows 10 Pro offers the very latest technology, and it’s built for business use.

Windows 10 Pro Will Benefit Your Business

  • Increased Security is incorporated with ongoing protections like Windows Defender Antivirus, BitLocker, a Firewall and more (at no extra cost to you).
  • Windows Remote Desktop ensures that you can access your files from any PC or tablet with an internet connection.
  • Automatic Cloud Storage will store and protect your Word, PowerPoint and Excel files from system crashes.
  • Sign In 3 Times Faster by using Windows Hello with Facial and Fingerprint Recognition.

Take Advantage of New Features In Windows 10 Pro

  • Windows Ink with Touch Screen & Digital Pen Capabilities
  • Windows 10 Pro pairs with Office Documents and Other Apps
  • Microsoft Edge with faster and safer web browsing, automatic form filling, type or write on webpage capabilities, and much more
  • Cortana voice-activated digital assistant integrates with your calendar and other Windows apps.

You Have Two Choices For Upgrading

1. Migrate your existing machines to Windows 10 Pro.

2. Replace your old computers with new Windows 10 devices.

Consider This Before You Migrate To Windows 10 Pro

Are your current apps compatible with Windows 10? (Check Microsoft’s App Directory to be sure.)

Do your existing computers meet these system requirements?

  • 1GHz processor or faster
  • 1GB RAM for 32-bit; 2GB for 64-bit
  • Up to 20GB available hard disk space
  • 800 x 600 screen resolution or higher
  • DirectX 9 graphics processor with WDDM driver

There are 2 Migration Tool Options

1. Windows Easy Transfer

  • For a small number of computers or a single customized deployment.
  • Transfer files and settings via a network share, USB flash drive, or Easy Transfer cable.
  • Can’t use a regular USB cable to transfer files and settings

2. User State Migration Tool (USMT) 10.0

  • Best for large-scale automated deployments.
  • Uses .xml files to control which user.
  • Accounts, files, and settings are migrated.
  • Use for side-by-side migrations for hardware replacements, and wipe-and-load migrations.

Test The Quality & Performance of Your New System

Use the Windows Assessment and Deployment Kit (ABK) to test the quality and performance of your system, and to customize Windows images for large-scale deployments.

Need Help Upgrading To Windows 10 Pro?

We’re always here to help and answer your questions