Boost IT

Managed IT Services, Cyber Security, Network Support - Atlanta, Dunwoody, Buckhead

Cyber Security

How to Avoid Phishing Scams

by

From e-mails to pop-up ads to websites, phishing scams are sophisticated and come in many different forms. They are bombarding everyone from everywhere – on desktops, smartphones, tablets, and other devices. They are one of the most common security challenges that businesses face in keeping their information secure.

Cybercriminals are devious in using phishing scams to get sensitive information. Even when the business is proactive in their internet security, all it takes is one employee to fall victim. For businesses to protect valuable data, they need to regularly train employees on how to avoid phishing scams.

10 Tips for Avoiding Phishing Scams

  1. Watch out for e-mail spam. Learn how to identify suspicious emails by looking at who sent it. Cybercriminals will send an email under a name that the employees will recognize and design the email to look the same as the company they pose as. But it is fake. Spelling errors and strange grammar mistakes can be an alert to phishing scams. Banks don’t send emails with links asking for information. And legitimate companies don’t send spam advertisements.
  2. Check the source of incoming e-mails. One of the easiest ways to test an email is by hovering your mouse over the sender’s name to determine the email address of origin. You can also review the link destinations without clicking on them by hovering the mouse over the link to determine the web address, or URL, that is being referred to. Hovering over a link will show you where the link is redirecting you on the World Wide Web. Scammers might list the URL in the email but then have the link directed to another address. They also might link from a phrase, title or button that is easy to click on. If it is not a recognizable email address or URL, beware!
  3. Don’t click directly on links. Some of these fake websites are so well done that it’s quite impossible to tell them apart unless you look at the URL. But even the URLs can be deceiving because they use extensions to impersonate the company. If you are expecting an email, you are more likely to unknowingly click on the link. Don’t. Instead, verify the correct URL (don’t copy it from the email) and type it directly into your browser.
  4. Never enter information on pop-up screens. Cybercriminals are using pop-up screens on popular websites that deceive you into thinking it is directly from the site. But a legitimate company will never ask for information on a pop-up screen. They will bring you to a secure page to get information. Make sure you are on a page that has a lock icon in the address bar.
  5. Never provide personal and confidential information. Many companies have policies about what information they ask for and how they obtain that information. Learn the policies. It is highly unlikely that a legitimate company will ask for sensitive information in an email or through a link.
  6. Think twice before entering information. Some information is best not sent via email or by completing an online form. If you have any doubts, don’t risk it. The best way to prevent phishing is to consistently reject any email or news that asks you to provide confidential data.
  7. Don’t download from unreliable sites or unknown senders. Today’s browsers have built-in security that may give you a warning message stating a certain website contains malicious files. Do not download. Download files only when you are certain what you are downloading and know you are on a legitimate site. Also, do not click on links to download files or open attachments from unknown senders.
  8. Beware of new phone scams. Sophisticated techniques include pop-up windows that give a warning of a virus or malware and ask you to call a number immediately. But the number goes to a fake call center that asks for information and may even convince you to provide remote access to your computer. Be very cautious of phone scams tied to pop-ups. Do not divulge sensitive information over the phone unless you are certain who you are talking to.
  9. Phishing knows all languages. Cybercriminals are finding out all they can about their victims and will send scams in another language that you speak. If you don’t typically go to the Spanish site for your bank or other website, you would have no reason to get an email in that language. Delete it.
  10. Use common sense and good judgement. Cybercriminals are always changing their techniques to be more devious in getting sensitive information. One of the latest techniques to hit the news is of a fake message that went to employees via email. The message appeared to be sent from the CEO and asked for W-2 information. It was well-timed but not consistent with company policy and not from the CEO’s email address.

Understanding how to avoid phishing scams is critical for protecting you and your company. You should always have the most current updates for your operating system and website browsers on your device, and protect your device with a firewall, anti-malware, anti-spyware, and anti-virus software. Boost IT can assist you in maintaining the proper security. Call us for more information at 404-865-1289.

Cybersecurity Tips for Small Business

by

Back in January 2015, we wrote a four-part article about cybersecurity tips for small business. The article looked at the four parts of a great security strategy: anti-malware, firewall solutions, anti-virus and patches and updates. This information is still very relevant so we want to review the importance of cybersecurity and provide some basic tips.

8 Tips for Better Cybersecurity

Stay in communication with your IT contact and keep them informed. In part one of our article, we told you about how a client’s employee brought in a computer from home that was badly infected. We didn’t learn about it immediately and the infected computer hammered away at the firewall until it overwhelmed it and caused havoc throughout the network. This could have been avoided with clearer policies and better communication.

Maintain anti-malware on every computer. Malware refers to a variety of hostile and intrusive software that include computer viruses, worms, Trojan horses, ransomware, spyware, adware, scareware and other malicious programs. Hackers use malware for a variety of activities such as stealing identity information for fraudulent purposes. Anti-malware protects you against hackers and their schemes.

Keep your anti-malware software current. Hackers are always devising new ways to hijack your computer and access your sensitive data. Thus, patches and updates for new malware protection are always being added to software. Unless you continuously update your anti-malware, you won’t have the protection against hackers’ latest schemes.

Monitor your security. With hackers targeting online sites and hiding malware in them, adjustments regularly need to be made to keep you on guard when users are working online and accessing emails. To help businesses in their security monitoring, we create and review automated security reports and provide remote monitoring and management (RMM) that minimizes downtime and speeds up computers.

Use a firewall to protect your business.  Your firewall is designed to keep your network secure by placing a barrier in between it and other networks. There are many ways the hackers can get into your computer and it is all too easy to click on a link that you think is trusted only to find out it can harm your network and compromise your data. The firewall can help to detect the risk and block it.

Create a comprehensive security strategy and stick to it. Get help from an experienced IT professional and develop a plan for your security. But don’t forget about the plan once it is done. Your security is working well when you don’t have any problems. To keep it that way, you need to continually stay on top of your security and tweak your strategy based on new developments. One way to do this is with our Security component of our Managed IT platform.

Install anti-virus software for added security protection. This is a disputed tip because some people don’t think anti-virus is needed anymore. However, anti-virus software still detects 45% of virus infections. Besides, it is cheaper and faster than in the past. Always use anti-virus in conjunction with a managed firewall, anti-malware software, and a patch management service, which is part of our RMM service.

Upgrade your Windows OS and other software with the latest versions. Some software will have automatic patches and updates installed but there are many situations where these fail. Meanwhile, the user often continues working at risk and unaware of the failure. Patches and updates are built into your OS and other software when you upgrade so you stay secure.

Staying secure is essential for your business. Your ability to work productively and maintain a solid reputation depends on it. Boost IT provides managed IT services that include security and monitoring features that help you stay secure. Find out more by contacting us at 404-865-1289.

No, IT Support and Security are Not the Same

by

Most small to medium sized businesses intuitively know the difference between IT support and security. That doesn’t mean you address IT support and security separately when it comes to protecting your data and maintaining your infrastructure. Having both the necessary support to maintain your systems combined with adequate security to protect data is essential.

Support vs Security – What’s the Difference?

IT Support

When you are faced with challenges in your technology and software applications, you often look for help through a support team that might have been internal or outsourced. Traditionally, this type of support was provided on an as-needed basis.

The traditional concept of support didn’t account for how problems were prevented with continuous maintenance. Instead, the company was reactive. They waited for the problem to arise and contacted support to address the issue. Support then had to dig around to determine the problem, sometimes trying various possibilities until they could address the issue.

This was a time intensive approach that created a lot of downtime.

Today’s support team is more preventative. They can successfully solve many technical issues before they interrupt your business. With many small to medium sized businesses needing big data analytics to stay in the game, there is a need for them to have support REPHRASE. However, it’s more than managing data and providing analytics. The team helps to develop and implement a strategy for security. This strategy determines what security measures are taken to ensure their data is protected and the network is performing optimally.

Security

Security is primarily concerned with the safety of all transactions over the internet such as storing and handling the data. It involves protection from malware, spyware and viruses. It preserves the infrastructure so it is properly storing, backing up and transmitting data. It ensures the confidentiality and integrity of the data while making it available to authorized users only.

A big problem with security is when companies hold on to the traditional mindset of support by being reactive instead of proactive. There is the misconception that security is set it and forget it so they overly rely on it. However, their security quickly becomes outdated and thus ineffective without the proper support and ongoing attention. Their data becomes susceptible to hackers because they fail to keep up with the basics of software updates, user training, regular reporting and maintenance of the infrastructure.

For example, employees have access to the business files remotely. There are security policies in place for how the employees use those files and connect with different devices. Any device that accesses the internet is vulnerable to such threats as cyber attacks, viruses, malware, fraud and hacking. Therefore, the policies dictate certain requirements for accessing business files only with assigned devices provided by the company. This way the company has better control of managing devices for remote access, maintaining how files are accessed and reduces security risks.

Security protection does not take the place of IT support providing managed services that help to maintain your infrastructure and keep your software updated. To understand the effectiveness of your security, you should run a health check of your infrastructure, verify your data is being backed up properly and evaluate whether you have the most current versions of your software. Then you should determine a reasonable level of support that is right for your business.

Boost IT uses  Our Proven 5 Stage Process to make your business more successful. We will perform a diagnostics to determine what is going on, stabilize any issues, deploy monitoring and management tools, provide customized services based on your needs and look for innovative ways to help take your business to the next level. Call us for more information at 404-865-1289 or email us at info@boostitco.com.

Why Companies Are Doing Business in the Cloud

by

With professionals on the go, in the office and telecommuting, more companies are doing business in the Cloud. This shouldn’t come as a surprise considering the technical landscape is continuously changing. Businesses are realizing the impact of the Cloud with greater competitiveness and productivity. They can operate more efficiently, more safely and cut costs that help free up capital.

4 Reasons to Do Business in the Cloud

Increased Security

It’s important to concentrate on your business’ primary goals, and your internet security should be one of them. Cloud servers offer a safe way to store data. Companies providing Cloud services have some of the best technology and security experts in the industry to continuously monitor threats and address them. And security is more than hacking; it is about making sure your data is stored safely so it is available when you need it. If a natural disaster or a system failure were to occur, you want to feel more than confident your data is safe. You want to know it is safe.

Accessibility

As an authorized user, you can get secure access from many devices at different times and locations. Doing business in the Cloud allows specified employees to access files from anywhere, at any time. For example, if you are visiting with a client and have an impromptu discussion on a project, you can pull up files even if you are halfway around the world. This can make the difference in landing new projects.

Productivity

It’s amazing how much more productive you can be when you operate in the Cloud. Software is up-to-date and doesn’t impede the speed of your devices. There are no barriers to moving in and out of applications and the applications are integrated with software to maximize productivity. The number of applications you can access are unlimited and help with time management, collaborations, note taking and more.

Cost Effectiveness

Many companies are realizing the savings by using the Cloud. You don’t need to maintain as large a server or you can do away with a server completely. The Cloud also provides a cost-effective way to backup files and store them. And it’s not just the cost of maintaining the backup where you save money. Backing up files can be especially costly when workflow is disrupted because the backup fails or is not done correctly. Additionally, you can decrease your costs for network consulting while your IT personnel spends less time on overhead and more time on billable projects.

A great example of why companies are doing business in the cloud is our client at Griffith Engineering. We consolidated their servers to eliminate the cost of a branch server and integrated their network with Cloud services using our Rocketsync software for increased productivity. Click here to view the case study.

If your business is not taking full advantage of the Cloud, you are missing out on continuously updated internet security, increased productivity, improved accessibility, and a quick and cost-effective way to back up files. Plus, you’re risking falling behind with your competitors. Contact Boost IT at 404-865-1289 or info@boostitco.com to start doing business in the Cloud.

Why You Should Switch to Windows 10

by

Have you held off on upgrading to Windows 10? You might have heard about the tradeoffs and shortcomings. You may have heard many complaints. Since its launch in 2015, many of the glitches are fixed. There are real benefits to upgrading.

5 Reasons to Switch to Windows 10

Updated Software

Many individual users are disappointed that the upgrade isn’t compatible with older programs. The truth is that their programs are ancient so this should be a moot point for most businesses. Hackers target users with programs that are out-of-date because they are no longer supported with updates for security risks. And most professionals must stay abreast of updates in software to stay competitive in their industry.

Security

Microsoft made it clear that they stopped supporting Windows XP and earlier OS versions. If you don’t update, you won’t have the latest version of OS software with all the protection that goes with it. That’s bad for business. Your clients expect you to maintain the highest level of security when handling their sensitive information. You can’t risk compromising their information by using outdated software. And with Windows 10 your employees can’t easily bypass updates in security. With the frequency of updates to combat malicious malware and out of date codes, you need the frequency of patching that Windows 10 provides. Plus, you get the added security features of Device Guard, Microsoft Passport and Windows Hello.

Speed

As a business, you know that faster speeds improve performance. The speed of Windows 10 is impressive. With the new operating system, you have faster startup and more. This is one area that was improved with Windows 8 and now has improved even more. Think about how much more productive you and your team can be with the speed to move through applications, download files and complete actions.

Touch

With new features always being added on devices, the need to keep up is essential. And the ability for touchscreen is a feature that many professionals are finding advantageous. Windows 10 provides touchscreen abilities right on your desktop. It’s a convenience that helps with productivity and performance in ways you can only imagine when you start using it.

Voice

Cortana is an integration that offers the convenience of hands-free interaction. Whether it is taking a note, setting a reminder or doing simple research, Cortana can improve your performance. It is more than just a digital assistant. There are vast improvements with better speech recognition, faster results and more intuitive searches. Cortana offers ease of use for basic tasks that can be done in seconds so you can move on with your workload.

Upgrading to Windows 10 will improve most of the things that really matter—compatibility, security, speed and interface. It can make a difference in how you and your employees utilize their time. If you haven’t upgraded, it’s no longer a question of “Why?” but rather a question on “When?”

Don’t wait any longer to make the switch. Boost IT can help you with all your upgrades so you are running your business most efficiently and effectively. Get started by contacting us at 404-865-1289 or info@boostitco.com.

Should You Regularly Change Your Password

by

Changing your password might not be providing as much security as experts thought. Hackers are regularly trying to access your company’s data to get financial information and for identity theft. Requiring your employees to have strong passwords makes it difficult for hackers to get at your accounts. But how often you require them to change might actually be hurting your security.

The evidence suggests it is time to rethink mandatory password changes.

Avoid a Change that is Less Secure.

Changing passwords frequently could be making your system less secure. There is a lot of evidence that suggests people who change passwords on a frequent basis, such as every three to six months, choose weaker passwords. The problem is that, according to FTC Chief Technologist and Carnegie Mellon computer science professor Lorrie Cranor (article), when people have to change their password frequently they become predictable. It’s like clockwork. They don’t put a lot of mental thought into it. Instead, their transformations may be simple and methodical. They might increase a number. They might change a letter to a symbol that looks similar, such as changing an S to a $. They might add or delete a special character. Or they might switch the order of digits or special characters, such as moving the numbers to the beginning instead of the end.

If this sounds like what you do, you are not alone. You want a password that you can remember. However, since hackers are able to guess your predictable ways, you could actually be making it less secure. Today, hackers who have access to the hashed password file can use offline attacks or guess large numbers of passwords. Depending on the system’s policies, they will continue to guess every possible combination until they get access. And at some point, if they don’t get access they might start the process over. So how will frequent changes deter them?

Choose Strength Over Frequency.

If the password is strong to begin with, some experts wonder why we should have to change it every 60 to 90 days. Your purpose should be about getting the strongest passwords instead of worrying about the time between changing them. By waiting longer periods before requiring changes, people are not as frustrated with the continuum of change and are more likely to think about stronger passwords.

There are still good reasons to change passwords. According to the Federal Trade Commission, a company should do their own assessment of their security and determine if there is a need to change passwords and how frequently. Mandated password changes should continue to be a security practice designed to periodically lock out unauthorized users who have learned users’ passwords. If you have reason to suspect someone has gotten passwords from your employees, such as with the recent Yahoo hack, change them immediately. If you think your employees have weak passwords, then have them change it.

Assess the need and emphasize strength. Consider changing your password policy that encourages stronger passwords, longer lengths, limited login attempts and multi-factor authentication, especially if your organization maintains sensitive data.

Also realize that if a hacker has gotten a password they are often able to guess a change fairly easily, especially if it is predictable. And if they have already been able to access a user’s account, they may still gain access through software that spies on the user, through a key logger, or through another malware that they may have installed. Therefore, you will need to look closely at your security.

Boost IT can help you assess your security and improve your employee’s password strength. For more information, contact us at 404-865-1289 or info@boostitco.com.