With holiday shopping gearing up, you might be looking for gadgets and devices for the tech lover in your life (or you. Nothing wrong with buying yourself something nice). Here are some things on our under-$150 wish list this year: Read the rest of this entry »
If you haven’t moved your business to the cloud – partly or completely – you aren’t alone. Business owners in many industries have been reluctant to make the move. But that’s starting to change. Rapidly.
More and more, business owners are realizing the productivity and security improvements they can achieve using cloud and hybrid cloud solutions over relying on their solely on-premises technology infrastructure.
We hear and read the phrase “moving to the cloud,” but what does it actually mean?
Some people seem to believe it’s when you store your data in the cloud – that is, taking advantage of the scalable, predictable expense of having their data redundantly stored in geographically dispersed data centers protecting it from natural or manmade disasters. Indeed, that is one way of “moving to the cloud.” But that’s not all.
To really “move to the cloud,” a business must virtualize its entire IT operation. Essentially, all employees’ workstations would be running cloud-based applications like Word, Excel and others on a cloud provider’s servers rather than their own. Instead of multiple hard drives on site, your data and software solutions would be remotely hosted – allowing you to access them anywhere, any time and on any device with an internet connection.
Business owners’ hesitation in adopting the cloud – whether for data storage or full virtualization – has many understandable bases.
- Cost. There can be steep upfront licensing fees when first moving to the cloud.
- Security. Many business owners believe if they don’t have the data in their office, it’s not safe.
- Location of data. Related to the above, many are concerned about where their data will be located.
- Employee disruption. They think the process of moving to the cloud will be too disruptive to their employees and productivity.
Those are a few worries we’ve often heard expressed. Certainly, there are others. And, there are some businesses for which the cloud isn’t a good solution. But the vast majority of businesses can achieve significant benefits by moving at least part of their operation to the cloud.
Usually, it’s not until a catastrophic failure takes place or significant limitations in current IT solutions confront the business before business owners really consider moving to the cloud. If owners plan ahead to prevent failures and limitations, they’ll see that moving to the cloud – despite its upfront costs which are reduced by savings in office electricity and real estate – is the answer to protect them from future failures. They can put off the migration, but it’s coming sooner or later.
An increasingly mobile workforce with needs to access company data and use company software solutions from anywhere will ultimately drive the adoption of cloud computing, along with the security improvements offered by large cloud storage and cloud computing providers.
Asking the right questions can make the process of moving to the cloud easier.
Moving your business to the cloud can be done successfully with an experienced and trusted IT provider.
When considering IT providers to help in cloud migration, here are a few questions to ask:
- What information should move to the cloud? My files? My backups? My whole environment?
- How do I know my data is secure?
- How do I know terminated employees no longer have access?
- How does this integrate and interact with mobile and other devices?
- Are you recommending this cloud solution because it’s the best one or because it’s the one with which you’re most familiar?
Getting answers to these basic questions from your IT managed service provider should help reduce your worries about making the move to the cloud.
Micro Visions has years of experience moving clients from on-site to cloud-based solutions like Microsoft Office 365. In fact, Office 365 is a great way to begin your business’ move to the cloud.
Micro Visions will listen to your wants and needs, help you make an objective decision and take care of your move to the cloud. Ready to get started? Give us a call at (616) 776-0400 or contact us.
Is it defense or offense that wins the game? While debate continues around whether defense or offense is key to victory, there is certainly no doubt about the importance of a solid defensive strategy. Similar to a game of football, creating a defensive strategy for your team is crucial to winning against the opponent, a.k.a. the data hackers.
Experienced hackers and sophisticated phishing schemes have affected all organizations, regardless of size. Consider this alarming statistic – 64% of companies have experienced web-based attacks and 43% of cyberattacks target small businesses. Small businesses are easy targets due to their minimal security and moderate amount of data, and because the chances of attack are high, setting up a strong defense is critical to avoiding big issues in the future.
Small businesses are at risk when unprepared for a cyberattack. Hackers can steal employee emails, client data, financial records and all the information that’s on your server – Microsoft Word documents, Excel spreadsheets, etc. Reputation damage and permanent financial damages are just two of the repercussions small businesses face when unprepared for a cyberattack. Going out of business is an extreme fallout that far too many organizations have experienced. Winning in business is very difficult if you get hacked.
With football season right around the corner, we created 5 defensive strategies for your business to consider for preventing cyberattacks.
5 Defensive Strategies to Prevent Cyberattacks
- Train your team
Your employees must be an essential part of your defensive strategy. It is important to educate them on security standards and prevention so they know how to identify and handle threatening situations. Teach your employees basic cybersecurity practices so they know when they’re presented with a threat or are vulnerable to intrusion.
- Establish your line of scrimmage
Define your line before you play. An information security policy outlines the actions and behaviors expected to avoid risks to the company, its clients, vendors, and other stakeholders. Examples of policies include acceptable use, access control, change control, disaster recovery, physical security, and many more.
- Implement double coverage
Double up on your defense. Two-factor authentication verifies user identities with a required temporary passkey or verification code sent to the user’s mobile device. This will help keep your data safe because even if credentials were hacked, hackers can’t access your data without the required passkey.
- Blitz the hackers
Don’t let your opponent find unnecessary opportunities. Seal the corners and rush directly toward the data hackers by securing the network with a business-class firewall featuring unified threat protection. By installing firewall protection, you can prevent unauthorized Internet users from accessing private networks connected to the Internet.
- Set up a defensive scheme
With users accessing the Internet from multiple devices in and out of the office, it is crucial to protect and manage those devices. Setting up cloud security defenses to block known malicious destinations and implementing mobile device management to protect corporate data are two highly recommended solutions.
Establishing your business’ defensive strategy is crucial, and choosing the right IT partner can make the process much more seamless. Some IT providers fail to address security because they become complacent and forget to make sure everything is operating optimally. What it took to secure your business one year ago would look considerably different than it does today. It is important that your IT provider is well-versed on the latest developments to maintain ongoing security and to keep your company educated. You may be approaching the fourth quarter, but it’s not too late to secure the win.
Fun, but very important, fact: your smartphone is not immune to the various hazards that attack computers. You’ve heard of phishing, which typically works through email. Smishing is similar, but it relies on text messages to reel in victims. Like phishing, a smishing message looks like it comes from someone you trust, like a bank, or a family member. The goal is to get personal information from you, such as your social security number, passwords, and other things the attackers can use. Often, they will then try to steal your identity or your money, but sometimes there will also be malware in the message that gives them access to your phone.
There are a few reasons smishing can be more dangerous to you than phishing. Read the rest of this entry »
Wombat Security Technologies recently released their “State of the Phish 2018” report. This report found that 76% of companies surveyed experienced phishing attacks in 2017.
Phishing is an attempt to gather sensitive information, such as username and password, credit card information, social security numbers, etc., and use it for malicious purposes. These are often done via email, over the phone, through messenger applications or on social media.
The term “phishing” came about to describe the “bait and switch” style that phishing attacks emulate. They bait you with something that looks legitimate, an email from a friend, an alert from a trusted organization, etc., and then switch out the link with a malicious one, funneling you into phisher’s “net.”
The “Nigerian Prince” used to be the classic example of a phishing attack – you know the story. But phishing schemes have evolved significantly over the last 20 years. Webroot says there were 1.385 million new, unique phishing sites created each month in 2017, with a high of 2.3 million sites created in May. These sites are used to mimic popular websites that people trust such as social media platforms, bank websites, universities, and popular applications.
The target of the phishing attack receives an email that looks legitimate, mimicking the design, language and structure of typical emails from the copied organization. The link within the email then takes the target to the dummy site that also mimics the organization’s design in an attempt to gather login information to the legitimate portal.
For example, if you received an alert from your bank saying there was suspicious activity on your account and offers you a quick-access link to log-in and check it out, the link would take you to a site that looks exactly like your bank login screen. Except when you login you will be sent to a refreshed screen instead of your account and your account information will be compromised.
Here are some things to look for in your messages to help recognize a phishing email before you click on an infected link.
- Substituted or extra characters
Check the sender’s domain name – it may contain substituted or extra characters. For example, changing a capital “I” to a one (1) or adding an extra letter changing yoursite.com to yourrsite.com.
- Email messages from convincing sources
Be wary of email messages that appear to come from a source such as Microsoft claiming your password needs to be updated.
- Fake URLs
Hover over links to verify that the URLs are legitimate.
- Email messages from your CEO
If your CEO emails a request for confidential information, such as copies of W2s or requests a financial transaction be initiated, always verify by phone or in person.
- Unencrypted emails
Remember that email is not secure unless the email is encrypted.
- Email messages regarding your bank or credit card
If you receive a message from bank or credit card companies about money or credentials, call or login directly to the website instead.
Some other tactics to look out for:
- You may receive a fake LinkedIn request. Go directly to your LinkedIn account instead of clicking the link.
- If a phisher gains access to your Outlook, a common tactic is for them to create a rule that forwards your email messages to an email account they created so they learn your contacts and writing style. Check your rules!
If you suspect you have been the victim of a phishing threat, the first thing you should do is contact your IT support team immediately. Other important courses of action include changing your passwords, running a security scan on your device, and monitoring your computer for slowness or abnormal behavior.
If you have questions about your company’s security or you’re looking to take advantage of our end user security awareness and security training, contact us today online or by phone at 616.776.0400. We are happy to help you!
This is the fourth of a multipart series on common types of malware and other computer hazards. For those who have managed services with Micro Visions, we’re keeping an eye on threats for you. However, there are always small things you can do to further protect yourself.
Part 4: Trojan Horses
The term “Trojan Horse” comes from Homer’s Iliad. During the Trojan War, the Greeks built a large wooden horse, pretended it was a peace offering, and snuck into the city of Troy by hiding inside the horse. The key to getting inside the city? The people of Troy had to bring the “peace offering” inside the wall. Similarly, victims of Trojan horse malware generally download or click on something that they expect to be innocuous. (Spoiler, it’s usually pretty nasty.) Good news is they don’t replicate (like a virus does), but the bad news is that they can still do damage. They also tend to be pretty invisible while they’re at it.
According to Symantec, there are a few major categories of Trojan: backdoor, downloader, and infostealer. Essentially, the backdoor type allows the attacker to access your machine and its data and programs. Sometimes this results in someone taking control of your computer while you’re not actively using it (or even while you are). The downloader type acts as a carrier for other types of malware. In this case the Trojan malware is the large wooden horse, and the other kinds of malware are the Greeks. Infostealer Trojans include Emotet, which steals sensitive information from your machine. This type can allow the attacker to monitor your device for passwords and other login information.
What to do?
Micro Visions protects against Trojans and other malware with monitoring and antivirus software. To protect yourself, beware of phishing emails. Avoid websites or links that seem suspicious. IMPORTANT: Your phone can also get Trojans, and it is especially vulnerable to apps with malware. Do your research before downloading.
Attention, people in charge of buying things. If you’re anything like me, a large contributor to whether or not you’re going to purchase something is the price. However, if the cost of something is surprisingly low, you should look into the reason it’s so low. Simply put, if it seems too good to be true, it probably is. For example, when someone smashes the front end of a 2017 luxury car and has it rebuilt, the value of the car is far lower than the value of an unwrecked, otherwise identical car. Similarly, a product from one company that’s significantly cheaper than the same product from the official distributor or manufacturer will likely be a low price for a reason. This is where the grey market comes in. Read the rest of this entry »
If you’re running a small business, you’re probably interested in the revenue that comes from successful advertising. Unfortunately, there’s this pesky thing called click fraud, which causes you to overpay for advertising. So how does this work, and how do you avoid it? Read the rest of this entry »
This is the third of a multipart series on common types of malware and other computer hazards. For those who have managed services with Micro Visions, we’re keeping an eye on threats for you. However, there are always small things you can do to further protect yourself.
Part 3: Ransomware
Ransomware likes to sneak into your computer and encrypt your files. It’s called ransomware because if you give the attacker money, he could theoretically decrypt the data. Most of the time. Read the rest of this entry »