Here’s a growing trend creeping into organizations of all industries and sizes: Shadow IT. Shadow IT are unauthorized cloud applications employees are using and downloading to perform work-related activities with company data. This can be file-sharing services like Dropbox or surveys such as Zoomerang. The list goes on and on.
So what’s the problem?
For starters, if you’re in a highly regulated industry like medical or financial services, you’re almost guaranteed to be flagrantly violating data privacy laws or at least flirting with them; and if you’re audited, you could end up facing BIG fines, not to mention legal fees and bad PR. Second, the barrier to entry is LOW. Anyone with a browser and a credit card can purchase or enroll themselves into applications that integrate with your organization’s critical applications and/or store company data such as client lists, e-mails, files, etc.
Of course, not all cloud apps are bad, but you as the owner and your IT person or company need to at least be AWARE of these applications to determine if they’re a threat to security or a violation of data privacy laws, and simply to keep your confidential information, well, confidential!
For starters, your IT company or person should be constantly monitoring your network for new and unknown software or devices. This can (and should!) be incorporated into routine vulnerability testing. If you’re not sure this is being done now, find out. As Intel founder Andy Grove once said, “Only the paranoid survive.” Once you know what applications are being used, you can set your company firewall to block applications you DON’T want employees to access with company data and devices, and allow those that are company-approved.
Also, make sure you catalogue these sites somewhere by user with the login information for that person. If an employee leaves your organization or is fired, they may remember what the username and password are to these cloud applications and could use them to harm your organization or steal data to sell or give to a competitor. Don’t put yourself at risk!
By now, many of you have probably heard of the WannaCry ransom attack that shut down the British NHS among many other organizations large and small over the weekend. This is one oWannaCryf the larger attacks in recent history utilizing methods leaked by the NSA that exploits Microsoft’s operating systems to silently spread without any user intervention, resulting in a quite effective virus. The damage done was enough for this to be included in the White House’s press briefing today.
Lots of our users have expressed concern about these attacks and would like to know if they’re vulnerable, so I wanted to address the main points:
What it is:
-WannaCry is a variant of the typical cryptolocker style ransomware that is pretty common these days. This form of malware gets on a computer and encrypts any files it sees both on the local machine and network shares. It then demands payment for the “key” to unlock and recover your data.
-WannaCry differs from the typical ransomware malware which has been around for years by using an NSA discovered backdoor in Windows’ file sharing protocol in order to spread from machine to machine silently across a network.
What has already been done to mitigate this:
-Microsoft released an update back in April that secures everything newer than Windows XP from this method of spreading. Part of your service with Computer Cats is making sure your PCs are up to date, so this update has been applied to your PCs. As a result the silent spread of this virus is not a concern in your networks.
-Outside of the efficient method of spreading the infection, there is still the standard “Crypto” malware attached (which has been a risk for years). The best defense against this sort of malware is a good backup solution. If your data is backed up, the if/when this malware strikes you can just delete the encrypted data and restore from backup and move on with business as usual. There are other preventative measures available, including placing “honeypot” files on your network that trip alarms in the server which lock things down the moment they’re touched. We have deployed a mixture of these measures in your networks in order to prevent these viruses from causing damage in the first place.
-Finally, as additional safeguards against this particular bug are found we will be deploying them to your network ASAP.
What YOU can do to prevent data loss:
-In the end the best defense is to prevent these infections from entering the network in the first place. This starts with you and your employees. Please take this opportunity to be reminded that there are lots of people out there looking to trick you into running something or clicking something you shouldn’t. If you receive an e-mail that seems suspicious, please do not click anything inside it and forward it to us for further examination. My favorite tickets are when people are asking me to verify the legitimacy of an e-mail, as that means the person is paying attention! Also be vigilant on the internet. Avoid downloading files from uncertain websites. Do not trust sites telling you that you need an update or to change your settings. Essentially, trust no one! For more information check out our latest article about email security "How To Catch A Phish" and share it with your employees.
-Authored by John Hilb @ ComputerCats
For many small business owners, it can be difficult to stay on top of the newest tech trends while simply managing daily operations. After all, who has time to research the latest and greatest when there aren’t enough hours in the day to clean out your inbox? Don’t worry - we’ve narrowed down 3 tech tips to focus on when it comes to managing your small business.
The number of users who visit websites via smartphones and mobile devices continues to increase each day, which is why mobilizing your business is so important. Be sure to establish your Google Places listing so users receive every bit of important information when they look you up online. Make sure your website is mobile-friendly, easy to navigate, and focuses on key information.
Utilize The Cloud
Cloud services empower collaboration, drive rapid ideation and innovation, and help keep files secure and organized. No one has time to waste searching through old emails or scattered files to find what they’re looking for, and cloud services help to minimize that issue. Furthermore, the cloud allows you to store company information centrally and safely.
Take advantage of latest tech
Chatbots are just one unique tech trend that many small businesses utilize on a daily basis. These smart bots can be created to use automated responses to common questions customers may ask about store hours, product availability, or directions to your business’s location. This helps alleviate the stressful task of being available 24/7 when customers contact you online.
Technological advancements are changing all the time, making it hard to stay ahead of competitors in your industry. However, if you utilize these important tech tips, your small business has a much better chance of continuing to grow and achieve success!
As a small business owner, you spend your days seeking to protect and to grow your company. You want to care well for clients and customers, investors and employees, but you may not think to protect your people and your assets from the damaging effects of a cyber attack. Often overlooked by small business owners, this invisible threat poses a real risk to your organization. Computer Cats can help you to take proactive steps to protect against this type of threat!
Recognize the Risk
As a small business owner, you may think your company not large enough to be susceptible to a cyber attack. The opposite is true, as small businesses often have fewer safeguards in place, such as data security policies and up-to-date technologies. And, the rich data stores of a small business serves as a strong inducement for a cyber attack. Customer and client information can be highly valuable to cyber criminals!
Determine Vulnerable Areas
You may think that because you have traditional security features in place, such as antivirus software and firewalls, that you have all the protection you need. While these defenses are important, they cannot stop more advanced cyber attacks. Computer Cats can help you to determine your vulnerable areas. Even information as simple as the names of contacts can be used for criminal purposes!
Implement a Solution
You want to choose a solution that covers your vulnerable data and that does so as quickly as possible. Select one that allows you to protect against common attacks, those leveraged through email and web traffic, as well as uncommon ones. And choose security measures that can stop unknown attacks while still in process. We can help you to determine the best security solutions for your small business!
Small Businesses and Cloud Backups
When you think of ways to protect your business, you may think of taking out liability insurance or storing valuable paperwork or assets off site. One of the most vital ways to protect the assets of your company, though, is with cloud services. While you can backup electronic files by flash drive and external hard drive, cloud services, such as those offered by Computer Cats, help to provide a double layer of protection for small businesses through off-site storage and systematic backups.
The Value of Off-Site Storage
One way that cloud services protects your company is by facilitating the off-site—or cloud—storage of important documents. Just as you would store certain paper documents or other physical assets in a separate location from your business, establishing off-site storage for important electronic files helps to protect your company in the event of any physical property damage. Even a leaky pipe or a dropped drink can cause unforeseen complications when it comes to computer-based files!
The Importance of Systematic Backups
Cloud services also protect against user-error complications that can arise during the day-to-day running of a business. Even the most conscientious of small business owners and employees may find themselves forgetting to make sure that back ups have occurred with a flash drive or an external hard drive. Cloud services help by automating this process and then running in the background during your busy workday. So, you can take the urgent phone call or head to your next meeting knowing that your electronic documents are safe and secure!
Whether you’re looking for a way to make your morning commute a bit more interesting, or you simply want to stay in the loop with the latest updates within the tech community, podcasts can be an awesome resource. We’ve compiled a few of our favorite tech podcasts here at Computer Cats to get you through the week. Check it out!
The Tech Guy Podcast
The Tech Guy, hosted by Leo Laporte, airs every weekend in over 170 in the US and Canada! The show features episodes covering information over “computers, the internet, iPods, and cell phones to camcorders, digital cameras, gaming systems, and home theaters.”
This Week in Tech
This informative podcast “has provided news, commentary, help, how-to and perspective on the latest trends in digital tech from seasoned experts and journalists” since 2005. Their shows are all about the latest computer hardware, Android apps, and Google updates, just to name a few.
Future Thinkers Podcast
Future Thinkers was created by Mike Gilliland and Euvie Ivanova, two techies who are passionate about “evolving technology, society, and consciousness to create a more sustainable future for humankind.” Some of their latest episodes feature topics such as human-technology interactions, block technology, and more.
Do any of the following problems sound familiar? We can help!
More Than One Office?
Do you have multiple offices, or even want to work from home and stay connected? We have solutions to keep all your work stations, near or far, constantly connected.
People Mobile in The Field?
Does your business require that you go out into the world away from your office? Give your company the best tools to do their job, even on the go.
Large Network Systems?
Having an enterprise requires you have a large, complex network. Use our solutions to help develop, improve, and maintain your networks and servers.
Does your enterprise require that you have 25 or more computers, at the same location, or at separate locations? We set up, update, and maintain all of the computers to keep them all organized and consistant.
Rely Largely on Computers?
With computers being the backbone of your enterprise, we are here to design and constantly maintain and update your systems and computers to keep them top notch, making your business run the best it can.
No in House IT Department?
Most large companies do not know where to start when developing an IT Department. Instead of being on your payroll, keep your costs down and hire us as your IT partners, at your service when ever there is a computer problem.
Everyone gets them, and there’s no stopping them. There are tools available to try to filter most of them, and for the most part, they work, but inevitably things will get through and the last line of defense is you. Over the years our clients have called us about all sorts of interesting scams they’ve gotten in their email, and like all other technology, the latest ones are more sophisticated than ever. Here are some do and do nots to help make sure you don’t fall for one of these scam emails:
-Check the From field in the email to make sure the sender's address matches who they portray themselves to be. If it looks like an email from your bank, but the ‘From’ address is anything but @yourbanksname.com be very suspicious.
-Check for double extension scams: safe2open.txt is probably fine, but safe2open.txt.exe is probably not.
-Notify your IT department if you’re not sure, or think you clicked on something you shouldn’t have immediately.
-Pay attention to what comes right before the .com/.net as these are often the pieces that matter most. Things can come before it and be legitimate e.g. support.example.com, but if you see support.example.definatelynotascam.com, you’re no longer looking at the same domain.
-Open any executable files from links you are sent or if they’re attached directly to the email. If you see .exe or .bat, these are not things you want to open.Click links in your email without hovering over the link first and looking at the bottom left of your screen to see where it’s sending you.
-Click links in your email without hovering over the link first and looking at the bottom left of your screen to see where it’s sending you. If it’s not sending you where you thought, don’t click it.
-Respond or reply in any way. Just send it to your IT department or delete it.
-Follow unsubscribe links. It’s better to just mark it as spam than click a potentially harmful link.
The reality in today’s technological world is we can’t 100% rely on technology to protect us online, the real answer is making sure we’re aware of where we are and what we’re doing. If you’d like to learn more about how we can help you make sure your employees are safe online fill out the contact form on our site and we’ll be happy to send you some of our free tools for helping with this.
Hey everyone! Welcome to our new Computer Cats blog. We'll post announcements, news, and computer tips and tricks that we know you'll love every week! Make sure to hit the subscribe button and like us on Facebook! We'll cover topics like how to speed up your computer, secure your information, best practices for backup, how to choose the best IT service to fit your business and tons of other topics. If you have any ideas or topics you'd like us to cover, leave a comment below and we'll let you know when we'll get to it!