508-909-5961 [email protected]

Watch out for this persuasive phishing email

Anglers catch fish by dangling bait in front of their victims, and hackers use the same strategy to trick your employees. There’s a new phishing scam making the rounds and the digital bait is almost impossible to distinguish from the real thing. Here are the three things to watch out for in Office 365 scams.

The post Watch out for this persuasive phishing email appeared first on Complete Technology Resources, Inc..

Watch out for this persuasive phishing email

Anglers catch fish by dangling bait in front of their victims, and hackers use the same strategy to trick your employees. There’s a new phishing scam making the rounds and the digital bait is almost impossible to distinguish from the real thing. Here are the three things to watch out for in Office 365 scams.

Step 1 - Invitation to collaborate email

The first thing victims receive from hackers is a message that looks identical to an email from Microsoft’s file sharing platform SharePoint. It says, “John Doe has sent you a file, to view it click the link below…”

In most cases, the sender will be an unfamiliar name. However, some hackers research your organization to make the email more convincing.

Step 2 - Fake file sharing portal

Clicking the link opens a SharePoint file that looks like another trusted invitation from a Microsoft app, usually OneDrive. This is a big red flag since there’s no reason to send an email containing a link to a page with nothing but another link.

Step 2 allows hackers to evade Outlook’s security scans, which monitor links inside emails for possible phishing scams. But Outlook’s current features cannot scan the text within a file linked in the email. Once you’ve opened the file, SharePoint has almost no way to flag suspicious links.

Step 3 - Fake Office 365 login page

The malicious link in Step 2 leads to an almost perfect replica of an Office 365 login page, managed by whoever sent the email in Step 1. If you enter your username and password on this page, all your Office 365 documents will be compromised.

Microsoft has designed hundreds of cybersecurity features to prevent phishing scams and a solution to this problem is likely on the way. Until then, you can stay safe with these simple rules:

  • Check the sender’s address every time you receive an email. You might not notice the number one in this email at first glance: [email protected].
  • Confirm with the sender that the links inside the shared document are safe.
  • Open cloud files by typing in the correct address and checking your sharing notifications to avoid fake collaboration invitations.
  • Double check a site’s URL before entering your password. A zero can look very similar to the letter 'o' (e.g. 0ffice.com/signin).

Third-party IT solutions exist to prevent these types of scams, but setting them up and keeping them running requires a lot of time and attention. Give us a call today for information about our unlimited support plans for Microsoft products.

Published with permission from TechAdvisory.org. Source.

The post Watch out for this persuasive phishing email appeared first on Complete Technology Resources, Inc..

Read More

4 BYOD security risks you should prepare for

Personal computing is with us wherever we go. Thanks to the rise of the mobile industry, smartphones and tablets allow us to take work home with us. And with the bring your own device (BYOD) strategy, businesses have never been so productive. However, BYOD can pose a number of security risks if you’re not careful.

The post 4 BYOD security risks you should prepare for appeared first on Complete Technology Resources, Inc..

4 BYOD security risks you should prepare for

Personal computing is with us wherever we go. Thanks to the rise of the mobile industry, smartphones and tablets allow us to take work home with us. And with the bring your own device (BYOD) strategy, businesses have never been so productive. However, BYOD can pose a number of security risks if you’re not careful. Here are some BYOD security issues you should know before implementing it.

Data leakage

The biggest reason businesses are wary of implementing a BYOD strategy is because it can leave the company’s system vulnerable to data breaches. Personal devices are not part of your business’s IT infrastructure, which means that these devices are not protected by company firewalls and security systems.

Employees might also take work with them to places outside of your company premises that don’t have adequate security settings, thus leaving your system vulnerable to inherent security risks.

Lost devices

Another risk your company has to deal with is the possibility that employees will lose their personal devices. If devices with sensitive business information get lost and fall into the wrong hands, anyone can gain unauthorized access to valuable company data stored in that particular device. Therefore, you should consider countermeasures and protocols for lost devices, like remotely wiping a device of information as soon as an employee reports it missing or stolen.

Possible hacking

Personal devices tend to lack adequate data encryption to keep other people from snooping on private information. On top of this, your employees might not regularly update their devices’ software, rendering their devices and your IT infrastructure susceptible to infiltration.

Connecting to open WiFi spots in public places also makes your company vulnerable and open to hackers, because hackers may have created those hotspots to trick people into connecting. Once the device owner has connected to a malicious hotspot, attackers can see your web activity, usernames, and passwords in plain text

Vulnerability to malware

Viruses are also a big problem when implementing BYOD strategies. If your employees use their personal devices, they can access sites or download mobile apps that your business would normally restrict to protect your system.

As your employees have the freedom to choose whatever device they want to work with, the process of keeping track of vulnerabilities and updates is considerably harder. So if you’re thinking about implementing BYOD strategies, make sure your IT department is prepared for an array of potential malware attacks on different devices.

BYOD will help your business grow, but it comes with IT security risks that you should be prepared to handle.
Need help mitigating these BYOD risks? Call us today, and let’s find the best IT security solutions for your company.

Published with permission from TechAdvisory.org. Source.

The post 4 BYOD security risks you should prepare for appeared first on Complete Technology Resources, Inc..

Read More

Ways to handle virtualization security risks

Online blogs and forums mostly cover networks and the cloud when it comes to cybersecurity, leaving other types of technology -- particularly virtualization -- overlooked and unsecured. If you don’t have the right defense plans in place, your business will be vulnerable to all types of cyberthreats.

The post Ways to handle virtualization security risks appeared first on Complete Technology Resources, Inc..

Ways to handle virtualization security risks

Online blogs and forums mostly cover networks and the cloud when it comes to cybersecurity, leaving other types of technology -- particularly virtualization -- overlooked and unsecured. If you don’t have the right defense plans in place, your business will be vulnerable to all types of cyberthreats. Here are some of the major risks of insufficient virtualization security and some methods to prevent them.

Security risks of virtualization

Complex infrastructure – Much like virtualization itself, the infrastructure of a virtualization solution can oftentimes be confusing to small businesses. In fact, the complex configuration alone can be a big headache for it’s more difficult to spot anomalies and unusual events happening in your virtual machines and network.
Dynamic design – Virtualized environments are dynamic by nature and constantly changing. Unlike adding physical equipment, the addition of virtual machines can go almost completely unnoticed as they’re created in a matter of minutes and aren’t visible in your workspace. The danger here is the age old adage, “out of sight out of mind.” And if you add too many, they can easily become difficult to manage and protect, creating security holes in the process.
Quick moving workloads – As your virtualized infrastructure grows, there will come a time when you need to move data from one machine to another. While this may sound harmless, the real issue is that your virtual machines will likely require different levels of security. And when you’re juggling multiple workloads over multiple virtual machines, you may accidentally move mission critical data to a machine that has minimal protection.

How to mitigate risks

While these three risks may sound alarming, they can all be mitigated. The key behind effectively securing your virtual machines all comes down to process. Put some thought into your security processes and then implement them. Here are a few areas to cover:

  • Organization – Decide how and where to separate your test, development, and production virtual machines.
  • Audit – Develop a system to regularly audit your virtual machine security. Whenever possible, use tools to automate your security checks, balances, and processes.
  • Patches – Perform regular security maintenance to ensure the patches are up-to-date for all virtual machines.
  • Overflow management – Create a system to monitor all your virtual machines, identify what each of them is used for, and manage them accordingly.
  • Responsibility – Designate an IT technician to watch over your virtual machines to ensure zero security gaps.If you prioritize proper management of your virtual machines, security doesn’t have to be an issue. Get in touch with us if you’re interested in getting additional assistance for your virtualized infrastructure or if you’re planning to implement a new virtualization solution. Call us today!
Published with permission from TechAdvisory.org. Source.

The post Ways to handle virtualization security risks appeared first on Complete Technology Resources, Inc..

Read More

Getting ready to switch to VoIP phones

Voice over Internet Protocol, commonly known as VoIP, allows you and your employees to make and take phone calls over the Internet using your existing broadband connection. It saves you loads of money and increases team efficiency. If you’re considering moving to a VoIP solution, here are some of the most important aspects to address before the switch.

The post Getting ready to switch to VoIP phones appeared first on Complete Technology Resources, Inc..

Getting ready to switch to VoIP phones

Voice over Internet Protocol, commonly known as VoIP, allows you and your employees to make and take phone calls over the Internet using your existing broadband connection. It saves you loads of money and increases team efficiency. If you’re considering moving to a VoIP solution, here are some of the most important aspects to address before the switch.

Network stability

Implementing a VoIP phone system presents unique challenges, such as maintaining a consistent internet connection. Backup internet connections and uninterrupted power supplies are just some of the hardware you should have to ensure reliable VoIP calls. If your internet goes down or the power is knocked out, business goes on as usual.

Bandwidth

Beyond a stable connection, VoIP calls also need minimum network speeds to function. Estimating your current bandwidth and VoIP’s needs is crucial to ensuring your calls are clear and free of drop outs. Before benchmarking your internet speed, decide on how many users, handsets, and calls per day your new VoIP solution will need to handle.

Security

As with anything connected to the internet, VoIP is susceptible to cybersecurity threats and breaches. You could fall victim to information theft and malicious attacks if you don’t have robust and preventive security measures in place. Your best bet is to deploy a firewall to monitor the flow of traffic and protect your systems from security threats.

Budget

VoIP is a long-term money saver for small businesses, but there are relatively small upfront costs when upgrading from a traditional phone system or another subpar VoIP solution. You need to take into account things like whether you’ll purchase deskphones, potential cabling challenges, and installation costs for VoIP-specific routers.

Staff

Employee training is key to a successful VoIP integration. You help these efforts by asking one, or several, of your staff to work with the vendor or IT provider to learn the new system and become in-office resources. While most people are already familiar with video conferencing software such as Skype, it helps to create user guides and manuals to educate those that aren’t as tech-savvy.

VoIP systems create countless cost-saving and business-enhancing benefits, but they should not be installed without certified help. Our dedicated professionals streamline the whole process so your solution is configured and optimized as quickly as possible. Get in touch with us today for information on how to embrace this groundbreaking technology.

Published with permission from TechAdvisory.org. Source.

The post Getting ready to switch to VoIP phones appeared first on Complete Technology Resources, Inc..

Read More