508-909-5961 [email protected]

Fixing computers drains your firm’s funds

Aside from overseeing your business’s network security, IT security staff are also adept at fixing personal computers. However, that doesn’t necessarily mean they should. In fact, such occurrences ought to be minimized, if not avoided altogether.

The post Fixing computers drains your firm’s funds appeared first on Complete Technology Resources, Inc..

Fixing computers drains your firm’s funds

Aside from overseeing your business’s network security, IT security staff are also adept at fixing personal computers. However, that doesn’t necessarily mean they should. In fact, such occurrences ought to be minimized, if not avoided altogether. Your security personnel should be focusing on more pressing issues. But if they’re toiling over PC repairs, not only is your staff’s energy drained, but your IT budget plummets, too.

Cost of fixes

According to a survey of technology professionals, companies waste as much as $88,660 of their yearly IT budget as a result of having security staff spend an hour or more per work week fixing colleagues’ personal computers. The ‘wasted amount’ was based on an average hourly salary of IT staff multiplied by 52 weeks a year. Other than knowing how much time is wasted, what makes things worse is that IT security staff are among the highest paid employees in most companies.

The fixes have mostly to do with individual rather than department- or company-wide computer problems that don’t necessarily benefit the entire company. The resulting amount is especially staggering for small- and medium-sized businesses (SMBs) whose limited resources are better off spent on business intelligence tools and other network security upgrades.

Other costs

All those hours spent on fixing personal computers often means neglecting security improvements. The recent WannaCry ransomware attacks, which successfully infected 300,000 computers in 150 countries, demonstrate the dangers of failing to update operating system security patches on time. It should be a routine network security task that, if ignored, can leave your business helpless in the face of a cyber attack as formidable as WannaCry. It didn’t make much money, but had it been executed better, its effects would have been more devastating to businesses, regardless of size.

Profitable projects could also be set aside because of employees’ PC issues. For SMBs with one or two IT staff, this is especially detrimental to productivity and growth. They can easily increase their IT budgets, but if employees’ negligible computer issues keep occurring and systems keep crashing, hiring extra IT personnel won’t do much good.

What businesses should do

The key takeaway in all this is: Proactive IT management eliminates the expenditure required to fix problematic computers. Bolstering your entire IT infrastructure against disruptive crashes is the first step in avoiding the wasteful use of your staff’s time and your company’s money.

Even if your small business has the resources to hire extra staff, the general shortage of cyber security skills also poses a problem. Ultimately, the solution shouldn’t always have to be increasing manpower, but rather maximizing existing resources.

Having experts proactively maintain your IT eliminates the need to solve recurring small issues and lets your staff find a better use for technology resources. If you need non-disruptive technology, call us today for advice.

Published with permission from TechAdvisory.org. Source.

The post Fixing computers drains your firm’s funds appeared first on Complete Technology Resources, Inc..

Read More

How to keep Mac computers safe

When it comes to Mac devices, data privacy and security should be your #1 priority, not an afterthought. Without implementing sufficient security measures, you’re leaving the door open for cybercriminals to ransack your sensitive data. Keep your bases covered and fortify Mac security with these six tips:

The basics
Let’s start with the basics and head over to the Security & Privacy pane in System Preferences.

The post How to keep Mac computers safe appeared first on Complete Technology Resources, Inc..

How to keep Mac computers safe

When it comes to Mac devices, data privacy and security should be your #1 priority, not an afterthought. Without implementing sufficient security measures, you’re leaving the door open for cybercriminals to ransack your sensitive data. Keep your bases covered and fortify Mac security with these six tips:

The basics
Let’s start with the basics and head over to the Security & Privacy pane in System Preferences. Here, you’ll find four tabs -- General, FileVault, Firewall, and Privacy -- that control various aspects of security. To change your security settings, click on the padlock on the bottom of the screen and type in your username and password.

Firewall
Enabling the firewall will block unwanted incoming network connections. Many think it is enabled by default, but often it’s not. All you need to do is click the Firewall tab in the System Preferences > Security & Privacy pane, click the padlock icon on the bottom left, enter your username and password, and click the ‘Turn On Firewall’ button. Don’t forget to enable Stealth Mode by clicking the Firewall Options button and then clicking Enable Stealth Mode in the dialog box -- this makes your computer invisible on public networks.

Passwords
Make sure to set strong passwords for your user accounts if you don't already have one. To do this, go back to the 'General' section of the Security & Privacy settings. In this section, you should also consider setting the Require Password field to 'immediately.' This makes it so that you'll need to re-enter your login credentials to unlock your Mac when it goes to sleep or when a screen saver begins.

Automatic login
It’s best to disable this function, especially if you are using a mobile Mac. If your Mac gets stolen, you don’t want to give thieves a free pass to your private data.

Applications
At the bottom of the General Settings tab, there are three options that authorize which apps can run on your Mac. The safest option is to allow only apps from the App Store to run, and the least secure option is to allow apps from anywhere. Get the best of both worlds by choosing the option of running apps from the App Store and from developers known to Apple.

FileVault
The FileVault tab enables you to encrypt all the files in your user account. To decrypt them, you must enter either your account password or the recovery key you created when you switched FileVault on. It might be tedious to type in a password every time to access a file, but it helps keep your vital data under lock and key.

In this digital age, ensuring the protection of all your devices is crucial to your business’s success. Because all it takes is a tiny leak to sink your ship. Feel free to give us a call and we'll help prepare your business for choppy waters.

Published with permission from TechAdvisory.org. Source.

The post How to keep Mac computers safe appeared first on Complete Technology Resources, Inc..

Read More

4 HIPAA protections against ransomware

Keeping up with HIPAA regulations may be a pain for most healthcare institutions, but it does provide guidelines on how to protect your organization from devastating cyberattacks. That said, following HIPAA rules may be your best shot in fending off ransomware like WannaCry.

The post 4 HIPAA protections against ransomware appeared first on Complete Technology Resources, Inc..

4 HIPAA protections against ransomware

Keeping up with HIPAA regulations may be a pain for most healthcare institutions, but it does provide guidelines on how to protect your organization from devastating cyberattacks. That said, following HIPAA rules may be your best shot in fending off ransomware like WannaCry.

For those who don’t know, WannaCry was first discovered in the UK. It affected over 20% of the UK’s National Health Service and created bottlenecks in hospital administration and treatment. Many healthcare institutions claimed that the privacy of patient data was not compromised, but the success of the attack shows how vulnerable these industries are to new, emerging threats.

Within 24 hours, the ransomware eventually spread and infected hundreds of thousands of machines in 150 countries. But despite WannaCry’s success rate with healthcare institutions in Europe, the malware was less effective in the US -- thanks to companies that strictly followed these HIPAA guidelines:

Malware protection
Securing your endpoints with advanced antivirus software, firewalls, and intrusion prevention systems can help detect and block attacks targeting your patient data. In fact, most antivirus software has been able to prevent WannaCry since early April; with that in mind, you should keep your security systems patched and running full system scans on a weekly, if not, daily basis.

Up-to-date software
Just like your security products, your business applications, operating system, and other software should always be up to date. WannaCry was able to spread only due to vulnerabilities in outdated Windows operating systems (which were actually fixed back in March). Simply taking a few minutes to check for updates and install them will save you lots of financial and legal trouble in the future.

Incident response plans
Should a malware attack occur, HIPAA requires that companies have strategies in place to mitigate the damage. When dealing with highly sensitive patient data, encryption systems are a must. And in cases when ransomware strikes, companies should have cloud backup and disaster recovery plans to restore files in a clean computer to keep operations running.

Security tests and risk analyses
Once you’ve established a security framework and incident response policy, risk analysis and security tests are crucial last steps. Hiring IT staff to perform a risk analysis will help you identify and isolate system vulnerabilities to prevent cyberattacks. Also, security tests are important in finding out whether your defenses are capable of preventing different types of attacks from exploiting any weaknesses.

Employee awareness
Of course, none of this can substitute for good security training. Staff who understand security best-practices like setting strong passwords and critically double-checking download links can ensure your firm’s safety.

Experts anticipate that this attack will spur on copycats, so complying with these security tips and best practices (even if your company is not under HIPAA regulations) is key to survival. And if you need guidance with security or healthcare compliance, we’re the ones to talk with. Call us today if you need help keeping WannaCry and other malware at bay.

Published with permission from TechAdvisory.org. Source.

The post 4 HIPAA protections against ransomware appeared first on Complete Technology Resources, Inc..

Read More

How did WannaCry spread so far?

By now, you must have heard of the WannaCry ransomware. It ranks as one of the most effective pieces of malware in the internet’s history, and it has everyone worried about what’s coming next. To guard yourself, the best place to start is with a better understanding of what made WannaCry different.

The post How did WannaCry spread so far? appeared first on Complete Technology Resources, Inc..

How did WannaCry spread so far?

By now, you must have heard of the WannaCry ransomware. It ranks as one of the most effective pieces of malware in the internet’s history, and it has everyone worried about what’s coming next. To guard yourself, the best place to start is with a better understanding of what made WannaCry different.

Ransomware review

Ransomware is a specific type of malware program that either encrypts or steals valuable data and threatens to erase it or release it publicly unless a ransom is paid. We’ve been writing about this terrifying threat for years, but the true genesis of ransomware dates all the way back to 1989.

This form of digital extortion has enjoyed peaks and troughs in popularity since then, but never has it been as dangerous as it is now. In 2015, the FBI reported a huge spike in the popularity of ransomware, and healthcare providers became common targets because of the private and time-sensitive nature of their hosted data.

The trend got even worse, and by the end of 2016 ransomware had become a $1 billion-a-year industry.

The WannaCry ransomware

Although the vast majority of ransomware programs rely on convincing users to click compromised links in emails, the WannaCry version seems to have spread via more technical security gaps. It’s still too early to be sure, but the security experts at Malwarebytes Labs believe that the reports of WannaCry being transmitted through phishing emails is simply a matter of confusion. Thousands of other ransomware versions are spread through spam email every day and distinguishing them can be difficult.

By combining a Windows vulnerability recently leaked from the National Security Agency’s cyber arsenal and some simple programming to hunt down servers that interact with public networks, WannaCry spread itself further than any malware campaign has in the last 15 years.

Despite infecting more than 200,000 computers in at least 150 countries, the cyberattackers have only made a fraction of what you would expect. Victims must pay the ransom in Bitcoins, a totally untraceable currency traded online. Inherent to the Bitcoin platform is a public ledger, meaning anyone can see that WannaCry’s coffers have collected a measly 1% of its victims payments.

How to protect yourself for what comes next

Part of the reason this ransomware failed to scare users into paying up is because it was so poorly made. Within a day of its release, the self-propagating portion of its programming was brought to a halt by an individual unsure of why it included a 42-character URL that led to an unregistered domain. Once he registered the web address for himself, WannaCry stopped spreading.

Unfortunately, that doesn’t help the thousands that were already infected. And it definitely doesn’t give you an excuse to ignore what cybersecurity experts are saying, “This is only the beginning.” WannaCry was so poorly written, it’s amazing it made it as far as it did. And considering it would’ve made hundreds of millions of dollars if it was created by more capable programmers, your organization needs to prepare for the next global cyberattack.

Every single day it should be your goal to complete the following:

  • Thorough reviews of reports from basic perimeter security solutions. Antivirus software, hardware firewalls, and intrusion prevention systems log hundreds of amateur attempts on your network security every day; critical vulnerabilities can be gleaned from these documents.
  • Check for updates and security patches for every single piece of software in your office, from accounting apps to operating systems. Computers with the latest updates from Microsoft were totally safe from WannaCry, which should be motivation to never again click “Remind me later.”
  • Social engineering and phishing may not have been factors this time around, but training employees to recognize suspicious links is a surefire strategy for avoiding the thousands of other malware strains that threaten your business.

Revisiting these strategies every single day may seem a bit much, but we’ve been in the industry long enough to know that it takes only one mistake to bring your operations to a halt. For daily monitoring and support, plus industry-leading cybersecurity advice, call us today.

Published with permission from TechAdvisory.org. Source.

The post How did WannaCry spread so far? appeared first on Complete Technology Resources, Inc..

Read More