508-909-5961 [email protected]

When and if disaster strikes, is your business going to continue to operate and cater to customers despite a possible long-term hardware failure or a network disruption? If you answer no or are not even sure what to do, you are part of a majority of business owners who have not considered disaster preparedness and […]

27 Jan, 2016 / by Complete Technology Resources / in Business Continuity, Security category

2016Jan25_BusinessContinuity_BWhen and if disaster strikes, is your business going to continue to operate and cater to customers despite a possible long-term hardware failure or a network disruption? If you answer no or are not even sure what to do, you are part of a majority of business owners who have not considered disaster preparedness and the crucial role it plays in business survival. This post helps small or mid-sized businesses (SMBs) gain some understanding about Disaster Recovery (DR) and how important DR planning is today to protect against unexpected and costly downtime.

As we all know, unpredictability is a fact of life. The aftermath of Tropical Storm Bill in Texas and recent floods in South Carolina are a grim and unfortunate lesson for many overconfident business owners who think their companies are spared from the likelihood of cataclysmic weather, technological malfunctions, or human actions. A 2014 survey by the IT Disaster Recovery Preparedness (DRP) Council reveals just how many companies worldwide are at risk: 73 percent of SMBs are failing in terms of disaster readiness. What does this mean? It means that 3 out of 4 companies aren’t prepared to handle emergencies and save their businesses from a worse-case scenario.

If it’s not clear and compelling enough for a business owner like yourself to consider putting a well-conceived Disaster Recovery (DR) plan into place, perhaps it’s time to give it some thought. Doing so can save you years of business loss. Here is some useful information about what DR is all about and how it can ensure your business’s survival in the wake of unforeseen circumstances.

What is Disaster Recovery (DR)?

Disaster recovery is a plan for restoring and accessing your data in the event of a disaster that destroys part or all of a business’s resources. It is a key component involving many aspects of business operations that requires this information to function. The job of a DR plan is to ensure that whatever happens, your vital data can be recovered and mission-critical applications will be brought back online in the shortest possible time.

What kind of disasters are likely to happen?

Business disasters can either be natural, technological, or man-made. Natural types of disasters include floods, earthquakes, tornadoes, hurricanes, landslides, tsunamis, and even a pest infestation. On the other hand, technological and man-made disasters involve hazardous material spills, infrastructural or power failure, nuclear power plant meltdown or blast, chemical threat and biological weapons, cyber attacks, explosions, or acts of terrorism and civil unrest.

Why does your business need DR?

Regardless of industry or size, when an unforeseen event takes place and causes day-to-day operations to come to a halt, a company will need to recover as quickly as possible to ensure you will continue providing services to clients and customers. Downtime is one of the biggest IT expenses that any business can face. Based on 2015 disaster recovery statistics, downtime that lasts for one hour can cost small companies as much as $8,000, mid-size organizations $74,000, and $700,000 for large enterprises.

For SMBs particularly, any extended loss of productivity can lead to reduced cash flow through late invoicing, lost orders, increased labor costs as staff work extra hours to recover from the downtime, missed delivery dates, and so on. If major business disruptions are not anticipated and addressed today, it’s very possible that these negative consequences resulting from an unexpected disaster can have long-term implications that affect a company for years. By having a Disaster Recovery plan in place, a company can save itself from multiple risks including out of budget expenses, reputation loss, data loss, and the negative impact on clients and customers.

How do I create a DR strategy for my business?

Creating, implementing and maintaining a total business recovery plan is time-consuming but extremely important to ensure your business’s survival. Many organizations don’t have the time or resources to dedicate to this process. If you would like to protect your company from unexpected disasters but need further guidance and information on how to get started, give us a call and our experts will be happy to discuss Disaster Recovery options and solutions with you.
Published with permission from TechAdvisory.org. Source.

Read More

When it comes to the online security of their business, many SMB owners consider it an afterthought. They think their business is too small to be of any concern to cyber criminals, and there’s good reason for this mentality. How often are security breaches to SMBs listed in the news? Rarely. In fact, you may […]

26 Jan, 2016 / by Complete Technology Resources / in Security category

2016Jan20_Security_BWhen it comes to the online security of their business, many SMB owners consider it an afterthought. They think their business is too small to be of any concern to cyber criminals, and there’s good reason for this mentality. How often are security breaches to SMBs listed in the news? Rarely. In fact, you may not be able to think of a single one. But today, that’s about to change. A recent NY Times article documented the story a small business that was lucky to survive a ransomware attack.

Last holiday season, Rokenbok Education, a small, California-based toy company of seven employees realized its worse nightmare. During the busiest time of the sales year, the files in their database had become unusable, infected with malware. The hackers used ransomware, a malware designed to hold a business’s data hostage, to encrypt their files and demanded a payment to make them usable again. However, instead of paying the ransom, Rokenbok restructured their key system. To do this it took four days. That’s four days of downtime, lost sales, and confused customers who likely lost confidence in the integrity of their company. Luckily this did not put Rokenbok Education out of business. But many SMBs aren’t so fortunate, and are forced to close after such a security debacle.

So why do security breaches like this happen to SMBs?

There are many reasons, but a common one is that small and medium-sized businesses often focus on profits over security. And really, it’s hard to blame them. When you’re small, you want to grow your organization as quickly as possible. And you likely think that because you’re small, no one is going to attack you. However, nowadays hackers are on to this way of thinking. They know that SMBs don’t focus as much on security, which make them a perfect target. In fact, according to Timothy C. Francis, the enterprise lead for Cyber Insurance at Travelers, 60 percent of all online attacks in 2014 targeted SMBs.

So what can your business do to protect itself against online attacks? There are a range of options, but it’s best to start off with an audit of your current security system to see where the holes are. This audit should check areas of risk which include customer data, employee access, and assets such as servers, computers and all Internet-enable devices.

After that, an obvious thing to do is to strengthen your passwords. While this has been said thousands of times over, many SMB owners do not take heed. Clay Calvert, the director of security at the Virginia-based firm MetroStar Systems, notes that hackers analyze how we create passwords and use big data analytics to crack them. “They have databases of passwords,” Calvert said. The best way to create a strong password is to make it long with a mix of characters. Password managers that encrypt your passwords can also help.

Aside from passwords, there are many other ways to boost your business’s security that include installing a firewall, keeping your antivirus up-to-date, and moving data over to the cloud (instead of storing it on company servers). Also, since many security attacks occur because an employee clicked on a malicious website or link, training your employees is a smart move. A good way to start this training is to create an employee manual that includes security guidelines they must follow. For ongoing training, you can keep them up-to-date on the latest security threats through email updates and regular meetings. Once you feel confident that your employees are up-to-speed and your security practices are updated, you can try hiring ethical hackers to test your systems and try to break through your security. This will let you know if there are any security holes you missed.

Calling in a security specialist

However, if all of this sounds far too much to bother with, consider outsourcing your security to a service provider that specializes in digital security. This can oftentimes save valuable time and money in the long run. Best of all, this can provide peace of mind, knowing that you have a security specialist watching over your business.

If you’re feeling overwhelmed and unsure where to start with your business’s security, we’re happy to help perform a thorough audit and provide you the digital security solution you need to keep your business protected. Security worries don’t have to keep you up at night, and we can help you implement the measures that will protect your business from disastrous security problems.

Published with permission from TechAdvisory.org. Source.

Read More

Protecting yourself, your employees and your business when you’re using the Internet is mandatory if you want to remain safe, productive and profitable. The current climate dictates that we all need to ramp up our online security measures thanks to the proliferation of phishing scams, hacks and fraudulent activity. The days of viruses causing your […]

13 Jan, 2016 / by Complete Technology Resources / in Browsers, Security category

Browsers_Nov25_BProtecting yourself, your employees and your business when you’re using the Internet is mandatory if you want to remain safe, productive and profitable. The current climate dictates that we all need to ramp up our online security measures thanks to the proliferation of phishing scams, hacks and fraudulent activity. The days of viruses causing your PC to run sluggishly are long gone – today there are issues that can pose a very real threat to your livelihood. Here we look at some ways to bolster security.

Keeping your data safe is crucial for any small to medium-sized business. Back in the good old days when paperwork, ring binders and print outs were the norm, you wouldn’t have dreamed of leaving classified data lying around for all and sundry to see. Imagine the furor if you left a list of employee salaries lying face up on a desk. Think of the damage an employee with a grudge could do if they were able to flip through private files whenever they pleased. Now, just because your data is stored on your computers, servers and in the cloud, that doesn’t make it impenetrable. If anything it makes it available to absolutely anyone, anywhere, who has the desire and capabilities to hack into your system.

One thing you should be doing to protect your data – and your company – is to make use of privacy-protecting browser extensions. Depending on the nature of your business, both you and your employees are likely to be online at least some, if not all, of the working day. And that makes you vulnerable to attack. But what are some of the browser extensions that are out there?

Prevent browser tracking

If you don’t like the idea of a third party (reputable or otherwise) being able to track your browsing habits, try installing a tool which offers private browsing. These programs offer protection against tracking by blocking third party cookies as well as malware. Some extensions also boast secure Wi-Fi and bandwidth optimization and can guard against tracking and data collection from social networking sites such as Twitter, Facebook or Google+.

Blocking adverts

While online ads may seem harmless, the truth is that they can contain scripts and widgets that might send your data back to a third party. A decent ad blocking program will block banner, rollover and pop-up ads, and also prevent you from inadvertently visiting a site that is known to contain malware. Many blockers contain additional features such as the ability to disable cookies and scripts used by third-parties on a site, the option to block specific items, and even ‘clean up’ Facebook, and hide YouTube comments. The major blockers work with Google Chrome, Safari and Firefox and you’ll be able to find everything from user-friendly solutions to more advanced tools that are customizable down to the tiniest degree. Do be aware, however, that not configuring your ad blocker properly can cause websites to ‘break’, making them unusable.

Consider installing a VPN

Unfortunately browser tracking, malware and adware are not the only Internet nasties that you need to be concerned about, but the good news is that there a number of other extensions that you can download to really get a grip on your online safety. A VPN (Virtual Private Network) is something else to consider. VPNs encrypt your Internet traffic, effectively shutting out anyone who may be trying to see what you’re doing. Commonly used in countries such as China where the Internet is heavily censored by the powers that be, a VPN allows for private browsing as well as enabling users to access blocked sites – in China’s case that’s anything from blogs criticizing the government to Facebook and Instagram. There are a huge number of VPNs on the market so do a little research and find one that suits you best.

Finally, it goes without saying that having anti-virus and anti-malware software installed on your PC, tablet and even your smartphone is crucial if you want to ensure your online safety.

If you’d like to know more about staying safe on the Internet or would like to schedule a security assessment for your company, get in touch with us today.

Published with permission from TechAdvisory.org. Source.

Read More

Google have recently enrolled a number of their users in a trial to road test a new way of logging in to their Google accounts. The method aims to stamp out the increasing amount of phishing attacks, as well as the issues caused by people (who likely include some of your employees) from using passwords […]

05 Jan, 2016 / by Complete Technology Resources / in Security, Web category

internet security conceptGoogle have recently enrolled a number of their users in a trial to road test a new way of logging in to their Google accounts. The method aims to stamp out the increasing amount of phishing attacks, as well as the issues caused by people (who likely include some of your employees) from using passwords that are all too easy to crack. So if you have a sneaking suspicion your staff members might be logging in to company accounts with “Password 123” and the like, read on.

So what exactly is Google’s master plan for squaring up to malicious phishing attempts and the perils caused by easy-to-crack passwords? The tech giant is currently trialing a new login option for Google account users. This will let anyone who has enabled the option to log in using their smartphone, completely eliminating the point at which you would normally enter a password. The system uses your phone to verify your identity by sending you an alert that gives you the option of whether or not to log in to your account.

During the trial stages, Google have invited what they are terming “a small group of users” to test out the potential password-free function on their personal Google accounts. The method appears to be easy to use and, if the trial is a success, could offer a far more secure way of accessing an account. By authorizing your phone to let you log in, you are effectively removing the need for a password.

To initiate a log in, the testers type in their email address on their PC or Mac. This will be followed up with a notification on their phone asking them whether they wish to log in to their Google account. All they then do is click the “yes” option and the computer will log them in automatically. For anyone concerned about not being able to log in due to their phone having a flat battery, being forgotten at home, or worst case scenario lost, there is no need to worry for the option remains to log in the traditional way by clicking a link saying “Use your password instead” at the bottom of the page.

Should the trial go ahead and password-free smartphone authentication becomes the norm, the advantages from a security perspective are clear. As stated above, simple passwords simply don’t protect accounts properly. Should someone – whether a hacker, a dishonest employee with an agenda, a recently fired employee with a grudge, or a competitor – put their mind to it, figuring out poor passwords is really not that hard, especially if they have insider knowledge about the user. Date of birth, favorite football team, an unfortunate obsession with Justin Beiber – these are all things that can be used to crack a password. And let’s not even get started on Password123.

The other thing of significant importance is the fact that should password-free log in go ahead, it will stop phishers in their tracks. The phishing ‘business’ is a booming one and those unscrupulous people who contact end users and attempt to extract personal information from them by pretending to be from a trustworthy source could find that their days of stealing passwords are numbered. If the phone becomes the means to log in, the phisher is rendered impotent. There is no password to hand over and of course the phisher doesn’t have access to the phone to click the “yes” button.

Google have made a few facts clear to their guinea pigs which have become public knowledge. The first of which is that the trial works on both the iOS and Android platforms. Users can still log in with their existing password should they desire and Google’s “unusual sign-in” policy remains in place should they detect anything suspicious and need the user to complete an extra step as proof it’s really them.

Should password-free, smartphone login be launched it would be a massive step in the right direction towards plugging the security holes that are caused by human error or carelessness. Setting a password such as “123456” might seem kind of dumb, but it’s amazing just how many people do! At the other end of the scale, phishers can be frighteningly convincing and are able to con even the most tech savvy or diligent users out of passwords, credit card details and more.

If you’d like to know how we can help you ensure that you are operating in the safest possible security environment, give us a call today.

Published with permission from TechAdvisory.org. Source.

Read More