Posts in Data

The SMB’s Cybersecurity Checklist

December 10th, 2019 Posted by Best Practices, Data, Devices, Internet, Networks, Security, Services, Staff 0 thoughts on “The SMB’s Cybersecurity Checklist”

The landscape of digital security has changed, and we want to make sure that small to medium-sized businesses (SMB’s) have the information they need to keep up and keep their businesses, customers, and employees protected. To that end, we’ve prepared a cybersecurity checklist to get you started.

First thing’s first: Your business is not too small to be targeted for an attack.

The data you collect is just as valuable as any other business, and hackers have learned that it’s more likely to be vulnerable. Too many SMB’s rely on the hope that they’re “invisible” to hackers and don’t ensure that they have the proper cybersecurity measures in place. Cybersecurity is just as vital to your business as it is for a Fortune 500 company.

The best foundation for a strong cybersecurity plan is a thorough understanding of your company’s resources and risk factors. If this kind of review is outside the skillset of anyone in your company (or if you simply don’t have the resources to get it done in a timely fashion), we encourage you to consider bringing in a managed service provider (MSP) to do an internal audit and report of all your systems. This audit will then serve as the backbone for your cybersecurity strategy.

Armed with the knowledge you need to evaluate your situation, you can move forward with the checklist and help ensure the success and security of your business.

  • Continuous Education: The majority of security breaches happen because of human error, like losing a password or submitting credentials on a phishing site. Comprehensive training can help your employees understand the risks and avoid them. IT training also makes your employees more valuable by enabling them to be more productive. It’s well worth the time and effort.
  • Regular Risk Assessments and Security Audits: “The best offense is a good defense” certainly applies to cybersecurity. If you take the time to regularly audit and assess your company’s cybersecurity, you’re much more likely to catch a flaw before it’s exploited.
  • Disaster Response Plan: The best way to recover from a disaster is to be prepared ahead of time. Imagine how much easier it would be to respond to a security breach if you know that you have secure backups, security consultants available to assess and repair the breach, a communication plan to notify customers and staff, and a recovery process to get everything back on track.
  • BYOD: Allowing employees to bring their own devices to work allows for a new level of flexibility and connectivity, but it can compromise your security. Developing a comprehensive approach to BYOD security policies can save your business.
  • Layers of Security: From endpoint and mobile devices to networks and users, ensure that each facet of your company has the right protection. No one piece can protect you on its own, but tiered defenses tailored to your business can provide a strong defense against cybercrime
  • Cyber insurance: You have insurance to protect your physical assets, and now it’s time to get insurance that will cover your computer systems and data. Cyber insurance will help protect you against electronic threats that can result in stolen or damaged data as well as expensive liability and recovery costs.

4 Ways to Weaken Your Security

October 22nd, 2019 Posted by Best Practices, Data, Hackers, Internet, Networks, Security, Staff 0 thoughts on “4 Ways to Weaken Your Security”

The list of “to do’s” for cybersecurity can get pretty long and overwhelming. So, in honor of National Cybersecurity Awareness Month, we’re giving you a short list of what NOT to do instead. Here are four of our favorite ways to weaken your security and make it easy for hackers to take advantage of your business.

Don’t worry about unauthorized logons

While most attempts to log on to your network are provably valid actions by verified users, there is a good chance that at least some are hackers attempting to penetrate your security. Each attempt can tell them something about your network, increasing their chances of success. Monitoring your perimeter security for suspicious activity can help IT personnel take action before your company is compromised.

Use random configurations

It only takes one device with an incorrect configuration to weaken your entire perimeter security system. One firewall misconfiguration can give hackers access to your entire network, and you won’t like what they do once they’re in. A system to ensure proper configuration upon installation plus regular auditing can help avoid this.

Ignore scanning attempts

Network scanning is used by hackers to find weak points in your network. If you don’t bother to monitor your network for scanning threats, you might miss out on malicious attempts until your data has been compromised.

Make your VPN easily accessible

Virtual private networks (VPNs) are a popular way to improve the security of remote connections for many businesses, but there are risks to using any method. Giving VPN access to employees who don’t need it or allowing employees to access it through public WiFi can both cause problems. The more people with access, the more difficult it is to ensure that it’s only being used by the right people. Accessing a VPN through public WiFi can give hackers a chance to steal your employee’s credentials. Restricting users, providing usage guidelines, and monitoring usage can help avoid these issues and protect your network.

If this still sounds overwhelming and you’d like some help ensuring the security of your network, your data, and your business, we’d be happy to help. Contact us today to speak with a Think network engineer.

Two-Factor Authentication: Secure, Simple, Inexpensive

July 15th, 2019 Posted by Best Practices, Data, Disaster, Hackers, Security, Staff 0 thoughts on “Two-Factor Authentication: Secure, Simple, Inexpensive”

“I don’t believe there is any single item that is more cost effective at improving security for public facing services than two-factor authentication.  This is why most Internet banking and other sensitive websites are requiring this nowadays.” – Darrell Brooks, Director of Infrastructure at Think

Even the strongest password may not be enough to protect your sensitive data. Luckily, two-factor authentication (2FA) is here to help.

Two-factor authentication adds an extra level of security to your basic login process. Think of it like this: Having 2FA required for your account login is like having a deadbolt and a keycode for your front door. That way if you lost your key, you would still be protected by the keycode. Or if someone overheard your keycode, you would still have the deadbolt in place.

Just as you would require both the keycode and the physical key to get into your front door, you would also require two different factors to access an account secured with 2FA.

There are three categories used for two-factor authentication:

  1. A thing you know (like a password or keycode)
  2. A thing you have (like a keycard or a mobile phone)
  3. A thing you are (like a fingerprint)

Your two factors should come from two different categories. This is often a password and an auto-generated PIN number that has been sent to you through a text or an app.

Many (if not most) people are guilty of using weak passwords or duplicating passwords for different accounts. This probably includes your employees. Adding 2FA to your security is a simple, easy, and inexpensive way to tighten security for your business.

Take a look at the different two-factor authentication apps available online, or contact Think to discuss options for your business needs. In the end, the one you will use will depend on the kind of deployment that you desire and the structure of your organization.

Successful IT Transitions Need These 5 Components

July 12th, 2019 Posted by Best Practices, Cloud, Communication, Data, Security, Staff 0 thoughts on “Successful IT Transitions Need These 5 Components”

Change is easy to get excited about and easy to get started, but it’s tough to follow through and keep the momentum going. Especially when it feels like there’s no end in sight, as can happen with IT projects if you’re not careful. But it doesn’t have to be an endless slog. If you build these 5 components into your IT transition, the entire process will be much smoother and more successful from beginning to end.

1. A tracking system – a simple list of major goals and initiatives, refer to it often (especially if you’re thinking about adding anything), and check off progress as you go. This helps to keep the direction clear, make the steps and goals feel attainable, and makes progress easy to see. All of these will make it easier for your staff to maintain motivation and momentum.

2. Clear communication – When people don’t understand what they’re doing or why, they lose focus, motivation, and enthusiasm. So, make all communications regarding the transition as transparent and simple as possible. Lose the tech jargon and talk about the benefits, challenges, and goals in a way that everyone can understand.

3. Available support personnel – It’s likely that there will be a handful of people in your organization who are always in demand during any IT transition. They’re the ones who always seem to know what’s going on and how to fix it. It’s essential that these people be free to work on higher level issues, while anything else is delegated to employees with less expertise and/or less demand on their skills and time. This will help the transition move more quickly and smoothly while encouraging less experienced staff to learn and take on new responsibility.

4. Clear transitions and expectations – make sure that your employees know when and how to transition from doing things the “old way” to adopting your new solutions and processes. Whether this is an entirely new role or just a new approach, you can cut down on confusion, frustration, and unnecessary delays by ensuring that everyone knows what to do and when to do it.

5. Data-based targets – It’s important to both morale and progress that you and your team can identify what “done” is for any given stage or goal in the transition. This gives you a framework to discuss their progress and direction, and it gives them a definite path to follow.

5 Reasons Your Business Needs a Backup and Recovery Plan

May 6th, 2019 Posted by Best Practices, byod, Cloud, Data, Disaster, Hackers, Security, Staff 0 thoughts on “5 Reasons Your Business Needs a Backup and Recovery Plan”

If you lost all your business data today, how long would it take for your business to recover? What steps would you take to get everything up and running again? How would it impact you financially? Knowing the answers to these questions is all part of being prepared. Just like having a back up and recovery plan. Here is some more compelling evidence that this is a necessary part of any business today:

1. Data is Easy to Lose – not just major events, a lot of it is human error. This is especially true in a BYOD culture where you may have business data being stored on personal laptops or in personal cloud accounts of your employees.

2. Cyber Attacks Keep Coming – the average cost of an attack for a company with 10 – 24 employees is over $38,000, and it just goes up from there. It doesn’t matter what type of business or the size, hackers will target anything they can profit from.

3. Downtime – loss of data can bring your entire business to a grinding halt. And if that data can’t be recovered, it takes even more time to replace (if that’s even an option).

4. Irreplaceable Data – some documents or files are truly invaluable. Everything from client lists and research to files on upcoming projects. If all that disappeared in one day, where would your business be?

5. Reputation – do you hold any sensitive or personal data on for your clients or customers? Or data that your clients will need to access in the future, like health care records or financial information. How would telling them it was all gone impact your relationship with them? Or your reputation in the business community?

A variety of back up and recovery options are available and can be customized to suit your business. Contact one of our engineers today if you would like to learn more about your options or get an expert’s perspective on developing your own backup and recovery plan.

Pros and Cons: Cloud Computing

March 18th, 2019 Posted by Best Practices, Cloud, Data, Devices, Internet, Managed Service Provider 0 thoughts on “Pros and Cons: Cloud Computing”

Should you be entrusting your data to the cloud or keeping it down to earth on your own servers? This is a decision facing every business. It’s one you’ll be forced to consider carefully, because it’ll impact your business practices and expenses for the foreseeable future. There’s plenty to be said for both cloud storage and dedicated servers, which makes the question which one is right for you. In this post we’ll be covering the pros and cons of the cloud.

Advantages of the Cloud

Cost Savings
One of the biggest benefits of cloud computing is the cost savings. With cloud computing, you can save substantial IT costs by eliminating the need to purchase, operate, and maintain server equipment. You pay for what you use, and you can stop whenever you like. This can make cloud computing ideal for some businesses all by itself. Though it is worth noting that in some instances an on-site server can actually be less expensive than using the cloud.

Reliability
With a managed service platform, your business can benefit from a large pool of IT resources that are dedicated to ensuring a reliable connection to your data at all times. These generally include redundancies that most businesses wouldn’t have built into their own personal servers.

Manageability
With a service level agreement (SLA) you get all the benefits of a high-end system without the hassle of performing updates and maintenance yourself.

Strategic Edge
The ease and accessibility of computer resources can give you a competitive edge, since the time you require for upgrading your IT resources to meet the needs of your business is basically nothing. This allows you to focus on moving your business forward.

Disadvantages of the Cloud

Downtime
If the internet is down, you have no access to your data and possibly the applications you use to run your business. Depending on the quality of internet service available in your area, this could be a significant disadvantage.

Security
Cloud service providers do everything they can to ensure the security of your data. But any time you’re storing data and important files with external service providers, it opens up some risk. It’s unlikely to be an issue, but you should consider the potential consequences any time you’re trusting someone else to safeguard your business’s information.

Vendor Lock-In
Moving to the cloud can be a quick, easy process. But moving between cloud services can get rather difficult. Not all services are cross-compatible, and you may end up staying with a less-than-ideal set up for a few features that you’re not sure how to do without.

Limited Control
Since the cloud infrastructure is entirely owned, monitored, and managed by the service provider, control over what you can change, update, or access is limited to the applications, data, and services you’re paying to use.

The advantages of cloud computing are many, and it’s well worth considering as an option for your business. But don’t forget about on-site servers just yet, because they have some pretty great advantages of their own. We’ll discuss both the advantages and disadvantages of on-site servers in our next blog post.

If you’re considering the future of your business IT and want input from the experts, our engineers here at Think would be happy to help. Contact us to schedule a consultation.

The Inevitable eMail Scam

February 25th, 2019 Posted by Best Practices, Communication, Data, Desktop, Disaster, Hackers, Security, Services 0 thoughts on “The Inevitable eMail Scam”

Some things in life are guaranteed to happen, like death, taxes, and email scams. The email scams get more creative as time goes by.

One of the latest email scams going around has a particularly devious set up.

Targets of this scam receive an email from what looks like their own email address, as if you’d sent an email to yourself. This is strange enough to ring alarm bells, but it gets more alarming when you read the content of the email. The scammer claims to have installed programs on your computer that tracked all your information (including accounts, passwords, and contact lists) as well as recording you via your own webcam. Then the inevitable threat: pay $1,000 in bitcoin to the scammer within 48 hours, or everyone on your contact list will receive compromising personal information and video of you.

The language in the email is much coarser than that, but you get the idea. And it is a scam. This person didn’t send the email from your account, no matter what it looks like. And they don’t have access to your personal information or your webcam. There’s nothing to ransom; they’re just hoping to scare you badly enough to get you to pay them.

What You Can Do

Getting a good filter will help keep a lot of the junk from ever reaching your inbox.

Staying aware of the latest types of scams will help you be aware of what could come your way.

And always, always take a minute to think through and, if necessary, research anything that looks suspicious. A quick Google search can show you if others have encountered a similar situation.

If you want to do more to protect your email but aren’t sure where to start, our engineers would be happy to help. Contact us today to schedule a consultation and learn more about what you can do to protect yourself and your business.

Windows 7 & Windows Server 2008 r2 Are On Their Way Out

February 14th, 2019 Posted by Best Practices, collaboration, Communication, Data, Desktop, Devices, Disaster, Hackers, Managed Service Provider, Security, Services, Windows 7 0 thoughts on “Windows 7 & Windows Server 2008 r2 Are On Their Way Out”

All good things come to an end, and that includes operating systems. This time around it’s Windows 7 and Windows Server 2008 r2. As of January 14, 2020, Microsoft will no longer be providing security updates for these systems. This means that any devices running on these operating systems will become vulnerable to security threats after January 14, 2020.

What You Can Do

We encourage you to begin planning for the upgrade of these devices to a newer, more secure operating system. The sooner you start this process, the easier it will be to ensure that you can:

  1. Have time to determine the most beneficial IT solutions for your business.
  2. Work in the transition period during a more convenient time for you and your staff.
  3. Plan for the expense of the upgrade.

What You Don’t Want to Do

Put it off until the last minute. Something this vital to your business operations and security isn’t something you want to rush or push to the side.

We’re Happy to Help

Here at Think our engineers are ready to help you find the best IT solutions for your business. And with their extensive experience and knowledge, they can help make the transition as smooth and convenient as possible for your business and your staff. To schedule a consultation with a Think engineer, contact us today.

For more information from Microsoft, you can read their information page here.

Speed Up Your Browser

Speed Up Your Browser with 5 Simple Steps

December 11th, 2018 Posted by Best Practices, Cloud, Data, Desktop, Internet, Managed Service Provider, Services 0 thoughts on “Speed Up Your Browser with 5 Simple Steps”

Is Your Browser Running Slow?

There’s nothing worse than a website that won’t load. Over time, high volumes of content can cause your Internet browser to slow down. However, with a bit of maintenance, it’s easy to ensure your browser stays speedy for longer.

The following tips apply across all major Internet browsers, including but not limited to Google Chrome, Mozilla Firefox and Internet Explorer.

5 Tips to Speed Up Your Browser

1. Remove unused extensions – Too many plug-ins and extensions can slow down your browser. They take up system resources and can even cause bugs and crashes. Extensions can add useful features to your browser, but it’s a good idea to occasionally remove the ones you no longer use or need.

For extensions you need, make sure they’re regularly updated. Your browser should automatically handle updates this, but it’s worth double-checking. Just like keeping the browser itself updated, ensuring you’re running the latest versions of your add-ons keeps them bug-free and running smoothly.

2. Clear your cache and cookies – As you surf the web, your browser keeps records of your files in its cache to speed up your experience. The next time you visit a site, the cached files are already present, so your browser only needs to download the new bits from the web. This means less time waiting, and in general, a faster browsing experience.

However, it is recommended to occasionally cear out your cache and start again. Your browser should automatically manage the cache, but it can get unwieldy and cause the occasional bug or glitch. If you want to keep your browsing speed as good as new, then wipe the slate clean every few months or so. Afterwards, you might notice a slight slowdown to begin with, as your browser rebuilds the cache, but it should quickly go back to normal.

At the same time you clear your cache, you should clear your cookies as well. Cookies are bits of data that websites record on your machine to identify who you are, where you’re from, your website preferences, etc. Usually these cookies are harmless and useful, but a regular purge will quickly get rid of any corrupt or unnecessary ones.

3. Uninstall and reinstall your browser – Removing unused extensions and clearing the cache/cookies are great tips for stopping browser slowdowns – sort of like returning your car to its original state by erasing all the issues and problems that have built up. Uninstalling and reinstalling your browser is a quick shortcut to do the same job.

Once the old version of your browser is uninstalled, you can reinstall the latest update from the Internet. As well as eliminating any corrupted data caches and unneeded extensions, this will make sure that you’re running the most up-to-date version of the software, an important factor in keeping your browser running smoothly. Staying up to date is vital in fixing bugs and blocking security threats and most modern browsers download updates automatically.

4. Manage your tabs – Managing your open tabs more efficiently will help you browse faster. The more tabs you have open, the slower your browser will run. For faster browsing, keep the number of open tabs to a minimum and resist the urge to have a dozen tabs open at once. If you need to keep track of several sites to return to later, you can bookmark the pages for later. Pro tip: Set up a “Temporary” folder within your bookmarks for this scenario.

5. Install a cleanup tool – Some add-ons and apps can help you keep your browser running at top speed. Most of these tools handle the cleaning jobs we covered above, like tidying up cached files that you don’t need any more. It’s worth researching and testing a couple to see if you notice any speed increases. There are also desktop programs to clean up browser clutter.

Still Need Help?

If your browser is still slow after completing the above steps, there might be another issue lurking behind the scenes. Think’s engineers are highly trained and certified to assist with all of your technology needs. Contact us for additional support!

Source: Popular Science

Secure Shopping

Stay Secure When Shopping Online

November 14th, 2018 Posted by Cloud, Data, Desktop, Hackers, Hosted Services, Managed Service Provider, Security, Services 2 thoughts on “Stay Secure When Shopping Online”

9 Tips for Secure Shopping Online

As we approach the holiday season, we encourage extra mindfulness when it comes to online shopping.

There are some simple precautions that will make your online purchases more secure, including using reputable third-party pay services (like PayPal) whenever possible, always logging out of sites after you’ve completed a purchase and selecting one credit card for all online purchases to limit exposure.

Here are 9 tips for staying safe online, so you can start checking off items on that holiday shopping list:

1. Use familiar/trusted websites – Start at a trusted site rather than shopping with a search engine. Search results lead you astray, especially when you drift past the first few pages of links. If you know the site, chances are it’s less likely to be a rip off. Beware of misspellings or sites using a different top-level domain (.net instead of .com, for example).

2. Look for the padlock icon – Never buy anything from a site that doesn’t have SSL (secure sockets layer) encryption installed. You’ll know if the site has SSL because the URL for the site will start with “HTTPS” instead of just “HTTP”. An icon of a locked padlock will appear, typically in the status bar at the bottom of your web browser, or right next to the URL in the address bar, depending on your browser. Never give anyone your credit card over email.

3. Don’t provide all of your info– No online shopping store needs your social security number or your birthday to do business. However, combined with your credit card number, your social security number and other identification numbers can do a lot of damage. When possible, default to giving the least amount of information.

4. Check your bank statements – Don’t wait for your bill to come at the end of the month. Go online regularly during the holiday season to review statements for your credit card, debit card, and checking accounts. Make sure you don’t see any fraudulent charges. If you do see something wrong, pick up the phone to address the matter quickly. In the case of credit cards, pay the bill only once you know all your charges are accurate.

5. Protect your devices – You can protect against malware with regular updates to your operating system, browsers and software. Software companies add security updates along with every upgrade released. Installing updates as soon as they are released can help you better protect your devices against malware. You should also run a reputable, anti-virus product on your home PC or laptop. This will help prevent your device from becoming infected with malware.

6. Use strong passwords – It’s always important to utilize strong passwords, but it’s never more important than when banking and shopping online. Make sure your passwords are unique for each website, contain a healthy mix of letters, numbers and symbols when allowed. Passwords should not be easy to guess (like your last name or birthday). Use a password protected spreadsheet or secure app to store your passwords. When possible, set up multi-factor authentication for additional security.

7. Avoid shopping on public devices – It should go without saying that it’s a bad idea to use a public computer to make purchases. If you must, remember to log out every time you use a public computer, even if you were just checking email. Avoid entering your credit card and expiration date on websites in public, even if you’re using your own devices. By doing so you’re giving onlookers the chance to steal your information. At the very least, double check no one is looking and be as discreet as possible.

Additionally, don’t use publicly available charging cords or USB ports to charge your devices. Publicly available power outlets are generally fine, but the cords or ports could be used to deliver malware to your phone.

8. Avoid shopping via public Wi-Fi – Avoid using public Wi-Fi hotspots – like the ones at coffee shops, airports, hotels, etc., for online shopping. If you do use a public Wi-Fi hotspot, be sure to use a Virtual Private Network (VPN) so others cannot intercept your communications. As an alternative, stick to the mobile network and create a personal Wi-Fi hotspot with your phone.

9. Keep an eye out for obvious scams – Stick to the source when you buy gift cards; scammers like to auction off gift cards on sites like eBay with little or no funds on them. Some scams offer of a free product with purchase, like an iPad or even holiday job offers. Many of these “offers” will surface on social media or phishing emails. Be wary if you get a message from friend claiming he or she has been robbed, especially a friend overseas looking for money to be wire transferred, unless you absolutely can confirm it by talking to him or her personally. Skepticism in most cases can go a long way toward saving you from a stolen card number.

Trust Your Judgement

If you’re shopping online and something seems fishy, it probably is. Trust your judgement or ask for a second opinion before submitting your credit card or other personally identifying information online. No purchase, no matter how great of a deal, is worth the risk of identity theft.

While following these guidelines won’t completely eliminate the chance of becoming a victim of cybercrime, they can help you avoid risky situations and protect yourself against identity theft.

Happy Shopping!

 

Sources: PC Mag & ColoradoBiz

CONTACT US

888.98.THINK
970.247.1885
3067 Main Ave. Durango, CO

JOIN OUR TEAM

Join our team of hard-working, fun-loving, technology experts.

View Careers

© 2018 Think Network Technologies, LLC. All rights reserved.