(866) 251-4459 support@compnetsys.com
Here’s How Cybercriminals Con Businesses In 2019

Here’s How Cybercriminals Con Businesses In 2019

Is someone out there pretending to represent your business to make money? Don’t laugh. It happens. Business identity theft is a growing concern for many companies across the US. According to a recent study by Dun & Bradstreet, business identity theft, also called commercial or corporate identity theft, was up 46 percent in 2017.
The CEO, Mary Ellen Seale, of The National Cybersecurity Society (NCSS) said, “Small business identity theft – stealing a business’s identity to commit fraud, is big business for identity thieves.” However, too few businesses, especially smaller businesses, are aware of the issue. In 2018, the NCSS published “Business Identity Theft in the US” to help publicize the problem, and to provide guidance on how companies can help protect themselves.
Which Types of Businesses Are Targeted by Business Identity Theft?
Corporate identity theft is not just a problem for large corporations or companies operating in a particular industry. It is a crime which can affect any-sized business from tiny Mom and Pop shops on Main St. USA to multinational companies who are involved in any commerce:

Small companies are usually the initial victims of identity theft since these companies tend to have more lax security in place and are less likely to realize their information is at risk. However, that doesn’t mean that larger companies are immune from having a criminal steal their identity. Plenty of larger businesses have their identities stolen each year.
Corporate identity thieves use the name and legitimate business information of customers of large vendors’ customers to trick them into fulfilling orders. Busy vendors who fail to put into place procedures to verify whether an order is genuine can end up losing millions of dollars a year to these scams.
Criminals masquerading as a legitimate business deceive financial institutions to open credit card accounts, establish lines of credit, send or receive wire transfers, and secure loans.
The list of victims of corporate identity theft even extends to the US government when criminals use stolen company credentials to claim tax refundable tax credits or to exploit other government benefits for corporations.

How Do Thieves Steal a Corporation’s Identity?
Criminals who steal the identities of businesses have a wide range of methods ranging from very simplistic to highly sophisticated. Many lower level identity thieves focus on email phishing scams which target employees of the company in an attempt to gain confidential information such as database passwords or HR records. Other simple scams use spoofed email accounts of company executives to trick vendors and clients of a company into believing they are communicating with someone from the company. Slightly more advanced scams can include setting up an unsecured WiFi network in near a company in hopes that employees will use it to conduct business and then stealing the data.
More sophisticated scams can include dozens of people, building fake websites, using shelf companies, social engineering and even renting office space at the same location as the targeted company. The goal of these higher level scams is typically to create a plausible “Proof of Right” which the thieves can then use to secure fraudulent loans, masquerade as the company in a business deal, or even sell company assets.
How Can You Protect Your Company From Identity Theft?
While there is no way to protect your company completely from identity theft, you can make it harder for cybercriminals by maintaining proper data protection procedures.

Train your staff. Teach your staff how to recognize phishing scams and how to verify when an email is from a legitimate source. Establish procedures on how to handle data correctly, and have a data loss prevention plan in place including a ‘clean desk’ policy.
Secure your network. Add additional security to your networks and ensure that everyone is using secured servers. Avoid using a ‘master account’ which allows access to your entire network to limit data breaches. Require two-factor authentication.
Monitor your financial information. Check your company’s credit report regularly to ensure that there aren’t any unexpected changes such as credit applications or new accounts.
Consider hiring a company to help prevent corporate identity theft. An outside security company is one of the best ways to protect your corporate identity from scammers.

Terminating Your Internal IT Tech: 6 Things You Need To Know

Terminating Your Internal IT Tech: 6 Things You Need To Know

No one wants to go through the stress of firing anyone, but sometimes you need to let one of your IT techs go. This can leave your company wide open for data breaches. Before starting the off-boarding process of an employee who has access to your entire computer network, having a proper procedure in place can help protect your data. Use these six tips to create a process you can use to safeguard your company’s private information when severing ties with a member of your IT team.
Tips to Terminate an IT Employee Without Risking Your Company’s Information Security
Eliminate the employee’s company network access. It is perhaps obvious fired employees should no longer have access to company computers, but a recent study found that surprisingly almost 9 out of 10 former employees’ credentials were still active for some time following termination. Your business can prevent potential issues by disabling, but not deleting a person’s business account and passwords before firing. You should pay particular attention to blocking any applications which allowed the employee to access your company data remotely.
Prevent access to third-party applications. Access to third-party software connected with your company can be more difficult to contain than access to in-house computer systems. If your former IT employee had access to third-party applications such as Dropbox, Outlook, Sharepoint, Trello, or Facebook, remove the person’s access immediately. This is where the importance of good record keeping is beneficial. Remember to leave your former employee’s email accounts and cell phone number open for a time, but forward emails and incoming calls to another member of your staff to maintain seamless communication.
Recover company-owned property. Before the former employee leaves your premise, take back the person’s company ID, access cards, keys, fobs, cell phones, laptop computers, and any manuals. Your HR department should always maintain a list of anything you give your employees to make it as easy as possible to verify the person returns everything.
Back up the former employee’s work computer. In the rare event that a former employee misuses your company’s data, it is essential for you to have a record of everything the person had access to while employed. Before reformatting the terminated employee’s computer or company cell phone, make a complete backup of the data and maintain the information for a few years just in case the worst-case scenario occurs.
Inform people that the person no longer works for your company. Make sure that all of your employees know that the person left the company and that their former coworker should not be in the office at any time. Ask your employees not to discuss company information with the person in the future. Contact any vendors which the former employee did business with and give them a heads up in case the person tries to contact your vendors for any reason.
Change access codes and locks for your most sensitive areas. If the terminated employee was able to access highly restricted areas in your company, replace locks and create new PINs and door codes. Look into the possibility of upgrading your security to use biometric or individual passcodes to make the process as easy as possible.
In a survey by Osterman Research, Inc., over 75 percent of former employees who retained credentials admitted to at least logging into company computers. Hopefully, your former employee is the rare exception, but the risk is far too significant to do nothing.

2019 Best Practices For Keeping Your Password Secure

2019 Best Practices For Keeping Your Password Secure

Every account you have is protected by a password or a PIN of some kind. A PIN is a personal identification number that is unique to the account it is attached to. In some cases, you are allowed to choose your own PIN. For other accounts, you must use the PIN or password that is provided by the creator of the account. Memorizing PINs and passwords is essential if you want to maintain your privacy and keep your accounts fully protected. It’s also vital that you use a few “best practices” when it comes to managing your passwords.
Avoid the Obvious
Avoid using the most obvious choices like your children’s names or notable dates. Choose passwords that would be difficult to trace back to someone or something that is important to you. Choose random numbers and words that can be easily remembered. Hackers who break into accounts will often look through your information to try and find patterns. Random words and phrases are less likely to be picked up within the pattern.
Two-Factor Authentication
Two-factor authentication can involve the use of a PIN and a password, or a PIN/password and a series of security questions. It can also include the use of a security key ( a card that is coded with personal information) and a PIN. The only way to access the account is to have both pieces of the puzzle to unlock the code. If one of the pieces is wrong, you may be locked out of your account until a system reset can be performed.
Separate Numbers and Symbols
Numbers and symbols that are used together may indicate a date or account number. Separate your numbers and symbols to remove any type of familiar sequencing. Alternate numbers, letters, and symbols so that it is difficult to identify any type of common pattern or series.
Use Your Fingerprint to Secure Mobile Devices
One of the best ways to protect your information is through the use of your fingerprint. iPhones can now identify your eye by scanning your cornea. Both of these methods use body parts that are unique to you. No one can duplicate them or alter them in any way. By using a fingerprint or eye-scan to protect your mobile devices, the information stored on that device is protected. You should still, however, change your passwords frequently.
Don’t Use the Same Password for Multiple Accounts
Avoid using the same password for multiple accounts. Choose a new and unique password for each account you have. While it may be difficult to remember multiple passwords, the alternative could mean devastating financial losses. Choose several password and PIN options that can be used effectively. In some cases, you may be able to rotate them. This must be done randomly and without a pattern to maintain the highest level of security possible.
There are ways to protect your passwords and PINs so that you can maintain your accounts and keep them secure. Using a password manager is just one way to secure your accounts. Determine which type of measures work best for you and use them effectively so that all of your information remains protected from outside predators and hackers.

9 New Game-Changing Additions To Microsoft Office 365

Microsoft recently announced several new updates to Office 365. These updates and additions will help organizations who want to streamline efficiencies and remain compliant with new regulations across numerous industries. The nine key additions and updates to Office 365 will also help organizations effectively manage their digital presence.
9 New Updates And Additions To Microsoft Office 365
The nine key updates and additions to Office 365, include the following features and benefits.

Embed 3-D animations into Word documents and PowerPoint presentations. — You don’t need to know how to code an animation series to use this new feature. In fact, all you have to do is place the 3-D model into your slide, select a pre-built animation, click apply, and instantaneously watch as the 3-D model comes to life.
PowerPoint can transform written texts into readable messages. — Whether you have the world’s worst handwriting or a five year old can draw better than you, PowerPoint is now here to save you time and inevitably money as you create your business presentations. Simply draw out the presentation by hand using a touchscreen tablet. Next, launch PowerPoint and watch as the slides are automatically transformed with digital design recommendations that include layout, icon, and text suggestions. In minutes your handwritten ink can look like something that was designed by a professional artist in the graphic design department.
Save office supplies with the digital pen. — The Microsoft digital pen has all new features that will allow you to save time and resources when editing important documents. Enjoy the speed of simply using the digital pen to cross out paragraphs, circle text, add words, insert line breaks, split / change words, and leave detailed comments.
Transform Word documents into web-ready publications. — To transform your Word document into a Sway website, simply finalize your document, click File, and then click Transform. This feature can also be used to reduce the time needed to create and publish newsletters, training documents, product pages, and pitch decks.
Use blurred background to regain focus on video calls. — The new blurred background features allows video callers to blur their background so that unwanted distractions remain out of sight. The feature is particularly helpful for organizations that have a large remote workforce.
Avoid time-consuming compatibility issues. — Microsoft’s recently released desktop app allows organizations to easily check app compatibility before they complete a system upgrade. This check can save organizations time and money as they keep their systems operating at the optimal capacities, without suffering from incompatibility issues.
More efficiently complete Office 365 migrations with the SharePoint Migration Tool. — The new and improved SharePoint Migration Tool offers a point and click interface that makes it easier for organizations to complete Office 365 migrations. For example, in a few simple clicks your OneDrive files can be migrated to OneDrive for business.
IT teams can more effectively manage and implement business critical resolutions. — The SharePoint Admin Center now allows IT experts to more easily manage Office 365 group-connected sites and hub sites. The update also includes security and compliance enhancements. For example, admins can now restrict or allow access from known IP-addresses, automatically sign-out idle users, and restrict access from non-compliant devices.
Maintain user data compliance. — Office 365 has a complete list of certifications and attestations to ensure that security and compliance are maintained. In this vein, Office 365 recently achieved its HITRUST CSF Certification, which is specifically designed to help health organizations maintain security, privacy, and regulatory compliance.

The Bottom Line: Microsoft Office 365 Delivers Powerful New Updates
Whether you want to more effectively manage your digital presence or create dynamic PowerPoint presentations in a click of the button, the new updates to Office 365 are built with the business executive in mind. In short, the new updates and additions to Office 365 will help your organization to more efficiently and effectively complete daily tasks that will lead to heightened levels of business success.

How To Explain The Costs Of Cloud Computing To Healthcare Execs

How To Explain The Costs Of Cloud Computing To Healthcare Execs

How Much is Spent Worldwide on IT Costs?
Worldwide IT costs in 2018 hit an estimated $3.7 trillion, up 4.3 percent over the prior year, according to the Gartner, Inc. With so much at stake, it’s essential for all companies that utilize IT to consider the pros and cons of a traditional IT approach versus moving more and more functionality to the cloud. Finance considerations are one of the top considerations, but control over assets and data security are also vitally important. Therefore, it’s essential that the CIO is prepared to talk about the differences in language other executives can understand.
Why It’s Difficult to Explain Cloud Costs to the C-Suite?
CIOs sometimes have a hard time explaining the difference between cloud services (typically a SaaS with monthly operating expenses) and traditional healthcare IT models that may involve paying cash for software and equipment to own them outright (a capital expenditure). This comparison needs to factor in the monthly cost to run on-premise data centers, as well as the allocation of capital expenditures, such as hardware, licensing, etc. Non-financial factors include company policies that favor ownership versus rental models for IT hardware and software. Unless the cloud expense is much higher, the C-suite should lean toward cloud economics as a more strategic approach. It governance policies may also need to be revisited to support cloud computing trends.
Moving from a Cost Center to Strategic Partnership Model?
Healthcare organizations deliver healthcare services but are also digital companies. Cloud computing is now a critical component that brings the latest technology to the table, perhaps improving outcomes. It’s essential to help the C-suite understand this. One analogy that works is comparing it to another service based on consumption. Just as the utility or electric bill varies based on actual consumption, cloud computing cost varies based on changing usage. Building an accurate forecast prepares the leadership team for the hit to OpEx and the P&L. It may still be a tough sell, and the IT team might need some finance talent to track and adjust usage trends to keep the cloud cost forecast up-to-date.
How Can a Flexible OpEx Model Help Healthcare IT?
If a healthcare company needs to change directions fast to incorporate new diagnostic tools, therapies or IT innovations, an OpEx model is the fastest way to respond. Many times, the CIO is seen as someone holding fast to a traditional CapEx model or as someone rushing change before the organization is ready. Instead of letting the decision point be a source of contention, a mix of CapEx and OpEx could be the best answer. In this hybrid model, the decision to use a cloud-based approach versus a traditional on-premise solution would hinge on individual decisions about risk management and financial requirements, resulting in a variety of local and managed private cloud services as well as public cloud services.
What are Some Convincing Tactics for other Executives?
The difference boils down to buying software and hardware at once or paying a subscription. To show healthcare executives the advantages of the cloud, CIOs must demonstrate the benefits of the OpEx (or hybrid) model in a quantifiable way. For example, consider the CapEx model for buying a piece of hardware. The hardware has to be secured and configured, and the terms and conditions must be approved by the legal team before software can be installed. You put out a lot of hard-earned cash and wait months to actually use the product. The process takes months and ties up precious resources. In the cloud model, new solutions are available quickly without the headache of in-house configuration and maintenance. It also gives organizations the ability to scale down as well as up. This agility is something that’s easy to forget because most people associate cloud migration with scaling usage up.
How Can Cloud Solution Be Included in ROI?
Include the following in the calculation of ROI: increased productivity (concentration on core functions), cost reductions, security, network, data storage, and transfer improvements. In a healthcare organization, access is key to improving patient outcomes. It’s important to show how each of these items translates to the ROI. If you can do this effectively, the rest of the C-suite is likely to fall in line with a cloud model.
What Preparation is Needed Before Talking to the C-Suite?
Before speaking to a C-suite individual, the CIO should prepare a model showing the ROI. The presentation should include technical data on cloud-based models that are clearly understood. Documenting a cloud strategy defines the outcomes sought by the CIO, and it’s the beginning of a road map to get there. The CIO’s roadmap should describe how the cloud model will save cost and add efficiencies while improving security and networking reliability. It also has to conform to HIPAA regulations.