by Felicien | Jul 31, 2017 | Education
Apple just issued a security update that you must download as soon as possible.
We’re more dependent on our mobile devices now than ever before, making mobile essential.
Viruses don’t just affect desktop or laptop computers. With millions of iPhone and Android phones used today, it makes sense that hackers would eventually target them. And the numbers prove this: An incredible 25% of all mobile devices are hit with cyberattacks, and 1,023,108,267 records were stolen from mobile devices in 2014.
So, when a company as big as Apple issues an urgent security update and tells iPhone and iPad owners to download and install it right away, you should listen. Apple’s recent iOS and MacOS update, released July 21, 2017, defends against a particularly dangerous vulnerability named Broadpwn.
Broadpwn is a serious threat, according to the National Vulnerability Database at the National Institute of Standards and Technology or NIST. It gets a 9.8 out of 10 in terms of a severity, and is scored as “critical.”
Broadpwn also attacks Android devices; Google issued its own security patch earlier in July.
The Story with Broadpwn
Early in 2017, security researchers discovered a vulnerability in specific WiFi chips that has the potential to bring a device to its knees before you realize that something is wrong. Broadpwn allows a hacker to remotely execute a malicious code that takes total control of your device via your WiFi.
Once Broadpwn is executed, the hacker has total control of everything on your device. This includes components from the operating system to the central processing unit, and everything in between.
What makes Broadpwn particularly frightening is that all a hacker has to do is get within range of your device. They don’t need physical access to run their code. This means that they could be sitting near you in an airport terminal, or could be at the table next to you in a coffee shop, and do just as much damage as they would if they had stolen your device.
The flaw is estimated to affect millions of Apple and Android devices being used by people all over the world. To Google’s credit, they already released a patch for the Android operating system early in July. Apple took additional time because it had to work on unique fixes for both the iOS mobile operating system and the macOS desktop platform.
Update Now!
Thankfully, all Apple software updates are incredibly easy to install. Once your device is connected to a WiFi network, all you have to do is complete the following steps:
Open the “Settings” app on your device.
Navigate to the option labeled “General.”
Tap once on the button labeled “Software Update.”
Wait a few seconds for your device to recognize the newly available update.
Tap the button labeled “Download and Install.”
Leave your device connected to both a charging cable and wall outlet during this time, as it may take a while to update.
Once the update has completed, navigate back to the “Settings” app and tap “About” to confirm your device is running the iOS 10.3.3 operating system.
If your Apple device is a computer like an iMac or MacBook Pro, the steps to update are even easier. All you need to do is open the “App Store” app and click on the tab labeled “Updates.” Once your computer offers you the update, click “Download and Install.” Your computer will reboot a few times during this process. When complete, you’ll be free from the threat of Broadpwn.
Apple and Security: What You Need to Know
Apple has always been known for their very secure mobile and desktop devices. While this is true, the idea that Apple devices “don’t get viruses” is a myth. This used to be so, but we’re talking about ten or more years ago.
Hackers rarely targeted Apple’s desktop operating system simply because it wasn’t lucrative to do so. Not only was Windows a naturally less secure operating system, but there were also exponentially more Windows computers in use worldwide. It didn’t make sense to spend time writing a piece of code that targeted an Apple device if the chances of success were low in the first place.
However, thanks to both the explosion in popularity of the iPhone, and the fact that more people are buying Apple computers, things have changed. Apple devices are still targeted by specific viruses much less than their Windows counterparts, but those numbers are on the rise.
Don’t assume that your device is protected just because it has the Apple logo on it.
In 2015, there were five times as many instances of Apple-specific malware on desktop and laptop computers than in the five previous years combined. Likewise, the iOS operating system recently had a 262% increase in vulnerabilities compared to just a few years earlier in 2011.
Cyber security is a pressing concern for everyone who uses the Internet in any way, regardless of who made your computer or smartphone, or what company you’ve chosen to do business with. To assume otherwise is a legitimate recipe for disaster.
If your business is in {city} and you’d like to find out more about this or any other IT-related topic, please don’t hesitate to contact {company} at {phone} or by sending us an email to {email}.
by Felicien | Jul 28, 2017 | Education
IT consultations aren’t just for the “big guys.” Startups and small businesses can benefit, as well. IT consultations can go far beyond simply providing technology information. The right consultant can help you lay out a roadmap for future upgrades, increase your employees’ productivity, avoid dangerous security pitfalls that could tank your company, provide data storage services at the right price, and more.
More business owners are turning to IT consultants to act as their Virtual CIOs. Here’s why:
Outsourcing IT Allows You to Focus on Your Core Offerings.
Relying on an IT consultant is freeing and reassuring for the small business owner. They can sit down with a consultant and ask plainly, “All right, how can we truly benefit from outsourcing our IT? What are the options for a company of our size?” Newer ventures can benefit from outsourcing anything from payroll to data virtualization to software-as-a- service. An IT consultant can manage the IT administrative details so you can focus on your core business capabilities.
Understanding IT Best Practices
With the advances in IT and ever-evolving technologies can be daunting for any business owner. Most don’t have the time, experience or knowledge to select the right solutions on their own, especially if they don’t regularly study the impact of new technology.
We see this issue in retail and hospitality companies where business leaders are very much focused on the brick-and-mortar world and aren’t sure where the industry is moving in regards online tools. They wisely choose to spend their time on their own strengths, but when it comes to making IT decisions, these companies often seek the advice of an experienced third party who understands IT best practices.
Achieving Data Security Requirements
How well do you understand data compliance regulations in your industry? What about the requirements for doing business with customers in another country? (Yes, it can be very different from what’s required in the U.S.) As a business owner or manager, you must be aware of all compliance laws and requirements. A consult with an IT expert can help you understand what’s required and what isn’t. They’ll work with you to design a strategy to ensure you meet current and upcoming compliance standards using the right IT services.
Guaranteeing Compatibility
Let’s say that you’re familiar with data and tech solutions: You know what you’re doing and you’re happy with the current tools you’re using. However, you want expand, and this means adopting new IT solutions. When entering uncharted territory, an IT consultation is an excellent idea, not just to get new ideas, but also to make sure the transition will go smoothly. How will your old files be moved into a new system? Will you need to use different software applications? Can your new services work seamlessly with your current tools? Will you have to change data management or maintenance tasks? Finding answers to these questions on your own can be time-consuming and stressful. A consultation with experts is a better way forward.
Choosing the Right Data Backup and Insurance Plans
You probably know that you need protection for sensitive customer data — However, you may not know where to begin to do this, or if the security you’re currently using is sufficient. IT consultations can tackle many security issues, and help you ensure your data is secure, and your business is protected. Your IT expert will make sure you have a unified plan that successfully backups your data on a regular basis and stores it securely offsite.
Purchasing data insurance is something to consider before you experience a data loss. It helps companies recoup some of the monetary losses that occur as a result. However, it’s necessary that you understand exactly what a data policy covers. (Hint: It doesn’t pay off any associated fines.) Your IT consultant will have the answers you need.
Scalability Solutions
Where do you see your business in five years? How about 10 years? The success of your business requires an IT roadmap that ensures your technology meets your needs years down the road. The reality is that many companies find themselves stuck with technology that doesn’t meet their growing needs. Don’t get caught in this pitfall. Instead, rely on an IT consultant to help you design a plan for the future. They will help you choose services that are easy to scale up (or down) as needed.
Are you looking for an IT Consultant in {city}? {company} has the IT experts to help your business succeed now and into the future. Contact us at {email} or {phone} to learn more.
by Felicien | Jul 28, 2017 | Education
Radio and television station KQED has been taken “back to the stone ages” because of an advanced ransomware attack launched in June of 2017. No one is sure how the ransomware got into KQED’s system.
Ransomware brought this public television and radio station to a grinding halt— All Internet-connected devices, tools and machinery were cut off in an attempt to isolate and contain the attack that infected the station’s computers. More than a month later, many remain offline. Although the station has continued its broadcasts, it’s found that functioning in a non-Internet world is extremely frustrating and difficult.
This incident highlights the need for businesses like yours to protect themselves and their IT devices from debilitating cyberattacks. We’re more vulnerable today than ever before. It’s up to you to take proactive measures to protect your business.
Ransomware: An Old Threat Reborn
Ransomware isn’t new. In fact, it’s one of the oldest types of malicious software programs, and is becoming increasingly prevalent as more people rely on IT and Internet connections for their day-to-day operations.
Ransomware essentially locks a user out of their system, or holds data hostage until a ransom is paid. Once the ransom is paid (generally through a wire transfer or cryptocurrency transaction), the data or service is unlocked, and (theoretically) the user can recover their data.
However, there are more issues of concern:
Ransomware is a type of virus, so it can self-replicate throughout computers, servers, and other devices operating on the same network.
Paying the ransom doesn’t necessarily mean your system will be unlocked. Some forms of ransomware are designed to just disrupt, while others may have been long abandoned by its creators.
Paying the ransom can be expensive. While some ransomware attacks only amount to a few hundred dollars, others can be in the range of thousands—especially those targeting large enterprises.
Paying the ransom doesn’t mean your data hasn’t been copied or otherwise breached. You still need to react as though your data has been shared, including confidential identity and financial information.
KQED’s Ransomware Attack
KQED’s ransomware spread quickly throughout their network, including their Internet of Things devices. The ransomware then encrypted data on their Microsoft computers, but was halted before it could encrypt a significant number of systems. The problem was that it had already infected the network; if the system was brought back up, it would only continue to propagate. Consequently, Internet access had to be removed for many of the systems until the issues could be properly isolated and dealt with, device by device.
To avoid further infection, all Windows computers had to be wiped and restored, and KQED had to upgrade its security measures. This attack came in the wake of—but was not related to—several global ransomware attacks, which took down computers throughout the world.
In order to decrypt the files, the ransomware requested approximately $3,637 for each file to be decrypted. The total ransom requested was in the millions, which was impossible for KQED to pay.
How Can You Defend Against Ransomware Attacks?
In the past, many security systems were limited to only identifying already known attacks. This meant new vulnerabilities and custom attacks were impossible to defend against. KQED was vulnerable to attack even though it had relatively up-to-date security—This may have been the case because its security system was running based on antiviral templates.
New security systems scan for the presence of ransomware attacks and can mitigate the majority of these threats, not only by identifying individual attacks, but also being able to identify suspicious behavior. Machine-learning algorithms and artificial intelligence have now made it possible to scan for the behavior of potentially malicious programs.
KQED was struck by a new piece of software that had not yet been identified. However, it’s unknown whether its suspicious behavior might have been flagged by a more advanced threat-detection system.
Note: In addition to having up-to-date security measures, your systems must be regularly backed up. You should be able to deploy a backed-up instance of an entire system to protect your organization from virtually any threat—including physical hazards such as fire or earthquake.
KQED had a single network composed of many different devices, which couldn’t be reset altogether. The ultimate consequences for KQED were that:
They couldn’t complete a significant amount of work for weeks.
Online broadcasts went down for more than twelve hours.
They lost a significant portion of their work and weren’t able to use their computers or the Internet for a substantial amount of time.
It took weeks to even begin to repair the damage—and these are weeks the station will need to pay for in terms of man hours and IT costs.
All of this could have been prevented through better security measures and security training for their employees.
Cybersecurity is our specialty and priority at {company}. Cyber threats are growing exponentially, and we’ll block them by eradicating all potential security weaknesses. Your systems will be protected by a next-generation firewall, antivirus, and spam-filtering system. Plus, we’ll conduct security awareness training for you and your staff on an ongoing basis, so they can recognize a threat in an email, or on a web page.
by Felicien | Jul 28, 2017 | Education
The technological resources that your small business uses on a daily basis are more than just “tools” in the traditional sense. In many ways, they’re the very foundation from which your 21st-century operations are built.
IT is how you communicate with your clients, guaranteeing that you can perform the type of work that meets their needs and exceeds their expectations.
It’s how your employees communicate with one another, and come together to form something much more powerful than any one of them could have on their own.
It’s also how you address the challenges of today while getting ready for the demands of tomorrow—Carving out a competitive advantage for your business that will carry you through into the next decade and beyond.
However, none of this makes any difference if your subpar IT service company is killing your chances.
Many IT service companies get a low score from their clients. Lengthy response times, reactive approaches to technology, excessive turnover rates and high prices with poor value are all among the many factors that small businesses have just “learned to deal with.” But you shouldn’t!
Here are a number of reasons why you should replace your subpar IT service company with a competent one.
They’re Not the Only Ones Who Know Your Network.
One of the major reasons small business owners are hesitant to look for alternative IT service companies is the fear that they won’t be able to find another that knows their network like their existing provider does. Regardless of the quality of your relationship, you can’t argue that it’s taken time to build. Third-party representatives have come in and examined your system, what you need, and what you’re trying to do. It will be difficult, if not next to impossible, to start all over again. Right? Wrong.
In truth, your service provider should be documenting every aspect of your IT infrastructure in detail. Diagrams, passwords and asset documentation should all be readily available to you. All of this information can be turned over to your new provider, giving them an excellent starting place to make your IT foundation stronger than it was before.
Your IT Isn’t as Unique as You Think It Is.
We’re not saying that your business isn’t unique in the marketplace. Undoubtedly, there are things you do that nobody else can match — This is likely why you have such a strong relationship with your customers in the first place.
Luckily, this doesn’t extend to your IT infrastructure. Sure, things were built with your specific business in mind. However, a true IT expert will have seen it all before. Competent network engineers are ready for anything and everything they encounter.
The Transition Won’t Be as Tough as You’re Anticipating.
High-quality IT service providers are used to taking over for competitors who aren’t living up to their customers’ expectations. While it’s true that there is always the potential for some risk, it’s nothing that good short- and long-term planning can’t resolve. Remember that you’re bringing a new company into the fold—So leverage the power of their experience to your advantage.
The Benefits Outweigh Any Potential Disadvantages.
All of this gives way to the most important factor of all—the fact that the benefits will far, outweigh any perceived negatives you may be worried about. Sticking with your subpar service company isn’t just killing the return on investment for your IT assets, it’s literally stifling the growth of your business.
It’s making it harder, not easier, to do the essential work you’re responsible for.
It’s causing you to lose hours of productivity due to unintelligent infrastructure design and unnecessary catastrophes like server failure.
It’s causing you to play catch-up because you’re being reactive rather than proactive.
A truly great IT service company is more than just a solutions provider. They’re a partner in your business success. They’re not just proactively maintaining your IT environment, repairing small problems today before they have a chance to become bigger and more expensive ones later—They’ll act as your virtual CIO, providing you with the expert insight and advice you need to align IT with your long-term strategy.
Absolutely none of this will be possible if you stick with your subpar service company. If so, you’re hurting your chances of successful growth for your business.
Even though the decision to switch is appropriate, replacing your subpar IT service company can be stressful. Luckily, the hardworking team at {company} is ready to stand by your side every step of the way. If you’re in {city} and would like to find out more about this or other IT related topics, please don’t delay — Contact us by phone at {phone} or by sending us an email to: {email}
by Felicien | Jul 28, 2017 | Education
To say that cyberattacks are dangerous to the health and success of a small business is something of an understatement. According to one study, an incredible 60% of all small businesses close their doors within just six months of a successful cyberattack taking place.
The attack itself can cause an initial shock, but the consequences of the attack are what often cause a business to fail. Getting hit with a cyberattack often creates an environment of confusion and chaos:
What’s the extent of the damage?
What important files were stolen?
Are we in breach of any confidentiality laws, or do we have compliance issues to worry about?
Who needs to be notified?
What will this do to our reputation?
Was any of our intellectual property stolen in the attack?
The answers to these questions are almost uniformly bad, particularly in a situation like a ransomware attack. Thankfully, these types of situations can be avoided—provided that you’ve made regular, successful backups a priority.
What Is Ransomware?
Ransomware is a particularly nasty strain of malware that targets both individual computers and entire networks. According to a study by NBC News, ransomware was a billion-dollar enterprise in 2016.
Most of the time, ransomware attacks occur after you or one of your employees accidentally downloads and executes a rogue computer program from a source that you thought was legitimate. Maybe that email from a client wasn’t from a client at all – it just looked that way at first glance. The fact that you didn’t have time to dig deeper is what hackers are depending on.
When a ransomware virus executes, it immediately encrypts all data on the infected machine. You are then greeted with a screen outlining what has happened with a promise to return that valuable information if you pay a large sum of money. The problem is that these costs can often be quite significant and, even if you do pay, there’s no guarantee that the hackers will actually turn over the data they’ve compromised.
The end result is that everything on your system is gone in an instant. All those important projects you were working on, all of those documents that took months or years to create. You’re suddenly back at “square one.”
The Problem with Failed Backups
Backups, are the one hope you have after a ransomware attack—If you’ve been keeping up with them, that is. One of the most essential best practices for backing up documents and other mission-critical data isn’t just to make sure that it happens, but that they were successfully completed and stored in a secure, off-site location.
The problem is that far too many small-business professionals see backups as a burden, and something they really don’t have time for. If you get hit with a ransomware attack and your backups were stored on the same machine, bad news — They’re not going to help you. If you get hit with a ransomware attack and you haven’t backed up in months, bad news — You’ve just lost a huge amount of progress, and potentially ruined your reputation with clients.
Note: According to a study conducted by Storage Magazine, over 34% of companies don’t test their backups on a regular basis to make sure they actually completed successfully. Of those that do, 77% found that tape-based backups often failed to restore for a wide range of different reasons. Perhaps the most damning statistic of all is that according to Microsoft, 42% of attempted recoveries from tape-based backups in the past year have failed entirely.
The Best-Case Scenario
The key to not to just hope your backups will never fail. It’s to take realistic, effective steps to mitigate risk failed backups.
Backing your data up to a secure, off-site location is the best-case scenario in the event of a ransomware attack. For the sake of argument, let’s say that your work computer was hit with a ransomware attack. You did everything you could to prevent it, but somehow it slipped through. You were quick, but the attacker was quicker. It happens.
With quality backups on a separate machine that’s been tested and re-tested, recovery is a foregone conclusion. All you have to do is service the machine in question to totally remove the virus, which will usually involve the IT equivalent of a factory reset. Then, you can restore those quality backups onto the machine and pick up right where you left off.
You might lose an afternoon of productivity, but you’re not going to lose documents or other data that do the type of damage from which your small business might never recover.
But again, none of this is possible if you aren’t prioritizing your backups in the first place. In the vast majority of cases, your backups are your first and best line of defense against today’s cyberattacks that are getting more sophisticated all the time.
Any step that you can take to avoid becoming just another example in a long line of painful situations is a step absolutely worth taking.
Ransomware isn’t going to disappear anytime soon. If anything, it’s only going to get worse before it gets better. This is why ongoing training and education are so essential. It helps create a much stronger defense against these and other types of threats. If you’re in the {city} area and would like to find out more about this or other IT topics, please don’t delay — Contact {company} at {phone} or by sending us an email to: {email}
