(866) 251-4459 support@compnetsys.com
Don’t Be A Victim Of Fake Malware Protection Apps On The Google Play Store

Don’t Be A Victim Of Fake Malware Protection Apps On The Google Play Store

Don’t be fooled by the fake apps popping up on the Google Play store that falsely claim to protect you from ransomware.

Recently, many Android device users were confronted with a barrage of fake apps in the Google Play store that claimed to protect against the WannaCry ransomware that has affected tens of thousands of users around the world. At {company} in {city} we take cyber security very seriously, which is why we want to help you protect yourself against scams just like this.
How ransomware works
The term, “malware” refers to a variety of different forms of malicious software that can infect your devices. The effects of malware can range from slightly annoying, such as pop-up ads that are associated with adware, to completely devastating, for instance when scripts destroy files or track your activity.
Ransomware is a specific category of malware that is being used more frequently by hackers. If your computer or device has ever become frozen on a screen informing you that you need to pay money in order to access files or folders, then you have been infected with ransomware. Sometimes, the coders who created the ransomware will make it look like the request to pay is coming from an official government entity; typically the FBI asking you to pay a fine. It’s important to note that the neither the FBI nor any other law enforcement agency would make such a request in this manner.
Other times the hackers don’t even bother to hide the source of the ransomware, and the notice will directly inform you that your files are being held, hostage. Typically the threats indicate that your files have been encrypted and that they will be destroyed unless you agree to transfer the requested funds within a specific timeframe. Whatever form it takes, ransomware can be very costly and wreak havoc on your digital life.
The ransomware epidemic
Without question, ransomware has been an increasingly popular form of malware for nefarious actors. One reason for this could be that as the number of internet-connected devices proliferates around the world, it stands to reason that people are storing more important things in digital format than ever before. Therefore, they are more vulnerable tot he effects of ransomware.
Additionally, as people become more comfortable with coding and software engineering from a young age, the number of people who have the technical skill required to create ransomware increases. It’s easier than ever for people who are looking to make money off of a quick scam to find victims.
This has all culminated in the spread of WannaCry, a form of ransomware that encrypts your files and asks for $300 in Bitcoin in order to gain access to them again. The use of WannaCry has exploded throughout the globe, affecting tens of thousands of victims in nearly 100 countries.
Scammers are now using fake protection apps to trick users
Of course, this kind of widespread issue creates, even more, opportunities for scam artists to perpetrate crimes. In this case, malicious developers are taking advantage of the demand for software that protects users from ransomware by creating fake protection apps and disseminating them to Android devices through the Google Play store. These apps will often claim to restore the files that have been encrypted or to prevent Ransomware from infecting your device, to begin with.
Experts have determined that they are useless. In fact, there is no indication that ransomware has ever infected Android-powered devices as of yet. Some of these fake WannaCry protection apps are simply pranks and will leave your system completely unaffected, while others have been found to carry ad-scanning functions. All in all, they are far less dangerous than most forms of ransomware itself, but it’s still better to protect your mobile device whenever possible.
An enduring issue for tech users
Unfortunately, the ransomware problem is likely to only get worse in the near future, as the circumstances that facilitated the epidemic continue unabated. The amount of digital information being stored on devices and in the cloud will continue to increase in volume, and there will be more people with access to the technology necessary to create malicious software.
Since cybercriminals are a fact of life in the 21st century, the best protection is to learn more about malware in general and take steps to ensure you have eliminated as many vulnerabilities as possible. Being a part of an interconnected society means that you will never be 100% safe from attacks, but there are many ways that you can make yourself a much more difficult target for those who want to do harm.
How to protect your mobile device from malware and scams
The first step in protecting your mobile device is to lock it with a passcode, or a fingerprint lock if your device is compatible. It’s the easiest way to add a physical layer of protection to your device, and it can be the difference between a criminal quickly accessing sensitive information or failing to gain entry to your device.
Also, remember to only download files from trusted sources that you have vetted beforehand. If someone sends you a downloadable file that is in any way suspicious, it’s best to ask for more information first before downloading.
This advice also applies to apps, so be sure to limit your app installations to the official app stores offered by Apple, Google, et. al. They are more deliberate about weeding out fake and malicious apps, even if they are not perfect. Although some fake WannaCry protection apps made it to the Google Play store, Google took the initiative to delete many of them fairly quickly.
Finally, keep up to date with your OS updates. When vulnerabilities are identified, tech companies usually release these updates with security fixes in order to shield users from risk.
For even more advice on safeguarding your digital presence, contact our tech experts at {email} or {phone}. They can review your vulnerabilities and help ensure you are as protected as possible from malicious software and scams.

How Much Should Your Business Be Spending on Digital Upgrades This Year?

How Much Should Your Business Be Spending on Digital Upgrades This Year?

Take a look at how companies are shaping their IT budgets, and what their biggest expenses are.

A very common question among businesses is, “How much should I be spending on digital services?” or “Should we increase our IT budget this year?” It’s a good question, so we’re going to take a look at the latest IT budget trends to see just what companies are deciding.
Basic Budget Increases
Let’s talk percentages: It’s natural for IT budgets to increase at least a little every year to keep up with the inflation of costs and so on. Recently, these increases have been diverging between 1)businesses that care a lot about digital performance and new services and 2)companies that really don’t want to spend much on IT right now. Companies that want to grow their digital services are increasing IT budgets by around 4.6%. That can be compared to an average increase of around 2.2%.
Issues of Stagnation
Hold on, though! These budget increases aren’t so simple as all that. Thus far in 2017, IT budget decisions have been very…noncommittal. A study on UK buyers of IT services has shown hardly any different between 2016 and 2017 budgets, both hovering around an average of $294,000. That’s a serious problem, because IT tends to be an area where investment is required for new growth and continued efficiency. When companies don’t increase their budgets or make increases so small that it doesn’t really matter, they are essentially committing to a year of non-growth. That’s a little troubling for basic IT services, but much worse if a business needs to upgrade their security systems but doesn’t have any many to do see – especially since we’re seeing a rising in cyberattacks that target unprepared businesses just like these.
So why the hesitation to spend more money on IT? Most cited uncertainty with the global political situation. New tensions, uncertain alliances, and potential conflicts make everyone nervous, and when organizations get nervous they pull back on spending, particularly spending on new services that they aren’t sure if they want to adopt or not.
Bottom line: If you have the income, consider spending more than the average to make sure your IT systems stay in a healthy place.
Where Businesses Are Spending Their Money
But let’s take a look at what companies really are spending money on within their IT budgets these days. First up is cloud and hosted services, the number one target for these budgets. That makes sense – cloud/hosted services are a great way to save money by staying away from expensive hardware, and there’s a service or tool out there for pretty much any business need, so companies can always find a solution with a little searching. Company leaders can also understand the, “Like what we do now but cheaper and better” benefits of cloud services – although security remains a concern in this situation.
However, companies that really want to go all out on tech spending are increasing portions of the budget for much less traditional investment. AI systems are getting much more popular, thanks to their increased use in marketing, customer management, and security (where they look for common signs of suspect data or actions). Virtual reality is another spot where spending is going up as marketers investigate how VR can help spread their brand – although a common alternative is 4K drone video, another area getting a lot of interest. Some companies are even experimenting with 3D printing!
How Much Are The Big Companies Spending?
A whole lot. Take a look at the healthcare provider industry, for example. The annual spending budget in 2017 here was around $30 million, without an expected $2 million increase in 2018 – for companies with around 5,000 employees. And that’s not really that much when looking at it from a broad perspective, because…
Large Transformation Projects Will Always Cost More
If you really want a digital transformation project, your IT budget will simple not cover it. When the big companies want a transformation, brands like GE and the Dollar Shave Club are setting aside around $1 billion. While you obviously have to scale that down for smaller companies, it’s still a couple times larger than a traditional annual IT budget. Broad transformations cost money!
It’s important to remember that every IT budget will be different, and how much you should spend on digital services depends on your own goals. Not sure what your {city} area business needs? We can help! Give {company} a call at {phone} or contact us at {email} and we can help you decide on the services that will add true value to your company.

The Queen’s Two Birthdays, British Weather, and Why This Actually Matters to When Updating Data Security

The Queen’s Two Birthdays, British Weather, and Why This Actually Matters to When Updating Data Security

Here’s why you should never wait for security updates – oh and a bit about the Queen’s birthday!

As followers of British royalty doubtless already know, Queen Elizabeth II recently celebrated her 91st birthday – sort of. You see, because of the way these celebrations work, the “birthday” that the Queen has celebrated for so many years isn’t actually her birthday. Instead, it’s simply a week in early June that is roughly designated as the time to celebrate the birthday of the current British monarch. The real birthday could be – and has been – anytime throughout the year, but this small window is typically when the country actually celebrates it, and so when many people think of the Queen’s birthday, they think, “Oh, of course, it’s sometime in early June, I remember it being on the news.” Queen Elizabeth II’s real birthday is in April, actually, and you may (or may not) be surprised how many of her own people don’t realize that.
So, why the two different birthdays, and what in the world does this have to do with data security? Well, the reason for the birthday celebration is easy: It’s all about British weather. You see, the weather in England is notoriously difficult to predict, with a tendency toward rain (again, not a surprise), but of course, the country doesn’t want it to literally rain on the parade when celebrating a royal birthday. So they carefully ignore the real birthday date and plan the celebration for some time in May or June, even going so far as to put this “party” birthday down in official records. They just want a little bit of sunshine.
The data security connection is all about this curious behavior, and what it means for updating security processes. Because, you see, like Britain, many organizations find it easy to put a plan into action “when the sun is shining” instead of on the real date when action needs to be taken. Let’s take a look at why that’s such a serious problem.
The Problem of Patches vs. Apps
The Queen may celebrate her birthday in warm months because it is convenient, but businesses do not have this luxury when it comes to updating their security. It’s not a matter of picking the most convenient date: It’s a matter of recognizing that organizations don’t have a choice to delay or avoid patching their systems. There is no such thing as waiting for fairer weather. There is no gaming the system. Unfortunately, businesses have a difficult time recognizing this when conflicts arise between a noted security update and normal business operations.
This problem is exemplified perfectly when it comes to app updates and compatibility. Let’s take a look at a WannaCry ransomware example to underline the point. Say that your company depends on a particular app for operations – an inventory management tool, for example. That tool is compatible with an older version of Windows 10, which your company uses. Now, Microsoft released a security patch for WannaCry and related attacks back in March 2017. Your IT expert knew about this patch and recommended that it be applied to all Windows 10 systems in the business for protection. Unfortunately, the patch is designed for a newer version of Windows 10: It looks like you need a larger update to include the patch.
That’s a problem because the all-important inventory management app just won’t work with a newer version of Windows. You have contacted the vendor but haven’t received any news about whether an updated version of the app will be provided. So your organization sits tight on the older Windows 10 so it can maintain traditional business operations, at least for a few months…which is right around the time that WannaCry infects your network and starts hitting computers around the office that have no protection.
This happens a lot! It happened to many of the organizations hit by WannaCry, some of which were still using Windows 8 because of the aforementioned compatibility issues. So this isn’t just a theoretical issue, it’s a real problem – and one that your company must learn how to deal with.
The Importance of Immediacy
We’re going to make this really easy for you: If a decision comes to a choice between updating your operations for security and using an important app, choose the update. Every time. You can always find a vendor who is actually on top of their security maintenance or another app that accomplishes similar goals. You can’t find another way to patch vulnerabilities. Take the costs associated with the decision as part of security expenses, and move on.
We would love it if every organization could understand this. But we also know that the logistics behind this decision can be tricky. If your {city} business is struggling with older apps and security updates, {company} can help! Call us at {phone} or send us an email at {email} to learn more about our services!

Your WannaCry Response Guide: Quick Fixes For Malware Scares  

Your WannaCry Response Guide: Quick Fixes For Malware Scares  

While you’re working out your long-term data security plans, here are the steps to take in the meantime.

There are three general responses to a data attack like WannaCry. The first is the immediate, “What do we do to stop this and resume operations again,” the second response is a short-term, “What can we do to shore up data security while we recover and look at our strategy” and the third is a long-term, “What permanent changes do we need to make so this never happens again?”
The first and third responses get a lot of airtime, but we’d like to talk about the second response – the short term, immediate action that you can take once you get your business up and running again. These steps are vital to ensuring customers that you have improved your security and preventing aftershock-like malware created by copycats in the wake of a successful attack. Even if your company hasn’t been attacked, if a data attack has made you a little nervous, these short-term steps are a great idea to increase protection and prevent future problems.
Patching Schedule
One of the notable things about WannaCry is that it could have been prevented with the right patches. Microsoft actually provided patches to fix that particularly vulnerability months before the WannaCry ransomware (which targeted Windows computers in networks, especially older versions of Windows). The reason WannaCry was such a huge problem was that companies had just ignored the patch: Not for any good reason – they had just gotten into the habit of never patching their systems.
It’s puzzling because we know some of those organizations had IT departments, but we can’t figure out what they possibly could have been doing. Patching schedules are IT 101, and these businesses flunked out: Fortunately, it’s never too late to check on your own patching schedule and make sure that…well, that it exists. Your organization needs to be aware of when a patch is released and must mandate that the patch is uploaded to all applicable platforms ASAP. For some adaptable companies, continual awareness and automated “as soon as you get them” updates is the best policy. For other companies, it can be more helpful to set up a schedule of checking for updates, such as a weekly or bi-monthly inspection. Either way, have a plan!
Updated Antivirus Software
Antivirus software is in a curious period of evolution at the moment. Older antivirus software looks at DAT files kept on a malware registry, basically a collection of the information about current malware (sort of like matching fingerprints to a criminal database). However, malware moves so quickly these days that some of the DAT files aren’t updated fast enough to catch the latest attacks.
That’s why the newer versions of antivirus software use advanced tracking technology to find actions and data that appear to be DAT files in the making – and warn administrators ahead of time. Obviously, the latter is more effective than the former, so making the switch makes a lot of sense in the wake of an unfortunate data attack (or fear of one).
Employee Training Session
Yep, it’s time: Call all the employees together for a company meeting. Explain the data threat, why it’s a problem, and what employees need to do to protect their devices and company data. Lay out the requirements in a few clear steps that everyone can understand. Communication is very important at this stage, and a forgetful or confused employee can cause a lot of damage. Educate and reiterate to help prevent problems.
Expired Apps
This point is easy, to sum up: If an app is not compatible with the latest version of your operating system, stop using it. Companies simply can’t afford the risk of using apps that fall behind the latest updates (Windows 10 and macOS in their latest versions, for example). In practice, this is a difficult step to take for many companies, but we encourage you to make it part of a strategy. If an operating system has been updated but one of your apps is incompatible, give that app a month or two to come up with a patch. If it doesn’t, drop the app. This makes it far easier to keep up with the latest security methods and vulnerability fixes.
There are plenty of other short-term steps you can take to improve security and make sure your company is ready, including more careful partitioning and server management. If you have any questions about how to create your own strategy for your {city} business, we can help! Contact {company} at {phone} or {email} to learn more!

The Hard Facts About Cyber Insurance

The Hard Facts About Cyber Insurance

Cyber insurance helps ensure business profits in case of data attacks: Here’s what you need to know.

Cyber insurance is business insurance that covers costs associated with data attacks, offered by insurers and via plans with certain vendors. When many companies here about that, the automatic thought is, “Yes, that is exactly what I need!”
That may be true – but it’s important to note that cyber insurance is not cyber security. It will not actually protect you, and there are strict limits to what it can do. So let’s go over some facts about this type of data insurance that you need to know about.
Coverage Does Vary Based on the Policy
Cyber insurance isn’t as strictly codified as some types of insurance, and its coverage can vary greatly between policies. What one standard policy covers may be very different from what another insurer or vendor offers (we’ll talk more about this later). In other words, you can’t really count on any particular coverage without reading the fine print, so get ready to put on your glasses. Fortunately, like other types of insurance, you can usually attach various riders and clauses to create coverage for the specific events or costs that you are worried about. This will, however, raise the price of the coverage.
Human Error Is Not Covered
Basically, cyber insurance doesn’t really cover people being dumb, and this can cause a whole lot of problems with making claims. For example, let’s say that one of your employees opens a phishing email and downloads some really nasty malware. Will cyber insurance cover that? Quite possibly your claim would be declined because the problem has its roots in a human mistake instead of an attack that your company couldn’t avoid. It’s even more unlikely to find coverage for poor password management or leaving a computer unattended and logged in. Take this as an important reminder that employee education should be a best practice no matter what type of insurance you have or what you want to protect again.
Known Vulnerabilities are Rarely Covered
Here is where matters of liability become tricky. You see, few cyber insurance policies will cover problems that result from known vulnerabilities. That means that if a security policy is known, and the provider or manufacturer announces a patch to fix it, it is on you to download the patch and fix your security. If you do that, coverage shouldn’t be a problem. But of course, a vast number of data attacks happen because businesses have not patched known vulnerabilities (just look at WannaCry) even though patches have been made available.
There may be additional, customizable add-ons for protection even from known vulnerabilities, but it’s going to be a lot more expensive. So, once again, even with cyber insurance, you still need smart security practices and a strict update policy to protect your company. Are you getting the theme here?
Data Restoration May Not Be Covered, Either
Yeah, this one throws a lot of companies off balance: Isn’t cyber insurance supposed to recovered data restoration? Isn’t that the point? Well no, it isn’t. “Data restoration” is a complex process that may or may not work, no matter how much money you throw at it. It usually relies on things like proper data backup, which is a company responsibility, not an insurer responsibility. It’s not really an area that an insurance policy is well-equipped to deal with. So cyber insurance focuses primarily on interruption costs – on “refunding” you the profit that your company lost while dealing with the data attack. Don’t make the mistake of thinking that all associated costs will be covered.
Third Party Insurance is Different From First Party
Typical cyber insurance covers the first party – that is, your company. And that’s it. If data is lost, mishandled or attacked while with a partner or third party, your insurance coverage won’t touch it. However, there is a second type of cyber insurance that is specifically designed to protect your data when it is in the hands of third parties. This is particularly useful in sectors like the healthcare industry, which finds itself transferring sensitive data to other organizations regularly.
Cyber insurance or not, it’s pretty obvious you will need a robust data security plan in addition to any coverage you may choose (or be required to have). We can help here! {company} provides IT services in the {city} area for a variety of different data goals. Let us know what you need by contacting us at {phone} or {email}.

Microsoft’s Latest Updates For The Surface Pro Enhance Compatibility With Office 365

Microsoft’s Latest Updates For The Surface Pro Enhance Compatibility With Office 365

Learn about some of the much anticipated new features Microsoft recently announced for the Surface Pro and Office 365.
Microsoft Office 365 and the Surface Pro tablet have been innovative products since their introduction, but the past month brought the announcement of a slew of new updates for Microsoft’s landmark software and hardware offerings that aim to change the game for users. At {company} in {city}, we want you to get the most out of your Microsoft experience by keeping you up to date on all of the exciting new things you can do with your Surface Pro combined with Office 365.

Redefining expectations for tablet inking
Digital pens are one of the areas where tech innovators still have ways to improve, mostly because users’ hands are so used to the specific experience of using traditional pens and ink that switching to a digital version often still feels artificial. By introducing these new updates, Microsoft is stepping up to the challenge of creating a digital pen and ink interface that feels more intuitive for users and includes a wide array of new features.
It all starts with a more expressive inking experience throughout the Office 365 apps on the Surface Pro that responds to users’ commands more quickly and feels more fluid to the touch. Microsoft has increased the number of pressure points on the tablet surface from just over 1,000 to 4,096, resulting in a more natural feel as soon as you put the pen to the glass.
Other updated features include new dynamic ink effects in Word, Excel, and Powerpoint, and innovative whiteboard tools for enhanced collaboration. The Whiteboard app features enhancements such as geometry recognition and automatic table shading, so you and your colleagues can seamlessly work together and stay on the same page.
Facilitating innovation for commercial customers
Office 365 commercial subscribers will find a lot to get excited about in this new batch of updates as well. Microsoft’s Power BI, the suite of business intelligence tools, is now enhanced with the Office 365 adoption content pack. Office 365 usage reports are displayed in a clear and visually-engaging format, and leaders can seamlessly integrate the data into their BI analysis and decision-making matrices. Office 365 usage reports are a powerful source of data for business users, and companies can use this comprehensive information to make more informed decisions about inter-office communication and efficiency.
Enhanced accessibility provides true data freedom
Microsoft understands that data access, reliability, and security are on everyone’s minds these days. To that end, the OneDrive Files On-Demand feature facilitates access to any files that are stored on the cloud from any connected device at any time. The age of buying mobile devices that are weighed down with extra storage is over. Consumers and corporate users alike are clamoring for agile mobile devices that will provide a seamless transition from the desktop experience, and that they can take anywhere at a moment’s notice.
Since everything these days is stored in the cloud, it should all be accessible directly from the cloud as well. With OneDrive Files On-Demand, all of your files will show up in, and be accessible from, File Explorer, whether or not they are stored directly on your device.
Better SharePoint integration to keep you connected
Sharing is also getting more simple, fast, and intuitive courtesy of a new unified sharing experience for Microsoft OneDrive. You don’t even have to click away from your desktop screen to share files and links with specific contacts. What if you need to quickly grant or revoke editing privileges for certain people on a file? In OneDrive, you can easily modify the permissions settings in an instant, and you have the ability to set time limits on access permissions.
The recent SharePoint Virtual Summit also brought news of the integration of PowerApps with the SharePoint platform. This feature hasn’t been rolled out just yet, but users will soon be able to combine the breadth of data in PowerApps with the customization power of SharePoint to create unique digital experiences.
To learn how to get even more out of these exciting new updates for Microsoft Office 365 and the Surface Pro, contact us at {email} or {phone}.