Criminals want your company’s financial data, customer lists including credit card information, intellectual property, and anything else they can sell. Cyber crime is a huge endeavor with severe consequences for organizations that are victimized. Criminals want your company’s financial data, customer lists including credit card information, intellectual property, and anything else they can sell. Besides the immediate impact on your business’ ability to operate (for example ransomware can shut you down), there are significant costs associated with a data breach. These costs include: Potential fines from regulatory agencies for failure to protect personal identification data (PI) or personal financial information (for example a credit card number). Some fines have been in million dollar multiples. The cost of notifying all persons and businesses that had their data breached. Costs of providing credit monitoring and identity theft protection for all involved. The potential cost of defending a class action lawsuit against your company for failure to adequately protect sensitive information. Loss of customers Loss of business reputation Inability to attract new customers or clients Following are Best Practices for securing your computer system and company data. Best Practices for Computer System Protection The following list is the Best Practices for keeping your business’ computer system, programs, and data, safe from prying eyes. Make sure your firewall is on so that intruders cannot access your system from the internet. Install security software and keep it updated. Filter all email for computer viruses. The more popular a program used by your business is, the more appealing it is a target for cyber criminals. Criminals know that many users do not regularly patch their programs against malware infections, so popular programs give them a wider pool for targeting. Make sure that your computer programs are updated as soon as a security patch is released. Exercise caution when using free 3rd party software claiming they check for software updates. Free software may be bundled with malicious software. Instruct employees that they should never open emails from unknown senders since they might be a source of infection to your company’s computer system. Attached malware might be anything from a virus to ransomware. Tell your employees they should check with senders they know if an email has a suspicious attachment. A phone call to the sender can help avoid the consequences of a data breach. Inform employees they should not open websites they are not familiar with and they should make sure the address bar is the site they want to visit. A random click could take them to a website that is just waiting to download malware onto your company computer system. Buy your software from a reputable buyer and never use pirated software as it may be infected with malware. Before using thumb drives and other portable media, scan them with security software to ensure they are virus free. Computer security may surpass your company’s IT capabilities. Accordingly, consider a computer managed services provider with a strong background in computer security. For more information about managed services and how an MSP can help your company contact {company} in {city}. {phone} or contact us by {email}.

There are viruses that can be implanted on a computer in 2017, and lie in wait until a network becomes vulnerable before attacking. Unfortunately, viruses have come a long way from 20 years ago. The term virus was coined early on in computer history, but it’s every bit as relevant today as it was then. Just like biological viruses adapt to Purell and antibiotics, so too have viruses learned to adapt to new security measures. Brain in 1986 Brain was the first reported computer virus on DOS, and was announced in January of 1986. It spread via floppy disk, and spawned generations of hackers with its ability to move from computer to computer. Brain appeared to be little more than a prank (courtesy of two developers in Pakistan), a joke in which the hackers actually revealed their real location in the text of the virus. Because the virus did little to harm people’s data or machines, it often went entirely unnoticed by users. The Evolution Today we refer to viruses as a specific kind of malware, one that can self-replicate and continue its destructive path indefinitely. While Brain may be one of the famous early viruses because it came about when computers were experiencing more ubiquity, self-replicating programs date back to the 1940s. Programs in the early days might slow down processing time, taunt users with cryptic messages, or severely impact performance. Once Brain was no longer a news items, new forms started to pop up. The ones that followed famously infected files from Yale University, destroyed files in Jerusalem, and exploited computers that were known to have buffering vulnerabilities. Viruses could be the product of hackers, or sometimes of legitimate company’s software. Viruses Today Viruses have gotten faster and more efficient to make them a force to be feared. They can delete photos, files and entire storage libraries. They’re developed to target Word, Outlook, Windows OS, Mac OS — nothing is safe. They can be designed to affect Facebook or Twitter users, or programmed to steal credit card information straight for the source. Hackers may be out for pure destruction or chaos, or potentially for ransom. The more the average person understands them, the faster hackers create new tricks to get in. Viruses can come in the form of a pop up, an email from a coworker, or a completely undetectable program that waits until the time is right. Protection for Everyone The physical world will never provide total safety, and the same holds true for the virtual world. But there are preventative measures you can take to safeguard your company from viruses that go beyond anti-malware and perimeter protections. Security needs to have layers to fend off the intelligent viruses of 2017. {company} is the trusted choice when it comes to staying ahead of the latest virus developments and can provide you with tips, tricks and news. Contact us at {phone} or send us an email at {email} for more information. Used by permission

Facebook provides highly refined tools that allow advertisers to double dip on targeted consumers. Social media and search engines have emerged as the ultimate platforms for targeted advertising. They track our every keyword and it’s quite common to see ads show up on our screen after researching a topic, event or product. The incredibly personalized social networking that we conduct on Facebook has given the platform the tools to track consumers every interest. It also provides Facebook advertising campaigns the ability to double dip on leads by retargeting people again and again. Facebook Targeting Tools Whether it’s Mark Zuckerberg’s friendly public persona or the relaxed type of interaction between “friends” on Facebook, many users don’t realize that this massive corporation employs highly focused tracking tools. Things such as cookies, JavaScript, iframes and pixels are hard at work profiling your every consumer interests. One person’s spying is apparently another’s “targeting.” Regarding advertising, that mined information can be brought to bear in perhaps the most cost-effective ad campaigns available today. Event pages and adjoining advertisements provide highly refined direct marketing. A campaign can be set to “engagement,” which prompts potential consumers to take action such as committing to attending an event. And, events don’t have to occur in the real world. They can transpire right online. But, consider the Facebook targeting options that are supported by the mass culling of consumer information. Radius: You can interact with people within a few miles, statewide, nationwide or globally. Age and Gender: Campaigns can target people most likely to engage with the event. For instance, military video games might best target men under 35 while an Indigo Girls concert makes more sense for women over 30. If you know you’re demographic, Facebook can connect directly to them. Interests and Behaviors: Facebook puts it’s treasure trove of consumer activity to work for you with these targeting categories. Under each, you’ll find highly refined sub-categories that include things like “buyer profiles” and “purchase habits.” The possibilities for tailoring ads falls nothing short of amazing. Regarding direct response marketing, event-oriented campaigns garner success because consumers are given a decision to make. Are you in or out? That approach tends to draw potential customers in ways that passive promotions do not. However, for Facebook ads to be effective, images, videos and content must prompt a user response. This social media mega-corporation can bring you to the consumer’s doorstep, but you must close the deal. Double Dipping Think about the various forms of advertising available. Do any really retarget customers or consumers in a cost-effective way? Radio splashes the airwaves with messages that are heard by randomly tuned-in listeners. Most stations mix genres and their demographics reflect that. Television takes a similar approach and each show or sporting event competes against another for a targeted audience. The worst part about those ad delivery systems may be that we tend to change the channel when boring ads are aired. But with social media, ads can become part of the natural landscape based on targeted interest and Facebook opens the door to revisit consumers. There are several options for double dipping with Facebook ads. One of the simplest approaches is to save the targeted audience demographics in your advertising account. If you’re selling widgets to seniors, name it “senior widgets,” and retain all the categories and sub-categories under one heading. If you’re pushing modern dance lessons to high schoolers in Montana, give it a name. When you run the next ad, the people in that demographic and those who interacted the first time will be re-blanketed. Do the work once, reap the benefits twice or more. The Ads Manager will allow you to edit and rerun the campaign again. When double dipping, you want to create new visual and content enhancements to prompt another direct response. Keep in mind that Facebook does place some limits on the engagement objectives. But there are some clever things you can do regarding content and campaign length, among others to ensure ongoing benefits. Dynamic Product Advertising For companies with extensive product lines, setting up a sale or launch event may be too time-consuming. Facebook, like other platforms, provides dynamic retargeting that delivers relevant product-oriented ads to profiles and news feeds. Companies can add a Facebook pixel to their website and upload a list of all the products in the campaign. Again, this puts Facebook’s mined consumer data to work and the unique products will flow to the feeds of likely consumers. The accounts of potential consumers that click through to your website are captured and retargeted periodically. This type of double dipping can be highly effective for retail, travel and service industry providers, among others. Once Facebook captures a consumer’s interests and purchases, it can revisit that profile over and over. The scattershot methods of direct mail, radio and even purchasing bulk email lists pale in comparison to Facebook’s ability to target and retarget consumers.

Sound Hacking: A Potentially Big Problem in The Tech World The act of hacking something simply implies the object, either a computer or other device, is accessed without the owner’s permission or a program or software therein is altered in some way without consent. Although more and more technological advancements are being made every day to keep our devices and computers save, it seems that hackers are always one step ahead of software developers, consistently figuring out a way around any safety features that might have been implemented. Unfortunately, this seems to be an issue that has no reliable or effective solution. How Bad is The Problem of Hacking? If you have ever wondered how bad the problem with hacking really is, take a look at these statistics/facts to get an idea of the scope of the problem at hand: By December of 2016, there had been over two billion records stolen within the year’s time. The career site LinkedIn had 117 million records stolen and accounts affected from a hacker, eventually caught in the Czech Republic. Social media site Tumblr was hacked, which led to 65 million accounts being leaked. Hundreds of point-of-sale terminals (card machines) located in retail outlets were compromised through the installation of malware. This breach allowed hackers access to username and passwords. Did You Know Hackers Might Not Stop With Security Breaches Affecting Your Personal and Financial Information? More than likely, you already knew about some of the above hacking incidents. However, you probably didn’t know that even devices like Fitbits have been found susceptible to hacking. That’s right. According to recent research done in collaboration by teams from the University of South Carolina and the University of Michigan, these devices can be hacked. However, the fact that they can be hacked isn’t the most surprising element of the research findings. The fact that the researchers successfully hacked these devices utilizing sound was even more surprising. More About The Sound Hacking Research Findings: Researchers were able to manipulate accelerometers in devices like Fitbits through acoustic attacks. They simply added extra step counts and the like. However, getting credit for a step you didn’t take is far from the most worrisome issue with this research. The fact that researchers were able to use sound to do so presents a new potential problem that will need to be dealt with in the future. The Dangers of Acoustic Hacking: Hacking via acoustics is obviously not the most commonly employed way of data manipulation. Kevin Fu, who is the associate professor of electrical engineering and computer science at the University of Michigan, explained how it works: “It’s like the opera singer who hits the note to break a wine glass, only in our case, we can spell out words.” These words are entered as commands that manipulate the device, altering data. As was stated earlier, although changing a Fitbit to show more steps than were actually taken is trivial, the ability of researchers to do so shows a potential weakness in all such devices. This weakness is one that has not previously been considered that being the danger or acoustic or sound hacking. Thankfully, now that this research has taken place, software and device developers will be aware of the potential issue and will most assuredly create protections against it if it becomes a security issue. Call {company} in {city} today at {phone} or contact us via email at {email} to learn more about potential new security threats like sound hacking.

The number of security issues and malware risks that your company must contend with continues to grow every year, but one of the most potentially devastating threats that your business faces is surprisingly low-tech in nature. Spoofed emails don’t rely on complex ransomware or sophisticated keystroke loggers. Instead, your company’s bank account and sensitive information are at risk simply by your employees attempting to perform their job duties. Training your team to spot spoofed emails is key to avoiding falling victim to common scams. What types of spoofed e-mail scams are out there? Examples of two common types of spoofed email scams played out in recent weeks. The first, an instance of the CEO fraud, involved an Internet criminal passing himself off as the head of a small Kansas construction company. The fraudster pretended to be the CEO of Cornejo & Sons and emailed the finance department of Sedgwick County to request $566,000 in payment. Because the county actually owed the construction company money for services rendered, they submitted payment as directed–only to later find out that the payment request hadn’t come from Cornejo & Sons and the construction company never received any funds. A similar scam aimed at a Wyoming hospital system sought to obtain employees’ W2 forms. In this case, the Internet fraudster posed as an internal executive at Campbell County Health and requested the W2 files for all staff from the hospital group’s finance department. The finance department complied, exposing the hospital’s 1,300 employees to potential tax return fraud. Can you and your staff spot a spoofed e-mail? No longer completely confident that your employees won’t fall victim to one of these commonly spoofed e-mail scams? Luckily, there are steps that you can take to train your staff to spot a spoofed e-mail. Conducting training sessions to alert your employees to the existence of such scams is an important first step. Putting in place internal practices to verify the veracity of any request before responding will also help your employees understand how to deal with any potential scam emails that your business receives. However, some employees don’t understand the real threat that accompanies spoofed emails until they have actually been the recipient of a fake request. For this reason, some businesses choose to initiate a simulated attack to reveal to their employees firsthand how easy it is to become the victim of a spoofed email. Some services exist that make it easy to carry out a pretend to attack. Some of these services such as PhishMe allow you to target the attack to match the real threat each of your employees is likely to face, such as an email sent to marketing asking them to provide their SharePoint credentials. Experts assert that it is fundamental to follow any simulated attack with further training as your employees will be particularly receptive to in-depth lessons on avoiding spoofed emails after falling for your staged attack. Concerned that your employees might be vulnerable to spoofed emails? The security experts at {company} can help you discover your business’ weak spots. Contact us today at {phone} or {email} to learn more. Contact us today at {phone} or {email} to learn more.

Mac users are highly vulnerable to ransomware, but with the proper precautions, they can keep the risk to a minimum. Like many aspects of IT, cyber security is always in motion. No sooner do hackers develop a new method to launch attacks or breaches than security experts find new ways to block them, which hackers then set to work undermining. Few forms of attack have attracted more attention from both attackers and defenders than ransomware, or software that holds your files hostage. By taking proper security measures, you can keep your Mac safe from these and other harmful programs. Rundown On Ransomware Ransomware refers to programs that deny users access to their files, usually as leverage to make them pay a fee, or ransom. These programs may enter your system through hyperlinks or email attachments. They then prevent you from using key parts of your computer, either by encrypting individual files or, in rare cases, locking out the entire screen. Often designed by criminal syndicates or other powerful institutions, ransomware can be impossible to remove, forcing you to either pay the ransom or give up your device. Although Apple advertises its products as being resistant to malware, the recent Transmission scandal demonstrates that ransomware is indeed a threat to Macs. In this instance, Mac users downloaded a ransomware program while attempting to torrent. The program waited a few days before locking them out of their files, letting them back in only in exchange for bitcoins. Given the growing popularity of Apple products, attacks of this kind are likely to become more common. Defense Details As serious as ransomware is, you need not be a security genius to avoid it. You can keep your devices safe through a few simple steps, namely: Download Diligence– Be wary about downloading content over the Internet, especially from sites that you are not familiar with. Before obtaining files from a new site, use Norton SafeWeb or other site security tools to make sure it is safe. You can also google the name of the site and see whether other users have reported problems with it. Email Examination– As with new sites, be wary of email attachments. Never open an attachment on an email from an address you are not familiar with. Even messages that seem to come from people you know could have been sent by dummy accounts, so contact friends and family over an independent channel before you open their attachments. Bolstered Browsers– Avoid browsers that have been flagged as vulnerable. Mozilla Firefox and Google Chrome are generally considered the safest tools for web access. Shore Up Your Systems– The more recent your operating system, the stronger its security measures will be. Regularly updating your Mac will thus bolster it against ransomware. In addition to preventing ransomware attacks, you can limit their impact if they do happen through redundancy. By making copies of key files and programs on separate devices, you let yourself quickly bounce back if an attack does succeed. For more information on protecting your {city} business from ransomware and other threats, contact {company} at {phone} or {email} today.

A look at how Client’s Day focuses on the importance customers in the professional field. No matter what kind of service you offer to the public, it’s likely that your business wouldn’t be around if it weren’t for your clients. It simply wouldn’t be possible for your business to survive if it wasn’t for the people shopping online or visiting your business every few weeks – regardless if it’s daily or monthly. They not only pay your business for its services but they also (inadvertently) provide advertising for your business as well. So with these situations being some of the many reasons as to why we celebrate Client’s Day, it’s important to understand why this day was created and what you should do to let your customers know how appreciated they are for being a customer. Client’s Day: How It Began With origins in Klaipėda, Lithuania, the first Client’s Day was celebrated on March 19th, 2010 to celebrate and acknowledge customers worldwide for their business contributions ranging from small town convenience stores to multinational corporations. The idea for this holiday spread fast, as Client’s Day was soon picked up by newspapers and was quickly added to the calendar in Lithuania. From here, the holiday picked up more steam and went viral in 2012 with companies throughout the world using the holiday as a way to express how thankful they were for their customers. By 2013, Client’s Day was commended by the President of Lithuania, implemented by more Lithuanian corporations, and began spreading in Russia. Celebrating Client’s Day Celebrating Client’s Day is easier than one would think. With the holiday being a perfect time for a business to do something nice for their customers, it’s possible to do something for them (regardless the size of your budget), and you may need to get your team together to think of something special. For example: if you happen to have a beauty service, offer a free nail painting deal to frequent customers or give away samples of beauty products after a purchase is made. If that’s too much, offering a small bag of cookies that come with a thank you note is just fine. If your business doesn’t have direct contact with clients on a daily basis, you could call them and let them know that they’re greatly appreciated. Although these ideas may not cost very much, these personal touches can go a long way. So if you’re looking to give your clients the appreciation they deserve and live in the {city} area, {company} is more than willing to help. Feel free to contact us by email at {email} or by phone at {phone} today so we can get you ready for this upcoming holiday today.

Every day, businesses and individuals send over 205 billion emails all over the world. Though many of these messages contain valuable information, a significant portion of them are spam. Receiving or sending spam exposes your business to a variety of risks, including: Ruined Reputations Many firms are unaware that their email accounts have been compromised, sending spam to current and future clients and partners. This can quickly ruin your company’s reputation and make it harder for you to succeed in the long run. If clients and customers think you’re sending them spam intentionally, they will view you as untrustworthy. Even when they realize your accounts were hacked, they may conclude that you do not understand IT issues or take them seriously. Thus if anyone reports that you have been spamming them, you must promptly apologize and put a stop to the problem. Malefic Malware Be wary of spam messages that you receive, as they could harbor viruses, trojans, and other harmful programs. Malware can lock you out of vital programs, provide unauthorized access to sensitive information, or even crash your entire computer system. You should thus never open messages you suspect to be spam. If you don’t realize an email is spam until you have already opened it, do not reply to it or click on its links— not even to unsubscribe from the mailing list. The more you engage with spam, the more opportunities it has to transmit critical programs. Subtle Scams In addition to infecting your computer systems, spam writers also use more subtle tactics to cheat you. Junk mail may come in the form of a fake business offer, using the name and writing style of a real company that could be a potential supplier or partner. The scammer will try to convince you to pay them, supposedly for a service or venture that will help your business; if you comply, they will take your payment and leave you with nothing. To separate scams from real business propositions, look up the companies that claim to be sending the emails and contact them independently. If a company has no record of sending the message, the offer is not real. Data Deliverance Besides stealing money, scammers can also use spam mail to get you to hand over sensitive information. Phishing scams involve sending you mail under the name of a company or individual you trust, such as your bank, your health insurer, or one of your employees. The message will ask you to send over sensitive information that the company or individual would have access to. In general, you should never send sensitive information over email, to begin with. If you do receive a message from a trusted entity demanding such information, contact them at a different address or meet with them to confirm their request. Never expose your business to phishing scams. {company} strives to protect businesses throughout {city} from spam and all other risks. To learn more, call us at {phone} or contact {email} today!

PCI compliance runs the gamut across businesses of every size. See why this is risky business, and why you can’t let yourself skimp on the rules. PCI DSS regulations are meant to keep customers safe from financial theft, but these types of vague goals are exactly why there’s an uneven rate of compliance when it comes to meeting the regulations. If you learn nothing else about PCI, know that the responsibility of keeping customers’ payment data private is starting to fall to the merchants. Before it was the credit card companies picking up the bill, but not anymore. See why you can’t afford to ignore them. Strong Suggestions You don’t have to follow PCI regulations to be legal, but the consequences are significant enough that you can’t take the chance. In 2016, the public noticed EMV card readers at retail stores because EMV chip cards make it harder for criminals to achieve their goals. And because business owners who used the older technology would be held liable if customer data was stolen. If you’re not updating your security or found guilty of irresponsible practices, you’ll be required to pay for fraudulent charges, fined thousands of dollars for non-compliance or sued for negligence. You could even be in trouble if one of your affiliates is found to have poor PCI compliance. Small Businesses Take Note The average cost of a breach is about $86,000 for a small company after all is said and done. Even violations that are noticed and acted upon immediately can cost a small business more than $25,000 on average. Hackers are all too happy to go after small businesses because their security practices are typically out of date, and their devices are often a mishmash of hardware that was never meant to be used together. Anyone who takes credit cards needs to be alert to the standards even if they aren’t targeted by hackers. PCI DSS 3.2 came out last year, with one of the major changes being to increase the number of audits for different companies to ensure security compliance. While small business owners may have vastly different requirements than larger retailers, they still need to be followed. Standards Change It doesn’t make it any easier that PCI DSS standards need to change as fast as criminals do. Since thieves are highly adaptable, it can feel like a full-time job just to keep up with it all. Busy business owners don’t necessarily have time to keep up with each new law change, or they may be turned off by the high costs of advanced security measures. But the message is becoming more and more clear — the less attention given to these matters, the more likely a business will face significant financial repercussions in the wake of an audit or theft. {company} is the trusted choice when it comes to staying ahead of time-saving ideas in technology and can provide you with tips, tricks and news. Contact us at {phone} or send us an email at {email} for more information.

Ransomware creates a nightmare scenario for every business it targets. It results in lost access to critical systems and data, prolonged downtime, lost productivity, and lost profits. And as ransomware continues to become more sophisticated, the level of risk small and mid-sized businesses face increases. The impact to business continuity, productivity, and reputation alone are a grave cause for concern, but the financial damage is where the real danger lies. Ransomware demands routinely cost hundreds – sometimes even thousands – of dollars, in addition to the funds your business is losing as a result of the sudden halt in day-to-day operations. Most technology experts advise strongly against paying ransomware demands. Aside from the high cost, paying does not guarantee that you will receive the promised access to your data. And the more businesses cave to these demands, the more money cyber criminals are able to make, encouraging them to keep targeting businesses and keep raising their price. Often, the real concern isn’t whether or not you should pay the ransom, but rather whether your business will be able to recover from the damage caused by the infection. Losing access to critical files and applications for any length of time is problematic, to say the least, and it’s estimated that less than half of all ransomware victims are able to fully recover after an attack. There are several reasons for this grim statistic. A business that pays for the decryption key and receives it run the risk of their data being corrupted during the decryption process, rendering the data useless. The loss of necessary files can result in missed deadlines or lost sales, and keep even the most basic tasks from being completed for days, or even weeks. News of compromised client data can push consumers into taking their business elsewhere and keep new customers from doing business with you. All of these factors lead to significant financial losses for your business. Even with a recovery plan in place, the time and effort required to restore data from backups, clean all traces of the infection from your systems and network, and get your operations up and running again still results in downtime. Whether the “clean up” takes a few hours, or a few days, that’s still a long period of time where your business has little to no access to your systems and data. The client needs to go unaddressed, productivity nosedives, and your business’ reputation suffers. The best case scenario when dealing with a ransomware attack? Your business has a rock-solid business continuity plan in place that allows your staff to carry on as usual with minimal to no downtime, and security monitoring in place that can detect an infection the moment it happens, allowing the infection to be contained before it has the chance to spread and cause significant damage. The faster you and your IT support provider can spot, quarantine, and remove a ransomware infection, the better your business’ chances of bouncing back will be. Ransomware that runs its course unchecked has devastating consequences. Having a plan in place to stop that from happening is essential for the future of your business. Want to learn more about the steps you can take to protect your business from the financial damage ransomware causes? Contact us at {email} or {phone}. We’re the IT professionals businesses in {city} trust.