SSL & Security Concerns for 2021

/in /by

Anyone with a computer is well aware of security concerns on the Internet. As time goes on, security and internet safety becomes more and more of an issue. It’s clear that hackers are becoming more advanced and will continue to find ways to steal our data. With a large part of our lives spent online, it’s just a matter of time before hackers affect you. If you own a business, the sheer amount of valuable information you are responsible for is something to be concerned about. Moving into 2021, data safety will continue to be a growing issue. In this blog, we will discuss SSL and security concerns for your company’s website and the types of sites you may be visiting. 

 

What’s an SSL? 

SSL stands for Secure Sockets Layer, also known as Transport Layer Security. This may sound like nerdy talk that doesn’t matter much, but the fact is that you interact with SSLs every day.  They are specific technology designed to keep your Internet connection safe, especially when secure data is involved. SSLs run a protocol of data encryption to make sure third parties can’t see what either party is viewing or sending. 

This includes sensitive and non-sensitive information, such as passwords, names, banking information, and moreThis setup uses a handshaking procedure that both the parties involved agree to use. The data transaction creates a cipher so information can be sent from one to the other in an encrypted format. Theoretically, even if a third party were to intercept your data, it would be gibberish since they don’t have the means to decipher it. 

This is essential for safe Internet communication these days. You and your company likely send highly-sensitive information back and forth online all day long. What used to be something kept safe in a drawer can now become public information because of a malicious hacker. This layer of safety is so standard we don’t even notice it. Sites that have an “HTTPS” in front of their address use some form of SSL or TLS.  

 

Managing a TLS/SSL 

Not only do you want to keep your company’s information private, but you need to make sure that customer information stays private as well. Unfortunately, SSLs and TLSs are not a oneanddone procedureLike any other security protocol, SSLs change over the years. Make sure that any certificate your company’s website uses is up to date and effective. You can do this by installing updates as they are released. 

Think of the SSL protocol like a deadbolt. Having a deadbolt on your door is much safer than a locking doorknob. Yes, there are always people who know how to compromise it, but it is still much safer. Over the years, deadbolt technology has improved and evolved as people learn to bypass obsolete technology. Sometimes, however, it takes working with an experienced locksmith to have it installed correctly. 

SSLs/TLSs are certainly much better options than nothing at all. However, these protocols, particularly older versions, are still prone to many vulnerabilities. There are numerous common attacks that hackers use to break this encryption. And some of these threats have very colorful names. For example, POODLE, BEAST, CRIME, BREACH, and HEARTBLEED are commonly used attacks, and they are highly successful. 

 

Keep Yourself and Your Customers Safe 

Having your company’s private information exposed to the highest bidder can have devastating effects on your operations. Stolen customer information due to a lack of care in your communications could result in lawsuits and legal trouble. Customers have well-deserved expectations: when they share information with you, it needs to be kept confidential and secure. 

This can be especially true in organizations that deal with sensitive information regularly, such as financial institutions and medical centers. In the hacking community, there is a highly lucrative market for personal information. The dark web is flooded with people selling private information databases to the highest bidder — and there is always “a highest” bidder.  

If you want to avoid liability, make sure your security protocols are up to date. It is also critical that you maintain them professionally. A relatively small investment in this area of security can end up saving large amounts of money and possibly your business itself. 

We regularly report on attacks that businesses like yours face daily. But we don’t always mention that many of these attacks are successful because the victim has a lax security protocol. The last thing we would want is for you to be another statistic. If your SSL/TLS certificates are getting old and dusty, or (even worse) you don’t have any at all, now would be the best time to contact us. As 2021 quickly approaches, these threats are only going to be more significant and more challenging to handle 

Our team of security professionals is one of the most experienced in the business. The web can be scary place, and the last thing you want is to be caught unprepared! By making sure your SSL/TLS certificates are in perfect order, you can rest a little bit easier at night. 

Mobile vs Virtual Office – What’s the Difference?

/in /by

Being mobile has never been easier. Technology makes it so you literally have your entire office within your pocket these days. The idea of being virtual and mobile might seem like one and the same. However, these ideas are a little different, and more than the technology itself makes them both possible. This week covers mobile vs. virtual offices and the advantages therein.

The entire landscape of the business world is unrecognizable from just a generation ago. How can a smartphone, paired with virtual office solutions make you unstoppable?

Expectations of the Modern World

A vacation/away email message used to mean someone was unavailable, and you’d have to wait for a response. Simply being out of the office was enough to be off the hook from client and employee expectations.

That all started to change with the Blackberry and the Palm Pilot. Then, with the iPhone and its successors, the idea of being unavailable went out the window.

Nowadays, employers and clients expect you to be available just about any time of day regardless of where you’re located. In fact, you might be surprised by the actual location of some of the people you work with. It isn’t uncommon for people to not only be on vacation but living overseas and still performing the tasks expected of someone in an office down the street.

While this may seem like an invasion of privacy, the fact is clients are serviced more completely and quickly. Those providing the services also have the freedom to be wherever they want at any given time while doing their job well!

Modern Solutions to Modern Problems: Mobile vs Virtual Office

The start of doing business anywhere is a smartphone, but it’s not that simple. Certain software and services need to be in place to ensure security and efficiency. So for this portion, we’re going to discuss the ideas of mobile and virtual separately.

Mobile Business

This simply means that you are able to do something while not in your office. This may include accessing and responding to emails and documents, conducting online research, and maintaining text and voice communication.

To do this well, you may want to consider getting a phone with a larger screen or even using a tablet with mobile capabilities. This will ensure that you’ll be able to read the messages easily and have space to type comfortably and quickly. Also, you’ll probably want to set up your phone so that you can be aware of notifications as soon as you receive them. Finally, ensure that you install mobile security protection and work with your IT provider on mobile device management in case your device is ever lost or stolen.

Virtual Business

While in the same vein is a mobile business, this requires you to be able to do more than just be available. For example, you may need to create and edit documents or log into an important line of business application.

To get the most out of a virtual environment, you would most likely want to use a computer or an advanced tablet, as the environment will mirror exactly what you use in the office. When set up well, you will not be able to tell the difference between work on your tablet or your machine with multiple monitors.

Similar to using mobile devices, security is the biggest factor when operating in a virtual environment. You want to make sure that any information that you are sending, receiving or creating cannot easily get into somebody else’s hands. For this, we highly suggest not trusting in an unmanaged VPN. While they do offer a measure of security, they pale in comparison to a managed VPN connection or a true hosted desktop. Your connection may be secure with the VPN, but your origin or destination may be compromised. Proper management increases your security level. An equipped IT service provider can effectively determine the proper solution and deploy it for your staff.

Bottom Line: Mobile vs Virtual Office

In short, mobile business can be conducted fully on your smartphone and be taken anywhere your phone goes without the need for intense line of business applications or documentation. A virtual business requires deeper access and connection to your office systems but still allows you to work from anywhere at any time, securely.

Whether you work from a physical office or from a beach in Tahiti, mobile and virtual businesses are here to stay. Even if you currently don’t feel it’s necessary for your operations, just look at everything that happened in 2020. How quickly things can change. Creating a flexible work environment now can make any changes in the future much easier.

If you find that your organization isn’t as mobile or virtual as you feel it could be, contact us today. The results seem simple but the setup can often be more complicated than it looks. You’ll want to be sure to use someone with the experience and know-how to determine mobile vs virtual office for you and to implement the right solution.

Are Your Cookies Safe?

/in /by

The holiday season is upon us and we have many things to look forward to — even if this year will be a little bit different than others. This time of year the things that come to mind include: family, holiday festivities, and of course cookies! As a Managed Service Provider, people often ask us, are cookies safe?

But we’re not talking about the kind of cookies your grandma bakes for you. In technological terms, cookies typically pop up on your internet browser. They track and store data in the deep corners of your hard drive. With lots of controversy surrounding cookies, many people don’t know if they’re a good or bad thing. You probably have seen notices regarding cookies on most major sites you visit asking permission to use cookies. This is in response to privacy laws in Europe and in many states to protect people’s personal information and browsing habits. We expect to see these notices pop up more and more frequently as privacy laws become more stringent.

In this article, we delve into what exactly these oddly-named, annoying items on your browser are. And we discuss whether or not you should be worried about them.

What is a Cookie Anyway?

Sweet and tasty cookies have been around since the 17th century. But the type of cookie we are talking about today has been around since the mid-90s. The official name is an “HTTP Cookie”. Designers at the time referred to this as a magic cookie of information. And ever since then, the name has stuck.

But what exactly does a cookie do? Cookies gather information when you browse the internet. They track what you are doing on a particular site or what you are doing while browsing in general. There are multiple forms of cookies so here are the more common types that you’ll run into on the Internet:

Session Cookie

This appears on your web browser when you visit a website and tracks information such as your login, products you view, how long you were on a particular page, and other browsing habits. These are called session cookies because they terminate as soon as you close your browser or move to another page. 

Persistent Cookie

Also known as tracking cookies, these cookies stay active even after you leave a site or close your browser. In general, these will track the sites you’re visitingbut usually have an expiration date in which they become inactive. This is one of the most controversial form of cookies since they track your information outside of their original range. However, there are benefits to these cookies, such as storing your login info so you don’t have to enter your information every time you visit your favorite sites.  

Third-Party Cookies

In general, the cookies on your computer are from the sites you visit. For example, if you visit Amazon.com, Amazon will create a cookie on your browser. Third-party cookies differ in that they attach themselves to your browser even if you’ve never visited their site. This may happen if there is a banner or another form of an advertisement on a site that you visit, even if you do not click on them. Many pop-up blockers disable this feature, although it’s not uncommon to have more than 10 third-party cookies attached to your browser after visiting a site without any sort of cyber protection. 

Should You Worry? Are Cookies Safe?

Cookies are an essential part of the ecosystem of the web, but are cookies safe? Massive amounts of small packets of information are passed around every second, and these packets usually play a role in marketing, sales, or captured analytical data. In general, cookies are harmlessor at most a nuisance. 

You might be surprised by how much of your daily life on the Internet is dependent on cookies. Don’t believe us? Go ahead and delete all your cookies on your web browser and then go about your daily business to see how many sites you now have to log into that were automatically accessed before. You’ll be surprised at how much information you’ll have to put in compared to before. 

Cookies are not as invasive as they used to be. They typically contain tiny kilobits of information that take up almost no space on modern computers. Older Internet users may have been in the habit of deleting their cookies to save space, back when computers had very small hard drives.  

Many browsers automatically block third-party cookies, so the only cookies on your computer are from sites that you’ve visited. Sometimes hackers can use certain cookies to gain access to your computer, and since third-party cookies are often weak entry points they become easy targets. Make sure your firewall and internet security is blocking hackers who might try to sneak in through these pathways. 

Bottom Line about Cookies Safety

So, now that we have a better understanding of cookies, can we conclude that cookies are safe? In short, cookies shouldn’t be an issue in most circumstances and you should be fine when accepting them. The amount of memory they use is a nonissue these days. 

However, few things in life are always straightforward, so there are two caveats. The first issue you should be aware of is that while cookies are mostly safe, there is always the chance that a cookie can be hacked and used nefariously. Second, certain operations do not allow cookies on their systems. For example,  government and medical organizations may require absolute security and prohibit cookies.

If you have any questions about cookies on your system, contact us and we’ll ease your mind. As a Managed Service Provider, we will consult with you on any restrictions your organization is required to have in place. We’ll offer you a solution that will work for you in the long run.   

Remember: there’s always the possibility that the wrong cookie may be bad for your computer or your diet! 

Upgrading Servers Can Save You Money

/in /by

Unless you’re running a one-man operation, there’s a high possibility that your entire business runs on a server or two. If you’ve been thinking about replacing or upgrading servers or wondering how you can improve your network performance, overall, you’ll want to continue reading.

We all know that computers and other devices have to be upgraded from time to time; however, we often forget about the servers that store our data. They have never been more important than they are now. As more of our daily operations run on servers, the computer is just a device that we use to access our servers.

As we wrap up our series of section 179 tax deduction articles this month, we want to delve into a topic discussed last week: how can you use your tax deductions to your advantage when it comes to upgrading your systems?

Again, as a quick disclaimer, we are not tax experts. Take these articles purely informationally. Before you make any changes based on tax deductions, be sure to consult your company’s CFO or tax professionals.

The Times Are Changing

As technology has increased the usage of servers in our business practices, they play an important role in day-to-day activities. The main function of a server is to store data for a network of computers. With this storage unit, employees can work together, collaborate, and share projects. Whether you are aware of it or not, if you work in an office, it’s highly likely that your work is stored on a server. 

Having a server inside a building that is physically connected to other computers has been the standard for decades. However, in recent years there has been a push to allow people to connect to these servers remotely. The reasons for this vary, but there are typically two main reasons.

One reason is to allow employees to travel, yet have access to their company’s network and projects. We’ve seen this for years, especially for salespeople and executives who’ve had to travel from location to location. This is still a common practice and works well, so it probably won’t change. 

Secondly, people regularly working from a remote location need access to the servers. Recently, there has been a greater push for companies to have more of their employees work remotely. In this case, each remote employee needs to connect to the company’s servers quickly, easily, and without network interruption. 

The people in the first case are only accessing the servers when needed, while people who work from home or small satellite offices work exclusively on these servers every day. A good high-speed connection is crucial in either case. 

With the current worldwide pandemic, remote work tested companies’ servers. Businesses found out quickly if their networks and servers were, literally, up to speed. 

Understanding Your Options

If you’re finding that your server is sluggish or unstable, you have three main options:

Upgrade — This could be a software or hardware upgrade. If you’re set on keeping your current server, adding more ram or memory could make it more functional. This would be the most cost-effective option. 

Replace — While this is the most expensive option of the three, it will end up giving you greater results. Upgrading your system rather than replacing it limits you because of the aged hardware. By replacing your server, the sky’s the limit! You could literally have anything you want and often get a new warranty plan with it as well.

Migrate — This is an option that has become increasingly popular in recent years. With this, you will slowly transition to a cloud-based solution off-site, instead of having a physical server on location. This may be the best option for you if you have an operation that doesn’t demand all that much from the central system. One of the biggest pros of moving to a cloud-based solution is having zero maintenance. After all, there’s nothing physical to maintain. The hosting company and IT professionals take care of all upgrades and software maintenance so you can have peace of mind.

Now Is the Time for Upgrading Servers

Companies will be putting more and more stress on their servers as the working remote trend continues. We’re the first to admit that servers are not cheap, especially ones with the functionality needed to connect large groups of people over large distances. However, you need to make big moves to stay ahead of your competition and maximize productivity.

In addition, there is an available financial benefit to upgrading or replacing your servers now. That’s the key message of this blog — don’t forget about the tax benefits! 

Some companies are continuously looking for ways to write off their profits to avoid paying too much in taxes. Meanwhile, other businesses may have more than enough loss to help them at the end of the tax year. You still have time to make an upgrade this year and take advantage of Tax 179 benefits. If you’re looking at a loss for this year, now is the time to begin planning for an upgrade at the beginning of the year to get an early jump on tax benefits. 

Are you considering upgrading or replacing your servers? Or have you considered moving to a cloud-based solution like a virtual office? Either way, contact us today to see what your best options would be. Even if it would make more fiscal sense to do this next year, it’s never too early to start planning!

Prepare for 2021

/in /by

We think we’re safe when we say that 2020 has been…less than ideal. After the first quarter, we quickly found ourselves — both professionally and personally — in uncharted waters. But, 2021 is just around the corner and we want to be optimistically prepared.

The continuation of this month’s series of section 179 tax deductions covers how the rapid changes of 2020 can actually benefit your 2021. The good news is that this is actually good news!

As a disclaimer, be aware that we are not tax professionals and this article should only be viewed as informational. Before making any changes related to your company’s taxes, consult with your company’s CFO or other tax professionals.

Overcoming 2020 – The Worst Crown Ever

Who would have thought this time last year that the entire world would be crippled by a tiny little organism? COVID-19 changed everything overnight. For the most part, those changes were devastating. Of course, hundreds of thousands of people have already lost their lives by the time of this writing. Many businesses have also shut their doors or drastically cut back operations.

What seemed like temporary changes (such as sending your employees home to work) soon became the new normal. Businesses like Zoom became overnight successes because of the change in the landscape. We don’t know what will happen with COVID-19 in the coming months or years. We believe, though, a lot of these changes are probably here to stay. So, your company may as well make the most out of it.

Prepare for 2021: Be Smart About Deductions

Most companies had to make changes besides simply sending employees home. Perhaps they had to change or upgrade software, purchased equipment for employees to use remotely, or simply had to downsize. These are all examples of things that can be written off at the end of the tax year.

As a refresher from our last article, the more you spend, the more you save. Even though you may have shelled out more than originally budgeted to accommodate for 2020 challenges, at least you can avoid paying tax on those expenses. What are some examples of changes in the last year you can get some benefit from?

Maybe you found that your company needed more mobile hardware to address a more mobile workforce. Write-off.

Perhaps you moved office space as the decreased workforce (either from layoffs or employees working from home) didn’t justify your former space. Write-off.

Even better, maybe you took our advice and decided to migrate to a hosted environment or virtual office. First of all, thanks for listening! Second, write-off.

If you haven’t done any of this, you still have two months to upgrade your business operations. While these deductions don’t make the upgrades free, they do make the decision much less painful in the short term. Then, the upgrades themselves make it worth it in the long term.

Prepare for 2021: Don’t Just Sit There

If you’re reading this article right now, we congratulate you on surviving in an extremely difficult environment. If you want to remain in business and even grow in the coming years, it’s time to make some upgrades. Now is the best time, as well, while you can utilize the benefits of tax write-offs.

One of these changes is the aforementioned virtual office. It essentially involves creating a virtual workspace where employees can log in and do any of the sorts of work that they would do in a physical office. The primary benefit of a virtual office is allowing your company to be flexible; giving you the option to have employees anywhere in the world and yet still be productive.

This virtual office setting not only stores data like in a traditional cloud solution, but it includes all software and line of business applications to facilitate full productivity. When administered by an experienced company such as ourselves, you end up having a very lean yet safe solution.

If you want to see how your company can get itself in a leadership position in this new climate, contact us and see how we can help put your section 179 tax deductions to work for you!

Writing Off Technology Purchases for 2020

/in /by

Regardless of your line of work, all businesses have one common goal in mind: to generate revenue. Of course, we all want to make a difference in the world and have satisfaction from hard work. However, if you’re not earning more than your spending, you need to make some changes. While large black numbers at the end of the year put a smile on your face, the tax bill that comes along with them usually wipes it right off. Thankfully, there are ways around giving up all of your hard-earned profits to Uncle Sam. Relief can come in the form of section 179 deductions. But what are these and how can you legally use them to write off technology purchases and maximize your company’s profits?

In our series of blogs for the month,  we will be discussing just that. Before we get too deep into the weeds, know that we’re not tax professionals, and these articles are purely informational. If you want specifics as to how Section 179 deductions can work for you, please consult accounting professionals.

Time to find a Write-Off?

 Everyone loves to talk about write-offs, though few people actually understand the specifics around them. Basically, a write-off involves reporting a business expense to the IRS to avoid taxation on the money used to pay for it.

Write-offs seem great for a business owner or manager. Though, in practice, you have to be very careful to avoid trouble with the IRS. After all, you can be sure that they will be scrutinizing any revenue they lose. You’ve probably heard of people who went a little write off crazy in the past now find themselves with 3 square meals a day for free in federal prison!

Can You Write Off Technology Purchases? 

How do you know exactly what to write off and how does this apply to technology? Basically, you can categorize business write-offs into six forms:

Business Personal Property

This includes just about anything that could move from your business base. These can range from office supplies (like pens and staplers) to electronics or even heavy equipment like forklifts. If it is relatively easy to move from one location to another, then it’s considered business personal property. Often technology upgrades will fall into this category, so you can write off technology purchases. They could include new desktops, laptops, servers, or converting everything to the cloud.

Office equipment

This category covers larger objects that you cannot easily move. For example, you can think about larger printers, medical diagnostic machinery, etc. If not covered under business personal property, you can write off technology purchases, here.

Machinery

This is really a category for anything else that produces for your company. Examples in this category might include industrial machinery that you couldn’t just put on the back of a pickup truck. These would usually include the sorts of large machines that you would find in a factory or business like that.

Business vehicles

This is a category that could get someone in trouble quickly. A vehicle, such as a car or truck, purchased by the company and only used for company purposes at any given time falls into this category. Sometimes, a vehicle is used for a combination of work or personal purposes. If that’s the case,  report the percentage of the time the vehicle is used for business versus personal trips.

Property

This includes any buildings or land that your company owns and is used exclusively for business purposes.

Capital improvements

By definition, capital improvement is a structural change or restoration of property that will enhance its value, prolong its useful life, or adapt it to new uses. This does not include any sort of work you do to a property. For instance, the addition of an air conditioner or furnace could be considered capital improvement while doing interior decoration is not. New cable runs to enhance Internet access to your building may also fall into this category.

Tax Write-offs Are Income!

For many of us, tax returns are a bonus. Perhaps if you get one, you take that money to go by a new television or go on vacation. However you use it, most of us consider tax returns a little bonus, not something in our personal budgets.

This should not be the case with businesses. Section 179 deductions are not bonuses, but rather strategic ways of not paying too much in tax. One of the reasons that good tax people are worth their weight in gold is they save your company from paying too much in taxes.

A good company will factor in write-offs when making their budgets and factoring quarterly and yearly profits. For some companies, particularly small companies, those write-offs might be a large portion, if not the entirety, of their profits for the year!

Write off Technology Purchases to Plan for the Future

While many write-offs are incidental or just factoring in day to day business expenses, planning well can make a huge difference in future projects. For example, if you’re in the black more than you anticipated this year, take the opportunity to refresh your technology, consider moving to the cloud, implementing virtual office space, or making server upgrades. By doing something like this, you can make sure that you are benefitting your business while still turning a profit.

The IRS put section 179 in the tax code for the purpose of letting businesses do business without punishing them to death with taxes. They know that if there is an incentive for companies to spend, it will work out well for everybody in the end. So, don’t be afraid to make investments before this crazy year comes to an end. If you need help to strategize your next project, just reach out to us.

The Shrieks and Chills of Working from Home

/in /by

This year has been…interesting, to say the least. One minute businesses were running normally. Seemingly overnight, many of us got the work-from-home position we always wanted. Within and beyond the pandemic, many companies have been transitioning portions of their workforce to work remotely. As technology marches forward, the image of the modern office changes with it.

That being said, cybersecurity is completely different working from home versus an office with dedicated IT support to set up and maintain all computer systems. Cyber thieves are all too aware of this and have acted quickly to take advantage of these new vulnerabilities.

This final Cyber Security Month article discusses protecting yourself and your business from the new threats lurking at home.

Security Dangers Working From Home

When working from home, we generally can’t use the same equipment we enjoyed in the office. Many businesses told their people to use their personal computers when they scrambled to send them home in March. Even if they’re using traditional security techniques, working online makes them more vulnerable to attacks.

For example, maybe they’re relying on the standard Windows firewall. There’s a reason Microsoft constantly pushes security updates to cover the holes in the OS exposed by hackers. This firewall is simply not secure. Perhaps they are extra responsible and installed a computer grade antivirus program. That’s fine against some automated threats, though not for active hackers trying to get access to the system.

Additionally, with many kids learning at home, that same computer may now have additional programs that create vulnerabilities. Many school districts are using software that has had breaches in recent months.

Finally, there’s the latest trend for remote work: VPNs. While some people swear by it for security, last week’s article focused on all the reasons VPN security isn’t all it’s cracked up to be.

Options to Create a Secure Environment Working From Home

When possible, it’s best to provide the computers and other devices that your employees need when working from home. That way you have complete control of the programs they use and how you set up and maintain their systems. This is often, however, too costly and complex to supply and control systems used in the office and remote.

You could also deploy a relatively new option: a virtual office (or hosted desktop solution). Essentially, this creates a secure place online for employees to log in and do their work from home or any other remote location. This is different from a VPN because a VPN protects only the connection itself, whereas a virtual office gives you a safer harbor, of sorts, to do all your work and store files. This can be extra effective as you know who you’re dealing with from beginning to end and if any sorts of problems arise, they can be fixed from a single source.

Who You Gonna Call?

If the idea of supplying your employees with company-owned devices or the setup and maintenance of a virtual office seem overwhelming, don’t worry! Even many large corporations find this to be too difficult or time-consuming to do on their own. In fact, a recent study showed that more than half of all of the companies surveyed use external services to help with their IT needs, and that number goes up significantly with a larger percentage of their workforce working remotely.

This is complicated stuff and no one expects someone from a nonrelated field to be a pro, which is exactly why we work so hard to make sure these processes and services are as seamless as possible for our clients. We’re a managed service provider — this is what we do. We make sure that when some specter hangs overhead and requires your company to have your employees work remotely (even on a moment’s notice), we can be there to make the transition as smooth as possible. Even if you currently have some sort of remote work arrangement in place currently, we can assess your current setup and make sure that you are optimized for what the business world may throw at you today or in the future!

VPN Security: Trick or Treat?

/in /by

If you’ve been on the internet lately, you’ve probably seen pretty aggressive advertising for VPN services. On paper, they seem like something that can give you anything you would want in your online browsing in terms of security and access.

Continuing our Cyber Security Month series of articles, we’ll be covering this apparent modern miracle of internet browsing. As businesses increasingly move to a digital work environment, web security is more important than ever. With that in mind, is VPN security a true treat…or just a trick?

VPNs: As Sweet as Free Candy

Before we get into the benefits of VPNs, we should probably explain what they are. VPN stands for Virtual Private Network. They essentially create a tunnel for your web browsing by giving you a (usually) local server to log into. This then provides access and  directs your web traffic. Not only is the information to and from the server encrypted, it appears as though the server is browsing the sites, not you.

This can be beneficial for you as a browser. Even if someone were spying on your personal connection, they would only see you connecting to a single server, not the specific pages you visit. You can also make it appear like you’re browsing from another location by changing the IP address. Because of this, you can view sites like Netflix and see content not available in your own country. Additionally, you can avoid internet censorship in countries that tend to have more restrictive regulations, like China.

These services are generally low in cost, especially if you purchase longer subscriptions. Actually, there are several options that offer basic services for free and only charge for premium options. Wow! This all sounds great! So, is there any catch?

VPN Security: A Razor in Your Apple

Everyone wants digital security, but just like with anti-virus software, a single program will never keep you fully safe.  Many users  don’t understand the natural limitations of VPNs, putting too much faith in them, particularly free versions.

For starters, no matter what the ads tell you, VPNs do not give you 100% security on the web. While someone spying on your network may not be able to see what you’re doing, the websites you visit sure do! If the site uses cookies, they attach themselves to your computer, not your IP address, so they can still affect you. Also, you don’t know what sort of security protocols the sites you visit have. In fact, VPNs can give you a dangerous sense of security when you should always be vigilant. For example, if you visit a nefarious site and give them your credit card information, your VPN can’t help. Even if you send your information to a legitimate site, your VPN is  powerless if that site gets hacked.

Another issue is VPNs increase the size of a hacker’s target. In the past few years, hackers have put more energy into breaking into larger targets to increase the payoff. Why steal the fish when you can steal the fish market, so to speak? VPN services provide a juicy target since access to those servers means having the browsing information of many users. This exact scenario took place in 2019 when NordVPN servers were hacked, leaving any and all traffic accessible for a period of a few months! If that happened to one of the biggest names in the game, think about how safe you could be!

Stay Safe at Home

While VPNs are far from a perfect solution, the idea behind them has some merit, namely in that by hiding and encrypting your connection, it makes it that much more difficult to have your data compromised. There are still ways to improve on this technology, though.

One of the best ways is to use a virtual office. This entails a complete virtual desktop provided to anyone with the credentials to log in. This can include everything from productivity software (such as MS Office) to actual data storage. This is a much more secure option for a variety of reasons. First of all, you log into one specific, secure system versus going from website to website. Also, this is a dedicated solution, allowing you to login with full confidence knowing who is handling your connection and data. Lastly, virtual offices are often administered by actual human beings, not just software, allowing any and all threats to be addressed in real-time.

While VPNs make your internet browsing safer, that’s like saying eating five pieces of candy instead of six prevents diabetes. If your business plans on doing any sort of remote or virtual connection, take a look at a virtual office. Don’t leave the setup and administration to just anyone. Contact us today to see just how quickly and safely you can get your employees connected without relying solely on tricky VPN security.

Password Security: Don’t let your Password Haunt You

/in /by

October is National Cybersecurity Month and password security is a big part of that! Cybersecurity is so important and appropriate to discuss considering how scary it is out there! As we regularly cover, hackers are getting more advanced by the day, despite security measures improving by leaps and bounds. Of course, no monster is all-powerful and there are ways to protect yourself against these dangers.

In this article, we’ll be discussing a feature that we all use (and abuse) every day: passwords. How insecure can this security feature be and what can you do to protect yourself and your business?

A Necessary Evil

We don’t think that there’s anyone out there that actually enjoys creating and using passwords. After all, they’re just another barrier between you and your data. However, that barrier is exactly what’s going to protect that data from the outside world.

Password Security Struggles

Since many of us struggle to remember passwords, we end up making a lot of common mistakes. These include:

  • Making the password as short as possible
  • Reusing passwords for multiple accounts
  • Not regularly changing the password
  • Using a word that’s easy for us to remember.

We’ve all been told that we should avoid these mistakes ad nauseum, but why?

A Real Monster

When you think of a scary beast like Frankenstein’s monster, what gives us the chills? The sheer physical strength that can break down any door you hide behind. There are software programs that work pretty much the same way, using Brute Force Attacks.

These attacks are codes/programs that test possible password after possible password using random combinations of letters and numbers until something works. Dictionary Attacks operate along the same lines, using all the words in the dictionary instead of just random letters and numbers. Passwords that are too short or too simple feed the success of Brute Force Attacks.

One recent program could crack any 8-character password in less than six hours! Once a hacker cracks that password, they then have access to anything that shares that password. If you use that password for business purposes, the payload is even bigger.

Is Your Password Worth It?

Although cyber pirates still buy large lists of passwords and other stolen data off of the Dark Web for quick hits, they’ve shifted in the past few years focusing on more time and effort on fewer but larger targets. These attacks may take up more of the hacker’s valuable time, but it brings in massive returns.

Naturally, there’s only so much you can milk from a single victim, but a company or organization has much deeper pockets and a lot more to lose. Think about the amount of cash in your personal bank account versus what your company may have at any given time. On top of that, think of all the resources your company has at its disposal that may be vulnerable in the event of an attack.

Fixing the Problem: The Password Security Silver Bullet

We’d be lying if we said there is a cure-all solution to the problem of password hacks because there isn’t any. However, that doesn’t mean that you’re completely vulnerable either. Below are a few ways to keep your password as safe as possible:

  1. Change your passwords regularly — In theory, a hacker could get your password correct eventually. If you keep changing it on a regular basis, you’ll keep them guessing, even if they got the old one correct. On average, we recommend changing passwords every 1-3 months.
  2. Get creative — The best defense for a dictionary attack is not to use words in the dictionary. Either create nonsensical strings of characters or use a combination of words that wouldn’t appear in any standard dictionary. Also, consider using upper and lowercase letters as well as numbers and special characters. As a general rule, the more difficult a password is to remember, the longer it would take for a software program to guess.
  3. Don’t reuse passwords — Having to remember multiple passwords can be a pain. For some of us, we have to use over a dozen passwords before we finish our first coffee! This recommendation keeps as much information as safe as possible if one of your passwords is compromised. Think of a ship or submarine with multiple compartments — if one springs a leak and fills up, close a door to mitigate the damage. If all of your passwords are the same, one lucky guess could bring your digital world crumbling.

Bring in a Champion

As hard as you might try, there’s only so much you can do to protect yourself and your company from threats to your password and overall security. Plus, keeping your system safe can be a full-time job in this world, and you already have one of those.

Instead of trying to fight this monster single-handed, consider bringing in the help of a professional monster killer! Our experienced team is more than happy to swoop in and assist your company with the strongest cyber protection on the market, including password management. Even if your walls have already been breached, we can help in the cleanup and future protection.

Be Cyber Aware: If You Connect It, Protect It

/in /by

In today’s age, we all must be cyber aware. The average American today has access to more than 10 Internet Connected Devices in their household. Most have at least 2 computers and 2 smartphones. Across the world, an estimated 30 billion+ devices connect to the Internet. This connectivity generates massive potential for advancement; but in turn, creates a paradise for hackers. This is nothing new. Hacking has been on the rise since the dawn of connected technology. And here’s the problem. Most businesses have maintained the same security protocols for just as long. The theory is that what they’ve done so far has worked, so why is there any reason for change? Here are the seven reasons why technology is more dangerous than ever before:

Side Note: Why focus on cybersecurity now? October is National Cybersecurity Awareness Month. For the past 17 years, during October CISA and partners have focused on cybersecurity. Follow us on Facebook and LinkedIn for more tips and tricks throughout the month. 

Let’s Be Cyber Aware About Ransomware

The first computer virus was introduced in the 1970s. It took over systems by replicating on the hard drive until the user didn’t have system space to operate. It was actually built as an experiment and had no malicious intent/implications. Today, viruses aren’t child’s play or experiments, and the most dangerous one takes over the hard drive completely, encrypting every piece of data.

If you’re connected to a network, it can then infiltrate the servers and start encrypting there. If your data backups are also on that network, you lose all access to a clean backup.  The only way to get this data back is paying the ransom (not recommended under the vast majority of cases), or working with an IT company to revert back to a clean data/decrypt the files based on the specific ransomware in play. Either way, you’re spending a lot of money and time to get back what’s yours to begin with, your precious data.

Part of Being Cyber Aware is Knowledge of Phishing

Phishing emails at one time were super easy to spot. The Nigerian prince desperately needed to send you money if you inputted all of your personal information. Since then we have become more cyber aware, but phishing attempts have improved. Today, phishing attempts are a whole lot smoother. The perpetrator researches enough to identify your boss, then sends an email under his/her name asking you to discretely transfer money or send identifying financial information. Unless you’re looking at the exact email address it’s coming from (typically spoofed by one or two letters in the domain), all of a sudden you’ve transferred $40,000 into an unknown person’s account thinking it’s your CEO.

You won’t think anything of it until you speak with your CEO later and realize that is wasn’t really them. These honest mistakes cost companies hundreds of thousands of dollars every year with very little recourse to get the money back where it belongs. Some experts say that employee mistakes cause nearly 92% of breaches.

Insider Threats

As more people work remote, particularly with the urgency of the past six months, businesses have lost tight control on their data, increasing the threat of malicious insiders. While we want to trust every person working for us, that one disgruntled employee who decides to store a copy of the customer data before putting in his two-week notice, could wreak havoc on your business when they decide to work for your closest competitor. Virtual Office solutions can alleviate a lot of the pain this could cause and allow you to keep every piece of data exactly where it belongs.

Data Leaks and Password Practices

Malicious insiders can cause these leaks, but they’re also the password leaks from major players that you hear about frequently. You may be wondering how a LinkedIn password breach can really hurt you in the long run (after all they really just gain access to your professional resume). 53% of people admit to reusing their password on multiple accounts. Hackers rely on this. They can sell the password or utilize that password to hack much more dangerous things, like your banking institution. Our best recommendations: use complex passwords, don’t reuse passwords, use a password vault to keep track of all your passwords, and implement two-factor authentication wherever you can.

Become Cyber Aware About Cryptojacking

Cryptocurrency is a hackers’ favorite payment method. It is untraceable and extremely valuable. Beyond requiring cryptocurrency for the vast majority of ransomware attempts, some hackers infiltrate a system and use it to mine cryptocurrency without the user’s knowledge. They get in utilizing a malicious email link or through malvertising (advertising that carries nefarious code). A user may recognize slightly slower performance, but they more than likely never know that someone is using their system to mine cryptocurrency. Some codes also spread throughout networks, so that hackers can maximize their financial gain using someone else’s resources.

IoT Hacks

As we connect more devices to the Internet, particularly those items in our homes – stoves, cars, Alexa or Google – we open another target for hackers to infiltrate our lives. They may canvas homes through your connected camera system or baby monitor, install viruses on your stove or vehicle that impact performance, or begin speaking to y0u randomly from your device. IoT can be safe, but you must make sure you’re utilizing as many security precautions as humanely possible.

Hacker Advancement

The greatest advantage for hackers is they have become more sophisticated and educated overtime, and the good guys haven’t been able to keep up. If you’re relying on internal IT or an MSP without security expertise, your team is most likely behind on the threats and not implementing everything they need to keep your staff safe. They should implement things like phishing tests, employee education, dark web scanning, hosted back-up solutions, crisis planning, multi-factor authentication, and professional-grade permissions control for administrative privileges to keep you safe. If you’re unsure of your security level with your current IT solution, contact us.