Is Your Business Ready for an Internet Outage?

by

Cloud computing has given us greater mobility than ever before. We can sign in to video conferences on our phones, collaborate on presentations from a laptop, or edit a file on a tablet on the sidelines of a kids’ soccer match. Yet the one thing we need still is a reliable internet connection.

Think about the country of Canada. Earlier this year, business ground to a halt in an instant. A botched maintenance update by a large internet service provider (ISP) hobbled more than 10 million customers.

Yes, there are many advantages to cloud computing, including:

  • enhanced productivity;
  • scalability;
  • pay-as-you-go price structures;
  • greater flexibility
  • avoiding having to pay for and manage on-premises IT infrastructure.

Yet when you rely on a single internet provider, you could be left high and dry if something goes wrong.

Building a backup plan for lost internet

About one-quarter of Canada’s internet capacity was offline. The downtime lasted only 12 hours for some, days for others. The list of outage impacts is long. The problem halted some point-of-sale payments, some nonprofits lost the ability to serve vulnerable populations, Rogers mobile phone users couldn’t call for emergency assistance, and cellular-dependent traffic signals in Toronto were out of whack.

What can we learn from this? Businesses should prepare a backup.

Backing up your internet

Setting up a secondary internet connection can help your business remain online. You’ll be ready if there are system issues, intrusions, or power a failure. For this to work, you’ll need to partner with a different provider than you do for your primary internet. This cuts the odds that both your main and backup internet will go down at once.

If your primary internet connection is wired, consider a cellular backup. For example, a router with 4G backup would switch you to that network if the main connection failed.

The very nature of redundancy is that it repeats what you already have. That can make some businesses balk: Why pay twice? Yet internet redundancy can help you avoid lost business, productivity, and brand reputation, not to mention the stress of having to try to do business in this digital age without being able to get online.

Maybe you can’t reinforce your IT infrastructure with a second provider. At least reach out to your current ISP to learn their backup plans. Ensure they have failovers established to back up their systems.

The Canadian outage saw many businesses floundering. With the ubiquity of technology today, it’s not unlikely that more ISP outages will happen. Be ready for the worst with plans for redundancy and contingency plans. Our experts can help you cut the risks of inevitable communications failures. Contact us today at (515)422-1995.

Benefits of Monitoring the Dark Web

by

The Dark Web is a hub for criminal activity. Even if your business is legitimate, you can’t ignore the Dark Web entirely. This article will explain the Dark Web and the benefits of monitoring its thousands of pages.

The US government created the Dark Web in the mid-1990s for spies to exchange information. It is still visited today by journalists and law enforcement agencies. People in countries prohibiting open communication might also use the Dark Web.

Yet the Dark Web is also home to illegal activity. This is where users can find weapons, child pornography, and counterfeit money. Criminals can also access malware, leaked data, and stolen information (including access credentials).

Bad actors like the Dark Web because it isn’t something you can find on your typical browser. The Dark Web is hidden from standard search engines, and you need specific software, configurations, or authorization to access it. Users also hide their IP addresses and use encryption to mask their identities.

Why Monitor the Dark Web?

There’s a real threat of your business suffering cyber assault. This could result in brand damage, significant financial losses, and intellectual property theft. If your business isn’t monitoring the Dark Web, you won’t know what is on there that could harm your business.

Dark Web monitoring can help you find:

  • compromised usernames and passwords;
  • proprietary company information available online;
  • stolen customer lists;
  • evidence of employee identity theft.

With Dark Web monitoring, you can limit damage to your bottom line and brand reputation. Surveillance can also help you find weaknesses and plan to prevent future attacks.

How Does Dark Web Monitoring Work?

Dark Web monitoring checks chat rooms, blogs, forums, private networks, and other sites that criminals visit. Using human and artificial intelligence, scans search for stolen customer lists or data, staff login passwords, and business email domains and IP addresses. You’re notified if there are any issues. Awareness can reduce the time it takes to discover a breach and address weaknesses.

Protecting Your Business from the Dark Web

Monitoring is the only way to shore up your cybersecurity. Obviously, it’s better if the scans find nothing from your business. So, it’s a good idea to strengthen your cyber hygiene. You can do so by:

  • educating employees about secure passwords and how to spot a phishing scam;
  • investing in password managers and antivirus and anti-malware software;
  • keeping all hardware and software up to date.

Monitoring the Dark Web is not something every business can handle solo. Even though the Dark web is far smaller than the Web you’re on every day, there are thousands of pages to scan.

Our experts can boost your cybersecurity protections and set up Dark Web monitoring. Contact us today at (515)422-1995 to lower your risk profile.

GPU Shortage Ends: The Benefits

by

You may not think about it much, but your computer needs a graphics processing unit (GPU). The GPU allows you to see multimedia content and renders the graphics of your video games. It can also accelerate high-performance computing. The good news? It’s no longer as difficult to get a new graphics card at a reasonable price.

A global shortage of GPUs in 2021 made it challenging to obtain new graphics cards. That could stall repairs and upgrades. Plus, people who wanted to build their own computers struggled to do so. If you did find a GPU available, you could expect to pay much more than usual. Scalpers were also buying the chips up and charging exorbitant prices.

One problem was that major chip manufacturers were struggling to source silicon. It’s needed for the semiconductor functionality of GPUs. The pandemic slowed and even stopped production at some of the largest silicon manufacturers.

It didn’t help any that cryptocurrency miners were buying up GPUs, too. They needed the processing power to mine efficiently.

Why the shortage is over

Fortunately, the GPU storage is ending. GPU manufacturers continued developing chips while waiting for the silicon semiconductors they needed. Now that those are back online, the graphics card companies can quickly make up for lost time.

At the same time, GPUs are no longer the best option for cryptomining. Instead, they have been replaced by more efficient application-specific integrated circuits (ASICs).

What happens next?

Actually, a surplus of older GPUs is expected, as a new generation of GPUs has arrived.

A new GPU series means manufacturers and computer parts stores will look to clear inventory. They’ll want to sell off older GPUs to make room for the new product.

This can be good news. You can expect prices of the previous generation of technology to come down. Plus, you can take advantage of the GPU surplus to replace a failing GPU. Or you can now upgrade your graphics card more affordably.

Get in the GPU Game

Want help upgrading your GPU or evaluating if your computer can handle the new GPUs coming in a few months? Our experts can help.

What is SIM Jacking, and Why Should You Care?

by

If you play the popular SIMS life-simulation video game, you could think SIM jacking means someone takes over your characters, but the reality is even worse. SIM jacking is a type of identity theft targeting your real-life identity via your phone.

In SIM jacking a bad actor uses the subscriber identity module (SIM) card associated with your cellphone number to make calls, send texts, and use data. This has several potential negative outcomes:

  • Your phone bill goes off the charts with international calling and data usage fees.
  • They might impersonate you by sending texts to scam your friends and family.
  • They can sign up for new email and social media accounts using your phone number.

Most importantly? They can use your phone number and SIM card to sign into your personal accounts. Many of us use text messaging for authentication. That’s when a site, say your bank, sends a code to your phone to confirm it’s you.

Now, imagine the criminal has access to your bank account through a leaked password. Whereas they couldn’t get in before because of two-factor authentication, they now have your SIM card, too. That means the SMS to authenticate your account also goes to them. They’re in, and you’re out.

How Does SIM Jacking Work?

Typically it starts, as so many cyberattacks do, with phishing. You might get a text or email that looks like it is from the cellphone carrier that asks you to click on a link. It might tell you there’s been suspicious activity on your account or that your bill is past due. It’s usually something that will make you anxious and feel the need to act urgently.

You’re taken to a fake website where you provide your name, address, cell phone number, and date of birth. With the right information, the scammer contacts your phone carrier and asks for a new SIM card. Once they have that in hand, they access your account and take over your cellphone. If they pair that with leaked credentials, they can really do damage.

If you’ve been SIM jacked, you’ll find out after the fact. You will no longer have a signal connection, so you won’t be able to send texts or make or receive calls. You may also have difficulty signing into the hacked accounts.

If you do think you’ve been SIM jacked, contact your carrier ASAP. Also, change your passwords and let your friends and family know. Otherwise, they might fall victim to a malware attack that appears to come from you.

Protect Yourself from SIM Jacking

Be careful with your personal information. Be wary of any requests to share your sensitive information online. Avoid taking action based on text messages or emails from people you don’t know and trust.

Protect yourself by using an authentication app such as Google Authenticator or Authy. Do this instead of using text messages to authenticate yourself online.

Always update the applications on your smartphone. Yes, it seems like there are constantly new updates, but they can be protecting you from vulnerabilities.

You might also get a request to restart your phone. This is a common sign your SIM card has been hacked. If you do it, you’ll lose control of your SIM card. So, call your carrier first.

It’s also a good idea to regularly review your phone bills for any charges that you don’t recognize.

Want to protect your online activity? Our IT experts can help update your applications and identify any vulnerabilities. Contact us today at (515)422-1995.

What Is Microsoft Secure Score?

by

Security is a priority no matter the size of your business. Recognizing this, Microsoft has a Secure Score measurement in its 365 Defender dashboard. But what is Secure Score, and how does it help your business? This article explains the basics.

Secure Score measures your security posture. It reviews your activity and security settings against Microsoft’s best practices. The idea is to identify areas to enhance protection and provide suggestions.

In the dashboard, administrators can view the current state of their security score. It considers all Microsoft identities, apps, and devices. There is also a target score. The higher your target score, the more recommended actions you’ll get, although Microsoft cautions that you should balance increased security against user experience.

Secure Score Recommendations

Secure Score shows you possible improvements considering security best practices. Secure Store currently offers recommendations for:

  • Microsoft 365 (including Exchange Online);
  • Azure Active Directory;
  • Microsoft Defender for Endpoint, Identity, and Cloud Apps;
  • Microsoft Teams.

The score does not measure the likelihood of a system or data breach. Instead, it looks at system configurations, user behavior, and other security-related measurements. Then, it scores what you’ve done to offset security risk in real-time.

Microsoft not only lists security recommendations but also tracks your action plan. The implementation section shares prerequisites and provides step-by-step advice to complete improvement actions. You can report on status (e.g. planned, risk accepted, resolved through third party, and complete). Rankings also help you gauge implementation difficulty, user impact, and complexity.

Scoring Security with Microsoft

The more improvement action you take, the higher your score. For example, you’re given points for:

  • configuring recommended security features;
  • doing security-related tasks;
  • addressing suggested improvements with a third-party application or software, or alternate mitigation.

Microsoft Secure Score also compares your metrics with scores for similar organizations. The data is anonymous, but in the Metrics & Trends tab, you can view how your score compares to others over time.

Raising Your Secure Score

How can you have an immediate impact on your Secure Score? These three steps can boost your organization’s security:

  1. Enable multi-factor authentication on administrator accounts in case account credentials are compromised.
  2. Enforce password expiration policies to prevent the usage of leaked credentials.
  3. Set up Azure Active Directory to track, log, alert, and remediate and better protect sensitive data and information.

Our IT experts are here to help you understand Secure Score. We can help enact action plans to apply the recommendations. Contact us today at (515)422-1995.

What’s the Difference Between Archiving and Backing Up Your Data, and Do You Need Both?

by

It goes without saying that your data is vitally important to your business. Lose data, and you could be out of business for a while, or maybe for good.

But many business owners don’t completely understand how to protect their data. It’s not complicated, but you need to understand the two most basic data protection methods.

In this article, we’ll explain the differences between backing up and archiving data, and why each is important.

What Is a Data Backup?

A data backup protects the data you work with every day by keeping a copy in a secure location so you can restore it quickly if it’s lost or damaged.

You need to consider three key things when you design your backup strategy. First, the changes you’ve made to your data since your last backup are at risk because they aren’t yet backed up. So, you need to think about how much data you can afford to lose when you create your backup schedule. You might decide to back up daily, hourly, or even more frequently. It’s a tradeoff between your needs and the cost.

Second, you need to keep your backup in a secure location away from your data to protect it from theft, vandalism, fire, or water damage. Don’t keep it on the premises; that’s not going to help you if the building burns down.

Third, you need to be able to quickly restore your data from the backup. Time is money, especially when your systems are down, and the longer it takes to bring your systems back up, the more business you stand to lose.

What Is a Data Archive?

A data archive stores data that you don’t need every day but might need in the future. It’s like putting your old files in boxes and storing them in the attic while you keep your active files within reach. Some examples could be tax data, bank transactions, medical records, and any records required for regulatory compliance.

Archiving pulls this data out of your daily work data and stores it offline so it can’t be modified intentionally or accidentally. Just like a backup, it needs to be in a secure location away from your data.

Do You Need Both a Backup and an Archive?

Residential users might be able to get away without an archive because they usually have much less data than a business. That means you can keep your archived data and work data together in a backup.

But for a large business, it’s best to use both a backup and an archive. A backup is much faster and easier to restore than an archive because it uses high-speed storage devices such as fast hard disks or flash disks. This keeps your downtime after a data loss to a minimum.

On its own, an archive won’t do the job for either a business or an individual. An archive contains only the part of your work data that you need to keep long-term. Plus, it isn’t performed often enough, so too much of your work data is at risk of being lost. Finally, it’s too slow to restore, so your systems might be down too long.

Creating a Strong Data Backup and Archiving Strategy

A lot goes into a good backup and archive strategy, and it’s critical that you get it right. You don’t want to discover that you’re missing data after a data loss or when you need records for regulatory or legal compliance.

We can provide you with a tailored backup and archive solution for the best protection you can have against data loss. Give us a call today at (515)422-1995 to learn more.

What Does a Data Breach Look Like

by

Part of the problem with a data breach is that your business doesn’t know about it until it’s already happened – sometimes well after. Knowing the signs of a data breach can help you mitigate the damage.

Don’t get complacent about cybersecurity. There are many things competing for your attention. But cyber vulnerabilities can mean unexpected downtime, as well as loss of data or money, and more.

Of course, you’re already installing firewalls and securing all remote entry points. You’re updating your antivirus tools and software regularly. Plus, you’re keeping strong passwords and educating employees about social engineering.

Still, bad actors can attack. Be vigilant about looking for these common signs of a potential breach.

Computer slows down

If your computer appears to be taking longer than usual to do what you ask, pay attention. You may not be imagining it. This, or frequent crashes or screen freezes, could be a sign of malware. Unwanted viruses may be monitoring your activities, corrupting files, and consuming device resources.

A slow network is another indicator of compromise, as is losing control of your computer’s mouse or keyboard. Malware takes substantial network bandwidth and can slow computers and connected devices.

Passwords don’t work

You have set passwords or you’re working with passphrases. You know what you set as your access credential, but it’s no longer working. This could mean cybercriminals have taken control of your accounts and changed the passwords.

Emails back from contacts

If you’re getting emails from your vendors or customers responding to messages you didn’t send, that’s a bad sign. Either you’re overworked and forgetting what you sent, or hackers have taken over your inbox and are using your address to send messages. They might masquerade as you to send fake invoices or request access credentials.

Unknown files appear

It is not a good sign when files that you don’t recognize appear on your screen or in Task Manager. Installing malware often downloads extra files onto the target machine. So, new files you didn’t add could mean an attack has occurred.

Also, be wary if file names change or the desktop icons look different. Monitoring for changes can help you react before a large amount of data is compromised.

Ransomware request

This one’s obvious, but we can’t fail to mention it. If your accounts are locked or you face a screen you can’t get past, you may be a ransomware victim. When someone offers you an encryption key to access your accounts or files, it’s definite.

Help prevent a ransomware infection by keeping your operating system up to date. Also, avoid installing any software without knowing exactly what it is or what it does. Additionally, you’ll want to regularly back up your files. That way, if attacked, the damage may be less significant.

With 90% of small businesses impacted by cyberattacks, you can’t afford to ignore any of these symptoms. The best protection is to prevent any infiltration in the first place. Ensure you have the necessary protection in place. Contact us today at (515)422-1995!

What You Need to Know About Browser Extension Risks

by

With “Googling it” now a common expression, it’s safe to say you do a lot online. To do it all you’re using a Web browser (such as Chrome, Edge, Firefox, etc.). To do it all more efficiently or effectively, you could be using browser extensions, but this article is going to warn you against doing so.

To clarify, browser extensions are code add-ons that you connect to your browser. You can use them to personalize your surfing experience, and they accomplish many different things, including:

  • saving time (e.g. Scribe, Evernote, StayFocusd);
  • checking your grammar (e.g. Grammarly);
  • managing your passwords (e.g. Keeper, LastPass);
  • securing your online activity (e.g. DuckDuckGo, Ghostery)

Even though we’ve just said they can help secure your online activity and manage your passwords, the problem is that they are also risky.

Consider the fact that we said this represents added code. Now, how much coding do you know? Most will say “not a lot.” That means you’re blindly trusting that browser extension.

If you download a malicious one, that code can wreak havoc. Suddenly, your default search engine gets changed, or you get redirected to a start page with malware on it. You might face an onslaught of pop-ups or ads. They can also track your browsing history without you knowing it.

That’s just the beginning

Many browsers today want to keep you safe from malevolent extensions. They’ll have permissions in place before allowing access. Yet you still end up giving that extension a lot of access. For example, an extension modifying google.com needs access to all your Google activity. That means your Gmail, too.

Browser extensions access everything you’re doing online. So, a malicious extension could also function as a keylogger capturing passwords or credit card details.

A browser extension can also be sold to or hijacked by a bad actor. Then, it’s easy enough for them to push out an update that turns your trusted extension into malware.

What to do about this issue

Does this mean you should do without browser extensions? There are even browser extensions out there to block other browser extensions, but abstinence from extensions is not your only solution.

Instead, we’d recommend reviewing the safety and credibility of that extension. This means you should:

  • Check to see who published the extension.
  • Look at the reviews. A high number of positive reviews is a good sign. Thousands of people are unlikely to give five stars to a malicious extension.
  • Pay attention to the permissions required. If an extension claims to modify only one website, check that it accesses that site only.
  • Protect yourself with a good antivirus solution.
  • Keep your antivirus solution and other software updated.

It’s also easier to stay safe by limiting the number of installed extensions you use. If you have browser extensions that you aren’t using, uninstall them. This can cut your exposure to potential threats.

Another way to secure your online activity? Work with our IT experts. We can check permissions and review your extensions. We’ll also ensure your antivirus and software are up to date. Contact us today at (515)422-1995.

Improve Your IT budget Forecasting

by

As the year comes to a close, you have to write the IT budget and spending benchmarks. You must understand the current IT infrastructure and forecast technology needs. This article shares three key areas to improve forecasting and maybe save budget too.

#1 Unexpected IT expenses

First, it helps to identify where you are blowing your IT budget. Often IT budget inaccuracies can be traced back to unexpected tech expenses. Repairs, replacements, and unanticipated upgrades can all throw your budget out of whack. Unfortunately, emergency repairs and last-minute technology improvements are the most costly.

But without a crystal ball, you can’t predict what’s going to happen, right? Still, you can make a plan that allows you to avoid wasting money on the break-fix model. Partnering with a managed service provider (MSP), you will typically pay a set monthly fee. Then, if something does go wrong, you have IT experts at the ready to address the issue.

Plus, a good MSP will work to determine the expected life cycles of your tech assets. That way, you can anticipate hardware or software upgrades and budget accordingly. Further, your MSP should work proactively to prevent unexpected downtime. They can help protect you from cyberattacks and keep software and hardware updated and patched.

#2 Bloated IT infrastructure

Overlapping and wasted resources are another big IT budget drain. You could be paying for many devices that do the same thing, or you may be continuing to license software that your team no longer uses. Or it may be software that everyone uses, and you could be getting a much better deal. You might also be paying for tech you haven’t upgraded, so you aren’t getting the full return on your investment.

An MSP can help identify these kinds of issues. Bringing in an IT expert provides an objective view of your infrastructure. They can suggest performance improvements and streamline processes. They may also suggest subscriptions or other packages that can help you save funds.

#3 IT and business misalignment

The plan is always to build a budget for an IT strategy that helps achieve business goals. Yep, doing so depends on your tech know-how and good communication.

Further, tech-business alignment has grown more difficult as infrastructure has changed, plus, the workforce is now more distributed. The business could have on-premises technology as well as cloud-based software. Employees could be bringing in their own devices and/or working remotely. As a result, business tech needs to be doing more. Plus, it needs to keep up with rapid evolutions and cybersecurity threats.

Yet investing in IT-business alignment improves budgets, and benefits workers and customers. Potential advantages include:

  • reduced digital friction;
  • improved user experience;
  • greater customer engagement;
  • cutting costs;
  • improving productivity;
  • gaining visibility of business processes;
  • faster delivery times and speed to market;
  • growing your competitive advantage;
  • driving innovation.

Work with an MSP to bridge business acumen and IT expertise. Then, you can better calculate the financial impacts (costs and ROIs) of your IT plan.

Need help understanding IT budget pitfalls and spending benchmarks? We can help plan for tech spending supporting your business objectives going forward. Contact us at (515)422-1995.

Avoid Holiday Hoodwinks

by

The holidays are busy. We’re trying to get work done to have some fun, and we’re hosting family and friends. Plus, parents that have the holiday Elf tradition must remember to move the doll every night. It’s a lot, and it can make us more likely to fall for scams that can lead to data theft.

Hackers like to take the path of least resistance. Why work harder than they have to for their ill-gotten gains? Instead, they’ll use social engineering to get you to give them your data or download their malware. Look out for these top holiday scams.

Parcel delivery scams

More people are expecting packages this time of year. Bad actors take advantage of this with what’s called a smishing scam. It’s a particular type of scam using text/SMS messaging. You get a message from a known service telling you a delivery needs rescheduling, or that there’s an outstanding fee that needs to be paid.

Recipients, who are already expecting a package, are quick to fall for the request. Clicking on the message link, they enter personal information or download malicious software.

Tip: Go to the source of the package you’re expecting and see what they’re saying about your package delivery.

E-card scams

Another common holiday season scam takes advantage of our enthusiasm for money. Scammers send e-cards to your email. When you click on the link, you’ll download a virus or other malware (e.g. ransomware).

Tip: Check the credibility of any e-card sender before downloading the “gift.”

Christmas hamper scams

Everyone wants to be a winner, but don’t fall for the scammer calling or emailing to say you’ve won a Christmas hamper. They’ll claim to be from a legit organization and have some of your personal information already. That helps them make it all seem genuine. Then, they’ll ask for you to provide more personal details to collect your prize or gift.

They may ask only for your full name, address, and phone number (if the request was emailed). They’ll be collecting this information for a more focused attack in the future.

Tip: Use strong passwords and be careful about what personal details you put on social media.

Fake websites

Many people shop sites that are unfamiliar to them at this time of year. Grandparents (even parents) know nothing about that latest trendy shop! Bad actors will set up fake sites offering gifts and services. They’re looking to get your personal details and money.

Tip: Prefer secure website addresses starting with “https” and displaying a locked padlock.

Shopping scams

Every season has its in-demand items. Scammers take advantage of this and set up ads for amazing deals on those items. Desperate to get this year’s toy for your toddler, you might be hooked. Or they’ll ensure people click on their ads by offering ridiculous deals. If you do get the item purchased via these ads, it’s likely to be a sub-par counterfeit.

Tip: Shop with retailers you know and trust.

Bank scams

This scam operates year-round, but bad actors have an edge in the holiday season when people spend more. Fraudsters typically call, text, or email as your bank having noticed suspicious activity. They get you feeling anxious and then urge you to take action (e.g. click a link or share personal details) to address the issue.

Tip: Remember that banks never use unsolicited calls to ask for personal details, pressure you to give information, or tell you to move your money to a safe account.

Protecting yourself this season

The tips shared throughout this article will help. At the same time, setting up password managers and antivirus software can also be useful. We can help you secure your online activity year-round. Contact us today at (515)422-1995.

Click to see our BBB Report

FOLLOW US

VISIT US

Privacy Policy