Home » Blog » security patches

Tag: security patches

The True and Unexpected Costs of Being Hacked

There are the normal costs everyone associates with a breach, like getting your own server and computers fixed up, with maybe a little downtime. But really, most businesses view the possibility of getting hacked as more of an inconvenience than a bottom-line cost. For those who’ve come out the other side though, it’s a very different story. They know the hidden and ongoing costs of a data breach can be crippling, and that IT security exists to protect your business on multiple levels. All those surprise costs that spiral out of control are why most businesses close after a cyber-attack. Here are a few of the hard, but common realities of life after a hack.

Raiding the budget to reduce downtime

From the moment a cyber-attack gets into your system, things get expensive, and the longer the attack goes, the more it costs. Latest stats reveal most breaches aren’t identified for around 191 days, then it can take on average another 66 days to contain the damage. During this time you’re cleaning PCs, mobile devices, laptops, servers and even entire networks. Add to this the fee for experts to fix everything up, all the new tools and software they insist you have, and all the hours/days/weeks when your business is struggling with downtime, you’ll exhaust your emergency funds very quickly.

The long arm of the law

Depending on what data was stolen and how you handled the situation, you could be liable for fines into the millions. Having any medical data or legal files leak is a particularly messy scenario with fines coming from multiple sources. In any case, new privacy laws mean businesses are liable for massive fines if they don’t disclose a data breach, even if only email addresses were stolen. Where this gets even trickier is that the burden is on your business to know exactly what data has been stolen/illegally accessed, so you can report it before the fines stack up. This means that even if you were able to fix up the systems yourself, you still need to hire an expert who can identify exactly what the hackers took, from where and when.

Customer retention measures

In a double-down crush to your bottom line, not only does your business have to bear the cost of the hack, your future income takes a hit as customers lose trust and leave. To offset this, many businesses need to engage PR experts, spend more on advertising, and go all out to ensure they survive to fight another day. Even so, your breach disclosure will still come up in search results for many years. The more negative publicity your breach attracts, the more you’ll need to spend on customer retention.

All your secrets exposed

While you may not have Pentagon level secrets to protect, your business does have information that you’d like to keep to yourself. Hackers love going after those juicy tidbits, and the more closely you guard them, the more attractive they are. Think Coca Cola recipe, Big Mac Secret Sauce or 11 Herbs & Spices…While those corporations would be big enough to keep their competitive edge after the breach, your business success relies on at least some information staying secret. It may not be a secret recipe, but your proprietary methods and databases have a black-market value all of their own.

But simply avoiding a breach doesn’t cost much at all…

The thing is, it’s not expensive to stay on top of it all and keep your business protected. For a low monthly fee, we can reverse the entire scenario and secure your systems against the unknown. That means no need to raid other department budgets in a panic, pay crippling fines, make embarrassing public announcements, or fight to retain your competitive edge.

We can help with making sure your systems have the latest security patches and your anti-virus knows the latest tricks to watch for. Our technicians can build a virtual fortress around your business that keeps the bad guys out while letting you thrive, and even monitor security with early warning systems. Whatever your needs are, both now and moving ahead, we’re here to help keep you safe while keeping your IT costs low.

Ready to secure your business against breaches? Give us a call today on 570-779-4018.

Outsourcing Updates

Keep Up to Date by Outsourcing

Updating your business software is one of your best protections against cyber-attack, but actually going through and running the updates is a task that often gets overlooked. Either they take too long, they pop up at inconvenient times, or you simply don’t know when an update is available. Do you have a plan in place to ensure all your tech is up-to-date, or are you flying by the seat of your pants?

Emergency updates are a killer

Just between us, most businesses update their software only when the repair techs come to fix a major breakage. The techs run the updates before they leave, then the systems sit there with ever-widening security gaps… until another breach happens and the techs are called back for another band-aid solution. Emergency only updates in a break/fix model are a great little earner for those techs, not so good for your uptime or budget.

Finding time for maintenance

To keep your business up and running securely, you need someone who lives and breathes updates. They’ll need to have top tech skills so they know when and how to apply all the patches, and how to make sure all your other tech is playing nice (and do it all after-hours). If you have an in-house IT specialist, you’re set – and they should already have an update plan. But if you don’t have a qualified IT team member, outsourcing to managed services is the perfect solution. You get highly skilled technicians remotely applying your network updates after hours. It’s also a great alternative when your in-house IT team is overloaded and has no time left for routine maintenance. We’re able to partner with your existing techs to take care of the small tasks, leaving them free to focus on bigger initiatives.

What else needs to be checked?

Beyond running security patches, it’s important to keep your business moving forward. Here are a few areas our techs look at as part of managed services:

Hardware health: The last thing you want is days of downtime after a piece of hardware dies a spectacular death, dragging other components down with it. By not staying on top of your hardware health, you’re opening yourself up to lost productivity, lost income and unknown delays. Our managed services can assess and replace components before they break. If suitable, we’ll also save you money by recommending (and helping) you move to a cloud solution, so you can access your data with inexpensive hardware like tablets.

Operating system expiry: While it’s great that you have a preferred OS, keeping it after the manufacturer ceases support can leave your business wide open for attack. It’s simply not a good combination. Our managed services technicians will advise you of any changes coming up for your OS, and suggest the best upgrade for your needs.

Legacy programs: Updates to your software have the potential to disrupt older programs, either resulting in errors, slow performance or even downtime. With technology advancing so fast, we often find additional requirements with an update, such as extra processing power, memory or graphics. Our technicians always make sure to check for compatibility as a whole before running an update.

Staying on top of your maintenance and upgrades can be a huge challenge for small business. Outsourcing to our managed services can help more than your budget – call us today at 570-779-4018.

New ‘KRACK’ Wi-Fi Security Issue: This Affects All of Us

The invention of Wi-Fi has been a science fiction dream come true. We can use our laptops anywhere in the house, our phones are using home internet instead of sucking down our cellular data, and our gadgets are all communicating. It’s essentially the backbone of the smart tech boom for home and business alike. Most networks are password-protected with an encryption called “WPA2” and this has been safe and secure, until now.

Recently, a security flaw called KRACK was discovered that allows hackers to break into Wi-Fi networks – even the secured ones. Your laptop, mobile phone, gaming console and even your smart fridge are possibly vulnerable as a result.

How KRACK works: The Key Reinstallation AttaCK isn’t a problem with your device or how it was set up. It’s a problem with the Wi-Fi technology itself. The attack gets between your device and the access point (eg router) to reset the encryption key so hackers can view all network traffic in plain text. Since we rely on Wi-Fi so much, this might mean hackers have a front row seat to your credit card numbers, passwords, chat messages, emails, photos and more.

NOTE: The hacker must be in physical range of your Wi-fi to exploit this flaw, it doesn’t work remotely like other attacks we’ve seen recently. Given most Wi-Fi ranges extend well past your own home/business, this is small comfort, but important to know.

How to protect yourself

Run your updates: Software updates are being released which fix the flaw. Microsoft has already released one for Windows, Apple has one coming in a few weeks. Take a few minutes to make sure you’re up to date with all your patches on any device that uses Wi-Fi (your smartphones, laptops, tablets, PCs, game consoles, etc). Unfortunately, some devices may be slow to get an update, or if they’re older, may not get an update to fix this issue at all. If possible, consider using a cabled connection on those older devices or upgrade to one with support.

Be very careful with public Wi-Fi: While your local business center, library or school campus has expert IT professionals keeping guard over your security, it’s a very different matter at your local coffee shop. It’s unlikely small locations such as this will be on top of security patches. Remember, a hacker exploiting this flaw only needs to be in the same Wi-Fi area as you, so be careful you don’t give them a dollop of private information with their coffee.

Check your browser security: Before sending anything secure over the internet, check you’re using a HTTPS site. You’ll know these by the little padlock you see next to the URL, and the address specifically begins with HTTPS. Major sites like Facebook, Gmail and financial institutions already use HTTPS.

If you need help updating your devices, or want us to check if you’re safe, give us a call at 570-779-4018.

Windows Updates

Why Your Windows Updates Are More Important Than Ever

Stories about hackers and virus attacks seem to be making the news almost every day, and many of these news stories include tips on how you can avoid becoming a victim. One common theme among these tips is making sure your Windows operating system up to date.

Every day hackers are trying to figure out new ways to break into Microsoft Windows and once they do find a weakness, they try and find a way to spread it. This could be through a malicious email attachment or even something that spreads without your involvement.

Updates Explained

Whenever Microsoft discovers a potential flaw, they push out a small piece of software to all Windows computers running a supported version. If set correctly, your computer will check if there’s any updates or patches and install them automatically. In new versions, this usually happens when you’re shutting down or starting up, and doesn’t impact your experience at all. Unfortunately, some users will manually disable or delay their updates, creating a risky situation.

The update may include security patches, drivers or a simple tweak to address bugs or issues with Windows. Sometimes, they even include new features or applications to improve the stability of your operating system. They’re a good thing!

Not All Versions Get Updates

Some older operating systems are no longer supported, which means unless there are extenuating circumstances, Microsoft won’t issue any new updates. Not a single one – generally, if cyber criminals discover a flaw after support ends, they’re free to exploit it. For example, Windows XP support ended in 2014, and Windows Vista just ended in April this year. The moment an operating system is retired it becomes a playground for cyber-criminals.

It’s not just Microsoft walking away from these old versions either. Third party software like the Google Chrome browser will still work, but they’ve also stopped supporting old versions with crucial updates and patches. It might seem like everything is working fine because your anti-virus isn’t pinging in alarm, but it just becomes a case of risk, upon risk, upon risk.

What to do with older Windows

As much as you’re comfortable with your older version of Windows, each time you boot up you’re exposing your system, important files and entire network. It only takes one weak entry point in the chain to allow malware into all connected devices. That could mean your photo storage, media center or even smart appliances. It’s not worth it – if you’re running Windows XP or Vista (or older), you need to update to a more modern operating system ASAP. Give us a call to upgrade your computer.

We can also monitor your system remotely and apply your Windows updates with our Managed Services packages, ensuring you are always up to date and protected. Give us a call Today!