Home » Blog » security

Tag: security

outsourcing your IT

Outsourcing your IT

Why outsource your IT?  As a Small – Medium Business (SMB), the question of outsourcing your Information Technology (IT) may have frequently crossed your mind, especially with the surging security breaches that the media outlets seem to broadcast weekly.  Whether your business does not already have a dedicated IT Department or if you are seeking complementary services to your already established IT infrastructure, outsourcing your IT technology can provide tremendous benefits to your business.  Using the 3 R’s (Reasons, Risks & Rewards) can provide a base to examine if outsourcing your IT may be beneficial and effective for your business.     


REASONS to outsource your Managed IT Services

  • Outsourcing is Budget Friendly – Cost Effective – Reduce & Control Operating Costs.
  • Would your business like to improve your and Your Employees’ Focus and Resources?
  • Would your business like to Reduce Labor Costs?  
  • Is your business finding it difficult to keep up to date with Routine Maintenance on Workstations and Servers?
  • Is your business finding it difficult to start or manage IT Projects?
  • Make capital available for other means in your business.
  • Reduce Security Risks.


RISKS involved with outsourcing Managed IT Services

Any time you hand over responsibilities for any aspect of your business you are inviting risk. Whether hiring a staff member or outsourced service, you may have lingering hesitations, such as, What are they supposed to do? Or Will they fit in with the company culture? Or Did I hire the right person?  


Some other risks that you may consider when outsourcing your Managed IT Services:


  • Loss of Control – Oversight
  • Confidentiality of DATA – entrusting someone to your company’s intimate practices may seem like a risk, but an Outsourced IT Service provider can also help protect your DATA from ending up in the wrong hands
  • Disaster Recovery – much like confidentiality, an Outsourced IT Service provider can mitigate and help to make a plan for Disaster Recovery
  • Some IT functions are not easily converted
  • Employee Morale
  • Your business may get locked into a contract


REWARDS of outsourcing your Managed IT Services

  • Acquire a Valuable Partner –  a committed Expert of Outsourced Managed IT that provides professional, objective and best practice advice along with keeping up with the most current technology trends.
  • Add to your In-House capabilities.
  • Little to no Human Resource (HR) Investment.  Hiring an employee hosts a staple of expenses from the hiring process, background checks and supplying a space to work to account for benefits, vacation, sick days, worker’s compensation, continued training, employee performance reviews, human resources, and of course, employee turnover.
  • Cost Savings.
  • Flexible to your Company’s changes in size, volume, and strategy.
  • Security – Keeping your Systems updated, leveraging Virus protection and proactively monitoring.
  • Predictable Monthly Budget.
  • Prevent Burnout of Yourself and Employees.


BONUS – Tips to Working with your Outsourced Managed IT

  • Clearly formulate and communicate goals and objectives of the business relationship
  • Have a Strategic Vision
  • Keep Open Communication


Managed IT Outsourcing companies have a lot of experience with different types of businesses and thus – a better understanding of a client’s expectations. This is the main reason why outsourced companies are able to be flexible with your requests and visions. They can even propose new ideas that can change your perspectives. Outsourcing companies see your existing infrastructure from a different vantage point and can customize a solution for your individual business needs.  


About Herstek & Associates, LLC

Herstek & Associates, LLC is a professional outsourced computer service company serving small to medium businesses in Luzerne and Lackawanna Counties in Northeast Pennsylvania (NEPA). Our specialties are network planning (network consulting), network projects, and ongoing network/computer maintenance. We pride ourselves in not only delivering the results you expect but also being knowledgeable, systematic, accountable, trustworthy and easy to work with. To speak with a Support Advisor about the the computer support provided by Herstek & Associates, LLC please call us at (570)779-4018 or contact us.

Outsourcing Updates

Keep Up to Date by Outsourcing

Updating your business software is one of your best protections against cyber-attack, but actually going through and running the updates is a task that often gets overlooked. Either they take too long, they pop up at inconvenient times, or you simply don’t know when an update is available. Do you have a plan in place to ensure all your tech is up-to-date, or are you flying by the seat of your pants?

Emergency updates are a killer

Just between us, most businesses update their software only when the repair techs come to fix a major breakage. The techs run the updates before they leave, then the systems sit there with ever-widening security gaps… until another breach happens and the techs are called back for another band-aid solution. Emergency only updates in a break/fix model are a great little earner for those techs, not so good for your uptime or budget.

Finding time for maintenance

To keep your business up and running securely, you need someone who lives and breathes updates. They’ll need to have top tech skills so they know when and how to apply all the patches, and how to make sure all your other tech is playing nice (and do it all after-hours). If you have an in-house IT specialist, you’re set – and they should already have an update plan. But if you don’t have a qualified IT team member, outsourcing to managed services is the perfect solution. You get highly skilled technicians remotely applying your network updates after hours. It’s also a great alternative when your in-house IT team is overloaded and has no time left for routine maintenance. We’re able to partner with your existing techs to take care of the small tasks, leaving them free to focus on bigger initiatives.

What else needs to be checked?

Beyond running security patches, it’s important to keep your business moving forward. Here are a few areas our techs look at as part of managed services:

Hardware health: The last thing you want is days of downtime after a piece of hardware dies a spectacular death, dragging other components down with it. By not staying on top of your hardware health, you’re opening yourself up to lost productivity, lost income and unknown delays. Our managed services can assess and replace components before they break. If suitable, we’ll also save you money by recommending (and helping) you move to a cloud solution, so you can access your data with inexpensive hardware like tablets.

Operating system expiry: While it’s great that you have a preferred OS, keeping it after the manufacturer ceases support can leave your business wide open for attack. It’s simply not a good combination. Our managed services technicians will advise you of any changes coming up for your OS, and suggest the best upgrade for your needs.

Legacy programs: Updates to your software have the potential to disrupt older programs, either resulting in errors, slow performance or even downtime. With technology advancing so fast, we often find additional requirements with an update, such as extra processing power, memory or graphics. Our technicians always make sure to check for compatibility as a whole before running an update.

Staying on top of your maintenance and upgrades can be a huge challenge for small business. Outsourcing to our managed services can help more than your budget – call us today at 570-779-4018.

New ‘KRACK’ Wi-Fi Security Issue: This Affects All of Us

The invention of Wi-Fi has been a science fiction dream come true. We can use our laptops anywhere in the house, our phones are using home internet instead of sucking down our cellular data, and our gadgets are all communicating. It’s essentially the backbone of the smart tech boom for home and business alike. Most networks are password-protected with an encryption called “WPA2” and this has been safe and secure, until now.

Recently, a security flaw called KRACK was discovered that allows hackers to break into Wi-Fi networks – even the secured ones. Your laptop, mobile phone, gaming console and even your smart fridge are possibly vulnerable as a result.

How KRACK works: The Key Reinstallation AttaCK isn’t a problem with your device or how it was set up. It’s a problem with the Wi-Fi technology itself. The attack gets between your device and the access point (eg router) to reset the encryption key so hackers can view all network traffic in plain text. Since we rely on Wi-Fi so much, this might mean hackers have a front row seat to your credit card numbers, passwords, chat messages, emails, photos and more.

NOTE: The hacker must be in physical range of your Wi-fi to exploit this flaw, it doesn’t work remotely like other attacks we’ve seen recently. Given most Wi-Fi ranges extend well past your own home/business, this is small comfort, but important to know.

How to protect yourself

Run your updates: Software updates are being released which fix the flaw. Microsoft has already released one for Windows, Apple has one coming in a few weeks. Take a few minutes to make sure you’re up to date with all your patches on any device that uses Wi-Fi (your smartphones, laptops, tablets, PCs, game consoles, etc). Unfortunately, some devices may be slow to get an update, or if they’re older, may not get an update to fix this issue at all. If possible, consider using a cabled connection on those older devices or upgrade to one with support.

Be very careful with public Wi-Fi: While your local business center, library or school campus has expert IT professionals keeping guard over your security, it’s a very different matter at your local coffee shop. It’s unlikely small locations such as this will be on top of security patches. Remember, a hacker exploiting this flaw only needs to be in the same Wi-Fi area as you, so be careful you don’t give them a dollop of private information with their coffee.

Check your browser security: Before sending anything secure over the internet, check you’re using a HTTPS site. You’ll know these by the little padlock you see next to the URL, and the address specifically begins with HTTPS. Major sites like Facebook, Gmail and financial institutions already use HTTPS.

If you need help updating your devices, or want us to check if you’re safe, give us a call at 570-779-4018.

mac malware

Apple devices and Macs get malware!!

I don’t like picking on Macs… Oh, wait. That is a lie. I do like picking on Macs because I am tired of hearing “Apple’s don’t get viruses or malware.” This absolutely not true!

There hasn’t been a serious ransomware outbreak on Mac but that doesn’t mean isn’t coming. There are a few ransomware programs in the wild and there has been increased activity in the mac security sector just like there has been in the PC world. Other malware and scam software are out there and on the rise.  “Our tracking of Mac malware has seen a more than 220 percent increase in malware so far in 2017 over 2016,” said Malwarebytes. The main reason that Mac desktops and laptops seem to not be affected is that they only are about 7% of computer users. They are a much small target so there are less malicious programs out there. That doesn’t mean they don’t exist. They will still steal your data if they can. WIth RaaS (Ransomware as a Service) and cross-platform malware, it is becoming easier for the bad guys to target whatever they want. They don’t even have to be proficient at programming anymore. And with an attitude like “we don’t get malware,” you might be easy pickings.

Beyond that, you are also just as likely to lose your online data as a PC user! Just because you are browsing the internet from your Mac doesn’t mean things like the Yahoo and Equifax data breaches will not affect you. You still need to be vigilant in the cloud and protect your personal information.

Protect you and your Mac

  • Backup your data – Onsite, Offsite and Cloud
  • Keep your software and OS up to date
  • Don’t use unapproved software
  • Use an extra anti-malware solution
  • Be wary of unknown websites and unsolicited email
  • Use strong password and 2fa (Two-factor authentication) wherever you can
  • Use a standard account over an admin account for everyday use
  • If you have a laptop, consider full disk encryption

We offer backup, monitoring, and antimalware solutions if you use Apple products in your business. Let us know how we can help!

Public Sector IT Security

NEPA Public Sector IT Security

Are you in a NEPA local or state government entity? Are you worried about audits and compliance? Have you been quoted some solution that you can’t afford?

Ask us about our NG firewall and endpoint solutions!

Our NG (next generation) firewall has an option that was designed specifically for state and local government compliance. There are public sector discounts for all the security packages.

Already have a system in place? We ofter a conversion service as well as system optimization service. The NG firewall device can be installed “inline” which means you may not have to replace all your current network hardware.

We will monitor these solutions for you via our MSP/MSSP packages. Monitoring is part of compliance rules!

Some of the key features of Untangled NG Firewall:

  • Helps meet compliance for FISMA, NERC, NIST, FIPS, and several other state and county rules
  • Unique and granular policies for specific departmental and user access
  • Firewall, Router, IPsec VPN, Advanced Antivirus, Intrusion Prevention and Phish Blocking
  • HTTPS/SSL traffic inspection
  • Active Directory/LDAP Integration
  • Prioritize network traffic for mission-critical applications
  • Layer 7 application awareness to identify all incoming application traffic regardless of port destination
  • Prevents network slowdowns caused by any individual or group of users and applications

Give us a call at 570-779-4018 so we can schedule your free consult!


nonprofit nepa

Nonprofit NEPA – What do you do for computer service?

Is your nonprofit company calling for computer support only when things are broken? Are you calling an IT company at all?

IT can be challenging even for larger nonprofit organizations. Many places have older equipment but have a high demand to use new software. Some do not have computer savvy staff to take of the mundane computer tasks. Most appear to have a high employee turnover. A few desire secure remote access. All have sensitive client info that needs to be kept private. All of these things require cybersecurity to be high on the list of priorities as they all present opportunities for hackers and evil doers to gain access.

It is all too expensive to worry about, right? And who would want to hack our small company? You would be surprised. On both counts. Even Non-Profits can get HIPAA Fines. You can still be held accountable for your client’s data loss.

Cybersecurity and IT can be affordable. You may not be a “for profit” business, but you are still an organization that needs to have a secure and efficient computer system. There are many budget-friendly ways to accomplish this for nonprofit companies.

  • Free hosted email
  • Free spam scanning and encryption
  • Low-cost hardware and software options
  • Open source software solutions
  • Donated or Recycled hardware
  • Monthly service or all-inclusive plans that are easier to budget

These are only some examples. If our years of experience working with NPOs has taught us anything, it is each organization is unique and may benefit from different solutions.

Let us take a look at your current setup and see if we can offer some cost-effective solutions to get your nonprofit on the right track.


6 Simple Tips to Protect Your Customer Data

As cyber-attacks continue to make headlines, hackers are exposing or selling customer data files in record numbers. But just like with any threat, there are actions you can take to minimize risk and ensure your business retains a positive reputation among customers.

  1. Stop using the same password on repeat. Set a mandate for all staff that passwords must be unique for each user and for your workplace. That means it can’t be remotely like the one on their home PC, tablet or online banking. Passwords are hacked more than ever, so when you’re prompted for a password change, dig deep and really think about what goes into a hacker-proof password. If remembering them is a problem, consider one of the latest password management tools.
  2. Go on a shredding spree. How much sensitive data is being dumped into the recycling bin? Valuable customer data is often taken from the bins of small businesses and quickly sold or published. It’s not just good practice to shred sensitive documents, it’s the law. Take 5 seconds to run documents through the shredder or book in the services of a secure shredding company.
  3. Ditch the accounting spreadsheets. Still using an Excel doc for all your number-crunching? Besides making your accountant’s job harder (and more expensive), you’re opening your business to a massive range of vulnerabilities. Even with password-protection, spreadsheets aren’t designed to safeguard your financials or those of your clients. Upgrade to a proper accounting solution with built-in customer data protections and security guarantees.
  4. Train staff explicitly. You can’t rely on common sense because what you think is a given might be news to someone else. It can be extremely beneficial to hold special data-safety training sessions once or twice a year as a reminder, as well as take the time to induct new staff into the way things are done.
  5. Limit access to data. Just like the bank manager who guards the keys to the vault, you can limit who accesses your data. Revoke employee access as soon as they leave your business for good, and set rules around who can access what – and when. Do they need access to sensitive information while working from home? Should they be able to change the files, or only view them?
  6. Keep your software updated. Possibly the most preventable hack, having outdated software can be an open invitation for cyber-criminals. They look for known weaknesses in business software and waltz right in. While the nagging pop-ups and reminders to update can feel like a selling ploy, they’re actually helping your business to stay in the safe zone. Updated software gives you protection against new viruses and hacking techniques, plus closes off those nasty weaknesses.

If you would like to make sure your business is secure from data breaches, give us a call!

4 Simple Tips to Keep Your Internet Banking Safe

Online banking has boomed in the past few years to become the new norm. Branches are out and apps are in. Half the time when you visit a branch, you’re steered towards a computer for a DIY transaction – with optional assistance. But is internet banking really safe? You’re always told to keep your financial details private, but now also to jump on board the online banking train – talk about a push/pull scenario! The good news is you CAN bank safely online with a few simple precautions.

Always type in the website address

Many attackers will attempt to trick you into clicking a fake link to your bank website. Usually sent as a ‘phishing email’, they’ll claim there’s a problem and ask you to click through to your bank and correct it ASAP. The link points to a fake website that looks almost exactly like your real bank site and is recording your private account info. You can avoid scams like this simply by accessing your bank by manually typing in the website or using a bookmark.

Avoid public computers and networks

Jumping onto a PC at the library or mall might seem like a quick and easy way to check your account, but public computers are often targeted by scammers. In just a few moments, they can install keyloggers to record usernames, passwords and other private data, then sit back as all future user details are emailed to them. The same problem applies with free, unsecured Wi-Fi. You’re better off using an ATM or a data-enabled smartphone.

Use a strong password with 2- factor authentication

Create a unique password for your online banking, something you’ve never used anywhere else. Mix up words, numbers and symbols to create a complex password that can’t be guessed easily. Avoid giving attackers a head start with data they can find on Facebook, like kids names, pet names, birthdates, etc and really think outside the box. And of course, never write it down anywhere near your wallet, phone or computer. If remembering is likely to be an issue, you might like to consider a secure password manager app. Many banks will also help boost your security with two-factor authentication, sending random codes to your phone (or a special LCD device they provide) to verify any activity.

Check page security before entering data

Finally, take a micro-second to spot the small padlock icon before you enter any data. You’re looking for a padlock appearing as part of the browser itself, not just an image on the webpage. It will be either in the bottom corner or next to the URL. The address will also start with httpS:// instead of http://. If you don’t see these things, the page is NOT secure and you shouldn’t log in.

6 Brilliant Ways Managed Services Can Work For You

Wouldn’t it be great to know you could access the internet from every room in the house – including the outdoor entertaining areas? How about printing wirelessly from wherever you happen to be? Many homes are embracing the flexibility of having multiple devices and users, but with each new addition come increased headaches when trying to make it all work together. They know what experience they want, but actually assembling a complex network can be like trying to juggle a live, angry octopus!

Most people don’t realize just how complex their tech setup has become. Ask around and you’ll discover homes commonly have 4 mobile devices, 2 tablets, a desktop or laptop, a printer…plus a smart TV, media streamer, and a games console …ALL of which need access to the same secure internet connection, backup systems, and protection from digital threats. Yikes!

While businesses immediately default to calling in the tech experts to make sure their system works exactly the way they need it to, residential users haven’t had that option – until now. Our managed IT services can assess your unique needs and create the perfect solution for you –everything working the way you want and within budget.

Using managed residential services has the added benefit of providing one, predictable bill for every part of your technology services, including:

Advice and setup: Our experts love to talk tech and can help you make product decisions, plan and create your ideal network environment – building in all the parental controls and security your unique situation needs. They’ll even help educate your family on best practices, cyber safety, and common threats.

Remote support: Save time and energy if something goes wrong, our experts can securely log in to remotely diagnose and repair many issues – just let us know and we’ll take care of it.

Backup: You’ll never have to worry about losing all your personal files, photos, video and music if your device is broken or stolen. Our experts will make sure everything that’s important to you is backed up regularly.

Maintenance: While your devices are pretty durable, they still need regular maintenance and cleaning. This extends the life of your device greatly and has the added benefit of making it run like new again.

Security: Every device under your managed IT plan will be automatically monitored for security issues and updated regularly. Our tech experts will ensure your network is secure, protecting you and your family on autopilot.

Cloud: We’ll make sure you have access to all your files, no matter which device you’re on, giving you true digital flexibility and (a safeguard against forgetting homework!).

With new connected devices finding their way into homes each year, it’s more important than ever to ensure your network can grow easily, with security at all levels. Remember, it only takes one unprotected device to let the malware in, even something as innocent as a remote-activated lightbulb! Our managed IT services will free you from worrying about security and maintenance, while at the same time giving you the performance and flexibility your family needs.

Find out how Managed IT Services can help you by calling us today!