Home » Blog » Backup

Tag: Backup

zero day business

Protect Your Firm Against Zero-Day Attacks

Protecting your business against the latest IT threats should always be a top priority. Updating antivirus and patching your operating system is a great way to start. What happens, however, when a threat appears at your door before security firms have had a chance to catch it?

A security threat that exploits a previously undiscovered vulnerability in the computer is known as a zero-day threat. The name “zero-day” is designed to imply how long since the vulnerability was discovered. The term also indicates that system developers have had zero days to fix it.

A newly discovered attack might be packaged into a computer virus or worm. This will allow it to spread far and wide while inflicting the maximum amount of damage possible. When spread successfully, a new exploit has the potential to reach hundreds of thousands of computers before an operating system or anti-virus update can even be issued.

There are a number of ways we can protect your business or lessen the damage from a zero-day attack.

Preventative security

The number one way to mitigate the damage from any attack to your system is to prevent it from happening in the first place. Maintaining a good firewall and up-to-date antivirus is the best step you can take to ensure the security of your system.

A firewall, monitoring traffic in and out of your network, reduces unauthorized entry over the network. Even without knowing the exact nature of the attack, suspicious activity traveling in and out of the system can be stopped.

The same is true of modern Antivirus. Even when it can not identify the specific zero-day threat from its virus database; it can often identify malicious intent from learned behavior in the system.

A Locked Down Network

Should a zero-day threat make it into your network, our next goal should be to limit its effects. By restricting user access to only essential files and systems we can limit the damage done to the smallest number of systems. Good security policy dictates that each account should only have full access to the systems needed to complete the user’s job. For example, users from the accounts department shouldn’t have access to sales department databases.

In this way, the damage of a single compromised account is limited to only the network area it operates in. Such limited impact should be easy to control and can be reversed with regular backups.

Good Data backup

Whether your entire network has been exploited or only a small area has been affected; good data backups are your protection against major lasting damage. Having a good backup means having the procedures in place to both create regular backup copies and make sure they can be restored at a later date.

Reliable and well-tested backups are worth their weight in gold. Knowing your data is safe and your system can be recovered is peace of mind against even the most highly destructive zero-day attacks.

Intrusion Protection

While the precise methods of a zero-day exploit can’t be known in advance, a network intrusion protection system (NIPS) can monitor the firms’ network for unusual activity.

The advantage of NIPS over a traditional antivirus only system is it does not rely on checking software against a known database of threats. This means it does not need updates or patches to learn about the latest attacks. NIPS works by monitoring the day-to-day patterns of network activity across the network.

When traffic or events far out of the ordinary are detected action can be taken to alert system administrators and lock down the firewall. Devices such as USB drives and mobile devices can all introduce threats to the network. They can often make it past the firewall because they are physically introduced to the system.

NIPS protects against threats introduced to the network from both external and internal sources.

Full Cover Protection

Used in combination these techniques can prevent, protect, and mitigate against the kinds of threats that even the top security firms haven’t patched yet. We think it’s important to keep your firm secure whatever it might come up against in the future.

If you could use help protect your business against online threats, give us a call today at 570-779-4018.

Protecting A Business from Internal Threats

When considering IT threats to your business many articles focus on hackers, viruses, and attacks from external threats. These dangers are real, constant, and easily identifiable. In many cases, however, the largest threat to a firm comes from inside the business itself.

People inside the firm often pose the largest single threat to systems and security. These individuals often have trusted access and a detailed working knowledge of the organization from the inside. Employees therefore deserve the largest security consideration when designing a safe business system.

It is important to first distinguish the type of dangerous employee we want to defend against. We’re not talking about an otherwise model employee accidentally opening a malicious email or attachment. Rather, a disgruntled employee seeking to do damage to your business. An employee who may wish to destroy services or steal clients and files from your firm.

Security Policy

Some firms, particularly young businesses, grant employees system-wide permissions from day one. This can make administration appear simple, preventing further IT requests in future. Granting system-wide access is an inherently risky strategy.

Private information relating to the business should be restricted access information. Many types of files need to remain confidential, often as a legal requirement. Human resource files, salary information, and employee documents should be limited to only a select few employees. Yet, businesses often keep confidential information in public places on the network.

Granting system-wide read and write access can appear to save time short term. It is, however, a security policy which only serves to cause security, administration, and potentially legal troubles in the future.

The Principle of Least Privilege

The principle of least privilege is a vital tool, helping you to handle internal IT security. It defines a security policy which ensures staff can access only the resources, systems and data they require to carry out their job.

The policy protects the business from many different types of threat in day-to-day operations. Even where malicious attachments have been opened by accident, the damage is limited only to the work area of a single employee. This results in contained damage, less time needed to restore from backup, and drastically reduced downtime for the firm.

Along with limiting accidental damage, malicious employees looking to destroy or steal data are limited too. With restricted access, an employee with a grudge or profit motivation can only damage or steal from their own area of operation. This helps to ensure that no single employee can damage the entire firm’s operations.

Security Policy In Practice

A member of staff within Human Resources, for example, may have read and write access to the employee database. This will likely include payroll information and sensitive data. This same member of staff would have no need to access sensitive client data, such as sales information, in normal working conditions.

Likewise, a staff member from the sales department should have no need for accessing sensitive HR records.

Using the principle of least privilege, each employee may only have full access to systems that are directly related to their role. Similarly, some systems may be visible to a wider group of staff members even if they can only be edited or removed by one or two people.

In some cases, a security policy may be defined by even finer details than a person’s role within the organization. An HR employee should not be able to edit their own file to change salary information for example. An employee file might only be edited by their superiors in such a case.

Additional parameters can be used to assign privileges to enable the business hierarchy to work within the IT network. Seniority, physical location, and time are all examples of factors that can restrict access to critical systems and secure data.

We can tailor your network to your business, locking down your data to ensure data is only accessed on an “as needed” basis. Call us at 570-779-4018 now.

The Top 5 IT Security Problems for Businesses

The Top 5 IT Security Problems for Businesses

Companies that suffer security breaches nearly always have one of these IT security problems. Is your company guilty of any of them?

No Backups

A shocking number of businesses are not backing up their data properly. According to market research company Clutch, 60 percent of businesses who suffer a data loss shut down within six months.

Not only should every business be fully backing up their data, but their backups should be regularly tested to work too. It’s a step that businesses miss surprisingly often. Many businesses don’t find out that their backup can’t be used until it’s already too late.

Reactive and not proactive

The world is constantly changing. The IT world doubly so. Attackers are always figuring out new ways to break into businesses, hardware evolves faster than most can keep up, and old systems fail due to wear and tear far quicker than we would like. A huge number of businesses wait until these issues impact them directly before they respond. The result is higher costs, longer downtime, and harder hitting impacts.

By responding to hardware warnings before it fails, fixing security holes before they’re exploited, and upgrading systems before they are out of date: IT can be done the right way. Being proactive about your IT needs means systems don’t have to break or compromised before they are fixed. The result for your business is less downtime, fewer losses, and lower IT costs.

Weak Passwords

A surprising number of people will use the password “password” to secure some of their most important accounts. Even more still will write their own password on a post-it note next to their computer. In some cases, many will even use no password at all. Strong passwords act, not only as a barrier to prevent unwanted entry, but as a vital accountability tool too. When system changes are made it’s often essential that the account that made changes is secured to the right person.

With an insecure password or worse; none at all, tracking the individual responsible for reports or accountability becomes impossible. This can result in both auditing disasters on top of technical ones.

Insufficient Staff Training

Humans in the system are commonly the weakest point in IT security. Great IT security can be a bit like having state-of-the-art locks on a door propped open with a milk crate. If staff aren’t trained to use the lock, it’s worth nothing at all.

Often times businesses can justify spending big on security for the latest and greatest IT defenses. The very same firms may exceed their budget and spend almost zero on training staff to use them. In this instance, a little goes a long way. Security training can help staff to identify a threat where it takes place, avoiding and mitigating damage, often completely.

Weak Data Controls

Some companies can take an ad-hoc, fast and loose approach to storing professional data. Often crucial parts can be spread across many devices, copied needlessly, and sometimes even left unsecured. Client data can be found regularly on employee laptops, mobile phones, and tablet devices. These are famously prone to being misplaced or stolen out in the field along with vital client and security data.

It can be easy for both employees and firms to focus on the costs of devices and hardware purchased for the business. The reality is that the data held on devices is almost always worth many times more than the device that holds it. For many firms, their approach to data hasn’t been changed since the firm was first founded. Critical data is often held on single machines that haven’t been updated precisely because they hold critical data. Such machines are clearly vulnerable, outdated, and prone to failure.

Common problems with simple solutions

Each of these common issues have simple solutions to secure against IT failure. With a professional eye and expertise in the field, every business should be defended against IT issues that risk the firm.

If you need help securing your IT to protect your business, give us a call at 570-779-4018.

backup right way

Are You Backing Up the Right Way?

The 31st of March is World Backup day and it’s a great time to put a backup in place. Businesses are losing huge amounts of data every day, purely because ‘backing up’ is stuck at the bottom of their to-do list. So this is your reminder, that even if you only do this once a year when the calendar tells you to, it’s time to flip that to-do list and make it happen! But how? What’s the easiest, most effective way for your business to backup?

You’ve probably heard of file backup by a number of names: Cloud Sync, Cloud Backup or Cloud Storage. They’re all similar enough to be confusing and meaningless enough to be anything. Here’s what they mean and which one you need today.

Cloud Sync

Google Drive, Dropbox, iCloud, etc are services that sync up with a single folder on your computer. They mirror it. When a file changes in one, the sync service rushes to change it on your computer too, so they are always the same. Cloud Sync services are hugely flexible for remote employees, or even those squeezing in a few quick tasks while riding the train to work. They’re ridiculously easy to use, require no training, and the free tiers are enough for most individuals. This all sounds amazing, right? Except…when things go wrong, they go wrong big time. Accidentally deleting a file means it disappears from the Cloud Sync drive – almost immediately. Overwriting a file does the same thing, and if an employee makes edits to the wrong file, then those edits are there to stay. If disaster strikes and your local copy becomes corrupted (or ransomed), well you guessed it, the corruption is uploaded too. While some Cloud Sync services now offer a 30 day backup option, you may not notice the file was missing within this time.

Cloud Sync services are fantastic for productivity and accessing files on the go, but they simply can’t be relied on as your backup tech.

Cloud Storage

Amazon S3, Microsoft Azure, etc are massive buildings full of storage drives that work just like your local hard drive, except you access them securely via the internet. In fact, when you use a cloud sync app like Dropbox, they’re actually sending your data to one of these locations. While the sync services have a constant back and forth connection between the storage center and your folder, and as explained above aren’t good for backup, you have another option. You can access cloud storage on a per/GB basis yourself and upload your entire backup as desired. It won’t update with changes on your local network, but it will be safe from disaster. When you need to retrieve a file, you simply login and download it.

Your backed up data is secure, protected against disaster, and always available to you. However, because it relies on you/your employee to handle the backup plan and manually take care of the uploads, this is a high-risk solution. Unless your employee is scouring your network each day/week/month for changes to files and uploading them with fervent dedication, chances are this plan won’t work. We recommend an automated or outsourced solution so you can get on with business AND be protected.

Cloud Backup

Carbonite, Backblaze backup, Crashplan, etc might not be names you’ve heard before, but they work in the background to monitor changes to files on your computer or network and make sure you’re backed up. You can roll back individual files or whole drives, and even select from earlier backups, not just one. Like sync services, they use cloud storage centers with extra-high security and redundancy so that your data is always there when you need it. Even better, neither you nor your employees need to worry about when it was last done.

The One You Need

Let’s take a moment to talk planning. We recommend starting with the 3-2-1 strategy. This means having 3 copies in total, 2 of them locally such as on your computer and an external drive, and another offsite in the cloud. Using this strategy keeps your business operating when data disasters occur and is an investment in your uptime. We can help get you set up with the 3-2-1 method, including selecting the best cloud service for your needs. If you’re looking for a more scalable, cost-effective solution that gives the utmost peace of mind, ask about our managed backups service.

Need help with your backup? 3-2-1… Call us at 570-779-4018!

Section 179 Deduction

NEPA Section 179 Deduction

It is a great time of year to take advantage of the section 179 deduction. If you purchase software or equipment by December 31rst, you can deduct the full purchase price and a bonus depreciation. Section 179 is the product of a recent stimulus bill that is geared to help small business grow.

There are limits to what you can purchase. Most computer equipment qualifies. Most “off-the-shelf” software qualifies. PC, Laptops, Servers, and network equipment all qualify. Custom software does not but server-based software, PC operating system upgrades, MS office products, and accounting software like QuickBooks all do.

How about a business class i7-6700, 8GB ram, 250GB SSD with windows 10 pro with a 5-year parts warranty?

business class i7-6700, 8GB, 250GB SSD with windows 10 pro

Or maybe you need a new rack mount server with a Xeon Processor, 32 GB ram, 8TB hot swap raid 5 for your new virtual server host.

 Xeon Processor, 32 GB ram, 8TB hot swap raid 5

Or it could be time to upgrade your aging routers. Maybe a new SG-3100 pfSense router with 2x1GbE (gigabit ethernet) internet ports so that you can keep your business running on a backup internet connection even when the main lines goes down?

SG-3100 pfSense

Or maybe you have read some of my ransomware articles and now you are ready to have a serious disaster recovery system in place. We can configure a local backup system and supplement it with online backup. The hardware for the local backup could fall into the section 179 deduction.

Onsite Bare-Metal Recovery with Cloud Replication
We can source you other products as well. Ready for your Dual monitor setup? How about upgrading your laptop to an SSD drive? Maybe it is time to upgrade the memory on your unit?

Dual Monitor

Contact us now and we will be more than happy to configure a custom quote for whatever you need so you can take advantage of the section 179 deduction this year. Contact us here…

 

 

 

 

 

business disaster

Most Businesses Won’t Survive a Disaster. Could Yours?

With the crazy weather we’re seeing, natural disasters and cyber terrorism echoing for years, it’s not a case of ‘if’ a disaster will strike your business, but ‘when’. Surprisingly, it’s not the scope and scale of the event that influences how deeply your business is impacted, it’s your business continuity plan.

Put simply, this is the all-important set of precautions and pre-planned responses to an event, laid out in bullet-proof detail and implemented with one driving focus: keeping your business running with little or no downtime. Think about what would happen if your business was hit by a natural disaster tomorrow. Would it survive? How much downtime would it take to push you into dangerous territory?

According to an IBM study of all the companies that had a major loss of data, 43% never reopen, 51% close within two years and just 6% will survive long-term. For a fraction of those survivors, business even continued as usual thanks to their ‘failsafe’ business continuity plan. It’s more than disaster recovery, it’s full preparedness that bypasses the need for 2+ weeks of downtime, financial ruin, wasted salaries and reputation loss – but it does require a higher level of planning…in advance.

Recommendations to Put You in the Surviving 6%

Prioritize: You’ll need to plan exactly what you’ll recover first and know who’s in charge of making it happen. It goes beyond jotting down a checklist of things to do, it’s taking an analytical, process-based approach to recovery for each unique business perspective. But it’s also realistic: there’s no point dedicating precious time to reviving the email system if your customer data is leaking onto the internet, even if email did rank as your top communication priority!

Backup: Of course, the most critical part of your business continuity is having full backups in three places. Why three? One copy locally which you use each day, a backup on another (disconnected) device in the same location, and one in the cloud. That local backup is your life-saver for system crashes, cyber-attacks and the like; the cloud backup comes into play when your business has taken a major physical hit, perhaps from fire or flood. Some businesses can run entirely location-independent when using cloud systems like Office365, which can be enough to put them in that 6% of disaster survivors.

Test: Make sure all employees know what the plan is if something goes wrong, and their specific roles in these scenarios. You can test, prepare and rehearse your continuity plan under simulated disaster conditions, which will uncover new obstacles, priorities and additional threats.

As your IT environment becomes more complex, carrying more responsibility and risk, so does the importance of a robust business continuity plan. The best BC plans look beyond disaster recovery, taking into account scalability of your system and scope of your individual business, to create strong battle lines that will keep your business operational, both now and for the long term.

Give us a call at 570-779-4018 to create a custom business continuity plan for your business.

mac malware

Apple devices and Macs get malware!!

I don’t like picking on Macs… Oh, wait. That is a lie. I do like picking on Macs because I am tired of hearing “Apple’s don’t get viruses or malware.” This absolutely not true!

There hasn’t been a serious ransomware outbreak on Mac but that doesn’t mean isn’t coming. There are a few ransomware programs in the wild and there has been increased activity in the mac security sector just like there has been in the PC world. Other malware and scam software are out there and on the rise.  “Our tracking of Mac malware has seen a more than 220 percent increase in malware so far in 2017 over 2016,” said Malwarebytes. The main reason that Mac desktops and laptops seem to not be affected is that they only are about 7% of computer users. They are a much small target so there are less malicious programs out there. That doesn’t mean they don’t exist. They will still steal your data if they can. WIth RaaS (Ransomware as a Service) and cross-platform malware, it is becoming easier for the bad guys to target whatever they want. They don’t even have to be proficient at programming anymore. And with an attitude like “we don’t get malware,” you might be easy pickings.

Beyond that, you are also just as likely to lose your online data as a PC user! Just because you are browsing the internet from your Mac doesn’t mean things like the Yahoo and Equifax data breaches will not affect you. You still need to be vigilant in the cloud and protect your personal information.

Protect you and your Mac

  • Backup your data – Onsite, Offsite and Cloud
  • Keep your software and OS up to date
  • Don’t use unapproved software
  • Use an extra anti-malware solution
  • Be wary of unknown websites and unsolicited email
  • Use strong password and 2fa (Two-factor authentication) wherever you can
  • Use a standard account over an admin account for everyday use
  • If you have a laptop, consider full disk encryption

We offer backup, monitoring, and antimalware solutions if you use Apple products in your business. Let us know how we can help!

Feeling the Budget Pinch? Here’s How Managed IT Can Help Save Your Business.

When it comes to running a modern business, technology is always a growing line item in the budget. Costs seem to creep up every quarter, along with a new learning curve for simply keeping everything running along smoothly. It’s no wonder then that budget restrictions for tech were recently found to be a universal concern for small/medium business.

You’re balancing the outlay of maintenance with replacement, plus securing against a steady stream of threats – all while making sure every dollar gives maximum return on investment. It even sounds exhausting! What typically happens is the tech budget gets stripped to a bare minimum, hoping nothing unexpected pops up and everything keeps moving along nicely. After all, everything is working just fine and that money could make a real difference elsewhere… except as soon as an IT emergency strikes, that tiny budget is obliterated and you’re left to either limp along with insufficient tech or dip into another budget area.

Now imagine if budget wasn’t an issue. Imagine all your tech expenses were predicted and capped, and you got everything you needed without resorting to financial magic tricks. Sounds good, doesn’t it?

Put simply, that’s how a Managed IT Service works. It’s a service designed for businesses with a limited budget who don’t have time for tech issues. For a fixed price each month (which is no doubt less than you’re thinking), you get a team of IT technicians actively monitoring your systems in order to catch issues before they occur, repairing problems on the fly, and ensuring your business is always as secure as possible. Included as part of your Managed IT Service, you also get expert business consulting around the solutions you need now, which solutions will help you rapidly scale, and which technology you don’t need. All for one predictable, fixed price each month. It gets better:

You’ll reduce downtime and associated revenue loss.

Forget scrambling while systems are down, with Managed IT Services you’ll know which tech is failing and can proactively repair or replace before it impacts your business. Downtime is planned/minimized and your staff are working uninterrupted by tech drama.

You’ll skyrocket efficiency.

You’ve probably been responding to your IT events in ‘firefighter mode’, essentially dealing with problems as they arise and switching to new, improved tech only when you must. With Managed IT Services, problems are automatically reported and optimal solutions designed in advance. Even the small issues that have been slowing your business down and limiting progress come to light, ready to be solved for greater efficiency.

You’ll secure against data loss.

Whether you’ve been following the news and worrying about the next cyber-attack, or you’re working with confidential customer or proprietary data, your Managed IT Service has you covered. Our technicians secure your business against attack using the latest technology, full backups, software updates and leverage every drop of their know-how to keep your valuable data safe.

Learn more ways Managed IT Services can benefit your business – give us a call at 570-779-4018.

6 Brilliant Ways Managed Services Can Work For You

Wouldn’t it be great to know you could access the internet from every room in the house – including the outdoor entertaining areas? How about printing wirelessly from wherever you happen to be? Many homes are embracing the flexibility of having multiple devices and users, but with each new addition come increased headaches when trying to make it all work together. They know what experience they want, but actually assembling a complex network can be like trying to juggle a live, angry octopus!

Most people don’t realize just how complex their tech setup has become. Ask around and you’ll discover homes commonly have 4 mobile devices, 2 tablets, a desktop or laptop, a printer…plus a smart TV, media streamer, and a games console …ALL of which need access to the same secure internet connection, backup systems, and protection from digital threats. Yikes!

While businesses immediately default to calling in the tech experts to make sure their system works exactly the way they need it to, residential users haven’t had that option – until now. Our managed IT services can assess your unique needs and create the perfect solution for you –everything working the way you want and within budget.

Using managed residential services has the added benefit of providing one, predictable bill for every part of your technology services, including:

Advice and setup: Our experts love to talk tech and can help you make product decisions, plan and create your ideal network environment – building in all the parental controls and security your unique situation needs. They’ll even help educate your family on best practices, cyber safety, and common threats.

Remote support: Save time and energy if something goes wrong, our experts can securely log in to remotely diagnose and repair many issues – just let us know and we’ll take care of it.

Backup: You’ll never have to worry about losing all your personal files, photos, video and music if your device is broken or stolen. Our experts will make sure everything that’s important to you is backed up regularly.

Maintenance: While your devices are pretty durable, they still need regular maintenance and cleaning. This extends the life of your device greatly and has the added benefit of making it run like new again.

Security: Every device under your managed IT plan will be automatically monitored for security issues and updated regularly. Our tech experts will ensure your network is secure, protecting you and your family on autopilot.

Cloud: We’ll make sure you have access to all your files, no matter which device you’re on, giving you true digital flexibility and (a safeguard against forgetting homework!).

With new connected devices finding their way into homes each year, it’s more important than ever to ensure your network can grow easily, with security at all levels. Remember, it only takes one unprotected device to let the malware in, even something as innocent as a remote-activated lightbulb! Our managed IT services will free you from worrying about security and maintenance, while at the same time giving you the performance and flexibility your family needs.

Find out how Managed IT Services can help you by calling us today!

WannaCry Ransomware Explained: Is Your Business At Risk?

You’d be hard-pressed to miss last week’s biggest headline, the WannaCry cyber-attack sent shockwaves around the globe. Businesses of all sizes and even police departments found themselves crippled without warning.

Among the most prominent victims were many NHS hospitals in the UK, affecting up to 70,000 individual devices such as essential MRI scanners and blood-storage refrigerators. But by the time it hit the news, it was too late – either your system was protected, or it was infected. Here’s how it all went so wrong.

What is WannaCry?

The WannaCry cyber-attack was a type of malware (the collective name for computer viruses & bad juju) called ‘ransomware’. Just like the name suggests, it’s actually a demand for money. Like all ransomware attacks, WannaCry encrypts your files and holds them hostage until you pay. In this case, the price was set at $300, payable with internet currency Bitcoin, and you had 3 days to pay before it doubled. If you didn’t pay, the ransomware threatened to delete your files permanently. It’s yet unknown how much money the WannaCry hackers have earned with their latest attack, but you can be sure plenty of people have paid the ransom. Even the FBI recommends paying the ransom, especially if the ransomed files are of a sensitive nature or weren’t backed up.

How It Spread So Fast

It seems WannaCry may be a ‘computer worm’ that self-replicates and spreads, rather than a phishing attack that needs to be activated with a click. So far, no common trigger has been identified, as is normally the case with phishing links. WannaCry moved rapidly from system to system, spreading out through the entire network, including all connected backups and storage devices. At the same time, it spread out to infect other networks, who then spread it further, and so on. Given the nature of the internet, it was everywhere within hours.

Why Some Businesses Were Safe

WannaCry could ONLY infect systems that have fallen 2 months behind in their Windows updates. This is because it was created to take advantage of a specific vulnerability in Windows, one which Microsoft patched months ago. Without that patch, the ransomware could waltz right past the firewall, past the anti-virus and directly into the system (the NHS were reportedly running Windows XP – no longer supported). Those running Windows 10 or a fully patched, recent version of Windows were completely unaffected – the virus literally had no way in

It just goes to show the importance of staying up to date. We haven’t seen a second spike in WannaCry attacks yet, but that doesn’t mean there won’t be one. A quick update could protect your business from weeks of downtime and lost revenue, making attacks like this a non-issue.

With our managed services, we can make sure you stay up to date – and protected. Give us a call today at 570-779-4018.