Home » Blog » employee

Tag: employee

Getting tech new business

How to Securely Dispose of Old Computers

Getting new computers for your business is exciting, but what happens to the old ones? Depending on the age, some people sell them, others throw them out. That’s the easy part. The problem is the sensitive data on them. There are passwords, account numbers, license keys, customer details, medical information, tax returns, browser history…. the works! Each computer, whether laptop, tablet or desktop, contains a treasure trove of sensitive information that cybercriminals would love to get their hands on.

Unfortunately, hitting delete on your files doesn’t actually make them disappear, nor does waving a strong magnet over the drive. These mistakes have cost businesses millions of dollars over the years.

Most businesses are unaware that specialized data cleanup is necessary, others think calling someone to collect the computers will cover all the bases. A 2016 experiment proved just how dangerous the situation can be when they bought 200 used hard drives and found 67% held unwiped, unencrypted sensitive data, including sales projection spreadsheets, CRM records, and product inventories. Frighteningly, they didn’t need any special hacking skills to get this data, it was all right there and helpfully labeled. It’s also not surprising that with simple data recovery tools, people have also been able to access British NHS medical records and missile data, all waiting patiently on a discarded hard drive.

Why hitting delete doesn’t help

Data on a hard drive works like a book with an index page. Every time data is written, it pops a quick entry into the index so when you need it again, it knows where to look. The index is used for files you create as well as system files you can’t even see. Sensible, right? Except if you delete a file it’s more like changing the index to say nothing is on page 10 and you can write something else there when you’re ready. But if you manually flip to page 10, you’ll find the information is still there – the file still exists until it’s been written over – it’s the index reference that got deleted.

Wiping data before disposal

There are software tools you can get to do it yourself, as well as dedicated security firms, but your best option is to choose an IT business you know and trust. With that in mind, a methodical approach is required to ensure not a single drive is left untreated. You don’t want to leave data behind, or even clues that a motivated person could extrapolate any private information from. The approach might include using checklists to maintain security, or dedicated processes to guide each step in decommissioning. Careful records should also be kept, including who signs off on completion of the retirement, and where the computers are sent afterwards. A proper inventory and auditing process may slow the rollout of the new computers slightly, but it’s always better than having your old data come back to haunt you.

We can migrate any needed data, backup the information to your server or external drive, then wipe or destroy the hard drives for you. We can assess the age of your old computers and either dispose of them for you or point you in the right direction of computer recyclers. Plus, the quicker you dispose of your old computers, the easier the process will be. Recyclers will be able to send less of your equipment to landfill, and you’ll be less likely to forget how valuable the drive contents are.

Upgrading your business computers should be a happy time for you and your employees, so with a little forward planning, you’ll be able to keep everyone smiling and all your data secure.

Need help with your old hardware? Call us today at 570-779-4018

Getting tech new business

How to Get the Right Tech for Your New Business

Congratulations on your new business! Start-up costs can easily escalate, and tech is often one of the bigger expenses. It’s not that everything is high priced, but the sheer number of technologies available can overwhelm smart decision making. The latest tech is dangled in front of you with amazing features you didn’t know you needed, and suddenly your budget has gone boom!

Here’s how to get the tech right for your business, without the headache and drama.

1. Check if you actually need it

In a lot of cases, using a cloud application means you can skip the big server purchase, along with the on-site technician to manage it. Many of your business programs will have a cloud option that allows you to get all the benefits without the big expense. Before you make the tech purchase, work out which applications you’ll be running and whether a local installation or cloud access is preferred. As part of this stage, think about how you’d like to use the applications – perhaps remote access is a priority, or perhaps collaboration will underpin your business culture. This level of clarity is often overlooked and the number 1 reason why tech expenses spiral.

2. Get expert advice

It’s easy to ask friends and family what to buy, but there are many more factors to consider than just their personal preference. You trust their opinion, of course, but they may be speaking from a consumer perspective or basing their recommendation on brand loyalty. Every business is different and pairing the correct technology with the business will save you a lot of money in the long run.

3. Buy business grade

Unfortunately, the computers and laptops you see in department stores aren’t up to business standard. They’re designed for home users to perform quick tasks, not run a full 8 hour (or more) workload. Business grade systems have additional features that your business needs, plus longer warranties and better support. Even the attached devices like networking or printers are built to a higher standard, to last longer and perform better. Considering the cyber climate we live in, taking a special interest in the security offered by the business grade technology is a wise decision.

4. Prioritize flexibility

Businesses evolve rapidly during their first few years and the last thing you want to do is go out and buy new tech, playing catch-up with your vision and smushing together an assorted mismatch of devices. Your new technology should be as scalable as your business, which means making purchase decisions based on strategy, not price. Perhaps this means instead of workstations for employees, you only need tablets. Rather than having a fixed point of sale system, you might choose mobile checkout devices so your staff can assist customers on the go. These examples highlight how easy it is to commit to certain tech because it’s ‘what you do’ but later discover you’re locked into a certain way of doing business. Trying to change your processes down the line impacts productivity, efficiency and culture in a big way, so we recommend buying with your future success in mind.

5. Choose an IT partner

During your set up and moving ahead through growth, you’ll need an IT partner who can not only help with your purchase strategy but support you through any tech problems as they arise. That’s the difference between a partner and a supplier, they’re committed to driving long-term business success.

You’ll be able to call on your partner and know they’re immediately up to speed with your business, they know how IT can help leverage your competitive advantage and which critical systems they should focus on. Getting good tech in place shouldn’t be seen as just an expense. It improves productivity and allows you to serve your customers better while enjoying consistent growth.

If you need an IT partner to help your business grow, give us a call at 570-779-4018.

Why Periodic Security Assessments Should Be Your New Normal

By now you know that building up your cyber security is just as important as building up your cash flow. Both are essential to your success, but while most businesses keep an eye on the financials, they tend to think cybersecurity is something they can set and forget. Unfortunately, cybercriminals are constantly coming up with new methods of attack and the security you had in place yesterday may not be sufficient today.

Instead of reacting to breaches and taking on the costs of downtime, lost files and destroyed trust, a periodic security assessment can identify blind spots that place you at risk. Once you know about these problems, you’re able to proactively setup adequate protection before cybercriminals strike. It’s best to use independent IT experts who can audit your security from an outside perspective, often seeing risks that would otherwise be missed.

Regulations change – Are you affected?

Many businesses are kept to strict government regulations around the way they store, process and protect data. Their operating license depends on staying as secure as possible. All regulations require regular security assessments but they vary in scope and timeframe. As regulations change, so do the security assessment requirements. You can imagine how much stricter they are now compared to just 5 years ago. Our team can ensure your business is meeting the relevant regulations, diving deep to be certain you’re safe.

Security patches and updates are vital

It’s so easy to fall behind on your security patches, after all, it seems like there’s a new update every week and each one takes precious time to apply. What we’re seeing though, is that cybercriminals are targeting any business running late, and it’s basically easy pickings for them. If you’re unpatched where it counts, it’s like inviting them in. When we conduct your security assessment, we take a look at your history and see if your business has a robust patch plan in place and make sure you’re up to date. If there’s an issue that’s placing you at risk now, impacted you in the past, or will in the future, we’ll find it.

Viruses are always evolving

Just like the human variety, computer viruses are nothing to welcome into your workplace. They’re constantly evolving to skip past anti-virus scans and do damage in new and interesting ways. Cybercriminals know people are more aware of the traditional infection methods like downloading an attachment or inserting an infected USB, so they’re getting more and more creative. Your security assessment doesn’t just include ticking that you have the latest anti-virus, it includes identifying where you’ve had the most breach attempts and where your biggest vulnerabilities are. This type of precise awareness has a lasting impact on reducing your risks.

Your business may have changed

As your business has grown over the years (or shorter if you’ve experienced a recent surge), your entire setup has changed. More employees, expanded remote access, additional vendors, supplementary locations…the list really is endless. With each change has come a new risk, particularly if your security has been growing around you. It might be that your password policies haven’t been updated since you began, or that you still have the old voicemail system even though phones are within easy reach of customers. This is perhaps one of the most useful areas a security assessment can help with, as you and your employees are accustomed to the business working in a certain way, whether that way leads to risk or not. Our experts will be able to see things from a different perspective, particularly as we make sure to think the same way a cybercriminal would.

What to do with your assessment results

While many experts might present you with a long list of problems and leave you feeling overwhelmed, our team ensures you have a benchmark for progress. You’ll know exactly what you need to do, how we can help, and perhaps most importantly, which actions take priority. Moving ahead, future security investments will be smarter as you focus on the high-payoff areas. You’ll also know exactly what you’ve done well and where your security strengths lie. Employees will see how much you value security, which helps to create a stable culture, and you’ll be able to report your commitment to customers, confirming they’re making the right choice by staying with you.

Book your security assessment today. Call us at 570-779-4018

Fake Invoice

Fake Invoice Attacks Are on the Rise – Here’s How to Spot (and Beat) Them

Businesses around the world are being struck with a cyber-attack that sends victims a fake invoice that looks real enough to fool to most employees. It’s an old scam that used to see bills faxed or mailed in, but it’s made its way into the digital world and instances are on the rise.

Chances are you’ve already seen some of the less effective attempts, like an email advising your domain is expiring, except it’s not from your host and your domain is nowhere near expiration. These new attacks are more advanced, in that they look completely legitimate and are often from contractors/suppliers you actually use. Logos are correct, spelling and grammar are spot on, and they might even refer to actual work or invoice numbers. The sender name may also be the normal contact you’d associate with that business, or even a co-worker, as cybercriminals are able to effectively ‘spoof’ real accounts and real people. While it’s worrying that they know enough about your business to wear that disguise so well, a successful attack relies on you not knowing what to look for, or even that fakes are a possibility. With that in mind, here are two types of invoice attacks you might receive:

The Payment Redirect

This style of fake invoice either explicitly states payment should be made to a certain account, perhaps with a friendly note about the new details, or includes a payment link direct to the new account. Your accounts payable person believes they’re doing the right thing by resolving the invoice and unwittingly sends company money offshore. The problem usually isn’t discovered until the real invoice from the real supplier comes in or the transaction is flagged in an audit. Due to the nature of international cybercrime, it’s unlikely you’ll be able to recover the funds even if you catch it quickly.

The Malware Click – Rather than go for the immediate cash grab, this style of attack asks your employee to click a link to download the invoice. The email may even look like the ones normally generated by popular accounting tools like Quickbooks or Xero, making the click seem safe. Once your employee has clicked the link, malware is downloaded that can trigger ransomware or data breaches. While an up-to-date anti-virus should block the attack at that stage, it’s not always guaranteed, especially with new and undiscovered malware. If it does get through, the malware quickly embeds itself deep into your systems, often silently lurking until detected or activated.

How to Stay Safe

Awareness is key to ensuring these types of attacks have no impact on your business. As always, keep your anti-virus and spam filters up to date to minimize the risk of the emails getting through in the first place. Then, consider implementing a simple set of procedures regarding payments. These could include verifying account changes with a phone call (to the number you have on record, not the one in the email), double checking invoices against work orders, appointing a single administrator to restrict access to accounts, or even two-factor authorization for payments. Simple pre-emptive checks like hovering the mouse over any links before clicking and quickly making sure it looks right can also help. Like your own business, your contractors and suppliers are extra careful with their invoicing, so if anything looks off – even in the slightest – hold back on payment/clicking until it’s been reviewed. Fake invoices attacks may be increasing, but that doesn’t mean your business will become a statistic, especially now that you know what’s going on and how you can stop them.

We can help increase your security, talk to us today. Call us at 570-779-4018