Home » Blog » management

Tag: management

hacked email

Marriott Hotels Exposed 500 Million Customer Records. Make Sure Your Business Doesn’t Suffer the Same Fate.

Up to 500 million travelers could be compromised as hotel chain Marriott International have announced a security breach in their guest database. Analysts recently alerted the firm to a vulnerability that has granted hackers access to the hotel chain’s systems since 2014.

The firm announced their Starwood Preferred Guest (SPG) loyalty program was compromised for an extended period which left customers vulnerable. The exploit exposed critical guest information which included names, addresses, passport numbers, and dates of birth. Marriott also announced an unknown number of customers had encrypted credit card details stolen in the attack.

If you have been a member of Marriott’s Preferred Guest Program or a customer of Marriott hotels in the past, you should take steps today to ensure your data security. By doing so, you can protect your finances, prevent identity theft, and defend your data from attackers looking to exploit an opportunity.

Secure Your Data

Changing your Marriott password should, of course, be the first step to protecting your accounts. Even more importantly, sites where that same password may have been reused should be updated with new credentials too. Hackers commonly try details stolen from one site to access popular services and pages. We encourage everyone to use a password manager to store their details for safe use in the future. A good password manager enables unique, random, and strong passwords to be used with ease for every single website.

While we can’t stop hacks on systems outside of our control; we can defend our other accounts from being accessed by criminals.

With secure password management, attacks on your business services or related accounts from a single hack are made impossible.

Performing Damage Control

The damage to the Marriott International brand following news of the leak will be undoubtedly huge. At a minimum, they have lost the trust of their customers worldwide. Asking customers to leave their personal and financial details again to pay for goods and services will be no small feat.

News of the hack made front page news as it broke, further damaging the firm’s reputation among potential future customers too. As a result of a simple security attack, Marriott International will be forced into damage limitation to keep customers returning to the brand. This is why business security matters to us; when done right it’s cheaper by far.

The total cost of this latest attack won’t be known for years to come. The firm is vulnerable to lawsuits worldwide, in some cases liable for financial losses, and required to purchase identity monitoring and security services for affected customers. Business owners can learn from Marriott’s costly lesson.

Stopping an Attack in its Tracks

Marriott’s security breach was recently discovered, hitting the headlines just this week, but the firm admitted unauthorized access took place since 2014. This means the firm had a security hole for four years that they were unable to detect or patch.

For a firm of any size, this should be unacceptable. As business owners, we shouldn’t accept security vulnerabilities that leave our records, finances, or services open to hackers. As customers, we shouldn’t accept our data being treated so carelessly. The recent Marriott hack underlines the need for businesses to maintain constant network monitoring, regular security updates, and a lockdown on data access.

Protect Your Business and your Customers – Any business can find their systems vulnerable to attack at some point. Whether waiting for updates, a newly released zero-day hack, or malicious employee; responsible firms take steps to limit their liability.

As a rule, staff accounts should be locked to only the systems the regularly need to access. Similarly, customer data should only be open on an as-needed basis when a legitimate requirement exists. These steps, alongside systems and data monitoring, prevent a small-scale attack resulting in an enormous data breach. Strong security enables customers to place and maintain their trust in a brand they can keep coming back to again and again.

If your business could use a security update to protect against a Marriott style attack in the future, give us a call today at 570-779-4018.

IT Life-cycle Plan

Stay Ahead of the Curve with an IT Lifecycle Plan

All appliances have an effective lifespan. Computers are no different. In some cases, parts physically fail after years of service, in others they simply become too slow and too ineffective to keep doing the job. Hardware failures and IT issues can cost big in productivity losses, urgent fixes, and unintended downtime.

Improving productivity and lowering costs are the primary driving factors in why many modern businesses choose to adopt IT life cycles.

IT Life Cycle

The IT life cycle aims to make IT budgets predictable, manageable, and reduce costs across the department.

This process starts with a thorough plan outlining the demands of the business. By looking at how and where equipment is deployed we can make the most out of the resources throughout the business. The first step is to reduce equipment duplicated and underused within the firm.

With a big picture approach, equipment can be scheduled for upgrade or replacement at predictable intervals based on use. With a plan in place, the focus of the life cycle can shift to resource procurement. As equipment approaches the end of its effective lifespan it can be brought in for replacement, repair, and recycling. Old hardware and components are often reused and recycled in new roles as they are decommissioned from their primary role.

By maintaining as many usable parts as possible we help lower costs of keeping efficient hardware in the front line business environment. This approach helps a huge number of businesses keep modern, up to date hardware in crucial roles where it can serve the biggest impact for the business.

Making the most of resources

Computers in a busy business environment will always need eventual replacement over time. It is important to plan and prepare for this end of service life to limit unplanned downtime, increasing costs and losses in productivity. Doing so helps to plan a regular, predictable IT budget, less prone to sudden financial spikes.

The IT life cycle additionally allows the business to stay on top of software licenses, upgrades and Operating System changes. By cycling old and out of date systems from the network, security vulnerabilities are dramatically reduced and easier to patch.

Additional financial security comes from manufacturer warranties for businesses that adopt the life cycle. As new equipment is purchased into the firm, manufacturer warranties provide guarantees about the handling of defects and hardware issues. This warranty may cover all, or most of the duration of the equipment’s intended life cycle.

The extra coverage provides an extra layer of financial protection from unpredictable IT issues.

In control with information

Tracking the life cycle of your own firm provides invaluable metrics about how equipment use and deployment within your own production environment. Armed with this unique knowledge, better purchasing decisions can be made to equip your business with the tools needed to succeed.

Budgets can be put to better use, getting the important high-value resources to the places in the businesses that need it most. The ones where they will generate the most value for the firm.

A key factor in getting the most from your firms IT is making sure the resources put into the company don’t sit idly on a shelf after purchase. The insight gained from metrics related to the life cycle ensure that management stay fully informed.

A complete picture puts your business back in control of its IT by allowing you to choose the best, most efficient, and most cost-effective time to replace critical IT. Firms can plan replacements and servicing outside of busy periods so they can operate without interruption and know their IT is fully serviced when they need it most.

Planning for the future

With a fully planned, fully prepared life cycle, IT budgets can be planned in detail for years to come. Everything from printers to operating systems can be prepared on a tightly controlled schedule.

Businesses worldwide have adopted IT life cycles as a way to eliminate unwanted surprises, lessen productivity losses, and make the most out of IT budgets. Implementing or redesigning your own IT life cycle can greatly improve the way your business operates.

Talk to us about how you currently do IT today and we’ll see if we can’t make the life cycle work for you. Give us a call at 570-779-4018.

Unified Threat managment

Why Your Business Needs Unified Threat Management

Sounds scary doesn’t it? Almost like a swat team dressed in black is going to swing in and start yelling orders. While just as effective at disabling the bad guys, Unified Threat Management (UTM) is a special kind of IT solution focused on proactive protection. Consider it more like a team of virtual bodyguards that stand at the door between your business and the internet, keeping trouble out while your legitimate traffic can come and go normally.

With the increasing number of connected devices in your business network and the different ways your employees now connect, it’s more important than ever to set up dedicated security systems that give integrated protection. UTM is a series of solutions that work together, simultaneously layering your protection across the board. We’ll cover the four main inclusions here, and exactly what they can do for your business.

Robust Firewall

Put simply, a firewall keeps an eye on all the data coming in and out, looking for anything abnormal. While every home PC comes with a software firewall built in, those ones pale in comparison to what a UTM firewall can do. Remember the team of virtual bodyguards? Imagine the home firewall asking nicely if the data should be doing that, while the UTM slams the data to the ground and demands credentials. It exists to make sure the data entering your network is safe, that it’s not part of a cyber-attack, and that in the rare event your network becomes infected, your servers aren’t being used to attack another business.

Anti-virus Where it Matters

With so much new malware being released daily, it’s easy to fall behind in updates and discover you’ve been infected. Your employees are likely doing their best, but manually scanning each file can be exhausting and time-consuming. Your UTM anti-virus is built into the firewall, ensuring known or suspicious malware is stopped at the door. It doesn’t even make it through to your employees, so the risk is removed. Clearly that’s the best outcome possible and will allow your employees to work at maximum efficiency, while you can run your business with confidence.

Spam Blocking

Most cyber-attacks come via email these days, with either an attachment or a link. Once clicked, the malware is released into the network to wreak havoc. Obviously, your employees are smart enough not to open random attachments/links, so hackers use phishing emails. These are emails that look legitimate and may refer to vendors you use, financial services you have accounts with, or even seem to be from other employees. Your UTM isn’t falling for any of those disguises, it strips down each email and checks it against high-tech legitimacy markers. If it sees anything suspicious, the email is marked as spam and either held for review or bounced away.

Your employees never see the attack, so they can’t accidentally fall for it. While the UTM is monitoring for phishing/fake emails, it’s also culling out the general spam that clogs up inboxes. Employees will no longer have to spend precious minutes each day wading through the junk, and the likelihood of missing an important customer email has greatly dropped.

Content Filtering

In a perfect world, your employees would only access work-related sites and do work-related things online. Content filtering can help you limit the risk they’re bringing into your business via these websites. Your UTM can be set to restrict sites that infect computers, such as adult content, gambling or illegal downloads. It can also be used to restrict access to productivity vampires like Facebook or Pinterest, either during work hours or completely. It’s up to your policies how much you’d like to filter and whether to add any flexibility. Some businesses allow social media during lunch breaks or have special reward hours each week. Simple tweaks like this can increase productivity overnight and give you the security you’re looking for.

You can see how a layered security solution like UTM provides a space for your business to thrive, where systems are secure, employees are able to maintain efficiency, and cyber problems stay outside the doors. The way the layers work together is more effective than a patchwork of separate systems, and a UTM is much easier to configure and maintain.

We can find the right UTM solution for your business. Call us today at 570-779-4018!

6 Simple Tips to Protect Your Customer Data

As cyber-attacks continue to make headlines, hackers are exposing or selling customer data files in record numbers. But just like with any threat, there are actions you can take to minimize risk and ensure your business retains a positive reputation among customers.

  1. Stop using the same password on repeat. Set a mandate for all staff that passwords must be unique for each user and for your workplace. That means it can’t be remotely like the one on their home PC, tablet or online banking. Passwords are hacked more than ever, so when you’re prompted for a password change, dig deep and really think about what goes into a hacker-proof password. If remembering them is a problem, consider one of the latest password management tools.
  2. Go on a shredding spree. How much sensitive data is being dumped into the recycling bin? Valuable customer data is often taken from the bins of small businesses and quickly sold or published. It’s not just good practice to shred sensitive documents, it’s the law. Take 5 seconds to run documents through the shredder or book in the services of a secure shredding company.
  3. Ditch the accounting spreadsheets. Still using an Excel doc for all your number-crunching? Besides making your accountant’s job harder (and more expensive), you’re opening your business to a massive range of vulnerabilities. Even with password-protection, spreadsheets aren’t designed to safeguard your financials or those of your clients. Upgrade to a proper accounting solution with built-in customer data protections and security guarantees.
  4. Train staff explicitly. You can’t rely on common sense because what you think is a given might be news to someone else. It can be extremely beneficial to hold special data-safety training sessions once or twice a year as a reminder, as well as take the time to induct new staff into the way things are done.
  5. Limit access to data. Just like the bank manager who guards the keys to the vault, you can limit who accesses your data. Revoke employee access as soon as they leave your business for good, and set rules around who can access what – and when. Do they need access to sensitive information while working from home? Should they be able to change the files, or only view them?
  6. Keep your software updated. Possibly the most preventable hack, having outdated software can be an open invitation for cyber-criminals. They look for known weaknesses in business software and waltz right in. While the nagging pop-ups and reminders to update can feel like a selling ploy, they’re actually helping your business to stay in the safe zone. Updated software gives you protection against new viruses and hacking techniques, plus closes off those nasty weaknesses.

If you would like to make sure your business is secure from data breaches, give us a call!

When is Your Business Ready to Move to the Cloud?

By now you know that the cloud isn’t going away anytime soon. In fact, cloud computing has become a natural step in business growth, thanks to the numerous (and continually growing) benefits. More and more applications are coming out in web-based form and staff are exceptionally comfortable with this type of change. So when is the right time to move your business computing to the cloud?

Many businesses are facing this question now that cloud computing has become a mainstream norm. After all, you’ll be able to roll out new apps in days, not weeks, and nobody ever says ‘no thanks’ to increased security and efficiency. Like any strategic business decision though, timing is everything. Here’s how to assess your need before you make the switch:

Age of servers and workstations

If your workstations and servers are reaching their end of life and a large capital investment is coming up, you’ll be able to minimize the expense by moving to the cloud. You may even be able to skip certain upgrades completely. Your staff will still need devices to access the cloud data, but you’ll have a lot more flexibility in your choice and they won’t need to be as powerful. This can be a huge cost saving made in just moments.

Need for remote and mobile access

Many businesses are growing while on the move, with a mobile workforce needing to access files from anywhere at any time. This could range from moving around the one location, between offices or even working from home. Forget frustrating connections and lost productivity, cloud computing allows staff to work securely and efficiently from any location with internet access.

Current support setup

If your business currently outsources all your network management, you’re perfectly suited for the move to cloud computing. Network maintenance and monitoring becomes a non-issue, handled 24/7 as part of your cloud service. Network efficiency just keeps rising too, as your cloud provider is always improving their systems. You’ll find problems are fixed before you knew they existed, and server downtime becomes a thing of the past.

Need for predictable IT costs

If it feels like IT costs can spiral out of control at times, challenging your budget and patience, cloud computing will seem like a dream come true. When you make this shift, you’re moving from a capital expense to an operational one – server and system replacements are no longer your concern. You’ll be able to budget for IT costs in advance, knowing no blowouts are hiding around the corner. Monthly costs are known and (usually) capped based on what you use, leaving your cash flow much relieved.

Today’s cloud computing is more advanced, secure and priced more competitively than ever before. At its core, cloud computing is purely about doing things better, and it can have a massive impact on your profits, productivity and even staff satisfaction rates. If your business requires a robust, always available infrastructure with easy monthly costs, it’s time to take a serious look at your cloud computing options.

We offer a variety of cloud services to help your business. Give us a call to discuss how we can improve your business IT.