Fred Rappuhn, Author at NuTech Services LLC

Aug, 2021

These Are the Most Likely Threats Your Small Business Will Face

Data breaches are a well-known fact in the business environment, and small businesses in particular have many challenges that threaten their operations. It is important that you consider these security issues when putting together your risk management strategy, especially as it pertains to cybersecurity. Let’s take a look at how you can overcome some of the security challenges present for small businesses in 2021.

Phishing

Phishing is a major concern for small businesses as these attacks make up a significant portion of cybersecurity situations. Phishing is more of a scam than an official hack, but it is problematic cybercrime all the same. Phishing attacks can come through any form of communication for your business, be it social media, email, and phone calls. The scary part is that it only has to work once to cause trouble for your company.

Here’s an example of how phishing works. If a member of your staff were to accidentally click on an attachment in an email that they think has something to do with their job, they might find that the email installs malware on your network. This method is not limited to malware; it can install trojans, viruses, or even ransomware.

Phishing can be hard to counter, as hackers have developed sophisticated phishing schemes that can make keeping up difficult. You need to train your employees to ensure that they will be more likely to spot potential phishing attempts.

Poor Passwords

It is unfortunate that poor passwords are one of the biggest reasons why security breaches occur. Just like phishing strategies, hackers have implemented sophisticated measures that allow them to not only guess passwords, but guess countless passwords in a short timeframe. Furthermore, social engineering tactics can be used to guess poor or duplicated passwords with ease.

Password security is an aspect of your cybersecurity infrastructure that bleeds into every other aspect of it. Your employees use passwords to access just about anything online, and while duplicate passwords are easy to remember, they are a far cry from the level of security that your organization needs to be successful. Password best practices are one way to shore up this weakness. Passwords should be complex and changed on the regular to keep them from being stolen, guessed, or compromised.

Holes in Software

Software is often updated to account for security issues and holes that are discovered after the fact, and developers respond periodically to these issues. If you fail to patch your software, you could go about operations with major security issues and run the risk of exploitation. In other words, these holes in software are essentially open doors that hackers can use to infiltrate your network.

The best way to address these vulnerabilities is to keep them from becoming major problems in the first place. By this, we mean regularly patching your software and applying updates as they come out. This will close these open doors and enable you to protect your assets.

NuTech Services can help your business prioritize security. To get started, we recommend contacting one of our IT experts who can discuss with you all of the cybersecurity solutions we offer. Don’t wait any longer—give us a call at 810.230.9455!

Jul, 2021

How a Mismanaged Cloud Can Undermine Your Security

There is no denying that the cloud has become one of the most popular options for a business to obtain the tools required for their operations. Despite this, it is equally important to acknowledge that there are many ways that the cloud could facilitate security threats if not managed properly. Let’s go over some of the issues that must be addressed if a business is going to successfully leverage cloud technology to its advantage.

Misconfigured Cloud Settings

While cloud tools and solutions have the potential to be highly effective, they need to be set up properly before they can meet this potential with any hope of remaining secure. As the cloud is supposed to be an accessible tool to help facilitate productive collaboration, any accidents or errors could create challenges that would work against that goal. One common outcome of these challenges: security shortcomings and vulnerabilities.

To this end, it becomes especially crucial to your business’ security (and by extension, its success) that all settings in your cloud are reviewed, checked, and otherwise confirmed to be correct on a fairly regular basis.

Ineffective Access Controls

One of a cloud solution’s greatest business advantages is the fact that access to the resources it holds isn’t tied to one location, greatly simplifying processes like remote work by enabling your team to utilize these resources whenever they need them wherever they are working. Having said this, it can become a challenge to simultaneously restrict data to only those who have the proper authorization to do so without properly implemented controls in place

In addition to this, you should also bear in mind how much a cybercriminal will tend to lean on the human element of a business as an exploitable weakness. To combat this, it is important that your team members are instructed on how to create secure passwords.

Targeted Attacks

Back in the day, businesses had a relatively short list of threats to deal with, effectively boiling down to theft and vandalism. Now, however, the nature of our connected workspaces means that a far greater variety of threats could potentially harm a business. Cyberattacks are numerous, profitable for the cybercriminal, repeatable, and vastly varied in how they are shaped.

While modern organizations have the same concerns about theft and vandalism, they now need to worry about many different resources being stolen. Sure, they could have finances taken away, but they could also lose their customers’ payment information or protected data. This could result in fines, lost confidence from their market, legal action, and might even necessitate costly compensatory damages to be paid to those affected. Other threats don’t focus on a business’ finances, but on their productivity or even reputation. Denial-of-service attacks and ransomware get much of their leverage by preventing the targeted business from operating effectively. Plus, how motivated would you be to continue supporting a business that allowed your data to be exfiltrated, opening you up to identify theft?

With so many businesses moving to the cloud without properly paying attention to the security standards we reviewed above, cybercriminals now also see it as an opportunity for their purposes. Diligence and preparedness are both critical to preventing their success.

Employee Behaviors

Finally, one of your greatest assets could very well be one of your greatest challenges when it comes to securely utilizing cloud resources: the team members you’ve brought on to keep your business running. Without the proper instruction, your team may not adjust to the cloud as smoothly as one would hope, potentially creating vulnerabilities that a cybercriminal could take advantage of.

Alternatively, there is always the chance that your team has someone less-than-trustworthy amongst its ranks, and this individual could potentially use their access to abuse the data your company relies on. The cloud’s accessible nature does make it more challenging—but not impossible—to detect such activities.

Turn to us for help with dealing with these cloud security challenges.

Our team of professionals has the experience and insight necessary to effectively spot cyberthreats that could negatively impact your business’ use of the cloud, and are ready to help you mitigate these efforts. To find out more about what we can do for your business and its security, reach out to us at 810.230.9455.

Jul, 2021

What We Can Learn from the Ireland Health Service Ransomware Attack

In May of 2021, Ireland’s Health Service Executive, which handles healthcare and social services to the Emerald Isle’s nearly five million residents, was the target of a massive ransomware attack. Even as businesses and municipalities from all over the globe have been dealing with this plight, we mention this because of the aftereffects of this situation. Today, we take a look at the situation and what can be learned from it.

The Irish HSE Ransomware Attack

On May 14, 2021, the HSE was targeted by a hacking collective known as the Conti Ransomware Gang. The health service then received the instructions that the perpetrators would immediately release the patients’ data to the public unless they paid the ransom of $20 million in bitcoin. After a few days of deliberation, the government agency agreed to pay the sum (a practice that those of us at NuTech Services do not recommend). In turn, they got the decryption key.

Sad to say, this is not where this situation ended.

Data Restoration is Problematic

With the working decryption key in hand, and a nation of people that depend on their service, the HSE went ahead and started the restoration process. Turns out, it is difficult. HSE is still having problems restoring data systems to their previous state and it has led to bottlenecks inside the nation’s healthcare system.

The reason is that restoring data, especially on a scale such as this one, is an arduous task, and with new protocols and protections being implemented by HSE administrators to help avoid this type of problem in the future, it is taking much longer than expected. This means costs rise and people don’t get the care they need. As of this writing, it remains a real problem for the people of Ireland.

What Your Business Can Take Away From the HSE Ransomware

No matter what your business is, getting hit with ransomware is a pretty scary situation. One thing that every company or organization can take away from this situation is the need for comprehensive training for phishing and other scams to minimize the chances of getting ransomware through typical means. You also should be monitoring your network to ensure that if something were to make it past your defenses that more can be done to thwart a major catastrophe like ransomware. You should also have a comprehensive backup in place to help protect the continuity of your business.

At NuTech Services, we can help you identify your organization’s cybersecurity weaknesses and help you put in policies and technology that will help you keep ransomware off your network and be ready for any type of problem should it arise. Reach out to us at 810.230.9455 today to talk to one of our skilled consultants.

Jul, 2021

Obvious Signs You are the Target of a Hacking Attack

If a hacker were to find themselves on your network or within one of your accounts, would you be able to detect them and eliminate them? Today we want to share some of our best strategies for how you can identify the warning signs of a hacking attack, as well as how you should respond. This is particularly important for a workforce that is working remotely, so we hope you take these tips to heart.

Monitor Failed Password Attempts

Passwords are a terribly important part of keeping your information secure. Not only do they prevent unauthorized access to accounts and important data, they also inform you of when someone is actively targeting you. This helps to protect your data, especially when you have remote employees accessing your network.

The problem here is that devices with remote desktop protocols enabled on them, like the ones your remote users are likely utilizing, are quite easy for hackers to find and target if they aren’t configured properly. These devices are often targeted by brute force attacks. In these cases, a hacker will bombard a password requirement with every possible option until they discover the correct password.

When remote protocols are properly configured, too many failed password login attempts will lock down the device and send you a notification to inform you of the failed attempts. When this happens, you reach out to the user and confirm that they were simply having problems with their password. If the failed attempts were not from the employee, then you know that the credentials were stolen.

This level of oversight allows you to prevent brute force attacks from becoming an issue, as locked password attempts keep these brute force attacks from being successful.

Keep an Eye on Your Traffic

Experienced hackers can hide their location to keep themselves from being discovered, but many often do not have the ability to do so. Maybe they lack the technical skill or the attack is too broadly distributed for them to cover their tracks. Either way, you can discover if you are the target of an attack by keeping a lookout on where your network traffic is coming from. If anything looks suspicious, then it’s time to investigate.

For example, if your technology infrastructure has never interacted with a server from any given country, but now regularly contacts a domain in that location, then you know that something fishy is going on.

Actively Make Things More Challenging for Cybercriminals

When you make it more difficult for hackers to gain access to your network, they will be less likely to persist and do so. You can make it extraordinarily difficult for hackers to access your network through a variety of methods. For remote desktop protocols, you can customize the configuration rather than using the default settings. Password timeouts and two-factor authentication are also important for network security, as are access controls on your internal resources. All of these tools combine to create a difficult time for your attackers and, thus, a more secure network.

If you would like assistance with your business’ network security, don’t wait any longer. Give us a call! We’ll work with you to ensure that your network is protected against today’s security threats. Learn more by contacting us at 810.230.9455.

Jul, 2021

The Key to Protecting Your Business from Ransomware Is More of the Same

With so many high-profile ransomware attacks being launched against manufacturers, pipelines, and even hospitals, it’s no surprise that many companies are worried about what the future of this threat means for their organizations. Ransomware poses a serious threat, one that cannot possibly be ignored, so we urge you to take action now so you don’t come to regret it later.

Today’s blog is dedicated to helping you take measures to protect your business from ransomware. You will have gained a foundational understanding of the type of threat ransomware is, how it spreads, and what you can do to stop it before it becomes a problem for your company.

What is Ransomware?

Ransomware is a special type of malware that encrypts the files found on a computer or device, essentially locking them down and rendering the user unable to access them. In order to regain access to the files, the hacker responsible for distributing the ransomware demands a payment. In the case of recent ransomware attacks, the payment is usually quite exorbitant and is most certainly not an amount that is budgeted for. Payment is most often requested in the form of Bitcoin or other cryptocurrency. Once the payment is received, hackers claim they will release the decryption key which can begin the process of unlocking the data.

However, we want all businesses to think twice about paying the ransom up-front and in a panic. Paying the ransom is generally counterproductive for a number of reasons. For one, there is no guarantee that paying the ransom will get you your data back. What’s stopping the hacker from accepting payment and just going about their business as usual? The other main concern is that you are essentially funding hackers by giving in to their ransom demands. Furthermore, paying the ransom just reinforces the idea that these types of hacks work, and work well, encouraging hackers to continue pulling off these stunts.

That said, paying the ransom might seem like the only choice at the moment. More and more hackers are implementing dirty tactics that force organizations’ hands when it comes to the ransom. For example, recent attacks have had hackers threaten to release the encrypted data in the event that the ransom is not paid in a timely manner. Doing so puts businesses in a precarious situation; do they pay up and give the hackers what they want, or do they risk their data being released into the wild, potentially subjecting them to fines imposed by strict data security and privacy regulations?

At the end of the day, it’s a lose-lose situation. Therefore, it makes sense to prevent infections in the first place.

How Can You Stop It?

First, you need to understand how ransomware can spread from system to system. At its core, ransomware operates in much the same way as any other type of malware. It can be spread through downloading infected files or attachments, clicking on the wrong links while navigating the web, and other phishing or social engineering tactics used by hackers. Sometimes hackers can utilize holes in your network security to infiltrate and install ransomware on the chosen device. Yes, in many ways, ransomware is no different from your typical malware, but this does not make it any less scary to deal with.

This is good news, as it means that you can double down on tactics used against any other type of malware to protect yourself from ransomware. Through a combination of proactive network maintenance, adequate security solutions, proper data backups and disaster recovery solutions, and training your employees to identify threats, you can be confident that your organization can effectively prevent and respond to ransomware attacks should it need to.

Let Us Help!

No matter how great your defenses, you can never be 100 percent secure from the threats that are out there that could target your business. Therefore, the best you can hope for is that the above measures are enough to deter any would-be security threats. To implement all of the above solutions, NuTech Services can help. To learn more about how you can take proactive steps toward protecting your business, reach out to us at 810.230.9455.

Jul, 2021

How Often Should You Train Your Team on Cybersecurity?

Cybersecurity is an important part of running a business, especially in today’s age of ransomware and other high-profile hacks. It stands to reason that you periodically assess how effective your security practices are and how well-prepared your team is to respond to threats, but how often should you do so? Let’s take a closer look.

How Often Should You Train and Evaluate Your Team in Cybersecurity Practices?

With how commonplace security threats are today, you need to ensure that your security is as comprehensive as possible. While you can implement powerful security software that can alleviate some of the issues related to network security, it is crucial to remember that these solutions are only as effective as your staff’s understanding of network security. You must prepare your team to handle cybersecurity events appropriately. Here are some ways that you can make sure your cybersecurity training is up to snuff.

Regularity

Sharing training materials with your team is great, but the frequency at which it happens can make or break the experience. A once-a-year pow-wow is not going to do the trick, as cyberthreats are far too prevalent and constantly changing for an annual training to be effective enough. More frequent training is going to be more effective for protecting your organization’s network and informing your team on how to do their jobs in the most secure way possible.

Reinforcement

When we talk about reinforcement, we mean taking what is learned during these training sessions and applying it to real-life scenarios. In other words, showing rather than telling. If you simulate cyberattacks that show how real-life threats operate, you can test your employees’ abilities to react to them.

How Often Should You Train, and Test, Your Team?

Proper security training is not something that happens once; it’s something that happens regularly throughout an employees’ tenure at your organization. Today’s threat landscape is always trying to one-up security standards, and if you fail to keep up with these constantly evolving threats, you are placing your business at risk needlessly.

NuTech Services can help your business establish security standards and safeguards that can keep your business safe, as well as assist with the training of your employees to best understand these standards. To learn more, reach out to us at 810.230.9455.

Jul, 2021

Clean Up Your Computer with These Digital Clutter Practices

Computers are supposed to make life easier, and in a lot of ways, they do. However, using a computer can get complicated at times, especially when you are working with tons of files, applications, and resources on a daily basis. This can lead to a ton of digital clutter, which can be counterproductive and time-wasting. Let’s learn about how you can reduce digital clutter on your work PC.

Your Files

A common practice is to save files to the desktop so that they are easily accessible at a later date. While this does make things easier short-term, imagine saving one new file to the desktop every day for a month without removing any of the old ones. There is a saying: “A place for everything and everything in its place.” You can apply this line of thought to minimize your digital clutter. Set up a folder system for your files and make sure that you can store them in the appropriate places.

Keep in mind, most workplaces require that work-related documents get stored on the server. If that’s the case, you shouldn’t be keeping important or sensitive information on your desktop in the first place. Your server or network directory that is in place is likely being backed up and protected, while your desktop computer might not be in most cases.

You can also cut down on digital clutter by deleting unused or unnecessary files. One folder that is almost always cluttered is the Downloads folder. More often than not, you have files here that you haven’t looked at since you downloaded them, and there is almost certainly a better place for them all if they are even necessary in the first place. We recommend routinely cleaning up your files so that things don’t get too cluttered over time. For system files, however, do NOT delete these. If you ever have any questions about which files are okay to delete, you should contact your IT resource.

Your Programs

Sometimes you might download software because it solves an immediate problem at that moment, then never use it again. That application is now taking a little space on your computer and if you aren’t keeping it updated, it could lead to vulnerabilities. This is why we recommend that you uninstall unused applications. Ask yourself the same question as before; do you get value from this program? Have you used it at all in the past couple of months?

We do want to put a slight disclaimer here, though. You should always check with your IT staff or trusted IT resource, like NuTech Services, before ever trying to uninstall an app. This is especially true if you don’t know the purpose the application serves. It might actually be there for a very specific reason, so it is always better to err on the side of caution.

Your Media

As time progresses, you likely accumulate all kinds of media, from pictures to videos to music. All of this can create a lot of clutter on your device. The solution here is simple: ask yourself the question, “Do I get value out of this?” This question is at the heart of the minimalism concept and can be applied here, too. For example, you might have gone on vacation and captured a bunch of great photos, but we are willing to bet that you also captured a bunch of not-so-great ones. Why hold on to them?

It’s important that you have a place where you can store all of this media in a convenient and organized space. For this, as well as any other personal file storage needs, we recommend a good cloud solution. For business owners looking to securely store documents in the cloud, we can help with that too.

Implement a Cloud Solution

As you might expect, technology has provided a solution to many of the common problems that organizations run into. Chief among them is cloud computing and cloud storage, offering an excellent way to minimize digital clutter on your devices.

NuTech Services can work with your business to implement the best cloud solutions for your needs. Get started today by chatting with one of our skilled and knowledgeable technicians about how your organization can best utilize the cloud. To get the conversation started, reach out to us at 810.230.9455.

Jul, 2021

Be Aware of This Upcoming Google Drive Link Sharing Concern

It is certainly important that you update your software and hardware with the latest patches and updates, but it is also important to keep in mind that while these patches and updates resolve certain issues, these updates can also create problems of their own. An upcoming update to Google Workspace is the perfect example of this.

What’s Going to Happen with Google Drive?

Professionals who use Google Workspace for collaboration should be familiar with the link-sharing feature that Drive provides. Basically, it lets you share documents you are working on via a link. These documents can have varying permissions depending on who you are sharing them with, giving you quite a bit of flexibility when it comes to collaborating with others. You just copy the link, share it, and get to work.

The previously mentioned update, however, complicates things a bit. For links generated before the updates, you might run into some complications.

Some Links Will Break

The long and short of it is that once these updates are applied, a resource key will be added to the URLs created when sharing a link. This will cause there to be an influx of new access requests for businesses to manage.

According to Google’s official support page, admins can choose how to apply this update until July 23. After July 26, end-users will start to receive notifications informing them that any files managed will be impacted by this new change. If admins allow it, users can choose how these updates apply to their files until September 13.

Need Help?

If you’re unsure of how this change will impact your business, let NuTech Services help you navigate this issue. We can help by providing comprehensive IT management tools for your business. To learn more about what we can do for your organization, reach out to us at 810.230.9455.

Jul, 2021

Unpatched Vulnerability Leads to Remote Factory Resets in Western Digital My Book NAS Devices

Imagine going to log into one of your devices only to find that it has been completely wiped of any files located on it. Furthermore, imagine trying to log into your online account to manage the settings of said device, only to find that the password you know is correct is being identified as incorrect. This is the experience that many users of Western Digital’s My Book NAS device are currently going through, and it’s suspected that it is all because of an unpatched vulnerability.

The device in question, the Western Digital My Book, is a network-attached storage device that gives users the ability to remotely access files and manage devices. This is notable, as they can do so even if the NAS device is secured with a firewall or router. Bleeping Computer reports that some users are unable to log into their NAS devices, the reason being an “Invalid Password.” Since the devices appeared to be factory reset, some users tried the default login credentials but had no luck accessing their devices or recovering their files.

After some investigation, users discovered that the devices received a remote command to perform factory resets. Bleeping Computer reports that this attack is an odd one in terms of remote command attacks, mostly because the device in question is secured behind a firewall and communicates exclusively through the My Book Live cloud servers to issue remote access. Therefore, it makes sense for some users to assume that Western Digital’s servers were hacked, although they do mention that it is strange that the attack deleted files rather than issuing ransoms, such as with other threats like ransomware which are designed to steal data or encrypt files.

Although Western Digital is investigating the attack, Bleeping Computer does detail a statement issued by the company, stating the following:

“If you own a WD My Book Live NAS device, Western Digital strongly recommends that you disconnect the device from the Internet. ‘At this time, we recommend you disconnect your My Book Live and My Book Live Duo from the Internet to protect your data on the device,’ Western Digital said in an advisory.”

These WD My Book Live devices have not received updates since 2015, so it’s unsurprising that a vulnerability surfaced. Still, this situation should be a reminder that it is beneficial to consider upgrading from unsupported devices to those that are actively receiving patches and security updates. That said, failing to administer patches and security updates as they are released is just as bad as using unsupported devices, so the responsibility falls on your shoulders to make sure that you are using technology that isn’t putting your organization at risk.

Need a Hand with Upgrading?

NuTech Services can help your organization take care of any updates to its technology infrastructure. Especially in today’s age of massive security breaches and considerable cyberthreats, it has never been more important to make sure that your network is protected in every conceivable way. To learn more about what we can do for your business, reach out to us at 810.230.9455.

Jul, 2021

HDD vs SSD: What’s Best for Your Business?

When you purchase new technology for your organization, the decision is not always clear-cut. One decision that can be difficult is whether to implement hard disk drives (HDD) or solid state drives (SSD) for your desktops or other technology solutions. To help you make the best and most educated decision possible, we’re here to explain the differences and help you make the best choice.

Hard Disk Drives

Hard disk drives utilize spinning, rotating disks that write data to the drive. As you can imagine, this makes them a bit more prone to hardware failure than SSD, but don’t let this dissuade you from seeing their benefits. Compared to their SSD counterparts, HDD storage is cheaper and comes in extremely large storage sizes. This makes HDD great for storing large files such as images, videos, games, or audio. In general, the price per gigabyte for HDD storage is much lower than that of SSD, making them more budget-friendly.

Solid State Drives

Speed is the name of the game with SSD drives. Since SSD uses flash storage, it is able to load that data quicker and more efficiently than HDD. Furthermore, since they utilize flash storage rather than the spinning components used in HDD technology, they are less prone to hardware failure, though their ability to read and write data does degrade a bit faster than that of HDD. Historically, SSD has been more expensive than HDD, but it should be mentioned that the price of SSD storage has never been lower.

Which Storage is Best for Me?

At the end of the day, SSD and HDD have different benefits that lend themselves to certain tasks. On the SSD side, since it runs at higher speeds and is more structurally stable, it’s ideal to store your operating system. On the HDD side, since it is generally cheaper and easier to purchase large amounts of data storage, it is beneficial to consider them for this purpose. Ultimately, you should only make decisions like this after weighing the appropriate costs to their potential benefits.

If you’re not technologically proficient, however, it’s not always clear what the right answer is. This is why it’s okay to rely on professionals like NuTech Services for this task.

NuTech Services can help your business procure any new hardware, and you can rest assured that any solution we suggest is made after careful consideration of your organization’s specific needs. To get started with the best technology solutions on the market, reach out to us at 810.230.9455.

Jul, 2021

A Knowledge Base System Is a Great Tool to Streamline Operations

If your business wants to improve operations, one way it can do so is with an in-depth knowledge base that encompasses its policies and procedures for anyone who might work for you or take advantage of your services. Businesses that are well-documented have a much easier time when it comes to onboarding new talent, and with a thorough enough knowledge base, customers and vendors will have an easier time working with you, too. Today we are discussing the different types of knowledge base systems and why they might be a good fit for your business model.

What Knowledge is Needed?

First, you need to determine what information you plan to include in your knowledge base. If you have no clue what to include, you might include too much information from too many topics, leading to far too much to dig through. On the other hand, failing to include enough information is just not going to be enough to help anyone. Consider who your audience is and what information would benefit their day-to-day duties.

If you can determine the information you want to share with your customers and staff, you can more effectively implement your knowledge base. What are their needs and concerns? What questions do they have for you? What part of your business receives the most requests for support? If you can answer these questions, you should be set to move on.

What Type of Knowledge Base Are You Focused On?

There are six types of knowledge bases, each with their own benefits and issues. Here are these types of knowledge bases, as well as what you must consider for each of them.

Internal: Internal knowledge bases are used by your employees, and they typically hold information about your policies and procedures with the main goal of making their jobs easier or more efficient.
Hosted: Hosted knowledge bases are hosted in the cloud and aim to make things easier for employees, customers, and vendors.
Self-Hosted: Similar to a hosted system, the self-hosted knowledge base works in the same way, but it is hosted on-site on company servers, allowing for more enhanced security.
Customer: Used to provide information for customers exclusively. Some businesses opt to just use a FAQ system, but this is still a good opportunity to provide support.
External: External knowledge bases are publicly accessible and available, and they are particularly helpful for marketing or sales teams for establishing a customer base.
Open-Source: Open-source knowledge bases, like wikis, are those that anyone can edit. These aren’t always great options for small businesses, but they can be valuable assets for those who want to gather like-minded individuals who are passionate about specific topics, and could be either used internally, or externally.

Businesses tend to lean toward the hosted or self-hosted options, as they are ideal for supporting both employees and customers.

What Kind of Content are You Creating?

Based on the results of your research in step one, you will want to connect with experts to build content for your knowledge base system. This will not be a short process, but once it is complete, you could potentially see a great return on that investment in enhanced productivity. You should always keep things simple when possible. If you use a question and answer system that is clear and easy to search, your knowledge base system should be able to provide answers that are clear, readable, engaging, and flexible.

Are You Reinforcing Your Content?

After building your knowledge base, you should update it periodically to make sure that it stays up-to-date and relevant. After all, workflows that applied six months ago but are no longer used are not going to help a new employee who was just brought on. Ask yourself every so often what information is needed and what information is not needed or no longer relevant.

NuTech Services can help you implement a knowledge base system that will reinforce your staff and streamline operations. To learn more, reach out to us at 810.230.9455.

Jul, 2021

Don’t Let Your Inbox Be a Source of Stress

What does your email inbox look like? Do you keep it clean for the most part, or do you let it get out of control because of how many email lists you find yourself on? If you find that you have a lot of trouble with managing your email inbox, well, read on. You’ll find some tips for how you can effectively manage and potentially even clean up your inbox!

First, it’s important to limit how many emails actually enter your inbox. Here are some ways to do just that.

Send Fewer Emails In General

This one is simple in theory. If you send fewer emails throughout the day, you will receive fewer emails, thereby cutting down on the amount of clutter in your email inbox. By design, email is best utilized as a passive method of outreach rather than an active one, so if you take action to send fewer emails, you should start to see some results, even if they are only small ones initially. As with most things, it takes building a routine to build a habit.

Plus, let’s be real here; how often have you sent emails when you could have instead just gotten a more immediate response with a phone call or instant message? While these methods might be reserved for the more pressing issues you face, you might be surprised by how much relying on these other methods of outreach can change your communication dynamic for the better.

Unsubscribe from Email Lists

It’s one thing to stay up-to-date on the latest in your industry, but it’s another to subscribe to a hundred email lists that send you messages every other day and bog down your inbox. Subscribing to too many email lists can easily render your inbox an insurmountable mountain of messages, drowning out emails that are actually important.

A good rule to follow is to unsubscribe from email lists when you have not opened a message from the recipient over the past month, as at that point it is safe to say that you are either uninterested in the message or it does not hold value for your organization any longer. Some email newsletters are monthly, but these shouldn’t be clogging up your inbox. The really intrusive senders might send messages out every other day or so. Most senders will have an Unsubscribe link at the bottom of their emails, but do be careful when clicking on these, as you don’t want to fall victim to a phishing attack.

Archive Messages When Possible

We all have those important email messages that we don’t want, or simply can’t get rid of. You could organize your inbox into folders and subfolders to hold onto these important messages, but this could lead you to “hoard” the emails out of fear that they might be useful at a later date. You can’t know which messages will be important over the next several months or years, so we recommend that you remove that stress from the equation and utilize an archiving system.

An email archiving system, complete with data backup and maintenance, is the best way to limit the influence that these potentially unnecessary emails have on you. You can essentially search your archive and pull specific emails from the bunch when they are needed rather than sitting on folders upon folders of potentially unimportant messages. Most cloud-based platforms like Office 365’s Outlook or Google Workspace’s Gmail give you this capability.

Schedule Time Every Day

If you think that you simply have too many messages to sift through, the weight of the task can be daunting and seem like an impossible thing to accomplish. You can break it down into more manageable chunks by simply dedicating some time each morning to deleting or archiving messages. It doesn’t have to be a lot of time, but if you can stay consistent with it, you might find that you get your email inbox under control faster than expected.

Implement Spam Protection Solutions

One huge way to clean up your inbox is to implement a spam blocking solution, thereby preventing threatening or time-wasting messages from ever hitting the inbox in the first place. This preventative solution is just one that NuTech Services can help your organization implement to save time and streamline operations. To learn more, reach out to us at 810.230.9455.

Jul, 2021

The True Value of Managed IT Services

Technology management is a pain point for businesses, particularly smaller ones that might not have the vast amount of resources as larger organizations or enterprises. That being said, small businesses have a secret weapon that allows them to compete with larger businesses, and it comes in the form of managed IT services. What is a managed service provider, and how does working with one dramatically change the dynamic of your business’ operations?

What is a Managed Service Provider?

Since so many businesses struggle with technology management, we’ve made that entire premise our own business model, offering outsourced technology management services to organizations that need it. We are highly qualified to provide these services with trained technicians who have years of experience under their belts. In most cases, a managed service provider can basically act in much the same way as an internal IT department, but the real kicker is that there are a ton of other benefits to working with an MSP for your tech needs.

The Benefits

MSPs provide a ton of value for your business. In fact, even if you do have an IT department on-premises, we are confident that you can get some value out of working with an MSP like us. Here are some of the biggest benefits of doing so.

Lowers Costs

Hiring qualified in-house technicians can get expensive, especially if you want to hire top talent. Working with a managed service provider is actually cheaper and more effective for a budget than hiring multiple in-house technicians. Since you pay the MSP a monthly fee based on a service level agreement, it is easy to fit into your budget and it won’t break the bank.

More Convenient Service

Did you know that the majority of IT services your organization might need can all be administered remotely without an on-site visit? Sure, some things like running wires or setting up new hardware might require technicians to be present, but the vast majority of maintenance and management can all be done remotely. This saves you time and money, and since you can basically get the service you need when it’s needed, you won’t be left waiting around and incurring the costs of downtime in the process.

The True Value: Peace of Mind

You absolutely cannot place a value on the peace of mind you get knowing that your technology is being managed and maintained by a trusted provider. You will never have to worry about whether or not updates are being applied or if network security is being maintained. You can know with certainty that someone out there is always there, ready and able to manage any technology problems you might encounter throughout the workday. This translates into less stress and more focus on what truly matters: running your business the way it’s supposed to be run.

Get Started Today

NuTech Services works with small businesses to help them achieve their technology-related goals. By focusing all of our attention on ensuring your technology is in proper working order, you can then shift your focus to running your business and increasing profits. If you are ready to free yourself from the burdens of managing a complex technology infrastructure, don’t wait any longer—give us a call at 810.230.9455.

Jul, 2021

Considering Encryption in Light of Android Messages’ Update

With the addition of end-to-end encryption to Google’s Android Messages application, we have a perfect opportunity to discuss the concept of encryption and why it is so important. Let’s dive right in, shall we?

First, let’s go over what encryption is, as a bit of background.

What is Encryption, and How Does it Work?

If you’re looking to keep data secure as you share it or store it, encryption is one of the best means to do so.

For instance, let’s say that (for whatever reason) we wanted to share a line from Romeo and Juliet with someone, but we wanted to make sure that the someone we’re sharing it with would be the only one to get that information. By using encryption, we can take the following passage…

“But, soft, what light through yonder window breaks?
It is the east, and Juliet is the sun.”

…and turn it into this as it is sent along:

OoLCYOGthzwihU03wMa6y1xdbXhK4bM+XQCE02c2LCV6qg2mdGPG4MWgPHOQzmkfUC2jxq2/sKE9eN4E+6ByUBGukTFnxL9ShM0oqIv3HAN7m8yXBOwyMa9B6Hn2FXYw

Once this information has been encrypted, only someone with the decryption key could take this jumble and restore it to William Shakespeare’s classic piece. Think of it like using the Ovaltine decoder ring from A Christmas Story.

Obviously, this is a gross oversimplification of how encryption works. In reality, encryption is effectively an enormously complicated math problem that would take even the most powerful computer centuries to solve.

Okay, so now that we’ve established what encryption is, let’s dive into what Google has done with its Android Messages app.

Google is Adding Encryption to the Stock Message App on Android

First announced at the launch of its beta test in November of 2020, all up-to-date instances of the default Android Messages application now feature end-to-end encryption. This is certainly a welcome improvement, as SMS messages are often used to transmit sensitive information and two-factor authentication proofs.

As of right now, this encryption feature comes into play with one-on-one chats between users who have chat features enabled on their device, and is visually represented by a padlock at the top of the screen.

Encryption is a Tool That You Should Be Using

While encryption alone won’t be enough to completely protect your business’ processes as a whole, that isn’t to say that it can be skipped—quite the opposite.

NuTech Services can assist you in implementing this and various other security measures and protocols. To learn more about what we have to offer, give us a call at 810.230.9455.

Jun, 2021

Eyestrain? Start Looking for Dark Mode on Your Devices

The concept of dark mode has saturated the technological ecosystem and consciousness and is being incorporated by software and hardware vendors alike. Although embraced by vendors and users as a needed feature, the question remains, is there a benefit to dark mode?

Dark Mode Isn’t New

While dark mode has become top of mind for many users, it isn’t new… just new to this generation of technology users. In the early days of computing screens were monochrome (black and white) monitors. Early CRTs (Cathode-ray tubes) were coated with phosphor, which gave the on-screen text a green, amber, or white hue (depending on the phosphor used), on a black background. It wasn’t until the 1980s, as desktop publishing came into its own, that monitors began to focus on mimicking the effect of ink or typing on white paper.

Four decades later, dark mode has once again come into favor. Ironically, this is by being popularized by devices that have infinitely more processing power than the devices which used “dark mode” due to the limitations of the display technology at the time.

The Benefits Of Dark Mode

As the name suggests, dark mode inverts the background from white to black and text from black to white. The main benefit of dark mode is that it saves energy consumption on OLED and AMOLED displays, mainly used on smartphones. Dark mode turns off the pixels not in use, reducing the energy needed to keep them all on when your background is white.

Dark mode also allows devices to remain operational as their batteries become low, allowing them to continue to operate longer by consuming less energy. Google notes that using dark mode (dark theme) can be a benefit to increasing battery life. Additional benefits include:

Visibility improvement for users with low vision or light sensitivity
Easier to use in low-light environments
The potential to reduce eye strain

Some Potential Negative Issues With Dark Mode

The primary concern using dark mode is that people with astigmatism may have more difficulty reading white text on black background. Additionally, some research suggests that dark mode can lower reading comprehension due to our innate preference for and ability to recognize dark images on light backgrounds. Other concerns include:

Tiny and long blocks of text may be more difficult to read
Color blindness can affect the ability of users to read the text in dark mode
It may be harder to see in different lighting environments

However, despite the potential downsides, most people can use dark mode with no issues or concerns.

Dark Mode Is Here to Stay

While smartphones drove the initial trend towards dark mode, many software vendors have hopped on the train. They are providing dark mode functionality to their applications in response to user expectations. As users continue to ask, “How do I switch Microsoft Word to Dark Mode?” it’s apparent that dark mode isn’t going anywhere. Dark mode is now supported by most operating systems, browsers, social media, productivity applications, and more.

Should You Use Dark Mode?

As with most things, the answer is, it depends. There are clear benefits to using dark mode for some people, and for others, not so much. For others, still, it’s more a matter of form over function, and using dark mode is something new, different and a change of pace. Ultimately, it’s a matter of personal preference, so if you like dark mode, use it. You won’t be alone.

Finally, while Microsoft Word supports dark mode, there is much more productivity to be found within Microsoft’s premiere productivity suite. Fortunately, you don’t have to spend time trying to make the most out of your technology’s use. Call NuTech Services at 810.230.9455 today to learn more.

Jun, 2021

What the Recent Internet Outage Tells Us About Its Potential Vulnerability

Over the week of June 14, a lot of applications and websites experienced outages, creating problems for many companies until it was resolved. Not only did these outages create business continuity issues, they’ve also exposed just how vulnerable the Internet is to these kinds of issues. Let’s take a look at what happened.

To begin, let’s review the situation at hand.

A Small Firm’s Challenges Created Significant Ripples Online

Fastly provides a content delivery network for numerous influential websites. Basically, they support a network of duplicate servers across 26 countries around the world so that websites can store data and content on them. The closer the user is to where the data is being stored, the faster it can be accessed—which is exactly why news sources use Fastly to ensure users don’t have to wait before they get their news.

However, on Tuesday, June 10th, a large number of websites and applications went down, many of which ranking as some of the most popular on the Internet.

While this outage was relatively quick to be resolved, it still caused significant business interruptions and cost countless millions of dollars. Pretty impressive… particularly when you consider that these damages were the result of a 75 percent decrease in traffic for approximately one hour. Additionally, it wasn’t as though these affected websites could switch to another service on a dime without some proactive preparations (which would do little to simplify the complicated process of doing so).

Let’s consider this scenario as indicative of a concerning factor in how the Internet is now constructed.

The Concerns Underlying the Modern Internet

While a content delivery network helps to support efficient content delivery (as it should), there are a few potential drawbacks that a CDN presents… despite their growing popularity online. First off, because the CDN draws from a central server, any issues in this server could easily render this content inaccessible. The same could be said of any cybersecurity issues that impact the central server.

CDNs offer considerable speed boosts and cost savings as compared to the undersea infrastructure that would otherwise be used to distribute content, but at the cost of vulnerability to any issues in the system’s backend processes.

Furthermore, because a lot of the Internet’s software specifications are so open, a simple issue could impact millions or even billions of devices. Since it is far more often the case that the issue is a small one, tools like machine learning are now being used to troubleshoot and identify the root causes of Internet outages.

Of course, not all businesses make use of a CDN. Many are now using cloud computing services to support their needs, but even these aren’t immune to issues. Some of the largest cloud providers—Amazon Web Services, Microsoft, and Google—have been known to experience outages from time to time, creating challenges for the businesses that rely on them.

This is not to say that cloud services are useless… quite the opposite. However, it is important that you understand the risks involved in all of your options. NuTech Services can assist you in identifying your needs and customizing your IT to meet them.

To find out how we can make your IT more resilient and effective for your business’ processes, reach out to us at 810.230.9455.

Jun, 2021

Agent Tesla Is Out to Steal Your Credentials (and Your Cryptocurrency)

Network security isn’t just for large, high-profile enterprises; even small businesses need to take it seriously. All businesses have something of value to hackers, and if you don’t believe this is the case for your organization, think again. All data is valuable to hackers, and you need to do everything in your power to protect it—especially against threats like Agent Tesla, the latest version of phishing malware designed to steal your data.

Before we dive into what makes Agent Tesla so concerning, let’s discuss phishing on a more broad scale. What is it, and why is it important that you know what it is?

Explaining Phishing Attacks

Not all hackers take a direct approach to infiltrating your systems. Brute force can only get them so far, so they have to resort to sneaky tactics like phishing. A phishing attack aims to convince users to grant a hacker access to a network of their own free will, usually through downloading an infected file, clicking on a suspicious link in an email, or handing over credentials to someone claiming to be tech support or someone of authority within the organization.

Why You Should Care

The scary part of phishing attacks is that you can do everything right in terms of network security and still fall short of protecting your organization. Phishing attacks, when executed properly, have the potential to make it past even the best security solutions. They rely on the human aspect of your organization—your employees—to infiltrate and cause problems for your business. In a sense, your company’s security measures are only as effective as your employees’ knowledge of network security.

Agent Tesla

Agent Tesla as a threat has been around since 2014. The malware uses a keylogger to steal information from infected devices, which it transmits to the hacker behind the attack periodically throughout the day. This gives the hacker access to information like passwords, usernames, and other data that is typed into the system. This new variant of Agent Tesla is notable because it also seeks to steal cryptocurrencies from the user.

Agent Tesla spreads through the use of phishing emails with infected Excel documents attached. One such attack, as evidenced by a report from Fortinet, shows an email with an Excel file sporting the title of “Order Requirements and Specs” attached to it. To the untrained eye, it might appear to be legitimate. If the user downloads the file and opens it, the file runs a macro that downloads Agent Tesla to the device. The specific process, as outlined by Fortinet, involves installing PowerShell files for Agent Tesla, adding several items to the Auto-Run group in the system registry through the use of VBScript code, and finally creating a scheduled task that executes at a designated interval.

Agent Tesla itself is surprisingly accessible, given that it can be purchased on the cheap and the developers offer support to those who do purchase it. This sets the bar pretty low for hackers who want to get started in this deplorable line of work.

What You Can Do

You don’t want to find yourself in a reactive position with your network security. Instead, you should be proactive about it. Your network security against phishing attacks (and all threats in general) should take a two-pronged approach:

Implement quality network security solutions to catch the majority of threats before they reach your network.
Train your employees to identify threats so that the ones that do get through your defenses do not cause more trouble than they need to.

NuTech Services can help your business do both of the above, implementing powerful enterprise-level security solutions that can keep your company safe and training your employees to keep it that way. To learn more, reach out to us at 810.230.9455.

Jun, 2021

Major Hack Stymies Meat Processing

A recent surge of high-profile ransomware attacks strikes again with an assault on the world’s largest meat processor and distributor, JBS S.A. The cyberattack was so disruptive that the company was forced to suspend operations in both North America and Australia, leading to a considerable impact on the supply chain. Let’s take a deeper dive into what lessons can be learned from this situation.

What Happened to JBS S.A.?

In May 2021, JBS’s global IT systems were hit by a ransomware attack that forced the meat processor’s operations to completely shut down in North America and Australia. All operations were forced to halt as a result, and each step of the company’s operations ceased, from livestock procurement to exporting and shipping.

Fortunately for JBS, they had backups prepared and were able to restore their systems. There was also no evidence to suggest that customer, employee, or supplier data was compromised by the attack. This doesn’t mean that we can’t learn anything from the situation, though. Here are some major takeaways from this hack.

Who Was Involved in this Attack?

There has been no indication that any activist groups were involved in the attack; those responsible for this attack are sophisticated cybercriminals, the kind who have been associated with recent Russian cyberattacks. The Federal Bureau of Investigation has taken an interest in this attack, and the United States government has been in communication with Russia regarding it.

Similarly, the Australian Cyber Security Centre has been assisting with the effort but has chosen not to disclose what they are actually doing for this assistance. The company is also working with the Australian government and the Australian Federal Police to investigate the matter.

How Ransomware Affects Other Threats

Ransomware is still relatively new in the grand scheme of things, but it has grown exponentially in the time that it has been around. It is much more than a simple threat that locks down files unless a ransom is paid; nowadays hackers are also threatening to release the target’s data if the ransom is not paid. This is particularly concerning, even for businesses like JBS that have backups, as these types of organizations often have data governed by privacy regulations.

Having a backup is a good idea, even in the event that you are struck by a ransomware attack like those outlined above. The reason for this is simple; in the event you aren’t struck by one of these double-ransom attacks, you should theoretically be able to recover without much trouble. Many ransomware attacks spread through automated phishing campaigns and other hands-off means, meaning that if the hacker is taking such a hands-off approach, you should be able to recover without much incident.

We at NuTech Services are committed to helping businesses just like yours overcome cybersecurity issues big and small. To find out more about how we can help your organization overcome the challenges of modern cybersecurity, reach out to us at 810.230.9455.

Jun, 2021

How Can a Business Be Impacted by Unpatched Software?

It’s no secret that software often does not work as intended. Developers frequently discover bugs and patch them out. The same can be said for security vulnerabilities. Despite the importance of these updates, small businesses often fail to implement these patches and updates in a timely manner, a practice which can lead to more problems down the road.

Software bugs can range from very problematic to minor inconveniences. Some can cause a software to behave in an unpredictable manner. Others might expose critical data or leave backdoors in the code that could lead to security breaches. Let’s explore some of the issues that software bugs can bring about from both a customer and worker perspective.

Customer Satisfaction Takes a Dip

A positive reputation is key to any successful business endeavor, and something as simple as a software glitch can create major problems in this regard. For example, if a customer service portal simply does not work, it can create major issues for your customers when they seek to get help with other areas of your business. With most businesses having at least some online presence, this is a very real possibility, and customers are more likely to share their experiences when that experience is negative.

Small Issues Suggest Larger Problems

If a company is issuing software to paying customers, then there is an expectation that it works as intended. Things like a lack of attention to detail, grammatical errors, or UI issues can all contribute to the larger quality of the program. Small issues can often provide clues to larger underlying problems that could surface after a long enough use.

Security Becomes a Concern

If software is not regularly updated, be it a website, application, or operational software, vulnerabilities are likely to be discovered by hackers. This is why you see updates happen so frequently, especially by big name developers. People don’t want to use tools that put their financial information or personal data at risk (or at least, they shouldn’t). Patching these issues and testing them periodically is something that all developers should do; failing to do so could lead to disasters just waiting to happen.

The Issue Expands Over Time

It is extremely important that you have a patch management strategy in place to guarantee the operational effectiveness of your business technology. Neglected software can become riddled with problems in the long term, and if a customer or vendor finds these issues, you can bet that they can cost businesses a considerable amount of time and resources to rectify, if they get resolved at all. If you fail to do anything about problematic software for your business, you are just throwing money onto a bonfire, hoping desperately to snuff out the ever-growing flame.

Since software is such a major part of your business, you have to be extremely careful about how you implement it and update it with the latest patches and security updates. NuTech Services can help you make this happen. To learn more, reach out to us at 810.230.9455.

Jun, 2021

The Colonial Pipeline Attack Continues to Be Important to Cybersecurity

The situation surrounding the hack against Colonial Pipeline has only become more complex as new information has come to light, each new discovery providing more insights and potentially actionable takeaways. Let’s examine some of the biggest developments surrounding the attack, and what they will likely mean for overall cybersecurity from this point forward.

Let’s begin with some of the bad news, just to get it out of the way.

The Colonial Pipeline Attack Has Inspired Additional Ransomware Campaigns

Taking advantage of the notoriety that the Colonial Pipeline attack garnered, cybercriminals have designed phishing campaigns to play on the fears of its recipients. Via email, messages have been distributed to organizations offering so-called “ransomware system updates.”

To be fair, this isn’t untrue so much as it is misleading. Technically speaking, they do contain ransomware system updates, in that these messages will update the recipients’ systems with ransomware.

To do so, these fraudulent emails direct the recipient to visit an innocuous-enough-looking website in order to download a so-called system update to help protect their computer. Little does the user realize that these websites have been designed to mimic a legitimate one, just so there’s a higher chance that a user will be fooled. Shortly after news broke that Colonial Pipeline had shelled over the payment the DarkSide ransomware group demanded of them, these phishing emails began appearing in the wild.

The Department of Justice Was Able to Repossess a Lot of the Ransom

On June 7th, the Department of Justice distributed a press release that stated that they had managed to seize 63.7 Bitcoins (valued at about $2.3 million) of what Colonial Pipeline had paid up. By following the money, the FBI located a wallet that they had exfiltrated the key for that had received a significant portion of the ransomware payment. As a result, the FBI was able to seize this portion of the payment.

However, This Led to Severe Dips in Cryptocurrency Values

When this news broke, cryptocurrencies saw their values plummet. After all, cryptocurrencies are supposed to be completely anonymous and secure, so the idea that the FBI was able to track and repossess these funds is disconcerting to many. The market therefore plummeted by 11 percent in a single day.

It is somewhat likely that more government intervention will follow, despite the impacts this would certainly have upon the crypto market. Time will only tell if these efforts will continue.
Clearly, ransomware is not to be underestimated, and these developments will only complicate things further. Cybersecurity is a difficult thing to manage, but NuTech Services is here to help. Give us a call at 810.230.9455 to learn more about what can be done to better secure your business.