Security Archives - Page 10 of 13

Sep, 2017

Tip of the Week: The Holidays Can Be A Time Of Work And Play, Even While Traveling

The holidays are approaching, whether we are ready for them or not. With the holidays comes time off, which means that it’s awfully easy to fall behind post-vacation. Another concern is the amount of identity theft and credit card fraud that comes about during this time of year. We’ll discuss some of the many ways that your organization can take advantage of technology this holiday season without putting yourself in harm’s way.

Know Your Wi-Fi Options
You can’t be productive without an Internet connection. This includes either mobile data or Wi-Fi. Chances are you’d rather look for an open wireless network than waste your mobile data, but unsecured networks can put your data at risk. One option you have is to check the reviews on sites like Yelp! and Trip Advisor to see what other guests have to say about Wi-Fi connections. Ideally, you want a VPN to secure your data while it’s in transit.

Bring Along Extra Accessories
You never know when that extra LAN cable or micro-USB cord will come in handy. Furthermore, if you’ve ever done any traveling, you’ll know that buying new equipment from an airport can be more expensive than you’d like.

Carry On Your Devices
If you need to travel for business, be sure to put your devices into your carry-on baggage at any airport. The last thing you need is for a screen to get cracked while your luggage is rolling around the cargo area of a plane. Furthermore, you don’t want your luggage to be either lost or stolen while in-flight. It’s just safer for you to keep anything important in your carry-on luggage.

Be Wary of Free Wi-Fi
You should keep your device from automatically connecting to any open wireless connection that it latches onto. The reasoning for this is that hackers will literally lurk on them, waiting to steal any data that presents itself to them. This can put both your own data and that of customers at risk–all because you checked your email.

Turn Off Your Autofill and Password Management
A password manager keeps you from entering in the same information over and over, but it should be disabled while you’re traveling. What if someone steals your device? They would have access to anything that was auto-filled on it. It’s like leaving the keys to your car in the front seat without locking the door. It’s not impossible to go a few days without auto-populating passwords, and it sure beats the fallout of losing a device.

Use External Drives and USB to Back Up Data
What if you are working on a project while out of the office on vacation, and you misplace your device or it’s damaged beyond repair? All of that progress would be gone. Now, imagine that you have that data backed up to an external hard drive. Now you don’t have to worry about losing data or progress while working out of the office.

There are just a few practices that can keep your organization from succumbing to the dangers of traveling and working at the same time. If you have any questions, thoughts, or concerns about using technology while out of the office, reach out to us at 810.230.9455.

Sep, 2017

Cybercriminals Who Use This Malware Will Get A Nasty Surprise

Do you know what a botnet is and how it works? It’s basically a network of infected computers that can be used to perform Distributed Denial of Service attacks, overloading target networks and forcing them to endure downtime. They can also be used to distribute malware and other threats. What’s worse than this, you ask? Hackers can purchase botnets on the black market to use against their targets, but a new type of botnet strain is changing the way this works.

The black market is no stranger to sketchy sales. Users can pay with Bitcoin for the development of malware and other threats without knowing the first thing about hacking or technology. However, this convenience comes at a price, as any users of the new Cobian botnet now know. The malware involved–njRAT–surfaced in 2015 and includes a lot of terrifying features. Hackers can use a keylogger, webcam control, remote code execution, and even screensharing, just by shelling out some Bitcoins to a fellow hacker.

What these would-be hackers don’t know is that the developers include encrypted code which allows them access to the master control switch of the botnet. In other words, while users are purchasing their own botnets to use for whatever they want, full control of any botnets purchased is held solely by the developer of Cobian.

NakedSecurity describes the way that the botnet masks its presence, as well as how the threat activates when it’s time for its master to take over: “Cobian’s executable payload disguises itself as a Microsoft Excel file. Cobian’s secondary payload then checks to see if the second-level operator is online. If so, then the code that enables the author to acquire master control operates to evade detection. If the second-level operator is offline, the secondary payload acquires the address of the author’s command and control servers from Pastebin.”

It just goes to show that you can never trust a hacker–but you probably already knew that. This story should be a lesson for businesses that don’t suspect they are at threat of a hacking attack. If anyone can access threats like a botnet, you’ll need to step up your defenses to keep your business safe. NuTech Services can help with this task–to learn more, reach out to us at 810.230.9455.

Sep, 2017

Essential Cybersecurity Tips From The FBI

In 2016 former President of the United States Barack Obama passed the Cybersecurity National Action Plan that implemented near-term action and developed a longer-term strategy of bringing awareness and protections to public computing systems connected to the Internet. The strategy is to make an immediate effort to empower citizens to protect their own privacy, while also maintaining public safety and national and economic security, as many of the most critical systems this nation utilizes are networked on the web.

For the average small business, it is more crucial than ever to avoid the pitfalls that lay on the internet. Victims of cybercrime deal with an endless number of issues, including drops in revenue, data loss, downtime, and fines/restitution if they are unable to keep their networks secure. Below are a number of line-items that the Federal Bureau of Investigation recommends to keep your data secure, and to avoid becoming a victim of the most pressing malware on the Internet today: ransomware.

Raise Awareness: Ensure that you make a point to make your staff cognizant of the threat of a ransomware infection.
Updates and Patches: Make sure to patch your operating systems, software, and firmware on all of your digital assets.
Auto Update Security Software: Lean on enterprise-level antivirus and anti-malware software to conduct regular scans and catch potential malware.
Limit Super Users: Ensure that you don’t just hand out administrator access to your mission-critical systems. Managing access is one of the best ways to keep untrustworthy entities out of your network.
Access Control: As stated above, access control is essential to ensure that you know who can and should be in parts of your network. If your users only need read-specific information, they don’t need write-access to files or directories, mitigating risk.
Filters and Application Control: Deploy software restrictions to keep programs from executing from location where ransomware may be found. This includes temporary folders found to support Internet browsers and compression/decompression programs.
Data Backup & Disaster Recovery Plan: Create data redundancy by having a comprehensive backup and recovery plan in place.
Multiple Storages: Ensure that each storage unit is stand-alone to avoid major problems with backups and other forms of storage.

Governments absolutely have to have a strategic plan on how to deal with cybercrime, and as a solid practice, businesses should follow suit. If you want to make sure your strategies are top-level, visit https://www.fbi.gov/investigate/cyber/news to see what the FBI is doing to protect their computing infrastructure. For more great security information, subscribe to our blog.

Sep, 2017

Your Guide To Mobile Device Management as an SMB

The use of mobile and personal devices for work purposes can be beneficial to your business operations. When handled, and supported properly, they have been shown to improve communication methods and increase productivity. However, the popularity of mobile computing, as well as the Internet of Things’ rapid expansion, means it’s more important than ever to make sure that you don’t allow dangerous devices to access your network. To keep your network safe, there are a few Mobile Device Management best practices that you should begin enforcing.

Define Acceptable Devices and Limitations: To prevent the abuse of your network, it’s a good idea to define which type of devices are allowed. Even though there have been some improvements in IoT security, many devices still have no defense and put your network at risk when connected. A good way to protect your data and network is to only allow network access to devices that can be used in a professional capacity.

Of course, there is also a distraction-factor when there is an excessive use of these devices – even if they’re technically allowed. For example, if you have several employees with smartphones, laptops, tablets, and wearable devices that are all constantly sending and receiving data, the likelihood of interruption increases and productivity decreases. Consider limiting the number of devices per person that are allowed to access your network at one time.

Develop Access Policy: One of the biggest reasons for data loss is accidental human error. To make your employees aware of the dangers of abusing the use of mobile devices on your network, it’s a good idea to create a policy that makes them aware of their role. The policy should include password requirements, antivirus expectations, privacy terms, data loss security reporting process, and even things like penalties of texting and driving while using a company device.

Mobile Device Management Solutions: To take that extra step beyond developing/enforcing a policy regarding the use of mobile devices, a mobile device management solution (MDM) gives your company more control over mobile devices on your network. MDM applications enforce proper use, as well as requiring maintenance and security patches to be up-to-date. Many of these MDM solutions have the ability to remotely wipe data from the device in the event it’s lost or stolen.

Studies show that employees who are allowed to use their personal mobile devices for work are more satisfied with their job. Smartphones and mobile devices are a permanent part of business technology and can’t be ignored. With the constant threat of cybercrime, SMBs need to be vigilant about allowing only authorized users to connect mobile devices on their network. Questions on keeping your network safe or if an MDM solution is right for you? Contact us at 810.230.9455.

Aug, 2017

Someone’s Trying To Phish You… Do You Play Along?

Phishing scams have been popping up for years–their most infamous attack vector has even become a punchline: some long-lost relative stuck in a far-off country suddenly reaches out, offering riches, but only if so-much money is provided first. People from all walks of life have been duped by these scams, and while not all of them are this transparent, most are pretty easy to spot.

There may be some temptation to strike back in retribution against the criminal who targeted you, in the form of driving them crazy by wasting their time. Unfortunately, as tempting as such activities may be, they are not a good idea. Take it from the cyber security researchers who have tried–cybercriminals do not take well to mockery, or having their time wasted. A researcher from Malwarebytes, Jerome Segura, found out firsthand when he used a virtual machine to follow a scam to see where it would lead.’

With his device recording everything that played out, Segura first interacted with a female who claimed to have found many, many issues on his device that needed to be resolved before his system was corrupted. Not only that, but Segura was told that his software warranty had recently expired, and he would have to pay the $299 renewal fee to another representative.

Of course, Segura didn’t supply the correct payment credentials, which tipped off the hackers. The hackers then seized control of Segura’s computer, deleting all of his files and his Ethernet adapter driver before calling Segura a rude word and disconnecting.

While these sorts of stories may seem comical in hindsight, they are no laughing matter. This is especially true when things get much more serious.

Take Jakob Dulisse’s story. The wildlife photographer received a call to his home in British Columbia from “Windows Technical Support” in Los Angeles. Coming to the conclusion that this was an attempt to scam him, Dulisse played along before accusing the caller of being “a scammer, a thief, and a bad person.”

The person on the line did not react well at all. Describing himself as a killer, the caller claimed that his group had people in Canada who would cut their victims into pieces and dispose of them in the river.

Other scammers will simply install remote access software as their target decides to mess with them, opening the door for them to come back later, as other cyber security professionals have found.

It is important to remember that these are, in fact, professionals, which means they are better equipped to deal with such threats. It is their job to discover what means of attack cyber criminals are using, and share the best response. This is not how the average business user should handle this situation, the business owner should file a report with the authorities and alert both their Internet service provider and their managed service provider.

An MSP can help make sure that you are fully prepared to handle any cyber security threat that darkens your business’ door. Give NuTech Services a call at 810.230.9455 today.

Aug, 2017

Security Terms That Every User Needs To Know

Chances are that you’ve seen quite a lot of stories on the Internet, or in the news, about the many security threats out there. Some of these, including ransomware, exploits, and reluctance to update software, might fly over your head if they’re not part of your everyday business vocabulary. Knowing what these terms mean is of the utmost importance in today’s workplace. We’re here to help you understand what some of these security terms mean for your organization.

Ransomware like WannaCry are one of the primary reasons why it’s so important to understand how network security works, and all of the terminology behind it. After all, hackers understand how to exploit your network’s weaknesses, so you’ll want to know all about the primary way to protect your business’s data from them: security patches.

These patches are issued by software developers to resolve certain issues or troubles found in their products. For example, a patch might be designed to address a recently found vulnerability in the program’s code, or resolve a particularly troublesome issue with the user interface. Understanding how these patches work is critical if you want to ensure the security of your business, your personal computer, and everything in between. Here are five of the most common terms used when speaking of security patches.

Patch Tuesday
Even if you allow your computers to update and install patches automatically, you should still have an idea when these patches are installed. Microsoft has a set schedule that they use to release these patches. They are released on specific days of the week, including the second Tuesday of each month, and sometimes the fourth as well. Perhaps in the future, data exchange will allow newer operating systems to be updated more frequently, or at the very least in real time, keeping your systems more secure.

Security Patching
Patches are basically issued to fix something that’s wrong with a computer application or program. It is these patches and updates that are provided on all of the official patch days, like Patch Tuesday. Of course, immediate patches to imminent threats of Microsoft’s software are issued for release as soon as one is created. These zero-day threats are so dangerous that they need to be resolved as soon as possible, making them top-priority for your organization.

Hotfixes
These are sometimes called quick fix updates, quick-fix engineering updates, and general distribution releases. These hotfixes generally include a patch that fixes just one small thing wrong with your application. These small issues are usually important enough that they need to be issued immediately without waiting for the next batch of patches. Even though Microsoft has long since forsaken the term “hotfix” specifically, it’s still used as a common way to refer to these fixes in the technology sector.

Zero-Day Threats
These types of weaknesses are those that are being used by hackers even before they are discovered by security professionals. The name “zero-day” refers to the fact that the software developers have no time, or zero days, to develop a patch to resolve the issue. These are some of the most dangerous threats out there, and need to be a priority for companies trying to keep damage to a minimum.

Whitelisting
Whitelisting is the process through which a patch or application is deemed secure or safe for your business. This allows your whitelisted app to access information found on your network. Contrary to whitelisting, blacklisting is the process of banning network access to certain apps. Whitelisting was a popular term used to discuss the security patch resolving the issue with the WannaCry ransomware, as IT departments wanted the patch to be “whitelisted” first to guarantee that the patch would be enough to stop it.

Is your business security-savvy enough to identify major problems with your network infrastructure? To learn more about how you can protect your business, reach out to us at 810.230.9455.

Jul, 2017

Why Spam Is So Bad For Your Inbox

Spam. It’s detrimental and all businesses have to deal with it. But many don’t know the first thing about how to identify it, or how to work around it. The truth of the matter is that spam can be dangerous for your organization if it’s not dealt with properly, but dealing with it can also be a major waste of resources. We’ll walk you through what constitutes spam, and how you can identify it from legitimate messages in your inbox.

Defining Spam
At its very core, spam consists of messages that are either insubstantial, wasteful, or dangerous to your organization. Spam generally takes the form of a message that you find in your email inbox, but you can often receive spam through various other media, including social media platform messengers (though these platforms usually have pretty good filters that keep most away from you). Spam can range from being a simple annoyance to a real problem, depending on the nature of the messages received.

How Spam Happens
Spam is a naturally occurring part of having an email account, primarily because spam can happen for a number of reasons that aren’t under your control. Perhaps your email address appeared somewhere online and it has been entered into a database that sends out emails at regular intervals about certain topics. Maybe you signed up for a subscription to a certain newsletter and now you get emails from multiple services that you hadn’t anticipated. Either way, you’re getting messages that you neither need nor want.

Other times, spam takes the form of a message that tries to get you to click on a link or download an attachment. These spam messages are most likely to be malicious in nature, as they are urging immediate action and are trying to get you to download malware on your device.

Keeping Spam Out of Your Inbox
There are two ways you can keep wasteful or dangerous messages out of your inbox: 1) Unsubscribe from email newsletters that you no longer wish to receive, and 2) Implement a spam blocking solution. Most legitimate newsletter emails will have an unsubscribe link at the bottom of the message which you can use to unsubscribe, preventing you from receiving any further messages from the sender. In order to keep the truly dangerous emails from being sent to you, you need an enterprise-level spam blocker. This will keep any messages that resemble spam out of your inbox in the first place, keeping you from having to deal with them at all. It’s the best way to keep spam away from your inbox.

To learn more about our enterprise-level spam blocking filter, reach out to us at 810.230.9455.

Jul, 2017

A Few Security Lessons Your Business Can Learn From Game of Thrones

Security is a major concern for anything successful, and television programming is no different. Game of Thrones, the BBC’s epic production based on George R.R. Martin’s book series A Song of Ice and Fire, has always been concerned with their security–and with the television series overtaking the book series, that concern has only grown as the production has brand new secrets to keep safe. As a result, the production has seen a steady increase in security.

Last season, scripts were handed out much more sparingly, and code words were assigned to characters and scenes. The network has also stopped the tradition of distributing advance copies of the program to members of the press, which is normally done so that reviews may be written.

With the action in the show finally overtaking the action in the books this season, the concern for the show’s security has leapt to new heights.

This year, two-factor authentication had to be set up on every cast member’s email account, where they would receive their copy of the script. According to Nathalie Emmanuel, who plays the role of Missandei on the show, these copies were not to be printed out. Even the notes that the cast members received during rehearsal were not to leave the set, and had to be turned in before the actors could leave.

This dedication to secrecy only makes sense. Game of Thrones is a bona fide cultural phenomenon, and more importantly has generated an astonishing amount of revenue. This is mainly because subscribers to HBO’s content repeatedly tune in every week to find out who is next on the chopping block–the show’s version of critical data. If that data was to get out ahead of schedule, subscribers would have less of an incentive to subscribe and would quickly transfer their focus (and capital) elsewhere.

Your business’ data needs to be secured for similar reasons–just substitute ‘subscribers’ for ‘clients’ in the situation above, and you see the importance of keeping your data secured.

Taking a page from Game of Thrones’ production can help you here. Two-factor authentication is a method of ensuring data security by requiring a secondary form of authentication to access an account, for example, a unique code sent to a mobile device. If the password were to somehow be guessed by some other party, they wouldn’t be able to access the account without the secondary code. There are many businesses that are already using this method, both as a means of compliance with various regulations and to reinforce their security.

So, tell us: are you looking forward to the rest of this season of Game of Thrones? Tell us in the comments, but please don’t spoil anything!

Jul, 2017

Bring Your Own Device Is Great…When Applied Properly

If you let your employees use their own devices for work purposes on the company network or wireless Internet, you might be seen as “the cool boss.” Your employees love this privilege, but this can be a dangerous practice if done so without moderation. Here are some of the many benefits that your organization can reap from a well-thought-out BYOD policy, as well as some of the pitfalls you could fall into if you’re not careful.

It’s understandable to imagine that your team will be getting more done using their own devices for the reason that they are simply more comfortable with certain products. For example, if you force someone who is used to Apple products to use a Samsung smartphone, they might be a bit frustrated until they get the hang of how it works. Furthermore, if you have your employees provide their own devices, you don’t have to purchase devices for everyone who needs them. Even something as simple as a little bit of freedom is invaluable for your employees, but you still want to dodge the many problems associated with BYOD if you want to safely allow it.

Ultimately, the goal should be to implement a BYOD policy that takes security into account, while also allowing employees to do their jobs properly. Here are some features that you will want in your BYOD strategy.

Application Blacklisting
It’s important to keep in mind that not all applications found on the Google Play Store are going to be safe and secure for your employees. You can’t let them just download any apps that they want. The risk of user error could mistakenly expose any company-owned data on the device to threats. Some apps are so sneaky that you can’t even tell they are stealing data from you while fulfilling a different purpose. A perfect example is a flashlight application that wants access to your device’s contacts, email, text messages, and so on. Since apps will usually ask for permissions before installing, it’s an ideal time to see if they are pulling some ulterior motive. Application whitelisting and blacklisting can also help you control which apps can (and can’t) be installed on a device, and what information can be collected by them. When in doubt, have your employees submit their app download requests to IT for review.

Remote Wiping
An employee losing a device could be a dangerous situation to be in. After all, you don’t know who will find it. For all you know, they could be a hacker or identity thief. If the device contains sensitive information, they may be able to access it somehow. It is situations like these that make remote wiping a necessity for SMBs, especially if employees take your data on the road. Remote wiping allows your business to immediately erase any data located on the lost device, helping you secure your business’ data even in the worst of times.

User Access Restriction
Not all of your organization’s data should be available to the entirety of your workforce. After all, why would the average worker need access to documented information from human resources, or financial data from accounting? You need to ensure that your BYOD policy reflects this kind of thinking by restricting data access according to work role. By doing so, you can limit how much data a potential thief has access to right off the bat. It might not be a perfect solution, but it helps you solidify security for the future–and it beats having your entire data infrastructure available to all onlooking eyes.

Do you have a solid BYOD strategy implemented for your organization? NuTech Services can help you choose what’s best for your business. To learn more, reach out to us at 810.230.9455.

Jul, 2017

Companies that Neglect Updating Web Browsers 2x as Likely to Suffer Data Breach, Study Finds

Business has become such a competitive endeavor that those who deprive themselves of the latest and greatest technology solutions could be at a serious disadvantage–namely in terms of productivity and security. A new study shows that there is a direct relationship between businesses that run older versions of operating systems and web browsers, and businesses that fall victim to data breaches.

BitSight found that out of 35,000 companies from over 20 different industries, over 2,000 of them were running on operating systems that are out of date. Furthermore, 8,500 of these companies also ran out-of-date Internet browsers. This particular study focused on organizations using Apple and Microsoft operating systems, as well as the Internet browsers Internet Explorer, Firefox, Safari, and Google Chrome.

It’s clear that organizations that rely on outdated operating systems are three times more likely to suffer from a data breach. Likewise, organizations that use outdated web browsers are twice as likely to suffer from data breaches. While these numbers don’t necessarily show that this outdated software were directly responsible for data breaches, it’s still an important factor that cannot be ignored.

Granted, this shouldn’t be a surprise for any security-minded business professional. It’s been noted for a long time that software, while invaluable, can create any number of issues for organizations. Chief among these is outdated software. As more businesses remain in operation for extended periods of time, they continue to use unsupported software rather than upgrade to more recent versions. Examples of these business software include Windows XP and Windows Vista. What can you do to keep your own business from falling victim to these unfortunate side-effects of using outdated software?

The solution is simple–update your software. This is easier said than done, especially when time and resources are two pertinent issues. The easiest way to get a feel for how your business stands on this issue is to get a network audit from a trusted technology service provider. This will provide an unbiased analysis of how you can shore up weaknesses in your network infrastructure–including outdated software applications. The importance of such an audit cannot be underestimated, especially considering the amount of high-profile threats that like the WannaCry ransomware.

How does your business rate regarding network security? To get an understanding of this important aspect of running your organization, reach out to us at 810.230.9455.

Jul, 2017

Are You Making Your Business Vulnerable to Project Failure?

When implementing a new project, expectations run high and deadlines must be met. The temptation is to feel so pressured to get the project finished that the planning phase is rushed. If even a small detail is overlooked and a shortcut is taken in this early stage, it can come back to bite you in a major way–perhaps even derailing the project altogether. This is especially the case for an IT project.

CIO.com provides a working ratio of why such oversight is important for IT projects of any size, especially during the more risk-prone discovery phase. “Discovery is the crux of project risk. Although the discovery and architecture phases of a project may represent only 15 percent of the overall effort, an error or omission early on can cause cost overruns of 150 percent or more.” Have you experienced an issue of this scope in any of your company’s previous projects?

In order to prevent your next IT project from facing a disastrous end like this, you’re going to want to invest the time needed to perform the discovery and architecture phases correctly, the first time. But how can you make sure this happens?

For starters, working closely with your vendors and service provider is a must. If you detect that they’re not thoroughly answering your questions or that they’re trying to rush the project in any way, then you’ll need to speak up about it, before it’s too late. Instead, you need to make sure your vendors are guiding you through each step of the process, and that they’re assertive enough to present you with options and tough choices when it comes to unpleasant tradeoffs.

Secondly, you need to know what it looks like when a project is being rushed or shortchanged. This can be difficult to catch for a busy business owner with only a surface-level knowledge of IT. At NuTech Services, we know what this looks like and we want to pass this information onto you. When in the discovery/architecture phases of your next (or current) IT project, look for a vendor taking these four shortcuts.

The documents prepared for the project are based less on what your company’s specific needs are, and instead are overly influenced by industry jargon and sales propaganda. The idea here is to overwhelm a business owner with features and benefits that sound great, but may not be precisely what the project needs and what real users would actually use. Classic snake oil sales strategy.
Project requirements aren’t prioritized adequately. This shortcut will provide poor guidance when it comes to the step-by-step implantation of the project, and the hard trade offs that are sure to pop up when dealing with a budget and a deadline will hit unexpectedly.
The project requirements are lacking important steps, like transitions in the end-to-end business process. If these gaps are uncovered during the implantation phase instead of the discovery phase, then meeting these unplanned requirements will push back the schedule, and may even change the entire scope of work needing to be done.
The needs of the business evolve dramatically enough over the course of the project that the project proves to be insufficient upon its completion. Keep in mind that technology itself is prone to becoming obsolete by newer solutions. Shortsightedness in both areas can make it frustrating to have to go back and redo the project much sooner than expected.

These four shortcuts can devastate an IT project, or any project for that matter. One way that you can safeguard your business from these risks is to hold consultation sessions all throughout the course of the project–as opposed to leaning heavily on the original project roadmap, which may grow more unreliable as the project progresses from phase to phase. NuTech Services can provide this kind of project oversight for your next IT initiative, as well as spend the time needed in the early phases of the project. This will ensure that no stone is left unturned and every possible circumstance is accounted for.

Give us a call at 810.230.9455 and don’t plan your next IT project without first consulting with the pros.

Jul, 2017

A Maintained Network Is Better For Business

It can be challenging and costly to maintain your business’ network system, but it doesn’t necessarily have to be. A managed service provider can help your business achieve all of its technology-related goals, including regular network maintenance. You might be surprised by how many benefits proactive network maintenance can provide for your organization.

Less Support Needed
Maintenance is loosely defined as ensuring that something can continue to operate without any issues. Therefore, it makes sense that continued maintenance will allow your business to preserve functionality for your operational technology. Regular maintenance is practically necessary in order to keep issues from cropping up at inopportune times, and even further ruining operations with greater problems. You’ll need less support because, naturally, fewer problems will happen in the first place.

Monitoring Leads to Threat Detection
If you are monitoring a system for potential issues, you can detect issues before they can cause major problems. When you maintain technology, issues that can cause downtime can be detected before they even happen, which gives you time to resolve problems and prevent catastrophe. A perfect example of this is applying patches and security updates, as they can block issues easily, so long as you take a proactive approach to network maintenance.

Greater Decision-Making Abilities
An unstable network that is prone to failure makes it difficult to make important decisions, like how to implement new technology or components. After all, how can you make improvements on something if you don’t know what’s wrong in the first place? By taking proactive measures to prevent issues in the first place, you won’t have to make the difficult choice to overlook a vital flaw in preference to resolving another major, possibly more important flaw. Managed service providers can often resolve problems before they are even known or felt by your organization, and since most problems can be resolved without an on-site visit, you’ll save time and resources that are better spent elsewhere.

To take advantage of proactive technology maintenance today, reach out to NuTech Services at 810.230.9455.

Jun, 2017

5 Security Threats that Spell Doom for Any Organization

Fact: your business will always be susceptible to various security threats in at least some capacity. It’s up to you to counter these threats before falling victim to them. To help you with this, we’ll go over the top five threats that you need to be prepared for.

Viruses
Viruses are bits of code that plant themselves in your system and cause a myriad of problems. Viruses can cause system slowdown, problems with performance, and can even open the way for data theft or downtime. Security software like antivirus is usually enough to keep simple viruses out of your network, but more dangerous variants may be sneaky enough to dodge discovery and cause damage.

Malware
Also known as “malicious software,” malware infects a system and performs whatever its programmed function is. There are all sorts of variants out there, including spyware to watch the infected PC and capture keystrokes, and ransomware that can lock down files until a fee is paid. Malware complicates operations and can potentially put your business at risk of further data breaches.

Spam
Spam messages are both annoying and dangerous. Spam is the hacker’s preferred way of spreading viruses, malware, ransomware, and phishing scams, among other threats. They can effectively use spam to send out countless instances of the same attack to recipients all over the world. Thankfully, you can prevent the majority of spam simply by implementing a spam blocking solution. This can keep spam out of your inbox in the first place, eliminating the opportunity for user error or otherwise.

Phishing Scams
Hackers and identity thieves will use whatever tools they can to steal information from whole organizations, or specific individuals via targeted attacks. They may take advantage of the people or organizations with whom individuals associate themselves with, masquerading as vendors or close personal friends in order to gain their trust. The end result could be someone you think you know stealing sensitive information, like financial credentials or personally identifiable information. Take the time to understand some of the symptoms of these attacks, like poor spelling in messages or out-of-the-blue outreaches from the sender. Other common giveaway signs are unexpected urgent final notices or calls requiring immediate action. NuTech Services can help your business successfully identify these scams.

CEO Fraud
Whaling is a trend in which CEO fraud occurs by hackers stealing the identity of a C-level employee. For example, a hacker using the identity of a CEO could send legitimate-looking emails to the finance department asking for an immediate wire transfer. In these cases, the one on the receiving end of the message might not think anything of it and go ahead with the transfer. If you receive such a message, take a moment to question the legitimacy of the request by consulting official records regarding email addresses and telephone numbers associated with the message, or simply contact the CEO yourself.

Does your business want to take network security to the next level? If so, reach out to NuTech Services at 810.230.9455.

Jun, 2017

How the Convenience of The Internet of Things Can Come Back to Bite Us

While the Internet of Things has made many common tasks much easier through automation, it has also increased the potency of particular cybersecurity threats. For an excellent example, one only has to turn to the increasing prevalence of botnets that are powered by IoT technology.

An Overview of the IoT, and Why It’s Great For Botnets
If you wear a fitness tracker that automatically syncs to your phone, or have an Internet-connected security camera watching your house, you are utilizing the Internet of Things. Usually labelled as ‘connected’ or ‘smart,’ these devices collect data and process that data via a connection to the Internet.

While these devices have proven to be very useful, there is a major problem with them that seems to be present throughout the IoT: a noticeable lack of security measures. Combining this lack of security precautions with their need to connect to the Internet creates the ideal conditions for a botnet to gather.

A botnet pools the resources of a large network of infected devices to overcome the target’s security through a brute force attack. The attack on Dyn that made dozens of the web’s most popular sites go dark was a botnet, proving that this method of attack is no joke.

A New-ish Face on the Scene
While there is no shortage of botnets already, a new derivative of the infamous Mirai is using the same IP cameras to infect thousands of devices in China. This particular botnet has been named Persirai, and is just one of many that warrant concern.

For example, there is another botnet that Kaspersky Lab has concluded to have infected about 300,000 IoT devices. While this botnet, codenamed Hajime, is still dormant, it could potentially rival Mirai if it were to meet the expectations of security experts and become active.

Keeping Your Business Safe
Luckily, there are a few ways you can help to reduce the impact that a botnet can have on your business. A good rule of thumb is to follow business continuity best practices. As an example, your business data shouldn’t only be kept in one place. An offsite backup solution will allow you data to be preserved if you ever are assaulted by a botnet. It always helps to have a firewall solution in place as well, as they can mitigate some botnet attacks.

If you need help protecting your business against the vulnerabilities that the IoT creates, give us a call at NuTech Services. Call us at 810.230.9455 to get started.

May, 2017

“The Worst” Windows Bug is Now Taken Care of, Thanks to Google

When a security researcher tweeted about what they thought was “the worst Windows remote code exec” in his memory, a recent incident came to mind: one that allowed a targeted file to implement remote code execution processes in order to manipulate any infected system. This vulnerability let the infected machine spread the issue to others and could be set off if a certain file were to be scanned by the Microsoft Malware Protection Engine. Scary stuff!

Regarding the incident, Microsoft was quick to resolve the issue. Thankfully.

The researchers who uncovered this vulnerability were Tavis Ormandy and Natalie Silvanovich from the Google Project Zero team. Once the pair had discovered the vulnerability, they took to Twitter to announce it to the world, including to Microsoft and the Microsoft Security Response Center.

Upon the notification, the MSRC confirmed that the vulnerability was indeed present, and that there were quite a few pieces of software within the Microsoft Malware Protection Engine that allowed a “specially crafted file” to run code placed on the system. This vulnerability was so widespread that it could be found on just about any recent Windows machine, including those running Windows 7, 8.1, 10, and even Windows RT.

Though this particular problem has been resolved, its urgency serves to remind all business owners that their software solutions need to be up-to-date at all times. While problems are often resolved by programmers, hackers always try to outdo them, creating a vicious, neverending cycle. Unless you want your business to be caught in the crossfire, you should patch your software whenever new updates are released. If you try to function without them, you’ll be leaving your organization wide open to attacks–attacks that can easily be preventable with proactive maintenance.

Does your organization need this type of proactive maintenance and management? If you think that it’s a hassle to keep an eye out for updates, you’re right. You shouldn’t have to worry about this, especially not while keeping your operations afloat. NuTech Services can provide the IT you need by taking care of these updates for you so you can stay focused on running your business. To learn more, reach out to us at 810.230.9455.

May, 2017

3 Time-Saving Benefits to Outsourced Email Management

You don’t have time to worry about managing your email solution, but it’s still a vital aspect of your business’s operations. You never know when someone will fall for a spam message, and you certainly can’t look over the shoulders of each employee to make sure they don’t. What’s the busy business owner to do? How can you get quality email management without it eating up too much time and effort on your part?

The answer, like many technological pain points of SMBs, is to outsource the responsibility to a managed IT provider. Managed IT is great for businesses that want to focus on their operations rather than spending time managing technology. We’ll discuss three of the ways that email management helps your organization stay on task and ahead of the game.

Strengthen Security with Spam Blocking
Spam is the favored vehicle for major online threats, including phishing and ransomware schemes, specifically because it allows hackers to spread their work in a way which allows them to target as many people as possible without devoting much individual work. Users can accidentally download attachments or click on links to malicious websites. Enterprise-level spam blocking solutions allow your organization to keep threatening or suspicious messages out of your inbox indefinitely, significantly reducing the risk of finding such messages in your email solution.

Hosting and Management
If you’re the one who has to constantly add new users or check to see that your email servers are working properly, you’ll find that you have less time to spend doing your actual work. Of course, nothing is more important than making sure operations proceed as intended. NuTech Services can manage your technology and free up incredible amounts of time to focus on building your company’s profitability. We can ensure maximum uptime and optimal mail flow so that you don’t have to.

Archive Messages for Future Viewing
Email archiving is a great way to ensure that your business retains a record of any incoming and outgoing messages for your business. This helps you keep a better track of who shares information with who, and more importantly, why information might be shared with those outside of your business. Furthermore, if an employee has recently left your business, but you weren’t privy to their reasons, you might find some clues in your email system that could strengthen retention and prevent turnover in the future.

If you want your business to flourish, managing email effectively is a great place to start. In the hands of professionals like those at NuTech Services, you can focus on operations without worrying about keeping mail flow from working as intended. For more information about email management, reach out to us at 810.230.9455.

May, 2017

3 Reasons Why it Makes Sense to Outsource Your Email Management

How many emails does your organization receive every day? Chances are that you can’t find time in your day-to-day operations to maintain and manage your email solution as well as you’d like, and in a world where threats to your organization’s network lurk around every corner, you can never be too careful. How can you make sure that you’re taking proper care of your business’s email infrastructure, without sacrificing the time and manpower required to do so?

Managed IT services allow your business to function without worrying about the status of your IT. This includes email and any services related to it. We’ll discuss three ways that our managed email solution is the best fit for your organization.

Reinforce Security with Spam Blocking
Some of the Internet’s most dangerous threats find their way into infrastructures through spam and targeted phishing attacks. While you might know enough not to click on random links or download attachments that you receive via email, your users might not. All it takes is one mistake to bring down a network, so it’s best to keep threats out of your infrastructure in the first place. This is where enterprise-level spam blocking comes into play. With a powerful enough solution, your organization can keep dangerous messages out of your inbox in the first place.

Hosting and Management for Hands-Off Email
When you’re the one responsible for adding new users and ensuring that your email servers are working as intended, you might find it distracts you from your real objective–running your business. In reality, nothing is more important than ensuring operations are going off without a hitch. With NuTech Services managing your email solution to ensure uptime and optimal mail flow, your organization can focus on what it does best without being distracted by the troubles of technology management.

Archive Your Emails for Later Viewing
Email archiving can be valuable for a number of purposes. For one, it helps to have a record of any incoming and outgoing messages sent by your organization for the purposes of preserving important information. Furthermore, it helps to know who sends messages to others within your organization. For example, if you have a former employee who has recently left your organization, the emails could become an opportunity to check what their reasons were. This helps you prevent turnover in the future.

Email management is not something to be ignored, but it’s also something best left to professionals. You won’t regret leaving your email hosting and management in the hands of NuTech Services. We assure you that we’ll do everything in our power to ensure your email solution is taken care of. To learn more, reach out to us at 810.230.9455.

May, 2017

Study Finds Social Media Phishing Scams to Be the Most Dangerous

Ordinary fishing, where you hope for a simple-minded fish to latch onto your hook, relies on using a proper lure. The same can be said for the virtual method of phishing, where a hacker will use a similar type of “lure” to convince the target to bite. These phishing scams are especially useful for hackers who want to take advantage of social media to find new targets. A recent study has shown that this is a surprisingly effective method of phishing.

A report from phishd by MWR InfoSecurity orchestrated a simulated phishing attack that attempted to target a million users. ITProPortal told of their findings: “Almost a quarter of users clicked a link to be taken to a fake login screen. Out of that number, more than half (54 percent) provided user credentials, and 80 percent downloaded a file.”

This means that about 10 percent of users fell victim to the first two stages of the simulation and gave up their account credentials. Now, compare this rate to how often a normal scam, like spam, accomplishes its goal. While the typical spam message will only have a fraction of a percentage point rate of success, social media provides a substantially larger chance of success to hackers.

James Moore, the Managing Director of phishd by MWR InfoSecurity, states: “More concerning is that out of those targeted with a social media request or a promotional offer, more than 10 percent downloaded a potentially malicious file via their corporate email accounts.” This is especially a problem, as there are so many people who connect their social media accounts to their work accounts–risky business for any organization that wants to avoid a critical data breach.

If anything, this study shows why your business needs to keep data safe. This includes being capable of identifying phishing scams and responding to them properly, but also the implementation of security tools like antivirus, spam blocking, and content filtering. If you’re very concerned about social media phishing, you can go so far as to block social media websites completely on your network. Additional measures such as comprehensive training can help your users identify phishing attacks both in and out of the office, on a variety of platforms. Often times, the lures used by hackers can be so tantalizing that they’re able to bypass your security, so the only thing standing between you and a data breach is the knowledge you’ve imparted to your users.

You can’t trust anyone on the Internet, be it a new friend on social media, a new entry into your address book, or a seemingly-legitimate website. You have to be ready for anything, but this can be a daunting task. Thankfully, you don’t have to endure it alone. With NuTech Services by your side, you’ll be prepared to handle any cyber threat. To learn more about what we can offer your business, reach out to us at 810.230.9455.

Apr, 2017

Tip of the Week: 9 Hacker Profiles You Need to Be Aware Of

“Hacker” is a word that can bring up many powerful impressions in people. It may very well bring up images of a pale super genius hunched over a keyboard, awash in dim blue light, as it does for many people. However, this extremely specific image does little but pigeonhole the many hackers in the real world into this dramatized caricature.

In reality, there are many different kinds of hacker, each with a preferred target and reason for doing what they do. For your part, it helps to be familiar with the 10 types of hackers that are to be found in reality.

Amateurs

Script Kiddies: There’s a reason that this type of hacker is under the “amateur” heading. These are the hackers who are capable of little more than piggybacking onto larger efforts, or dabbling in the more basic forms of cybercrime. They are little more than nuisances, compared to their hacking compatriots.

The Good Guys

White Hats: These ethical hackers, usually security researchers, are those that help the average user by using their skills to keep threats at bay.

Political Players

Hacktivists: Using DDoS attacks and website vandalism to humiliate and hobble their targets, these actors are usually part of a larger group, working towards an ideologically driven common cause.
Nationalist Hackers: These actors are those that, thanks to their sympathies and patriotic motives, are often given a pass by law enforcement.
Nation State Agents: These actors typically for a government body, usually in a military or intelligence capacity. They have access to great capital resources, but will not hesitate to use common tools as well.

The Criminals

Cyber Mercenaries: These are hackers-for-hire, who will be brought on to assist other cybercriminals for a share of whatever ill-gotten gains there are to be had.
Repeat Offenders: These hackers are skilled, yet disorganized, which keeps them from obtaining the profits that other varieties of hackers do.
Organized Crime: These are criminal organizations that focus on cybercrime, with a hierarchy that allows them to reap great profits from their schemes.
Malicious Insider: These are the criminals who sit inside your walls, actively working to sabotage your efforts and leak critical information to your competition, often for personal motivations.

These malicious insiders are easily the most dangerous threat to an SMB, but that doesn’t mean that the others don’t cause problems as well. In order to keep them all at bay, you will not only need to encourage diligence in the workplace, but also protect that workplace with comprehensive security solutions.

The experts at NuTech Services are ready to assist you in securing your business assets against external influences. Call 810.230.9455 to get started.

Apr, 2017

Your Business Should Be in the Headlines for the Right Reasons, Not for a Cyber Attack

Today’s headlines are peppered with stories of major companies and institutions falling victim to a cyberattack. As a business owner, what’s your response to these gut-wrenching stories? If you write them off as fear mongering and believe that these attacks can never happen to your SMB, well, you’re wrong. They can and it’s up to you to prevent such a disaster.

One reason why it’s so important to shore up your company’s network security is because the ramifications of a breach extend well beyond the sensationalism surrounding a news story. Take for example one of the biggest stories of hacking in recent memory; the revelation made public last December that Yahoo had more than one billion of its accounts compromised, dating all the way back to 2013. While the headlines focused on the plight of Yahoo and the negative effect this would have on the tech company’s value, what didn’t get reported is how millions of Yahoo users were negatively affected by having their sensitive information exposed to hackers.

In the same way, seeing to your company’s network security goes beyond protecting your corporate image from a negative headline. It’s also about protecting all of those who have entrusted you with their sensitive data. This includes customers and vendors that have provided your business with their financial information, as well as employees that each have a wealth of their personal information connected to your HR department.

We’ve established that there’s a lot riding on your network security and that it’s your job to make sure this is taken care of. If you don’t currently have a security plan in place protecting your company from a data breach, then where do you even begin? Fortunately, you don’t need to be an IT security expert or have a computer science degree to implement adequate security measures. As is the case with many vital responsibilities connected to your business, you can outsource the protection of your network to the professionals, such as the IT technicians at NuTech Services.

That said, IT security is such an important and comprehensive matter that it’s not something that you should outsource and then disregard. In fact, IT security works best when everybody in the company understands that they have an active role in its upkeep. Yes, everybody. We’re talking from the C-level executives down to the cleaning lady who connects her smartphone to Wi-Fi. If everyone in your company understands how to avoid the snares laid by hackers, then the cake that is your network security measures will be topped with the icing of best practices.

Remember, securing your network from cyberattacks isn’t something that you have to do on your own. NuTech Services is here to help, and we can do so by implementing proven and comprehensive network security solutions like our Unified Threat Management tool, as well as remote monitoring and maintenance in order to detect and take care of any threats that may breach your defenses. We’re also available to equip your staff with the means and know-how to better understand cybersecurity.

For assistance in all of these areas of security and more, give us a call today at 810.230.9455.

Sep, 2017

Sep, 2017

Sep, 2017

Sep, 2017

Aug, 2017

Aug, 2017

Jul, 2017

Jul, 2017

Jul, 2017

Jul, 2017

Jul, 2017

Jul, 2017

Jun, 2017

Jun, 2017

May, 2017

May, 2017

May, 2017

May, 2017

Apr, 2017

Apr, 2017

Other Pages

Quick Links

Newsletter