Our Most Popular Managed Services

If you need help deciding what services are best for your business let us know.

VT Logo header logo wrap shape

VT Logo header logo wrap shape

Award-Winning Dallas-Fort Worth IT Services.

Questions? Call (817) 595-0111

inner banner overlay

VersaTrust Blog

VersaTrust has been serving the Texas area since 1997 , providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

4 Affordable Ways to Secure Your Business

4 Affordable Ways to Secure Your Business

Phishing attacks are on the rise

While many Forth Worth businesses struggle to weather everything that 2020 has brought, hackers have been busy taking advantage of the uncertainty and fears of things like COVID-19 and the political climate with phishing scams that exploit the disruption in our normal routines.

Continue reading

6 IT Essentials You Simply Can’t Cut – and 3 You Can

6-it-essentials

During good times, businesses usually operate IT on the just enough and just in time standard. Often, this includes putting off upgrades and license renewals until the last moment in favor of cash-on-hand or other investments. However, much like a hospital that routinely operates at 98% of their bed capacity, when a downturn hits – like a global pandemic – there’s no surge capacity on hand.

Continue reading

Fort Worth DOD Contractor Relies on VersaTrust to Manage Complex Compliance Requirements

Managing CUI compliance

The U.S. Department of Defense (DOD) spends more than $316 billion on contracts each year. Notwithstanding the multibillion-dollar contracts that go to the likes of Lockheed Martin, Boeing and Raytheon, many smaller organizations manufacture and offer products and services to the Defense Department as contractors. VersaTrust is the proud managed security services provider for one such company.

Continue reading

Prevent Hackers from Stealing Your VoiP and Costing You Money

GettyImages-1077760442

Prevent Hackers from Stealing Your VoiP and Costing You Money Best ways to prevent your business from losing money because of hackers stealing your VoIP service. In 2017, telecom fraud amounted to $29.2 billion in losses to organizations and carriers, according to No Jitter. One form of telecom fraud is theft of service, which is obtaining service

Continue reading

Hackers Access CEO Email to Steal Company Money

GettyImages-1065710600

BEC Scam Helps Hackers Steal Over $46M from Company How fast could your company lose $46M? BEC Scams do it in minutes. Find out how criminals hack CEO emails to earn themselves a huge payday at your expense. Sometimes criminals hide in the shadows and sometimes they hide behind technology, waiting, ready to strike

Continue reading

Want To Drastically Enhance Your Small Business Cybersecurity?

GettyImages-1081349274

No matter how secure you may be right now, you could always be doing more. Have you double-checked your cybersecurity lately? Review the best practices below to strengthen your small business cybersecurity. When everything is going well, the last thing you want to do is think about what will happen when something goes wrong. It’s

Continue reading

Should You Worry About Facebook Identity Thieves?

GettyImages-494888972

Tips for Avoiding and Reporting Facebook Identity Theft Financial fraud and access to confidential business data rank among scammers’ reasons for setting up fake profiles in Facebook identity theft schemes. Right now, hundreds of people could be viewing your photos on Facebook — on an account that doesn’t belong to you. In recent years

Continue reading

How VersaTrust Partners with Cities to Prevent Cyberattacks

Envelope with virus being delivered to a computer

Across the country more than 140 municipalities, police departments and hospitals have fallen victim to ransomware attacks so far this year. Texas, where 22 public institutions have been infected by malware and held hostage, has been far from immune.

In this case study review, we share how the Defense in Depth network security solution we installed helped the City of Richland Hills avoid two potentially debilitating cyberattacks.

Background

The City of Richland Hills is a municipality of 8,000 residents located in Tarrant County, Texas. The city employs 110 full- and part-time employees. The Richland Hills Police Department is required to comply with stringent information technology regulations from the Criminal Justice Information Systems (CJIS), the Texas Department of Public Safety and the FBI.

VersaTrust’s relationship with Richland Hills began in 2014 when we entered an open bidding process to provide managed IT services. Since then, we’ve managed their IT infrastructure and helped them maintain CJIS compliance.

Issue

Several years into our relationship with Richland Hills, the city manager decided to take a proactive, preventative approach to IT security. He asked VersaTrust to participate in another competitive bidding process — to provide security services.

While the competition offered one-size-fits-all packages, no matter the cost point, VersaTrust designed a package that provides layered security to the city’s network and fits their budget. The city approved our solution and we became their managed security service provider.

Solution

The security solution we designed for Richland Hills is a Defense in Depth approach that borrows from advanced Department of Defense (DoD) methodology and tactics. In Defense in Depth, we create an infrastructure that deploys multiple barriers, rather than a single perimeter, to prevent, detect, quarantine and eliminate cyberthreats.

Defense in Depth

Traditional antivirus programs and firewalls are insufficient on their own to protect against modern, dynamic hacking tactics. Most hacks originate through some form of phishing attack in which an employee opens the door to an attacker by clicking a link or opening an attachment.

While there’s no substitute for employee training on cybersecurity best practices, Defense in Depth involves monitoring the network and individual workstations to detect the kind of abnormal behavior that signals a breach.

The City of Richland Hills suffered two breaches – each the result of employees falling victim to phishing attacks. In both cases, Defense in Depth performed optimally and prevented catastrophe.

Breach #1: Ransomware introduced through a link

Issue: Richland Hills’s first hack occurred when an employee clicked an email link from an unknown sender. The link downloaded ransomware, infected the workstation and attempted to spread across the network.

Response: The hack bypassed the robust antivirus tools and firewalls that we installed because the employee actively, if accidentally, introduced the infections. Our Defense in Depth response took over.

Our Security Operations Center (SOC), which monitors our clients’ systems 24x7, detected unusual activity on the network within moments. In real time we identified the ransomware’s origin and shut down the culprit system.

Breach #2: Password stealer infection from a fake PDF

Issue: The second breach took the form of an Emotet, a password stealer that jumps from one workstation to another. It was packaged and disguised as a fake invoice attached as a PDF to an email. The city official opened the attachment, even though he did not recognize the sender, and the Emotet began deciphering passwords.

Response: Once again, our SOC detected unusual activity before Richland Hills employees felt the symptoms of the attack. We quarantined the password stealer and froze the compromised accounts. Meanwhile, the city’s other employees continued working unaffected while we repaired the damage.

Results

The Richland Hills city manager appreciates our Defense in Depth solution first and foremost because it keeps their computers free of adware and malware, which improves performance and lengthens the intervals between hardware upgrades and new computer purchases.

Having suffered two of the most common breaches that can hamstring an organization, Richland Hills has first-hand experience to prove that Defense in Depth identifies and immediately responds to a hack before negative consequences are felt. Moreover, in the aftermath of these breaches, Richland Hills engaged VersaTrust to provide employee training across the city’s workforce, which has now become mandatory for municipalities in Texas.

Whatever your industry and unique set of circumstances, a multilayered approach is essential to securing your business in today’s complex cyberthreat environment. Reach out to us (817-595-0111 or email) for more information today.
Continue reading

Cybersecurity Interview: 5 Steps Cities Can Take to Prevent Ransomware

The spate of cyberattacks on Texas cities has left municipalities wondering what can be done. VersaTrust’s owner and CISSP, Danny Owens, dissected the threat and outlined steps municipalities can take to combat the methods cybercriminals use in the interview below.

1. Is this the last we’ve seen of attacks on city governments?

Danny Owens (DO): No. City governments will continue to be targeted until they implement comprehensive security controls equal to and better than the threats they face.

2. Why don’t organizations realize they’ve been breached?

DO: Today’s hackers are very good at covering their tracks. They also use tactics traditional security tools can’t detect. Effective detection tools need to be in place to identify an attack that is in progress or that has occurred.

3. What should municipalities do if they know or believe they may have been breached or attacked?

DO: Report the incident to your qualified IT/Security personnel who should:
  1. Immediately work to determine if a breach has occurred
  2. Stop the attack and minimize the damage
  3. Notify management who may then notify state or federal authorities
  4. Assess the damage and develop a recovery plan
  5. Perform a recovery if necessary and preserve any evidence related to the breach

4. Have any VersaTrust clients been impacted by these attacks?

DO: None of our municipal clients have been impacted in the latest attacks. One municipality recently had ransomware accidentally introduced from a phishing scam, however, our advanced endpoint protection software and Security Operations Center neutralized both threats before they could cause damage.

5. What are some examples of how you protect your municipality clients?

DO: We strongly believe in a layered security approach for all of our clients. It’s also recommended by the U.S. Department of Defense and introduces multiple barriers to halt attackers. Security controls, like real-time scanning and advanced endpoint anti-malware protection are customized based on a client’s risk, requirements and budget. During employee training sessions we show your team what to watch for, so no one falls for a phishing scam or accidentally introduces malware to your network.

We also synchronize local backups to a secure cloud server at least once every 24 hours to minimize data loss. A bulletproof backup is the only guarantee for recovery from data loss and ensures that ransom will never have to be considered as an option.

6. Should cities pay ransomware demands?

DO: Robust backups will prevent cities from being in a position where they consider paying a ransom request. If restoring from a backup is not an option, state or federal authorities should be involved in any decisions to be made regarding negotiating with the criminal.

7. A CFO recently reached out to you for heightened security but had a limited budget. Which solutions did you recommend?

DO: The CFO wanted a backup solution with faster data recovery time and advanced antivirus software to guard against malware and ransomware. Due to budget constraints, they had to choose between implementing stronger anti-malware/DNS protection and the more effective backup solution.

We recommended they add the backup solution first because recovering data is the highest priority after a breach. Then, additional protections can be implemented in a second phase when a budget is made available.

8. What are specific steps cities can take to prevent ransomware?

DO: Have an IT security expert conduct an assessment to determine areas where risks exist, like unsecure firewall configurations, no local backups, or lack of employee training. Then they’ll be able to:
  1. Prioritize areas according to risk level
  2. Develop an action plan to reduce chances of exposure or breach
  3. Work with you to determine a budget, as needed
  4. Maintain a secure environment and prevent new threats from infiltrating the environment
  5. Perform ongoing assessments
 

Don’t let cybercriminals have the upper hand

VersaTrust is a Fort Worth cybersecurity service provider. We’re ready to assess your network and heighten your security posture to keep your city, data and citizens secure. Contact us today online or by phone (817) 595-0111.
Continue reading

How VersaTrust – a CISSP – Secures Fort Worth Businesses

Fort Worth secured by CISSP IT provider VersaTrust

If you were shopping for a home security system, you wouldn’t settle for an option that only protects the front door. You’d want a system that can secure every nook and cranny of your house, 24/7. You need to have the same mindset when it comes to your business.

You need more than firewalls and anti-virus software.
Relying on firewalls, anti-virus software or other basic protections is like only protecting the front door of your house. Yes, you’re preventing some threats, but there are many other ways a thief can break in. You need to work with an expert managed security provider who is a Certified Information Systems Security Professional (CISSP) to prevent cyberattacks and mitigate IT risks.

Understanding IT Risks Fort Worth Businesses Face

Businesses of all sizes have a lot to lose by falling prey to today's increasing cyber security threats.

Employees can be a serious threat

Even though vendors are developing advanced security features, hackers can still easily exploit vulnerable employees and businesses with lax information security management.

Often, this is accidental and caused by something as simple as an employee clicking a link in a phishing email. Less common, but still possible, are insider threats exploiting a trusting employer.

If you’re breached, you’ll likely lose revenue

Ransomware isn’t the only way a breach can cost you. You could also suffer a decrease in profits from:

  • Unexpected downtime or productivity slowdowns due to ransomware and phishing attacks
  • Loss of money or financial account information due to executive impersonation (whaling)

The longer it takes you to recover from outages or data loss, the more you stand to lose. You need to have a robust disaster recovery/business continuity plan in place.

Breaches damage your professional reputation

Loss or exposure of sensitive data have implications beyond downtime; they can hurt your reputation. Public faith falters when breaches are disclosed – 60% of small companies are out of business 6 months after a cyberattack occurs.

Risks change as you grow

Growth brings change, and change can introduce new threats. When we work with clients who are growing, we vet their security to ensure their businesses aren’t open to compromise, especially if they’re acquiring or merging with other businesses. Here are two ways we help growing businesses create or modify processes with security in mind:

  • Establish human resources procedures that include background checks and timely notification of IT when hires and terminations occur for proper account creation and removal
  • Audit file access and security group permissions as employee movement occurs between roles

Multilayered Security is a Key Line of Defense

When you have layers of security, you make it much harder for a threat to take advantage of a vulnerability. But, not all businesses have the same threat exposure. How many layers of security control you need depends on your level of risk.

That said, there are basic preventive measures all businesses benefit from. We recommend you put into practice tools and systems that can:

  • Detect anomalies and threats as they occur
  • Minimize or subvert damage in the event of an attack
  • Recover from a successful attack or disaster with a response, remediation and recovery plan

Work with a security expert to determine the level of protection you need.

Partner with a Managed Security Partner Who is a CISSP

You don’t have to confront these risks on your own. A managed security provider will be able to help you develop incident response plans, provide tools to protect your business and monitor your network for suspicious activity.

Look for a partner you can trust who has a high level of expertise – a CISSP.

What is a CISSP?

CISSP stands for Certified Information Systems Security Professional. It is considered the gold standard of security certifications. Working with a CISSP provides full confidence that your business is protected by the most up-to-date best practices.

To qualify, a candidate needs to:

  • Be endorsed by another CISSP who is in good standing
  • Pass an adaptive test lasting 3 hours and containing 150 questions
  • Possess 5 years of verified information security work experience
  • Complete 120 hours of continuing education every 3 years

Read more about CISSP processes and benefits here.

CISSPs are on staff at VersaTrust and can help protect your business. Contact us to schedule an assessment or learn more about how we safeguard organizations in the Fort Worth area.

Continue reading

How to Achieve Texas-Sized Growth with Network Security

Man crossing problem out seeing opportunity to grow business with network securityIf you’re building a home, you lay the electrical wiring before installing and painting the drywall. Going in reverse order is illogical and would create unnecessary complications. Similarly, when growing your business, you want to have processes in place that prevent extra work and mitigate risk, especially when it comes to IT.

With a blueprint it’s much clearer what you need to do first. As your business grows, you need a plan that lays out the foundations of your growth and addresses new requirements, risks, challenges and opportunities. Without network security and IT built in, your growth fizzles out like a dust devil.

I offer up two client cases as examples. Each illustrates the challenges and opportunities they faced with growth and underscores why using the 3 pillars of security early in their plans was key to their success.

Improved Security Empowered a Defense Contractor to Seek Bigger Contracts

We started working with a defense contractor in 2014, ensuring the company was compliant with the government’s rigorous data security requirements. As a direct result of our work together, the company had the confidence to bid on and win big contracts that were once out of their league, fueling their growth. In the past year, the contractor has grown from 35 to 50 employees, is opening a second location and further growth is projected.

Failure to meet ever-evolving regulatory requirements would quickly result in a suspension of their Authorization to Operate (ATO), which means forfeiting their existing contracts and exclusion from bidding on future ones.

To ensure the contractor maintains compliance, we:
  1. Conducted a point-by-point evaluation of the government’s data security requirements
  2. Met with our client to explain the implications, costs and risks
  3. Developed appropriate solutions while our client remained focused on fulfilling the contract and growing the organization
Our strategic role as their managed security provider has empowered the company to bid on ambitious contracts without worrying about how they will scale up their IT and network security.

Doubling in Size Increased this Insurance Company’s Exposure Risk

Since 2006 we have supported the continual growth of a home insurer. In 2016 they reached a milestone of 50 employees, and since then they have doubled in size.

Due to the rapid growth, they quickly realized their success required them to re-evaluate their network security and they worked with VersaTrust to do it. Specific concerns included:
  1. Greater exposure to cyberattacks as a result of increased size and visibility
  2. More scrutiny from the Texas Department of Insurance, provoked by their larger portfolio
  3. IT disruption posing increased threats to their brand and reputation
Likewise, as they surveyed the regulatory landscape, they recognized that government guidelines would evolve into compliance requirements over the next 24 months.

We recommended managed security services. This helped them quickly double down on their risks with the confidence that, not only did they have tighter security, but they had access to ongoing strategic advice based entirely on our objective evaluation of their costs, risks and benefits. That’s why, when we determined that the on-premises location of their servers was their highest risk factor, the conversation was immediately a trust-based discussion about budgeting, timelines and logistics to move them to a more secure solution.

An Easy Way to Include Security in Your Growth? An Assessment

Remember, it’s ideal to wire a home before you install the drywall. Your home needs electricity, and if it doesn’t have wiring, the sooner you address it, the better. The same goes with whatever network security needs you have for your growth. Sooner is better than later; later is better than never.

Understanding how your network security and IT can impact your company’s growth starts with a comprehensive assessment from a trusted IT partner – one who brings knowledge of the advantages you can gain through IT security and how to leverage those as part of your growth strategy.

VersaTrust has the expertise of an on-staff Certified Information Systems Security Professional  (CISSP) and the depth and experience to identify your vulnerabilities and devise cost-effective solutions to secure your company’s future and growth.

How is your IT security going to foster or hinder your growth? Find out with an assessment from the experts. Contact us at (817) 595-0111 or online today to get started on your security assessment.
Continue reading

Buckle Up: How to Securely Drive Business Growth

Buckle up your business for network securityNetwork security is a lot like airbags and seat belts. They used to be optional but nowadays you probably wouldn’t drive a car without them. So, if a seat belt is an essential everyday safety measure, what about when you’re in a hurry and distracted?

The same is true of network security and your business. It’s important for doing business as usual but it’s vital when you’re growing and expanding. That’s because growth creates the kind of disruptions that are like a flashing neon sign to opportunistic hackers.

The Risks Grow as Your Business Grows

As you grow your sales, increase production and deliver more services, you need more employees and technology to enable the expansion. This means more computers, tablets and smartphones; new user accounts; faster servers; larger data storage and maybe even additional office locations or remote work opportunities.

Unfortunately, each additional device, application and user – each new node in your network – increases your vulnerability to viruses, ransomware and phishing attacks. But it’s your people who are actually your greatest security vulnerability.
Even if you can afford all the top-shelf security solutions, not incorporating security into your business plan will leave you incredibly vulnerable to the preventable threats most likely to get you:
  • An employee who clicks an insecure email link
  • A vendor who was gets hacked and infects your system
  • A consultant who logs in without encryption or has unneeded administrative permissions
These are common situations and can easily result in an IT disruption such as network downtime or the theft and ransom of your valuable, confidential data. In both cases, the cost to your business includes lost sales and revenue, major delays, IT expenses and lasting damage to your reputation.

How to Plan for Growth and Security

As a business owner, you try to plan for changes in market conditions, the actions of your competitors and other possible factors that might impact your growth plans. Often, those “possible factors” don’t include security threats. If they do, most businesses only insert a budget line and some generic text about the threats.

Incorporating security throughout your business and growth plans is the key to avoiding these nightmare scenarios. One practical, specific way to incorporate security is to address the 3 tenets of network security – confidentiality, integrity and availability.

For example, your sales team certainly needs read & write access to your Customer Relationship Management (CRM) platform but maybe your marketing vendor can do with read only access.

Or, shifting responsibilities among team members may require revising user authorizations so each individual has the appropriate level of access. Likewise, whenever individuals leave your employment, access to company accounts and shared digital spaces like Google Hangouts, OneDrive and Slack must be frozen immediately.

These are just a few of the many daily changes that increase risk and create new vulnerabilities for a business experiencing growth. Each must be continually monitored to vet for risks and take the appropriate security measures.

Use a Risk Assessment to Create a Security Plan

You can’t buckle your seat belt or install an airbag after you have a crash, and you can’t secure your network after an attack. Instead, the best and only practice you should follow is to incorporate security in your business plan and then budget accordingly.

Start with a security assessment. It’s a critical first step that identifies your needs and vulnerabilities and ensures a secure operating environment. Security is vital for your business, and the assessment should be conducted by a qualified, experienced expert.

Don’t Trust Just Any IT Provider With Your Network Security

Look for Certified Information Systems Security Professional (CISSP). VersaTrust has a CISSP on staff, who went through extensive training and testing to prove an in-depth understanding of cybersecurity strategy and an ability to design and implement solutions that improve the security posture of an organization.

Reach out to us with a call (817) 595-0111 or email to get started with your assessment today.
Continue reading

Build Your Business Plan on These 3 Pillars of Network Security

triangle showing 3 pillars of network securityIn the early days of information technology, network security was a fancy way of saying that you had installed antivirus software on your PC. Today the threats are more sophisticated, encompassing ransomware, identity theft and phishing attacks. Your network security must evolve in scope and sophistication just to continue doing business as usual.

There’s a lot that goes into developing robust, multilayered security to safeguard your data and IT infrastructure, but it can be broken down into 3 principal pillars: Confidentiality, Integrity and Availability, otherwise known as the CIA triad.

3 Pillars of Network Security

A security solution that covers the 3 pillars ensures your business is protected against an attack and will be resilient in responding to and recovering from one.

1.      Confidentiality

A security solution that provides confidentiality ensures that access to data can be enabled or restricted for specific users based on their need to know.

For a medical practice this is a well-known HIPAA requirement. Staff who don’t need access to a patient’s files shouldn’t have it.

2.      Integrity

Data integrity refers to security controls that ensure data or system configurations are not modified in an unauthorized way.

For example, an account spreadsheet must be protected from unauthorized changes to ensure you can rely on the accuracy of the data.

3.      Availability

Availability describes how data and applications remain accessible to users and processes through secure, authorized devices during production hours.

How to ensure data availability:
  • Establish security controls for systems to protect against malicious attacks that affect uptime
  • Build redundancy into server and network configurations
  • Implement robust disaster recovery and business continuity planning
Knowing these 3 pillars is key. All 3 components must be considered alongside all the other elements in your business plan.

Tying Security Into Your Business Plan

Any technology or process put into place as a result of the business plan has to be measured against whether or not those components are secure. That’s why it’s more difficult to tack on security after the fact than it is to integrate it into your business planning process.

Let’s say, for example, your business plan calls for outsourcing payroll functions to a third party. Your plan should address essential security issues like:
  • Which data and files should the vendor be allowed to access? (Confidentiality)
  • What information are they permitted to alter? (Integrity)
  • How and from where will they access your system and payroll information? (Availability)
Or, if your business is expanding and you need to add new servers, they will need to be regularly updated and properly configured. This ensures any security flaws are patched and that all workers – office or remote – can access the information they need to do their job.

Without a plan that addresses availability you run the risk of not knowing how long your systems will be down when IT disruptions occur.

When an IT Disruption Occurs

We have all experienced the helplessness of being unable to access email, the customer relationship management (CRM) database files on the server and other essential business apps.

Preventive measures are essential, but you also need to be prepared for the possibility that something – a phishing email, a tornado, a hail storm, a neighbor setting the sprinkler system off – could leave you without access to your systems. To prepare for this reality, consider these two important factors:

Maximum Tolerable Downtime (MTD)

MTD defines how long your business can remain shut down – without access to email, databases and essential apps – before it causes irreparable or unacceptable losses. This can be determined by thinking about disruption to sales and/or damage to your reputation or any other factors that might be impacted by downtime, like an employee revolt.

Your MTD might be a few hours or a few days. It will determine the level of investment and preparation you need to avoid downtime and recover from an IT disruption.

Recovery Time Objective (RTO)

RTO is your target time for restoring access to your data and apps. It is always going to be less than your MTD – your cliff’s edge. Your RTO should be realistic for the level of investment, preparation and testing built into your business plan. A security-focused managed services provider like VersaTrust can help you determine this.

Start Your Business Planning with a Security Assessment

Network security is intertwined with every aspect of your business, and there are many factors you need to consider as you evaluate your business plan. A security assessment helps organize the process and provides actionable insights that safeguard your business.

When we conduct security assessments, our in-house Certified Information Systems security professionals identify vulnerabilities and design customized solutions. After the initial evaluation we help you to:
  • Incorporate the 3 pillars, MTD, RTO and proper budgeting in your business plan
  • Implement and configure your applications for usability and security
  • Monitor your network and perform routine upgrades
  • Recover your network quickly in case of a disruption
Not all managed IT providers have the expertise to provide a thorough security assessment and align it to your business goals. We do. Contact us at (817) 595-0111 or email us to schedule an assessment.
Continue reading

Basic PC fixes are costing you money

When your employees seek your IT security staff’s help to fix their personal computer (PC) problems, it’s often perceived as a productive use of everyone’s time. After all, employees must have working computers and IT professionals are expected to resolve any technology issues. What doesn’t get acknowledged, however, is that instead of troubleshooting technical problems, your technology support staff could be spending their time on more productive tasks.

Cost of fixes

According to a survey of technology professionals, companies waste as much as $88,660 of their yearly IT budget as a result of having security staff spend an hour or more per work week fixing colleagues’ personal computers. The ‘wasted amount’ was based on an average hourly salary of IT staff multiplied by 52 weeks a year. Other than knowing how much time is wasted, what makes things worse is that IT security staff are among the highest paid employees in most companies.

The fixes have mostly to do with individual rather than department- or company-wide computer problems that don’t necessarily benefit the entire company. The resulting amount is especially staggering for small- and medium-sized businesses (SMBs) whose limited resources are better off spent on business intelligence tools and other network security upgrades.

Other costs

All those hours spent on fixing personal computers often means neglecting security improvements. The recent WannaCry ransomware attacks, which successfully infected 300,000 computers in 150 countries, demonstrate the dangers of failing to update operating system security patches on time. It should be a routine network security task that, if ignored, can leave your business helpless in the face of a cyber attack as formidable as WannaCry. It didn’t make much money, but had it been executed better, its effects would have been more devastating to businesses, regardless of size.

Profitable projects could also be set aside because of employees’ PC issues. For SMBs with one or two IT staff, this is especially detrimental to productivity and growth. They can easily increase their IT budgets, but if employees’ negligible computer issues keep occurring and systems keep crashing, hiring extra IT personnel won’t do much good.

What businesses should do

The key takeaway in all this is: Proactive IT management eliminates the expenditure required to fix problematic computers. Bolstering your entire IT infrastructure against disruptive crashes is the first step in avoiding the wasteful use of your staff’s time and your company’s money.

Even if your small business has the resources to hire extra staff, the general shortage of cyber security skills also poses a problem. Ultimately, the solution shouldn’t always have to be increasing manpower, but rather maximizing existing resources.

Having experts proactively maintain your IT eliminates the need to solve recurring small issues and lets your staff find a better use for technology resources. If you need non-disruptive technology, call us today for advice.

Published with permission from TechAdvisory.org. Source.

Continue reading

The Presidents' Executive Order on Strengthening Cybersecurity of Federal Networks and Critical Infrastructure - Four Key Takeaways

By Danny Owens

Understatement of the Day - The cybersecurity landscape is more dangerous than it has ever been. The Federal Government has been the recipient of both internal and external data breaches and as a result, a new Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure has been signed. There are several items in the Executive Order that are worth calling attention to that will affect both the Federal Government and the private sector.

Triggered - The Executive Order calls for the Federal Government to be proactive in detecting, responding to and recovering from cyber threats and attacks

Takeaway: With the recent disclosure of the NSA's Classified internal security tools and information on a specific information leaks website and high-profile data breaches exposing thousands of government and military employees in recent years, the Government has realized that the threat is not going away. The attacks will worsen and become more sophisticated.
This is a directive by the President to the Government, however it's premise and philosophical requirement extends to all private entities and citizens. The governments' focus on cybersecurity risk management to maintain awareness of threats, detect anomalies and incidents (requires significant security tools and expertise) is timely as private corporations and individuals have also been waking up to the fact that data security has become a core requirement, not an afterthought.

Don't Go It Alone - The Executive Order calls for the Federal Government to 'buy vs. build' in key IT areas
This directive issues a requirement to show preference for 'shared IT services including email, cloud and cybersecurity services'.

Takeaway: The Government now realizes that the private sector can provide certain services more skillfully, at a greater economy of scale and at less cost than it can reasonably build itself. If the Government is looking to rely on the private sector for critical IT applications and services (email, application services and cybersecurity defense), I believe it will translate to more comprehensive and more secure service offerings to businesses as well. We still see a certain level of distrust of cloud services in general since businesses that would subscribe to them cannot physically control their data. It will be interesting to see how this directive plays out.

The Foundation for the Future - The Executive Order calls for the Federal Government to promote the American cybersecurity workforce
This exciting directive recognizes that an educated and skilled cybersecurity workforce, both inside the Federal Government and in the private sector, is in the national security interest of the United States. It calls for the assessment and recommendations for building the cybersecurity workforce of the future, including 'cybersecurity-related curricula, training and apprenticeship programs, from primary through higher education'.

Takeaway: Currently, there is a critical shortage of cybersecurity-skilled workers, and the Government realizes that it must contribute, promote and support programs that will educate young people on the joys of a career in cybersecurity and the required training to enter the field. The end result of this directive will likely take the form of scholarships, career re-training programs, grants and loan support. In the early 2000's, the Information Technology industry in general was the beneficiary of the same type of Government initiatives when it deemed the shortage of skilled IT workers critical to the national interest.

Final Takeaway: Better late than never. The journey of a thousand miles starts with the first step, so we will watch and see how well these initiatives are implemented.
Continue reading

WannaCry: A historic cyberattack

No one can escape the news of WannaCry. The IT industry has been covering this type of malware for years, but never has one campaign spread so far or infected so many computers. Read on to gain a greater understanding of what happened and how to prepare yourself for the inevitable copy cats.

Ransomware review

Ransomware is a specific type of malware program that either encrypts or steals valuable data and threatens to erase it or release it publicly unless a ransom is paid. We’ve been writing about this terrifying threat for years, but the true genesis of ransomware dates all the way back to 1989.

This form of digital extortion has enjoyed peaks and troughs in popularity since then, but never has it been as dangerous as it is now. In 2015, the FBI reported a huge spike in the popularity of ransomware, and healthcare providers became common targets because of the private and time-sensitive nature of their hosted data.

The trend got even worse, and by the end of 2016 ransomware had become a $1 billion-a-year industry.

The WannaCry ransomware

Although the vast majority of ransomware programs rely on convincing users to click compromised links in emails, the WannaCry version seems to have spread via more technical security gaps. It’s still too early to be sure, but the security experts at Malwarebytes Labs believe that the reports of WannaCry being transmitted through phishing emails is simply a matter of confusion. Thousands of other ransomware versions are spread through spam email every day and distinguishing them can be difficult.

By combining a Windows vulnerability recently leaked from the National Security Agency’s cyber arsenal and some simple programming to hunt down servers that interact with public networks, WannaCry spread itself further than any malware campaign has in the last 15 years.

Despite infecting more than 200,000 computers in at least 150 countries, the cyberattackers have only made a fraction of what you would expect. Victims must pay the ransom in Bitcoins, a totally untraceable currency traded online. Inherent to the Bitcoin platform is a public ledger, meaning anyone can see that WannaCry’s coffers have collected a measly 1% of its victims payments.

How to protect yourself for what comes next

Part of the reason this ransomware failed to scare users into paying up is because it was so poorly made. Within a day of its release, the self-propagating portion of its programming was brought to a halt by an individual unsure of why it included a 42-character URL that led to an unregistered domain. Once he registered the web address for himself, WannaCry stopped spreading.

Unfortunately, that doesn’t help the thousands that were already infected. And it definitely doesn’t give you an excuse to ignore what cybersecurity experts are saying, “This is only the beginning.” WannaCry was so poorly written, it’s amazing it made it as far as it did. And considering it would’ve made hundreds of millions of dollars if it was created by more capable programmers, your organization needs to prepare for the next global cyberattack.

Every single day it should be your goal to complete the following:

  • Thorough reviews of reports from basic perimeter security solutions. Antivirus software, hardware firewalls, and intrusion prevention systems log hundreds of amateur attempts on your network security every day; critical vulnerabilities can be gleaned from these documents.
  • Check for updates and security patches for every single piece of software in your office, from accounting apps to operating systems. Computers with the latest updates from Microsoft were totally safe from WannaCry, which should be motivation to never again click “Remind me later.”
  • Social engineering and phishing may not have been factors this time around, but training employees to recognize suspicious links is a surefire strategy for avoiding the thousands of other malware strains that threaten your business.
Revisiting these strategies every single day may seem a bit much, but we’ve been in the industry long enough to know that it takes only one mistake to bring your operations to a halt. For daily monitoring and support, plus industry-leading cybersecurity advice, call us today.
Published with permission from TechAdvisory.org. Source.

Continue reading

The most advanced Gmail phishing scam yet

As the technology that recognizes and thwarts malware becomes more advanced, hackers are finding it much easier to trick overly trusting humans to do their dirty work for them. Known as social engineering, it’s a dangerous trend that is becoming increasingly prevalent. Read on to educate yourself on how to avoid the most recent scam and those that came before it.

Broadly defined, “phishing” is any form of fraud in which an attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels.

These messages prey on users who click links, images and buttons without thoroughly investigating where they lead to. Sometimes the scam is as simple as an image with a government emblem on it that links to a website containing malware. Just hovering your mouse over the image would be enough to see through it. But some phishing schemes are far more difficult to recognize.

The Google Defender scam

Recently, an email spread to millions of Gmail accounts that almost perfectly imitated a message from Google. The text read:

“Our security system detected several unexpected sign-in attempts on your account. To improve your account safety use our new official application “Google Defender”.

Below that was a button to “Install Google Defender”. What made this scheme so hard to detect is that the button actually links to a totally legitimate site...within Google’s own framework. When third-party app developers create Gmail integrations, Google directs users to an in-house security page that essentially says, “By clicking this you are giving Google Defender access to your entire inbox. Are you sure you want to do this?”

Even to wary users, the original message looks like it came from Google. And the link took them to a legitimate Google security page -- anyone could have fallen for it. The Gmail team immediately began assuring users that they were aware of the scam and working on eradicating it and any potential copycats.

There’s no happy ending to this story. Although vendors and cybersecurity experts were able to respond to the crisis on the same day it was released, millions of accounts were still affected. The best way to prepare your business is with thorough employee training and disaster recovery plans that are prepared to respond to a breach. To find out how we can protect your business, call today.

Published with permission from TechAdvisory.org. Source.

Continue reading

The phishing craze that’s blindsiding users

Most phishing attacks involve hiding malicious hyperlinks hidden behind enticing ad images or false-front URLs. Whatever the strategy is, phishing almost always relies on users clicking a link before checking where it really leads. But even the most cautious users may get caught up in the most recent scam. Take a look at our advice for how to avoid the newest trend in phishing.

What are homographs?

There are a lot of ways to disguise a hyperlink, but one strategy has survived for decades -- and it’s enjoying a spike in popularity. Referred to as “homographs” by cybersecurity professionals, this phishing strategy revolves around how browsers interpret URLs written in other languages.

Take Russian for example, even though several Cyrillic letters look identical to English characters, computers see them as totally different. Browsers use basic translation tools to account for this so users can type in non-English URLs and arrive at legitimate websites. In practice, that means anyone can enter a 10-letter Cyrillic web address into their browser and the translation tools will convert that address into a series of English letters and numbers.

How does this lead to phishing attacks?

Malicious homographs utilize letters that look identical to their English counterparts to trick users into clicking on them. It’s an old trick, and most browsers have built-in fail-safes to prevent the issue. However, a security professional recently proved that the fail-safes in Chrome, Firefox, Opera and a few other less popular browsers can be easily tricked.

Without protection from your browser, there’s basically no way to know that you’re clicking on a Cyrillic URL. It looks like English, and no matter how skeptical you are, there’s no way to “ask” your browser what language it is. So you may think you’re clicking on apple.com, but you’re actually clicking on the Russian spelling of apple.com -- which gets redirected to xn—80ak6aa92e.com. If that translated URL contains malware, you’re in trouble the second you click the link.

The solution

Avoiding any kind of cybersecurity attack begins with awareness, and when it comes to phishing, that means treating every link you want to click with skepticism. If you receive an email from someone you don’t know, or a suspicious message from someone you do, always check where it leads. Sometimes that’s as simple as hovering your mouse over hyperlink text to see what the address is, but when it comes to homographs that’s not enough.

In the case of homographs, the solution is unbelievably simple: Manually type in the web address. If you get an email from someone you haven’t heard from in 20 years that says “Have you checked out youtube.com??”, until your browser announces a fix, typing that URL into your browser’s address bar is the only way to be totally sure you’re safe.

For most, this trend feels like yet another development that justifies giving up on cybersecurity altogether. But for small- and medium-sized businesses that have outsourced their technology support and management to a competent and trustworthy IT provider, it’s just another reason to be thankful they decided against going it alone. If you’re ready to make the same decision, call us today.

Published with permission from TechAdvisory.org. Source.

Continue reading

Is the government really spying on you?

Wikileaks, the website that anonymously publishes leaked information, recently released a number of documents alleging widespread surveillance by the US government. The released documents claim that the vast majority of these efforts took place via smartphones, messaging apps and...TVs? Let’s see just how worrisome they really are.

What devices and apps are supposedly vulnerable?

Wikileaks labeled its ongoing release of 8,761 classified CIA documents “Year Zero.” Nestled among those files are tools and correspondence that explain how operatives could snoop on communications, downloads, and browsing history. Here is a list of the “affected” applications and hardware:
  • Windows operating systems
  • iOS
  • Android
  • Samsung Smart TVs
  • WhatsApp
  • Signal
  • Telegram
  • Confide
Those are some very big names, right? Thankfully, it’s mostly hyperbole. The reality of the situation isn’t nearly as bad as it sounds.

Two considerations before freaking out

First, almost all these exploits require physical access to devices before anything can be compromised. For example, news organizations repeatedly reported that WhatsApp, Signal, Telegram and Confide all had encryption protocols that had been subverted by the CIA. That is 100% false.

What the documents actually revealed is that the CIA was aware of security gaps in Windows, iOS, Android and Samsung’s Tizen OS, which allowed the agency to snoop on messages before they were encrypted. Messages sent in these apps are still totally uncrackable as long as the devices they are installed on haven’t been physically compromised.

Takeaway #1: Physical security is still one of the most important aspects of cyber security. Most data security regulations require certain physical security protocols as a deterrent to breaches that take place via theft of social engineering -- and for good reason.

The second reason not to worry is the hardware devices and operating systems that supposedly left encrypted messages vulnerable haven’t been sold for a long time. For example, only Samsung TVs from before 2013 were vulnerable to the always-on microphone bug -- which was patched in an OS update years ago.

But what about iOS -- surely that’s the scariest reveal of them all, right? Not quite. Only the iPhone 3G, discontinued in 2010, was susceptible to exploitation. Furthermore, Apple immediately responded that they were aware of this vulnerability and patched it in the version of iOS that was released in 2011.

Takeaway #2: Updating software is critical to keeping your data safe. As we saw in the Year Zero leaks, just one piece of outdated software can cause a domino effect of other vulnerabilities.

In reality, the most recent Wikileaks releases shouldn’t change your approach to cyber security at all. As long as you consider data security a never-ending battle, you’ll be safer than everyone too lazy or forgetful to lock up their server rooms or update their operating system.

But running a business doesn’t always leave you a lot of time for fighting a “never-ending battle,” does it? Fortunately, that’s exactly what we do for our clients every single day. To find out more about how we can keep you safe, call today.

Published with permission from TechAdvisory.org. Source.

Continue reading

Some ransomware strains are free to decrypt

Ransomware is everywhere. Over the last couple years, dozens of unique versions of the malware have sprung up with a singular purpose: Extorting money from your business. Before you even consider paying for the release of your data, the first thing you must always check is whether your ransomware infection already has a free cure.

The state of ransomware in 2017

It’s been almost 30 years since malware was first created that could encrypt locally-stored data and demand money in exchange for its safe return. Known as ransomware, this type of malware has gone through multiple periods of popularity. 2006 and 2013 saw brief spikes in infections, but they’ve never been as bad as they are now.

In 2015, the FBI estimated that ransomware attacks cost victims $24 million, but in the first three months of 2016 it had already racked up more than $209 million. At the beginning of 2017, more than 10% of all malware infections were some version of ransomware.

Zombie ransomware is easy to defeat

Not every type of infection is targeted to individual organizations. Some infections may happen as a result of self-propagating ransomware strains, while others might come from cyber attackers who are hoping targets are so scared that they pay up before doing any research on how dated the strain is.

No matter what the circumstances of your infection are, always check the following lists to see whether free decryption tools have been released to save you a world of hurt:

Prevention

But even when you can get your data back for free, getting hit with malware is no walk in the park. There are essentially three basic approaches to preventing ransomware. First, train your employees about what they should and shouldn’t be opening when browsing the web and checking email.

Second, back up your data as often as possible to quarantined storage. As long as access to your backed-up data is extremely limited and not directly connected to your network, you should be able to restore everything in case of an infection.

Finally, regularly update all your software solutions (operating systems, productivity software, and antivirus). Most big-name vendors are quick to patch vulnerabilities, and you’ll prevent a large portion of infections just by staying up to date.

Whether it’s dealing with an infection or preventing one, the best option is to always seek professional advice from seasoned IT technicians. It’s possible that you could decrypt your data with the tools listed above, but most ransomware strains destroy your data after a set time limit, and you may not be able to beat the clock. If you do, you probably won’t have the expertise to discern where your security was penetrated.

Don’t waste time fighting against a never-ending stream of cyber attacks -- hand it over to us and be done with it. Call today to find out more.

Published with permission from TechAdvisory.org. Source.

Continue reading