Small Business Cyber Security and Data Breach Risks

As a small business, you may think that you’re too small to worry about cyber security and data breaches. What kind of hacker is going to go out of their way to attack a small business? Unfortunately, the truth is that small businesses are more likely to be the victim of data breaches and theft than larger companies.

As a small business, you may think that you’re too small to worry about cyber security and data breaches. What kind of hacker is going to go out of their way to attack a small business? Unfortunately, the truth is that small businesses are more likely to be the victim of data breaches and theft than larger companies.

Why are small businesses targets?

Small businesses make very appealing targets to hackers. Small businesses have limited resources to direct to cyber security, and many small businesses think that because they are small they do not need to worry about it. As a result, they are extremely soft targets for hackers who can get in easily.

Most cyber security breaches are automated systems crawling the internet looking for targets with systems that can be exploited or mass-emailing systems sending out hundreds of millions of emails with dangerous links.

What easy steps can businesses take?

Addressing the low hanging fruit of cyber security will go a long way to ensuring that your business will not be the victim of ransomware or losses of sensitive company or client data. A few steps that can be taken include:

Strong Passwords

Strong passwords that are unique is a cyber security best practice. Using the same password for every account means that if hackers get access to one password, they have access to everything. While it can be difficult to remember unique passwords for every system you use, there are great password vaults available like Keepass.

In addition to ensuring you are using strong passwords, you must have custom passwords for everything. Using default passwords is a critical vulnerability. Do you know what your router password is? Have you changed it? Chances are strong your router login is admin/admin.

Up To Date Software

Keeping your software up to date is critical. There are three reasons that software gets updated.

  • To close security vulnerabilities
  • To fix bugs
  • To add new features

Fixing security vulnerabilities is one of the primary reasons that software updates get rolled out. These companies will find a hole–or be notified of one–through which a hacker can infiltrate or otherwise compromise the system, and they will fix it and roll out an update. Without installing the update, your system will be vulnerable to attack.

This is an especially big problem for public-facing systems like websites. What version of your website software are you running? Is it up to date? What about your plugins? These must be kept up to date.

Avoid Sketchy Links

The easiest way for hackers to get into a system is to be invited. People are the weakest link in every security system. The Russian hack of the DNC in 2016 happened as a result of a phishing scheme. In other words, John Podesta clicked on a link in a sketchy email that compromised his system.

Do not click on links or download attachments unless you’re absolutely certain of the source. Phishing emails are getting more and more advanced, so be vigilant. Additionally, if someone you know has their email compromised, hackers will send emails from their email trying to get you to click on a link. Don’t.

While these are strong basic steps that you can take to protect yourself and your business from security breaches, there is much more that should be done to further fortify your cyber security. To find out more about how you can further fortify your business against cyber threats, contact us for a free consult.

Good Enough is Good Enough for IT Purchases

Capitalism rewards companies that can get you to buy their stuff. And the more money they can get you to spend, the better. The innovations that this incentive system has created are amazing, but it pays to step back every once in a while and think about the process. The companies that sell you smartphones, for instance, really need you to keep buying new ones. Apple and Samsung shareholders depend on it.

Capitalism rewards companies that can get you to buy their stuff. And the more money they can get you to spend, the better. The innovations that this incentive system has created are amazing, but it pays to step back every once in a while and think about the process. The companies that sell you smartphones, for instance, really need you to keep buying new ones. Apple and Samsung shareholders depend on it. One way to do this is planned obsolescence. The sealed battery in your phone stops holding charge, so you go out and buy a new $700 phone. The phone’s processing is slowed down over time making you need to buy a new one to feel faster.

Another way is by creating a perceived, but probably illusory, need. The newest phone has a better camera, I better get it. It has more pixels per square inch, I better get it. It has facial recognition unlocking, I better get it. The truth is, for the vast majority of people, a smartphone from 2016 can do a perfectly good job and if the battery is failing, it can be replaced for far less than the cost of a new phone. This is true for a lot of IT hardware that individuals and small businesses purchase.

having a healthy skepticism about the companies trying to sell you stuff can save you a lot of money when purchasing your IT equipment. While there are laptops that cost $1,500 and weigh 2.7 lbs., for about $600 you can get an almost equally fast laptop that weighs about 3.7 lbs. Is that one pound difference worth $900 in terms of your use? Probably not. And if you want to save even more money, you can buy a refurbished system. As the saying go, a car loses 10% of it’s value the second you drive it off the lot. This is equally true with tech equipment. You can buy a refurbished computer that’s a year old for less than half the cost of a comparable new system.

In his book The Paradox of Choice, Barry Schwartz argues that there are two types of people. Maximizers try to make the best possible choice when confronted with options and satisficers try to make a choice that is good enough. By accepting good enough, satisficing can save you time and aggravation. When it comes to technology, satisficing can also save you money.

Keyboard and Mouse Shortcuts Can Save You Time

Sometimes something is so easy to do we pay no attention to it. If you had to concentrate every time you tied your shoelaces, it would be hard to get much done. This has a downside, however. It can blind you to more efficient possibilities. The computer mouse is a prime example of this. It is so easy to use that many people miss out on better ways to use it and the keyboard.

Sometimes something is so easy to do we pay no attention to it. If you had to concentrate every time you tied your shoelaces, it would be hard to get much done. This has a downside, however. It can blind you to more efficient possibilities. The computer mouse is a prime example of this. It is so easy to use that many people miss out on better ways to use it and the keyboard. Because you can so easily click and drag to select a paragraph, for instance, you never wonder if there is a better way. There is. Triple click anywhere in the paragraph. Pasting is easy to do from the menu in Word, easier with a right click, and even easier with ctrl-v.

Here are some keyboard and mouse shortcuts everyone should use:

  • ctrl + x – cut (the ‘x’ looks like a scissors)
  • ctrl + c – copy (‘c’ for ‘copy’)
  • ctrl + v – paste (the ‘v’ looks like an insertion mark)
  • double click – select word (this also selects the trailing blank, which makes pasting easier)
  • triple click – select paragraph
  • ctrl + p – print
  • alt + tab – holding down alt and pressing tab lets to switch windows easily

If you are editing text for more than a few minutes a day, memorizing these shortcuts will save you time. If you aren’t, think about how you do use your computer. If you do something many times a day, it is worth your time to actively explore alternatives every once in a while to see if there is something you missed.

No matter what programs you are using regularly on a daily basis, there are tons of shortcuts to save you time on both Macs and PCs. Whether you’re using Excel, Photoshop or something else, you can find helpful shortcuts. Just Google the program name plus “shortcuts” to find helpful shortcuts you never knew existed!

And, by the way, you are probably tying your shoelaces wrong.

It’s Not a Tiger: Responding To Scareware

Imagine a scene. You are sitting at your computer when suddenly a voice starts shouting at you that you are going to lose all your files or the FBI has detected suspicious activity. What happens next? Because you are human, the next part of the story is inevitable. Your heart rate elevates, your blood pressure […]

Imagine a scene. You are sitting at your computer when suddenly a voice starts shouting at you that you are going to lose all your files or the FBI has detected suspicious activity. What happens next? Because you are human, the next part of the story is inevitable. Your heart rate elevates, your blood pressure rises and adrenaline starts pouring into your system. None of these do you any good, however, and it is all the tiger’s fault.

Back when our ancestors were still carrying clubs, when a bush rustled those who had these autonomic reactions were prepared for fight or flight and could more effectively run away. Even if nine times out of ten the rustle was a bird or the wind, given enough encounters those who did not have these reactions would eventually get eaten by the tiger. So our ancestors, the ones who lived, have bred this reaction into us.

But there is no tiger and sitting in front of a computer is not a physically dangerous situation. The programmers who created scareware are counting on your fear to get you to make bad decisions. In most cases, the message screaming from your computer is nothing but that. If the programmer had actually infected your computer with a virus, why tell you? Better to hang around in the background and steal all your data. Fear makes end users do foolish things, though, and I have dealt with the aftermath of scammers being given credit card information or allowed access. Here is the part of the story that we can control. Take a deep breath. Remember that there is no tiger and call a technical support person you trust or just turn your computer off. I can predict that your odds are good that the computer will be fine after you turn it back on, and I can flat out guarantee that you are not going to be eaten.

4 Tips For Keeping Your IT Project Under Budget

People hate paying more for something than they expected or can afford, and yet that is often what happens with IT projects. While the best defense against unexpected surprises with your systems is a good relationship with a good provider, here are a few things businesses can do to control the cost of their projects: […]

People hate paying more for something than they expected or can afford, and yet that is often what happens with IT projects. While the best defense against unexpected surprises with your systems is a good relationship with a good provider, here are a few things businesses can do to control the cost of their projects:

When possible, buy refurbished equipment

Many reputable resellers sell completely functional refurbished items at 20% or more off. A Galaxy S8 phone, for instance, can be purchased now for $490 new, but for only $390 manufacture refurbished. The refurbished phone might have some nearly invisible scratch that your new phone would have a week after you unboxed it, but is perfectly functional. Bargains can also be found on desktop computers, servers, TVs and most other equipment.

Know what you need

An HP computer with a high end I7 processor can be bought on Amazon for $1,000. It also comes with only 4GB of RAM which is insufficient and will make the computer nearly unusable for most business users. A Dell with a more mainstream I5 processor and 16GB or RAM can be bought for $550. The second computer will be a better fit than the first for almost all users. For software development, knowing what you need is even more important. An incorrect design can lead to thousands of dollars spent on developing the wrong thing. Which leads to…

Think twice before developing software

There are many good off the shelf packages out there. If you are going to reinvent the wheel, you should have a compelling reason for doing so. Many software development projects come in late and over budget. This is not primarily the fault of shady operators. Software development is hard and is also hard to make accurate estimates about. If there is something out there that can handle most of your needs, it is worth asking whether you can live with the parts it can’t rather than go through the pain of customized software.

Get a fixed price quote

If you are doing project work that you have set budget for, you can shop it around or negotiate with your current MSP (managed service provider) to set a fixed price for a given scope of work. It is important when doing so that the scope of work is well defined (see 2), or you will be fighting with your vendor before the project is finished. Given the healthy margins in technical work, the vendor should be willing to accept some of the risk in a large project.

If you keep these four things in mind, you can save yourself money and frustration. Combining 1 and 2, for instance, I was able to buy a very functional computer for $254. If all else fails, get a second opinion. IT service providers want your business, and will often give you free advice to prove that they know their stuff. This can lead you to a better provider or at least intelligent questions to ask your current provider.

Extremely Sophisticated New Gmail Phishing Scam Is Here

A new, sophisticated phishing scam has been stealing users Gmail passwords. Like all phishing scams, it works by convincing users to enter their login credentials into a fake, but realistic, Google login page. While the specific technique is new and more advanced, the take home message is the same as it has always been. Be […]

A new, sophisticated phishing scam has been stealing users Gmail passwords. Like all phishing scams, it works by convincing users to enter their login credentials into a fake, but realistic, Google login page.

While the specific technique is new and more advanced, the take home message is the same as it has always been. Be vigilant and aware of your digital surroundings.

How you can protect yourself

Look at the URL:Although the website looked like the real Google sign in page, the url did not. Instead of starting with a normal “https://”, it started with “data:text/html.” People who noticed that did not hand over their information.

Two-factor Authentication: Setting up two-factor authentication is one of the best actions you can take to secure your accounts. This requires you to confirm your identity in a second way in addition to your password, often a text message to your cell phone.
Ease of use and comfort around your computer system are values that should not be minimized. The same is true of your home. In both cases, however, if someone asks you to unlock your door, you better know who they are and why they are asking. If you are not sure, ask yourself how badly you need to see whatever it is that is being sent. Are those cute cat pictures really worth compromising your machine?

Here are some of the most common ways people get hacked:

  1. Opening infected attachments in email (aka trying to open cute cat pictures)
  2. Phishing scams that collect login information (aka trying to download cute cat pictures)
  3. Getting infected from malicious website (aka surfing the web for cute cat pictures)
  4. Using open/unsecured wifi (aka surfing the web for cute cat pictures or anything else while using the internet at a coffee shop)
  5. Bad passwords (really nothing at all to do with cute cat pictures)

I once received an automated call saying that there had been suspicious activity on my credit card and that I should call a certain number to discuss. I checked my card, and the 800 number on the back did not match the number from the call. I called the number on the back of my card and confirmed that the call had been legitimate and there were fraudulent charges. What I asked my credit card company, and what I want you to think about, is how could I know that the original call was not a scam? They had no answer, and were basically training their customers to be foolish. Never call a number given to you that way that you cannot verify. Never click a link in an email to login to one of your accounts. Be vigilant, be aware. Our online lives are becoming almost as important as our offline lives. Don’t just let anyone into your home.

What Is A Browser? (And why should I care?)

I love analogies. They can explain the otherwise unexplainable. Here is a nice one: Lying is like entering the labyrinth of the minotaur: the farther you go, the harder it is to find your way back. Today however, I want to explain that your browser is like a TV set. It is a window to […]

I love analogies. They can explain the otherwise unexplainable. Here is a nice one:

Lying is like entering the labyrinth of the minotaur: the farther you go, the harder it is to find your way back.

Today however, I want to explain that your browser is like a TV set. It is a window to the web in the same way that a TV is a window to stations. While no analogy is perfect, this one is pretty close. It is so good, in fact, that you can answer technical questions with it.

For example:

Question: Can I view google using Firefox, or do I need Chrome?

Equivalent question: Can I watch NBC using a Sony TV set, or do I need a Toshiba?

The question answers itself when phrased the second way. The browser is just a window to the world. The web pages are the world. What makes the question seem interesting is that the companies that make browsers also have web pages, so it seems sensible to ask whether Google.com (a website) requires Chrome (a browser made by Google). It doesn’t. I have had clients call me believing that the internet was down because they got a website could not be found message when they started their browser. Most browsers are set to go to a specific page on startup, so that message could mean the website (MSN.com, for instance) is down, not the entire connection to the internet. It would be like turning on your TV and getting static on channel 4 and not trying any other stations. If you get a web page not found error, try a different page.

Imagine you and your significant other cannot agree on what is watchable TV. One of you likes nothing but sports channels, the other cooking channels. If you had two TV sets and you each used one exclusively, you could program them so that the favorite channels matched what you actually watch. The same is true of your browsers. If you both have Gmail accounts, one of you could use Google Chrome as your browser, and the other could use Microsoft Edge so that both of you could be logged in at the same time. Otherwise, you are forced to logout and login to switch accounts. (You could also achieve this with different user profiles, but that is often overkill.) I have two different Amazon prime accounts, one for personal use and one for my business. I keep them logged in on two separate browsers (Chrome and Edge). Favorites on each browser can match different users’ preferences, or even personal versus business needs of one user.

As for which browser you should use, these days it does not matter much. All current browsers (Chrome, Edge, Firefox, Safari, Opera, etc.) are capable and should serve you well. In a Windows environment, I will choose Chrome if it is available, but am fine with any of the major browsers. If on a Mac, I will usually use Safari or Chrome. Every once in a while, you will encounter a website that wants you to use a specific browser, but that is a rare occurrence. Basically, your browser is a TV.

Why You Should Outsource Your IT

All people have birthdays. Some people have weddings and christenings and bat mitzvahs. All those events generally require cake. So why doesn’t everyone have a personal baker? “That’s crazy,” I can hear you thinking, “I only eat cake a few times a month, what will she do the rest of the time?” So let me […]

All people have birthdays. Some people have weddings and christenings and bat mitzvahs. All those events generally require cake. So why doesn’t everyone have a personal baker? “That’s crazy,” I can hear you thinking, “I only eat cake a few times a month, what will she do the rest of the time?” So let me ask a different question, why not have a personal chef? Everybody eats multiple times a day. Your objections now would be less forceful, but you still might wonder if you could keep her busy. Well, maybe you could give her other things to do. I know a family that hired a chef but convinced themselves it was not a problem by calling her a housekeeper. Their food is delicious, but their books are dusty.

So hiring a full time person to fill a job for which you have only part time hours doesn’t work so well. You have overshot your target. What about undershooting? You could bake the cakes yourself? Well, given the right skill set, time, and inclination that will be a fine solution for your child’s birthday cake. And that wedding cake? Probably not a job even a talented amateur should do.

Your IT is no different. Everyone has IT needs, but they also don’t need an IT expert hovering at their shoulder 24/7. In fact, after many years of servicing various companies technical support issues, I can tell you that a typical user requires about an hour of technical support a month. If you go the full time support person on staff route, you will need approximately 173 employees to keep her busy. Even then, things can get tricky. The woman you hire to support your infrastructure will be capable of doing desktop support for your users, but she won’t be challenged or engaged in it. It would be like hiring a wedding cake specialist to make your 3 year old’s birthday cake. If you decide to support your users yourself, you likely will find your most technically savvy person ends up becoming your SABD (system admin by default). The SABD will likely be able to solve a large portion of your issues, but what do you do when she can’t? How does it affect your company’s profitability when someone hired to do one job spends time doing another? How is efficiency affected when a problem an expert could solve in 20 minutes takes an amateur 2 hours to figure out?

Outsourced IT, and outsourced anything else really, works when it allows individuals with specific skill sets to be matched appropriately and efficiently to jobs that utilize those skills. That is what we can achieve with our clients. Our infrastructure specialist supports infrastructure, our desktop specialists support desktops, and we are all available 24/7 for that one hour a month when you really need us.

To learn more about how we can help your outsource your IT needs, contact us for a free consultation today!

When to Replace Vs. Repair a Device

Murphy says it’s going to break and Moore says you should throw it away. Murphy has become famous for his law stating that anything that can go wrong will. Unfortunately, electronics are not an exception to that rule. The good news is that Moore’s law suggests that replacing that broken electronic device will likely cost […]

Murphy says it’s going to break and Moore says you should throw it away.

Murphy has become famous for his law stating that anything that can go wrong will. Unfortunately, electronics are not an exception to that rule. The good news is that Moore’s law suggests that replacing that broken electronic device will likely cost less than the item originally cost you.

Gordon Moore made a fairly accurate prediction about microchips and the doubling of their processing power. This has led to the continuous reduction in cost for ever more powerful electronics that are both smaller and lighter. For example, the computer purchased five years ago for $2,000 will now cost approximately $500. Therefore, depending on the age of a device and the problem with it, the best course of action may be to replace rather than to repair.

Even if your repairs are cheaper than replacing the computer, it’s important to consider what the price difference is and look ahead at the company’s future needs. If new software requirements coming out in the next one to two years are likely to push your systems to the limit then investing in a new computer now may be the better option.

You can also use the computer breaking down as an opportunity to save on taxes. You can write off the broken computer as a loss and investing in a new computer can be used as a tax shield via depreciation. Furthermore, the cost of the broken computer should not be factored into this decision making as it is a sunk cost.

A rough guideline for how quickly a device has become ‘obsolete is as follows: TVs 5+ years, computers 3+ years, and tablets/phones 2+ years. This guideline is looking at your run-of-the-mill device; it doesn’t take into account a computer that is built at the extreme high-end that is most likely equipped to handle new software for the next 5-10 years, nor is it looking at an extremely low-end computer, either.

If you’re uncertain what the best decision is, feel free to contact us and we can provide you with our opinion and provide a financial breakdown behind that reasoning.