A Firewall Is Critical for Business Security

Having a reliable firewall is extremely important in today’s environment. In the first half of 2019, 59% of MSPs reported Ransomware attacks on the companies they managed, according to a recent Datto Survey. The average ransom is $5,700. That is up 37% from the year before. You can see how essential it is to protect your server.  

You must keep your guard up to keep nefarious actors out of your network. Your guard is your firewall. It protects your servers and infrastructure. There are many on the market and most are pretty good. Some last for years. 

Keep Your Firewall Up to Date 

Keeping up with the latest technology is the best way to know which firewall to choose for your company. When researching, it’s important to know what you are doing because it can get pretty technical. Read the reviews and shop according to your budget. You should consider not only the purchase price but also the yearly services and support costs. Some businesses like the DIY option, but others prefer consulting with an IT Service company. 

Fight Viruses & Hacking Exploits Floating Around in the Wild 

Maintaining a service subscription for your firewall will keep it up to date, which keeps your business safe from viruses and hacking exploits floating around in the wild. When you keep your subscription current, it will update your firewall with the latest version of firmware. Firmware is the software that runs the components in the firewall device and the software that runs it. 

Prevent Business Operations Disruptions 

Support for your firewall allows you to call the manufacturer and talk to them about setup and repairs. If it has issues and you don’t have anyone who can log in and repair it, your Internet will go down. That disrupts your business operations, whether you’re working in the office or from home. This is happening more often than it should these days.  

When Your Firewall Gets Too Old 

Your firewall is a critical piece of equipment. Keeping its support up to date is very important. Firewall companies only offer support for a certain period of time. After that period ends, you need to renew it. When the device gets too old, the manufacturer will no longer sell support for it. Once it fails, you will need to purchase a new one.  

Without A Firewall for 30 Minutes – 699 Attacks 

Shipping times for new firewalls vary. You might have to wait for up to 3 days. That is a long time to go unprotected. We once tested what would happen to an Exchange server on the internet.  It was password protected but had no firewall guard. Within 30 minutes, it was attacked 699 times by someone who was trying to hack through the passwords.  

Understanding the importance of a firewall is paramount for a small business. If managed right, it will keep your confidential data safe from harm. We’re here to help you with that. Please give us a call to assess the state of your firewall. (844) 400-0616

Learn more about the Cybersecurity we offer!

Datto’s Global State of the Channel Ransomware Report 

Disaster Recovery Plan: 8 Points to Consider

With Covid-19 gripping many businesses around the world, we’re receiving a crash course in the importance of a Disaster Recovery Plan. Within a matter of weeks, we went from a free-flowing economy with no real work restrictions to a suffocating lockdown. Over the summer we experienced a glimmer of hope when the economy slowly opened back up. But flu season has descended upon us and cases have started increasing again. We’re now facing the possibility of another lockdown. Some companies are prepared, but others are not. 

Natural Disasters & Other Random Events

The pandemic isn’t the only disaster that can affect business continuity. Have you thought through the wider variety of disasters that could hit your company? The following situations can happen to any business:

  • Servers crash and systems go down
  • Sprinkler systems malfunction and water intrusion ruins computers, printers, or other business devices
  • Severe storm weather knocks out the power, and the power company takes a few days to repair it
  • A thief breaks in and steals your equipment
  • Construction crews accidentally cut the power to your office and you’re down until they can repair it

Those Who Fail to Plan, Plan to Fail 

Do you have a recovery plan if any of these disasters hit your office? The best way to prepare is to create a plan that is customized to your company. Customized plans are better than a one-size-fits-all approach. Every company is unique. Each has critical business operations that need to be accounted for in the event of a disaster. A good IT Service Company can help you explore the questions and answers relevant to your business.

8 points to consider for your disaster recovery plan

Risk Analysis

What are your critical operations? Prioritize them so you know which to address first in the case of an emergency.

Recovery Time

Timewise, how much wiggle room does your company have before all hell breaks loose? Know your maximum downtime.

Compliance

Does your recovery plan meet with PCI, HIPPA, or other compliance rules you have to follow?

Disaster Recovery Team

Does everyone in the office know who will have the authority to make the decisions when in an emergency? Who are the go-to people when disaster strikes? This all should be decided in your disaster recovery plan.

Critical Information

Keep critical information like primary contacts and account numbers available in a safe place. When computers and other electronic devices go down or you can’t work from your office, how will you access this critical information? Think cloud backups.

Communication Plan

How will you communicate if your office computers and phones go down? Do you have a list of employee cell phone numbers available, so communication is not completely cut off?

Working from Home

If you and your employees can’t come to the office for an extended period of time, where can you temporarily set up your workstations? What technical support will you need to make this happen safely and effectively? An important part of a disaster recovery plan is having the process and technology in place for employees to work from home beforehand.

Review Your Plan

Employees come and go. Business roles, contact information, and accounts change. Review your plan regularly. Are employees who are named in the plan still with the company? Are account numbers and contact information current?

Business continuity is about maintaining critical business operations even when faced with long-term interruptions. Most of us were caught off guard when COVID-19 hit. We have faced this disaster for the past 10 months. We’re now wide awake and a little wiser.

We don’t know how long we will have to do business in this locked-down economy. We’re unsure if it will get worse. We can’t be certain when other random disasters will hit. But we can increase confidence and security by creating a solid disaster recovery plan. This is the best solution to reduce risk, data loss, and network downtime.

Integrinet IT can help you develop a customized disaster recovery plan for your business.

Network Protection Best Practices – Maximize Your Value

Many small businesses don’t need an expensive complex data center to run their operations. But even with a small system, it is important to know about network protection best practices to maximize the value of your equipment.

Your network is composed of the interconnected computers, machines, and operations you use in your business processes to provide your clients with products and services. It includes hardware like your: 

  • Workstations 
  • Servers 
  • Switches 
  • Phones 
  • Access points 
  • Printers 
  • Firewall 
  • Routers 

There are some best practices you need to keep in mind to protect your company’s network and stored data. 

1. Create secure and clean spaces for network protection

Keep your server(s), switches, phone system, firewall, router in either a locked room or in a locked cabinet. Keeping them away from accidental bumps, knock-overs, or spills is just as important as protecting them from a breach. I have seen people knock over server racks that were not secure. I have seen people store cleaning products over servers that eventually spilled on them. No one needs these kinds of expenses when they can easily be avoided.  

2. Make sure these network spaces are well ventilated  

Choose spaces for your workstations, servers, and other network devices that are well ventilated. Heat is very hard on electronics, especially IT hardware. If you use enclosures, make sure they are well ventilated. Use containers with security screens, not those with sheer metal or wooden sides.  

3. Protect your network: connect it to an Uninterruptible Power Supply (UPS) 

Have a good business-type battery backup/Uninterruptible Power Supply (UPS). A basic home PC-type battery backup is not what you should be using on your server. Look for a Pure Sine Wave Device. Choose one that levels out the power as well as protects from surges. Dirty power that fluctuates constantly can be as hard on your equipment as power surges.  

4. Use Image-based backups for network protection 

Use an image-based backup, not just a data backup. An image-based backup will not only backup your data but also backup the operating system and its settings. If you have an image of the server, you can restore it much faster than if you only had a data backup. We are talking hours to restore, instead of days or weeks. If you are hit with ransomware which encrypts your data, you can wipe the server and restore the image quickly.  

5. Backup your network locally and offsite to reduce rebuild time 

Store backups locally and then offsite. If you only stream data to an online storage service, you can only retrieve it at the speed of the combined internet connections between their side and yours. I was working with a technician on a project once and he only backed up the data online and no image locally. They had a slow internet connection and only a data backup. It took about 2 days to rebuild the server internally with all the settings but then took over three weeks to stream the data from the storage service.  

6. Properly install firewalls to keep bad actors out without slowing business processes 

Use a firewall. They are not overly expensive to own. They keep bad actors out of your network. Have a professional install it so it doesn’t end up slowing down your business processes. You don’t want your firewall to get in the way of where you need to go. Most have content filters to keep your employees from going where they shouldn’t, which optimizes your productivity. 

These are some basic and best practices you should strive to engage in as a small business owner for network protection. None of them will break the bank. But neglecting them can eventually wreck you financially.  

Think ahead. Protect your network. The business you save will be your own. Schedule a free consultation with Joe if you’re in Utah or Fred if you’re in Idaho.

Cyberjacking – Security Alert

Cyberjacking has become a major problem for networks around the world. It is currently one of the top cybersecurity problems existing today. The term cyberjacking means hackers access your servers or workstations like parasites. They use your processing power to mine cryptocurrency. This exploit can be detrimental to your network and production. Because it uses your processing power, it slows down your network. A slow network decreases your productivity.  

This hack is difficult to detect and even more difficult to eradicate. It rewrites your server software and deeply embeds itself into your network. The best way to combat this type of malware is to wipe your server clean and restore from your image backups. That takes time and money.  

In one instance, I saw this attack come in through an email inside a PDF-looking document. When we investigated, the software was embedded inside a font. When an employee clicked and opened the file, the malware downloaded to the company’s network. Once running inside their system, it used the processor as part of their bitcoin mining operation. Servers keep logs of incoming and outgoing traffic. The cyberjacking malware erased these logs every minute to cover its tracks. It took over 2 ½ days to stop the attack and mitigate the damage. 

Protect your business from cyberjacking

It is important to protect your business from these kinds of parasitic attacks.

  1. Keep your firewall up to date with the latest virus and malware signatures.  
  1. Protect your email with filters either in Microsoft 365 or with another filtering service before it hits your onsite exchange.  
  1. Train your employees not to click on items originating from an unknown source. 
  1. Train them to validate even a trusted source to make sure requests for financial or confidential data transfers are genuine. 

Your due diligence is what keeps you safe. Give us a call for a network security checkup. Our service engineers are well versed on keeping your network secure.

This article on achieving PCI Compliance is also about increasing your cybersecurity in general: So You Want To Achieve PCI Compliance? Shields Up!

Curiosity Killed the Network

One of a technician’s biggest fears is user Curiosity. Curiosity has been the culprit of a number of major successful cyberattacks on unsuspecting companies. It is the reason you might click on a link in an email sent from an unknown source. It’s the reason you might follow a rabbit hole of links to unsafe sites on the internet. Curiosity is also the reason you might click on a random link at the bottom of an unfamiliar website.

In order to keep your company’s network and confidential data secure, you and your employees should be aware that cybercriminals attempt to trick you by applying to your Curiosity. One of their little-known tricks is scattering USB drives in conspicuous places such as the parking lots of targeted companies.

Curiosity May Increase Your Organization’s Security Risk

Researchers performed the following experiment to test how risky yielding to our Curiosity can be.

A few major organizations got together to conduct a study:

  • The University of Illinois
  • Urban-Champaign, Google
  • The University of Michigan

In the study, they tested how the Curiosity factor can affect a company’s cybersecurity. They scattered 297 USB drives around the Urban-Champaign campus. On the drives, they installed software that mimicked malware. When some Curious soul opened one of the files on the drive, it didn’t infect the computer with a virus. But it alerted the researchers that it had been opened and then sent them the location of the computer.

48% of the drives were plugged into computers!

Read the whole story here: Story of the USB Drive Study

The DOD Infiltrated Via Thumb Drive

If you think that’s crazy, listen to this: One of the worst cyber-attacks on the U.S. military in history occurred in 2008-09. It happened at one of the Department of Defense’s (DOD’s) Middle East bases. Someone inserted a thumb drive they found in a parking lot into a computer. It was like a worm that infected the entire network and went without detection.

“Once in place, the malicious code began to ‘beacon’ out to its creator, letting whoever created it know that it was in place and ready for further instructions. That’s the only way analysts from the NSA’s Advanced Networks Operations team noticed it was there.” – Blake Stilwell, We Are the Mighty, The worst cyber attack in DoD history came from a USB drive found in a parking lot

14 Months to Wipe It Out of Their Network

It took them 14 months to wipe it out of their network. When they realized what had infected their systems, one of their first responses was to ban thumb drives. They gathered thumb drives from military personnel and found they were all infected. As of the date of this article, no one has ever found out the identity of the hackers or how much information they stole.

“The effort was so intense and deliberate that it led to the creation of the 11th military unified command – The U.S. Cyber Command.” -ibid

If your Curiosity peeks when your online, reading an email, find a thumb drive, or even receive an email or phone call from a known source, err on the side of caution. Choose to be more Curious about cybersecurity. The network it saves might be your own.

Call us to and talk to Fred (Idaho) or Joe (Utah) to set up a free security assessment (844) 400-0616.

Cybersecurity and Cloud Storage

I was managing a company’s network as their Managed Service Provider when we received a call that a folder with many of their files was missing in their online Microsoft 365 SharePoint. We investigated the issue and found that none of their files had been nefariously deleted. We also determined there hadn’t been anyone trying to hack into the system and steal their data. Yet, it remained a fact that their files were missing.

We continued our detective work, checking if any credentials had been changed, but everything seemed in order. No one from outside had accessed their network.

Accidentally Deleted or Moved

Finally, one of our technicians had a hunch that a current employee might have accidentally deleted or moved the file. After a little more investigation, we indeed found that had occurred. When an employee was moving his mouse across the screen, he had accidentally grabbed a file folder and dropped it into another folder. It had been difficult to solve this case, but with some very good detective work, we were able to restore the file folder to its original location.

Data Security & The Human Component

After this experience, I started thinking more about data security in the cloud. Even though large file service companies like Microsoft 365 have very secure cloud storage, what about the end-user – the human component? What happens when someone deletes the wrong file by mistake? How often does this happen? While most of these cases are accidental, what happens when an unhappy employee, who thinks they have nothing to lose, decides to take out her company’s file repository? Could they recover the data – their forms, spreadsheets, and intellectual property?

Data Retention & Backup

Fortunately, Microsoft 365 has a retention policy that your company can use. It is good for up to 93 days. That’s a really good start, but in some cases, it may not be enough. Your MSP should have a service to back up to your Microsoft 365 OneDrive and SharePoint. This is a great way to ensure you never lose your data, either to a mistake or to a disgruntled employee. The backup service your IT company can set up for you is automatic. It’s one of those “set it and forget it” programs, although it should be tested periodically. If you have Microsoft 365 or a similar service for storing documents in the cloud, consider incorporating this service into your network. It just might save the day for your business down the road.

For help with cybersecurity and data backup, scheduled a free consultation with Integrinet IT

Are You HIPAA IT Compliant?

Did you know that on the Dark Web, medical records sell for more than credit card data?

If you are a health services organization, you know your biggest cybersecurity worry is to keep your ePHI secure. Most breaches happen because the devices you use have not been encrypted, one of your employees clicks on a nefarious link in an email, or someone inadvertently downloads malware into your systems.

Encryption Is the New Standard

HIPAA IT standards are the gold standard of cybersecurity in the health service industry. As your organization strives to be in compliance, start with encrypting as much of your data as possible. At the very least, make sure you have passwords on all your computers and mobile devices. Implement Multifactor Authentication to protect your users’ login credentials.

The encryption process converts your data to an unreadable and unstable state. If unauthorized users broke into your network, your email, or your devices, they would not be able to make any sense of it. The only way the encrypted data can be read is with a security key. With this key, the computer will convert the data back into a readable and stable state.

All emails containing ePHI that are sent outside of your firewall need to be encrypted. Additionally, they should be saved in a secure and encrypted archive for at least six years.

Web Content Filter

It’s important to have your managed services provider install a web content filter, which blocks inappropriate and dangerous content as well as cyber criminals who are waiting to steal passwords to your records and databases.

Automatic Log-off

Your service engineer should also help you set up automatic log-off of your PCs and mobile devices. When your authorized personnel have stopped using their computers for a specific amount of time, the computers automatically log out. It is so easy to forget to log out when stepping away from the workstation. This program is a smart and easy backup to use to increase your cybersecurity.

HIPAA Checklist

Your medical office has to be aware of the IT portion of the HIPAA checklist. You need to make sure you can check every box. Your managed services provider should perform regular assessments that identify the risks in all systems your business uses to “touch” your ePHI. This includes your:

  • Network
  • Servers
  • Switches
  • Computers
  • Mobile Devices
  • Software
  • Phone Systems
  • Cloud Accounts (Email, Storage, etc…)

24/7 Remote Monitoring

To be HIPAA IT compliant, your IT company must be remotely monitoring your systems 24/7. They should be analyzing your logs regularly. They should be able to detect unauthorized access by existing employees.

A good managed services provider should know what it means to be HIPAA IT compliant. It should actively monitor your firewall ports and know which ones are usually attacked. If you have employees working from home, your service engineers should ensure that your VPN tunnel is set up and secure. They should have the ability to sniff out all the security issues your specific practice faces.

Due Diligence

If your healthcare organization is in the middle of striving for due diligence to the HIPAA standards and needs an IT company that knows how to help you reach compliance, schedule a free consultation with Joe Nice (Utah) or Fred Bauerfeld (Idaho) at Integrinet IT.

Call (844)400-0616

Choose “Sales” from the menu to talk to Joe or Fred.

Read more about HIPAA Compliance:

HIPAA Compliance Checklist

Summary of the HIPAA Privacy Rules by the United States Department of Health & Human Services

Ransomware Hacker Strikes Sports Software Company & Steals Hundreds of Thousands of People’s Confidential Info

Ransomware is one of the vilest ways bad actors are taking advantage of good honest companies. It’s one of those crimes that businesses, both large and small, are powerless to defend themselves against once it occurs. It is so utterly galling to have to pay exorbitant amounts of hard-earned cash to creepy dishonest hackers to regain access to their own systems and confidential data.

The Story

According to an article posted in the Tech Times on September 22, 2020, a major software company was recently hacked. The attackers held the company’s confidential data hostage until the owners paid up. The data included information about 540,000 users. They swiped their names, passwords, usernames, birthdays, addresses, email addresses, and Social Security numbers.

ArbiterSports, the victim-company, supplies the NCAA and other sports leagues with a software application that manages referees and other game officials. Like most other companies that are hacked, they had no choice but to pay the ransom. But when you work with thieves, you never know if they will actually keep their side of the agreement to delete the stolen copy of confidential data.

The Reality for Your Business

If you don’t think your smaller-sized company is in danger of being hacked like this, think again. In our day bad actors are just as likely to shut down or disrupt small businesses as they are large. They can steal your data and hold it for ransom.

The most common way ransomware enters your network is through phishing emails. Integrinet IT builds a labyrinth of layers to defend your company against email infiltration.

1st Layer of Defense
A cloud email filter, which identifies spam emails before they even enter your firewall.

2nd Layer of Defense
Your Firewall.

3rd Layer of Defense
Your network server credentials.

4th Layer of Defense
Antivirus software with malware protection that is installed on your server, individual computers, and other end-point devices.

How Backups Save Your Company’s Life

Additionally, we configure a backup system that runs multiple times a day. If your company is hacked, we can wipe your server completely clean and then reinstall your system exactly as it was before the attack. Contact us today at (844) 400-0616 to set up your defensive position that will protect the business you have worked long and hard to build from the ground up.

Read the full article here: Hacker Breached 540,000 referees, league officials, and school representatives for Ransom and won

VoIP Phone Systems – To Move or Not to Move

Deciding which phone system is best for your business takes time to plan, research, and shop. To make an informed decision, you need to know what your choices are and the pros and cons of each. The phone system you want is one that meets your business’ needs. Because your business is unique, what works for another business may not work for yours. But if you want to replace or upgrade your phone system, you will need to choose between a PBX and a VoIP system.

What is a PBX System?

A PBX phone system is the on-premise phone system that has been in use for decades. It only came with direct copper wire line-to-line connections but in recent years has more options for the circuit that connects to it. If connected to the phone network with analog or digital lines, you are physically connected through the exchange network.

What is a VoIP System?

With a VoIP system, voice signals are converted into packets of data that are transmitted over the Internet. That means when you call a client, these signals travel through your network and out to the Internet.

Don’t get confused with the different types of VoIP systems that are out there. There are the following three options to choose from:

  1. On-premise VoIP System, Self-managed (you manage this system yourself)
  2. On-premise VoIP System, Partner-managed (a provider manages this system for you, but its brains are located at your place of business)
  3. Hosted VoIP System, Partner-managed (a provider manages this system for you, but its brains are located in the cloud)

Another confusing point is that there are a variety of names people are using for VoIP. They are all referring to the same type of internet phone system. Here are a few of them:

  • Hosted VoIP
  • Hosted Voice
  • Cloud Voice
  • IP telephony
  • Internet telephony
  • Broadband telephony
  • Broadband phone service

Read more about what a VoIP System is.

The Plan: Questions you need to answer for your business

  • How many users do you have?
  • Is everyone centrally located or geographically dispersed?
  • How will they use your phone system?
  • What features are you looking for in a phone system?
  • What is your growth trajectory?
  • How much are you spending on your current phone plan?
  • What is your budget for your new phone system?

Comparing Costs

VoIP is the less expensive system compared to PBX. It requires less hardware, which ends up costing you less to install. You will need VoIP-enabled phones and a connection to the Internet. Your monthly bills are also lower with the VoIP system and your billing is less complicated because your Internet and phone bill are often combined.

Comparing Reliability

Direct copper wire line-to-line connections are always more reliable than Internet connections, which sometimes experience downtime or bandwidth limits. The quality of your VoIP connection will vary based on the quality of your Internet connection. If your Internet or power goes down, so will your phone system. PBX systems are set up independent of your internet.

Because of this, some businesses who choose VoIP will keep a few backup analog lines for emergency alarms that send signals to the fire or police department or for their fax machines that don’t work well with VoIP.

Comparing Flexibility

If you want more flexibility in terms of adding or removing users, choose the VoIP system. You can add as many users as your network’s bandwidth allows and increasing your bandwidth is usually an easier task than increasing PBX capacity.

PBX systems are not known for their flexibility. They are installed with the number of phone lines you initially choose. If your company grows and you need more phone lines or capacity, you will have to have a provider come out and install them.

A quality phone system that is compatible with your company’s needs is key to clear communication and productivity. We hope this guide helps you in your decision process of whether to go with a VoIP phone system or a PBX. If you have any questions or need further guidance, please give Fred (Idaho) or Joe (Utah) a call at (844) 400-0616.

Read a story about how our service engineers repaired a client’s VoIP phone system when they were experiencing Dropped VoIP Calls and Intermittent Internet Connection.

Innovative Features that will Increase your SMB’s Productivity & Save You Money

Ever wonder what innovative tool Microsoft is building into Microsoft 365 next? Is there something you wish it had or something that would help you be more productive? Maybe if you knew about a new option before it came out, you could create a strategic advantage for your team.  

We know that Microsoft is constantly improving its tools. New features come out that most businesses aren’t even aware of. I have had clients ask me for a technology solution to a problem and many times I tell them they already have it.  

Budget for Your Future

When your company is evaluating and budgeting for new tools, it’s important to know what Microsoft is working on developing right now. The Microsoft 365 Roadmap website provides you with this information.  It has three main sections:

  • In Development
  • Rolling Out
  • Launched

Within those sections, you can narrow down the search by variables such as:

  • Product (Work, Excel, Azure, Bookings)
  • Release Phase
  • New & Updated Features

Email Encryption Feature for Financial Firms

Recently, I sat down with a client who wanted to move away from their onsite exchange server for email and was considering Microsoft 365. As a financial firm, they needed email encryption. With their level of service, email encryption was an easy and inexpensive add-on. When I searched the Microsoft 365 Roadmap website for innovative email encryption tools, I found one that gave their users the ability to revoke or pull back an email already sent without asking an admin to do it for them. This turned out to be a valuable time-saving tool for their financial office that cost them next to nothing.  

If you need a feature and have been wishing someone would come out with it, check out the Microsoft 365 Roadmap site. If you don’t have the time, give your managed services provider a call. Our service engineers at Integrinet IT love to keep updated on Microsoft’s developments. As of today, September 23, 2020 there are 1,106 updates in the queue. We can help you find the tools you need to increase your business productivity. 

Microsoft 365 Roadmap Web Site 

Most Computer Issues Can Be Handled Remotely

Remote Services are an important piece of the IT pie that your MSP serves up to support your business. They use powerful tools to monitor your organization’s systems, processes, and security.  

Remote Troubleshooting

If you’re having trouble with issues like the following, your service engineer can usually solve the problem remotely in less time than it would take him to come out to your place of business.

  • Laptop or PC running slow
  • Opening your email
  • Remembering a password
  • Connecting with your printer

With Remote Services, your IT team has the ability to log in remotely and fix your issues. To stay most productive, having the ability to request service remotely is a must in todays speed-of-light business world.

Help Desk Support

A good IT company enables Help Desk Services by installing a small program on your computer. The program remotely connects us to your computer and integrate with a ticketing system. When you request service, a ticket is created, queued, and quickly addressed. In a Service Level Agreement (SLA) you are provide with a timeframe in which the work will be completed.

Streamline your Computer Repairs

Remote services are one of the biggest advantages that a Managed Services Provider has over the “IT Guy”. There are times when your service engineers need to come onsite to service your IT infrastructure, but most issues can be handled remotely. With Remote Services your IT team streamlines your computer repairs and system upkeep. Increase productivity by adding Integrinet IT’s Remote Services.

Call us today (385) 355-6494 to discuss how this service can benefit your company.

Business Email Compromise (BEC)

One of the most sneaky and costly cyberattacks is CEO Fraud, also known as Business Email Compromise (BEC). Either through Spearphishing Attacks, malware, or by gaining access to your cloud-based business email accounts, scammers collect data to obtain essential information such as who you pay and how.

With this information in hand, they attempt to trick your company into wiring money to an account they set up, which cannot be traced. Exploitations like these have been around for more than five years, but BEC activity has doubled in the past year. 

This is how they do it:

  1. Scammers pick a target. They search through the directories of social media websites such as LinkedIn or they go to the company’s website and look for the names of people who work there. They are especially looking for executives who have authorization to transfer money. It is not hard for them to find most of the company’s corporate officers and personnel through these channels.
    1. Scammers groom the target(s) they pick. They send emails to the target or call them on the phone to invite him/her to begin a correspondence with them. This is called spoofing. If the target responds, the scammers can view his/her email address and signature.
    2. The scammers then may set up fake email addresses and URLs by adding an extra character to make them look similar to the target’s at a glance.
    3. Other times they may just copy the name and attach another email address to it. Since some email applications only show the name, the false address behind it can be hidden.
    4. Sometimes scammers create a full email server that looks like the target’s server with a change of one character. E.g., mary.smith@companyllc.com vs. mary.smith@companylllc.com. If the coworkers at the target company just glance at this email address (as we all usually do), they most likely will miss the extra l.
  2. Once the scammers engage the target in a fictitious company project or transaction, they give instructions to wire the money to their account. Other times they act as a vendor giving new wiring instructions with the scammers account information. They might also impersonate the CEO and give instruction to the CFO to wire money to an account. The target believes they are working with a partner company or a supervisor who is giving them these instructions.
  3. The target wires the money to the untraceable account and the company never sees it again.

BEC scams may seem unlikely, but it actually happened to the Puerto Rican government which lost $2.6M and to a Tech Manufacturing company which lost $47M.

Puerto Rico government loses $2.6M in phishing scam

Ubiquiti Networks Says It Was Victim of $47 Million Cyber Scam

Between January 2014 and October 2019, the Internet Crime Complaint Center received complaints totaling more than $2.1 Billion in actual losses from BEC Scams.

FBI Public Service Announcement on April 6, 2020

Every one of your employees should be on the alert for spoofed emails. One of the most effective practices to avoid BEC scams is to train your workforce to voice-verify before transferring funds. If there are any account changes, especially new place-to-route payments, they should be approved verbally by one or two people up the corporate chain and by one or two people at the receiving company.

Another way to fight BEC is to use Multifactor Authentication (MFA) to protect your email accounts. Weak passwords are chinks in your company’s cyber armor.

Learn how MFA works.

Read the full article on email scams on the FBI’s webpage: Business Email Compromise on the Rise

Microsoft 365 Collaboration Abilities

Office 365 becomes Microsoft 365 

Recently Office 365 became Microsoft 365. For Enterprise levels, the features remain the same although Microsoft is adding features often. For Business levels, the name has changed, and collaboration and security features have been added.  As Office is still an optional part of the subscription, the main focus has turned to Collaboration. 

Microsoft 365 Collaboration 

With many employees now working from home, collaboration tools have become extremely important. Organizations need to stay connected with their employees who in turn need to stay connected with their client base.  

  • Video calls have replaced onsite visits. 
  • Project hubs have replaced long conference room meetings. 
  • Chat has replaced stop-by-office discussions.  

Organizations are finding they can be very productive if they have the correct tools. One of the most used and recognized tools now is Teams from Microsoft, which is part of Microsoft 365, previously Office 365. Teams added 31 million users in the month of April 2020 alone bringing the total users worldwide to over 75 million and growing fast

 With COVID-19 changing the way businesses operate, there is so much uncertainty about the future of in-person business operations. Collaboration from remote locations has become crucial to workflow. Knowing you have the tools to maintain easy and effective communication can provide your business with a sense of unity and security. Microsoft 365 has some features you may not know about that can benefit your organization. 

How Microsoft 365 Connects Your Team 

Have you tried the multi-user chat on Microsoft 365 Teams? Did you know that it enables interoffice calling, scheduling, and meetings? It also facilitates co-authoring and presentations. These features enable you to work from anywhere. You can collaborate with anyone within your company. They are simple to use and Microsoft provides excellent video training. Start training now: Get Started with Microsoft Teams.   

Added Value with Co-Authoring 

You can co-author within the Microsoft 365 environment with apps like Word, Excel, and PowerPoint. Here are some quick steps to get started: 

  1. Create a document in OneDrive or SharePoint 
  2. In your open file, click the “Share” button in the top right corner 
  3. Select the names or enter email addresses to share your file 
  4. Select permissions for this document – location and collaboration level 
  5. Click “Send” 
  6. The person you shared with can now work on the same file 

Link to: Co-authoring an Excel Workbook 

Meetings with Clients Outside Your Organization 

If you need to set up a video meeting with customers, it is now simple with Teams.  

  1. Click a button on your Exchange Home Ribbon or go to your Teams Calendar and select the time. A window will pop up for you to enter the email addresses of attendees, title of meeting and a place to enter an explanation of the meeting or agenda.  
  1. Send the email to your attendees. 
  1. Once received, it is automatically added to their Outlook Calendar.  
  1. With an addon feature you can include a phone number for people who are not able to be on a computer.  
  1. At the time of the event, click the link and you are in the conference. If you have the app for Teams, you can enter there, otherwise it will show up on a Windows Browser.  

Team Meetings – Instant or Scheduled Meetings 

Team meetings can be instant or scheduled. To begin an instant meeting: 

  1. Select the camera icon in the top right corner 
  2. Invite an individual or the entire chat group 
  3. To schedule a meeting: 
  4. Go to the calendar on Teams 
  5. Click on the “New Meeting” button in the top right corner 
  6. Fill out the form to invite members of your organization 
  7. Choose the time, date, and subject 
  8. Select the “Save” button and Teams will automatically send an invite to attendees and put it in their calendar 

See the tutorial: Instant and Scheduled Meetings Tutorial 

Meetings – Live Events 

Meetings on the Teams platform are simple to set up. They may contain as many participants as you would like (up to 20,000 for Live Events) and are especially effective when using the video feature. For Live Events: 

  1. Go to the Teams Calendar and select live new meeting 
  2. Choose who can attend – specific people/Groups/entire organization/anyone who receives the link/public 
  3. You can choose to record it for Producers and Presenters or for attendees 
  4. You can also choose to have a Q&A session 
  5. Select “Schedule” and you will receive an attendee link to send to anyone via email or Teams 

See the tutorial: Live Event Tutorial 

Using Teams Meetings is an effective form of business communication as they allow you to see facial expressions and hear voice inflections, which bring more meaning to the conversation. Additionally, you can get much more accomplished in a shorter time with a video meeting than with dialoging in a chat when you keep them on schedule and to the point. 

Microsoft 365 Portal 

When you launch the Microsoft 365 portal, you see the Office applications you use most frequently. The search feature at the top of the page helps you quickly find your apps, files, and contacts on 365. Additionally, links to the following files are displayed: 

  • Recent    Links to your most recent files are listed here. If you click on this tab, you can see when you accessed this file last, whether the file is a shared file, and what has been recently changed.
  • Pinned    Pinning the files you work on most frequently, gives you quick access to them under this tab.
  • Shared with me    These are files that have been shared with you.
  • Discover    This tab shows relevant items from your OneDrive, a 1TB per user individual file repository

To start working on your documents, select one of these file links or navigate to a file in your OneDrive App. All the changes you and your team members make to a document are tracked and updated.  

See the tutorial: Get Started 

These tools will bring great value to your organization. 

Combine your Microsoft 365 account with a superior managed services provider. Integrinet IT is a full-service IT company providing outsourced IT for small- to mid-sized businesses in Idaho and Utah. Our 22 years of experience equips us with the skills to strategically keep all the layers of your computer, network, and hardware systems safe from cyberattacks and running at peak efficiency. Never far from your organization, our service engineers provide a personal, responsive approach when and where you need assistance. 

Powered by Integrinet IT | © Integrinet IT 1998 - 2020
error

Enjoy our articles? Please spread the word :)