Cyber, Attack, Encryption, Smartphone, Mobile, Finger

What You Need to Know About the Rise in Supply Chain Cyberattacks

Any cyberattack is dangerous, but the particularly devastating ones are those on supply chain companies. These can be any supplier – digital or non-digital – of goods and services.

We’ve seen several attacks on the supply chain occur in 2021 that had wide-reaching consequences. These are “one-to-many” attacks where victims can go far beyond the company that was initially breached.

Some recent high-profile examples of supply chain attacks include:

  • Colonial Pipeline: A ransomware attack caused this major gas pipeline to be shut down for nearly a week.
  • JBS: The world’s largest supplier of beef and pork products was hit with ransomware that caused plants in at least three countries to shut down for several days.
  • Kaseya: This software company had its code infected with ransomware, which quickly spread to IT businesses that used its products and to roughly 1,500 of their small business customers. 

Why do you need to be worried about supply chain attacks even more so than in the past? Because they’ve been growing and are expected to continue this trajectory.

Supply chain attacks rose by 42% during the first quarter of 2021. A surprising 97% of companies have been impacted by a breach in their supply chain, and 93% suffered a direct breach as a result of a supply chain security vulnerability.

If you’re not properly prepared, then you can be impacted by a breach of software you use or have a vital service or goods supplier go down for several days due to a cyberattack. 

As part of any good business continuity and disaster recovery strategy, you should look at supply chain risks in light of the current increase in attacks and formulate a plan.

How Can You Mitigate Your Risk of Losses Due to an Attack on Your Supply Chain?

Identify Your Supplier Risk

You can’t fix what you don’t know is wrong. So, you need to begin by shedding some light on your risk should one of your vendors get hit with ransomware (the current attack of choice on the supply chain) or another type of breach.

Make a list of all your vendors and suppliers, both for goods and services. This includes everything from the cloud services you use to the company that supplies your office products or any raw materials you may use in a product you sell.

Review these vendors to identify their cybersecurity risks. This is something you may need some help with from your IT partner. We can work with you to review vendor security or send them a survey to find out where they stand as to their cybersecurity, and then determine how much that may leave you at risk as one of their customers.

Create Minimum Security Requirements for Digital Vendors

Come up with some minimum security requirements that you can use as a benchmark with your vendors. One way to make this easier is to use an existing data privacy standard as your requirement. 

For example, if a vendor is GDPR compliant, then you know they’ve adopted several important cybersecurity standards that protect their business, and yours, from an attack.

Do an IT Security Assessment to Learn Where You’re Vulnerable

If the software you use had a vulnerability that was exploited by hackers to take over a system, how much does that leave your systems at risk? Do you have a regular patch application strategy in place to ensure any software updates are applied right away?

You should have an IT security assessment done if you haven’t done one in over a year. This will help you identify how strong your systems would be at preventing a breach or ransomware infection that was coming from a digital supply chain vendor.

Put Backup Vendors in Place Where Possible

If you sell widgets and have a single supplier for one specific part needed for that widget, you’re at a much higher risk of downtime than if you had two suppliers of that part.

If a key vendor of yours is attacked and can’t fill orders or provide services for a week or more, how will that impact your business? This is what you want to consider when setting up backup vendors.

For example, most companies would consider themselves down and not able to operate without their internet. Having a backup internet service provider can help you avoid lengthy downtime should your main ISP go down.

Look at putting this type of safety net in place for all vendors that you can.

Ensure All Data Kept in Cloud Services is Backed Up in a 3rd Party Tool

Microsoft recommends in its Services Agreement that customers back up their cloud data that is kept in its services (such as Microsoft 365). The policy states, “We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.”

You should have a backup (in a separate platform) of all data that you store in cloud services, so you’ll be protected in case of a ransomware infection or other data loss or service loss incident.

Schedule A Supply Chain Security Assessment

Don’t be in the dark about your risk. Schedule a supply chain security assessment to learn where you could be impacted in the case of a cyberattack on a supplier.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Laptop, Mouse, Stethoscope, Notebook, Keyboard

What Are the Best Ways to Give an Older PC New Life?

Purchasing a new computer is a big investment. Many small businesses and home PC owners end up struggling with older systems because they want to get as many years out of them as possible.

Have you found yourself banging on your keyboard in frustration? Have you tried every tip and trick you found online, only to still struggle with a slow PC? 

There are some promising upgrades you can do that will cost much less than the price of a new computer, while making your PC feel like new again. 

Here are some of the options you can try to improve the performance of an older computer.

Upgrade to a Solid-State Drive (SSD)

Prices for solid-state drives have come down quite a bit in the past few years, making them an affordable upgrade that can breathe life back into an older PC that might be slowing down.

Unlike hard disk drives (HDDs), SSDs do not have any moving parts and use a flash memory that allows for a quicker response time. You can improve your time to boot and your experience when searching files, opening applications, and other activities. 

Some of the advantages of upgrading your computer’s hard drive to SSD include:

  • SSD read/write speeds up to 2500 MB/second compared to HDD at up to 200 MB/second
  • SSD access time of 0.1ms as compared to HDD at 5.5-8.0ms
  • SSDs use between 2-5 watts of energy compared to HDD at 6-15 watts

Increase the RAM (Memory)

One upgrade that is very low-cost and can mean a significant increase in performance is a memory upgrade. If your PC was one of the cheaper ones that only had 4GB of RAM when you bought it, you likely have trouble opening too many tabs in your browser or using any graphics-heavy program.

Upgrading your RAM, if your PC has available memory slots, to 8GB or 12GB can make it seem like you have an entirely new computer due to the big increase in speed.

Upgrade the Graphics Card

If you play computer games or work in any type of video, imaging, or 3D software, an outdated graphics card can ruin your experience. 

Instead of replacing your entire computer, just upgrading the graphics card to a more robust model can improve your PC’s performance and give you several more useful years from it.

Replace Your PC Cooling System

Heat is an enemy of your computer’s internal parts. If your cooling system is getting worn out and not working the way it should be, then excess heat can be building up inside your device.

When this happens things can get strange, with programs crashing or your system rebooting on its own.

If you suspect excess heat may be an issue, have your computer’s fan and cooling system checked out to see if it needs replacing.

Connect an External Monitor to a Laptop

If you’re working on a laptop and having a hard time multi-tasking due to limited screen real estate, consider getting an external monitor rather than replacing your entire PC.

Monitors are just a fraction of the cost of computers, and having a screen twice the size of the one on your laptop can make all the difference in the world and improve productivity due to the additional screen space.

Replace Your Keyboard

Older keywords can stick, lose keys, and have the writing rubbed off the keys, making it more difficult to tell a “prt screen” from a “delete” button. If the performance of your PC is hampered by a frustrating keyboard, an upgrade can be a very inexpensive way to improve your equipment.

Get an External Hard Drive

Computers can slow down and be more difficult to use when the hard drive fills up with data. Over the years, files build up, and many users never take the time to go through and delete those that are unnecessary.

Buying an external hard drive can allow you to offload files that may be slowing you down, while still keeping them easily accessible.

Another benefit of an external hard drive is that it’s portable and can easily be carried between home and work and used in both places.

Get a Professional Computer Tune-Up

Those free PC cleaner tools you find online aren’t going to give you the type of tune-up that a professional IT provider can give. We will go through things like the Windows Registry, duplicate system files, internal errors, and more to clean up your system and remove all the “junk” that has built up over the years.

We can also do a maintenance check for things like failing parts, and provide expert guidance on your most impactful upgrade options. 

Get Help Improving Your Computer’s Performance Today!

Don’t struggle with an older PC! We can help you with cost-effective upgrade options that will fit your system and budget perfectly.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

iphone screen with icons on screen

Microsoft Teams Plan Comparison: Free vs M365 Business vs Teams Essentials

The shift to remote work over the last two years has caused companies to realign their digital tools. Now, many meetings default to being via video conference rather than in person, and working from home has become commonplace.

Seventy-seven percent of remote workers say they’re more productive working from home (a big reason is fewer distractions). Plus 85% of surveyed managers expect that having teams with remote workers will be the new normal.

But for remote working to work without employees feeling disconnected and customers feeling you’re hard to reach, you need to use cloud communication tools. One of the most popular, which has skyrocketed in popularity, is Microsoft Teams.

Between April 2020 and April 2021, the Microsoft Teams daily active users count rose from 75 million to 145 million

Teams is an all-in-one communication platform, providing more than just video conferencing or chat. It combines several capabilities into an online work hub for collaboration and communication. 

Some of the key features of MS Teams include:

  • Video and audio calls
  • Webinar registration & attendance reporting
  • Channeled team chat
  • File storage and sharing
  • In-app collaboration in Word, Excel, PPT, and more
  • In-app collaboration in 3rd party applications
  • Tabs that allow teams to link apps and websites inside a channel
  • Status notification and alerts
  • Use on all devices

MS Teams Evolution

Originally, Microsoft Teams was available only through a Microsoft 365 Business subscription. Then, to improve the popularity of Teams and compete with video conferencing platforms like Zoom, Microsoft brought out a free version with fewer features in 2018.

This helped the service increase its user base, however, there was a wide gap between the capabilities of the paid version with a Microsoft 365 subscription and the free version. Such as much less support, fewer features, etc.

Microsoft noted that it was missing a vital audience, the small business. Small business owners had a more difficult time fitting into either the free model, with very limited group meeting timing, or the paid model, which required a full M365 subscription.

So, in December of 2021, it brought out the third plan for MS Teams that it is hoping is “just right” for smaller companies that need the same collaboration and communication tools as everyone else. This plan is called Teams Essentials, and you don’t need to sign up for Microsoft 365 to get it.

Comparison of Teams Essentials vs Teams Free vs Teams with an M365 Business Plan

Next, we’ll go through the differences between these three MS Teams plans so you can identify the one that may make the most sense for your company.

Microsoft Teams Free Version

The free version of MS Teams was really brought out to reach the residential and home user crowd. An audience that had been completely missing from the Teams userbase up to that point.

This plan has the following capabilities:

  • Unlimited group meetings for up to 60 minutes
  • Up to 100 participants per meeting
  • 5GB of cloud storage per user
  • Unlimited chat
  • File sharing, tasks, and polling
  • Data encryption for calls, files, meetings, chats
  • Co-authoring capabilities
  • Ability to add tabs inside group channels

The biggest drawback of using the free version for your business is the 60-minute limit on group video meetings. The 5GB cloud storage also can be limiting for business use of Teams.

Microsoft Teams Essentials

Teams Essentials is $4/user/month and was designed specifically for small businesses that may not want to subscribe to M365, but still need a good cloud collaboration tool to keep their team connected and productive.

This plan has the following capabilities:

  • Everything in the free version, plus:
  • Unlimited group meetings for up to 30 hours
  • Up to 300 participants per meeting
  • 10GB of cloud storage per user
  • Anytime phone and web support

The additional group meeting time (up to 30 hours) is more than enough to fill any type of meeting need, even those that go on all day. Additionally, users get double the cloud storage space, and the phone and web support ensure your staff has help using the app when needed.

Teams with Microsoft 365

The version of Teams with Microsoft 365 is available with any business plan. The lowest cost plan is $6.00/user/month ($2 more than Essentials). However, the Basic package does not come with downloadable Office apps (Word, Excel, etc.), only the web versions.

The next step up would be M365 Business Standard at $12.50/user/month, which is quite a bit more than the price for Teams Essentials. This one does include the downloadable Office apps.

These plans have the following capabilities:

  • Everything in the Essentials version, plus:
  • Office applications (either web or web & downloadable)
  • All the many M365 cloud apps (OneDrive, Forms, SharePoint, OneNote, and many others)
  • 1TB of cloud storage per user
  • Webinar hosting
  • Customer appointment management
  • Premium security features

If you are planning to use Microsoft Office software and other applications, then it makes sense to get Teams along with an M365 subscription. However, if your business already owns the offline version of the Office suite or does not need it, then Teams Essentials offers a lot of capabilities with a lower price tag.

Need Help Getting MS Teams or Other Cloud Tools Set Up?

Today’s hybrid offices and remote teams need robust collaboration tools to compete. Contact us if you need help getting started with MS Teams or another cloud tool. We’ll be happy to facilitate a custom setup to ensure your staff can hit the ground running.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Cyber Security, Technology, Network, Internet

How to Protect Your Online Accounts from Being Breached

Stolen login credentials are a hot commodity on the Dark Web. There’s a price for every type of account from online banking to social media. For example, hacked social media accounts will go for between $30 to $80 each.

The rise in reliance on cloud services has caused a big increase in breached cloud accounts. Compromised login credentials are now the #1 cause of data breaches globally, according to IBM Security’s latest Cost of a Data Breach Report.

Having either a personal or business cloud account compromised can be very costly. It can lead to a ransomware infection, compliance breach, identity theft, and more.

To make matters more challenging, users are still adopting bad password habits that make it all too easy for criminals. For example:

  • 34% of people admit to sharing passwords with colleagues
  • 44% of people reuse passwords across work and personal accounts
  • 49% of people store passwords in unprotected plain text documents

Cloud accounts are more at risk of a breach than ever, but there are several things you can do to reduce the chance of having your online accounts compromised.

Use Multi-Factor Authentication (MFA)

Multi-factor authentication (MFA) is the best method there is to protect cloud accounts. While not a failsafe, it is proven to prevent approximately 99.9% of fraudulent sign-in attempts, according to a study cited by Microsoft.

When you add the second requirement to a login, which is generally to input a code that is sent to your phone, you significantly increase account security. In most cases, a hacker is not going to have access to your phone or another device that receives the MFA code, thus they won’t be able to get past this step.

The brief inconvenience of using that additional step when you log into your accounts is more than worth it for the bump in security.

Use a Password Manager for Secure Storage

One way that criminals get their hands on user passwords easily is when users store them in unsecured ways. Such as in an unprotected Word or Excel document or the contact application on their PC or phone.

Using a password manager provides you with a convenient place to store all your passwords that is also encrypted and secured. Plus, you only need to remember one strong master password to access all the others. 

Password managers can also autofill all your passwords in many different types of browsers, making it a convenient way to access your passwords securely across devices.

Review/Adjust Privacy & Security Settings

Have you taken the time to look at the security settings in your cloud tools? One of the common causes of cloud account breaches is misconfiguration. This is when security settings are not properly set to protect an account.

You don’t want to just leave SaaS security settings at defaults, as these may not be protective enough. Review and adjust cloud application security settings to ensure your account is properly safeguarded.

Use Leaked Password Alerts in Your Browser

You can have impeccable password security on your end, yet still have your passwords compromised. This can happen when a retailer or cloud service you use has their master database of usernames and passwords exposed and the data stolen.

When this happens, those leaked passwords can quickly end up for sale on the Dark Web without you even knowing it.

Due to this being such a prevalent problem, browsers like Chrome and Edge have had leaked password alert capabilities added. Any passwords that you save in the browser will be monitored, and if found to be leaked, you’ll see an alert when you use it.

Look for this in the password area of your browser, as you may have to enable it. This can help you know as soon as possible about a leaked password, so you can change it.

Don’t Enter Passwords When on a Public Wi-Fi

Whenever you’re on public Wi-Fi, you should assume that your traffic is being monitored. Hackers like to hang out on public hot spots in airports, restaurants, coffee shops, and other places so they can gather sensitive data, such as login passwords.

You should never enter a password, credit card number, or other sensitive information when you are connected to public Wi-Fi. You should either switch off Wi-Fi and use your phone’s wireless carrier connection or use a virtual private network (VPN) app, which encrypts the connection.

Use Good Device Security

If an attacker manages to breach your device using malware, they can often breach your accounts without a password needed. Just think about how many apps on your devices you can open and already be logged in to. 

To prevent an online account breach that happens through one of your devices, make sure you have strong device security. Best practices include:

  • Antivirus/anti-malware
  • Up-to-date software and OS
  • Phishing protection (like email filtering and DNS filtering)

Looking for Password & Cloud Account Security Solutions?

Don’t leave your online accounts at risk. We can help you review your current cloud account security and provide helpful recommendations.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Phishing, Credentials, Data, Login, Password, Internet

6 Ways to Combat Social Phishing Attacks

Phishing is the number one method of attack delivery for everything from ransomware to credential theft. We are very aware of it coming by email, but other types of phishing have been growing rapidly.

In recent years, phishing over social media has skyrocketed by 500%. There has also been a 100% increase in fraudulent social media accounts.

Phishing over social media often tricks the victims because people tend to let their guard down when on social platforms like Facebook, Instagram, Twitter, and LinkedIn. They’re socializing and not looking for phishing scams.

However, phishing scammers are out there looking for you and will reach out via friend requests and direct messages. Learn several ways you can secure your social media use to avoid these types of covert attacks.

Make Your Profile Private on Social Platforms

Phishing scammers love public profiles on social media because not only can they gather intel on you to strike up a conversation, but they can also clone your profile and put up a fake page for phishing your connections.

Criminals do this in order to try to connect with those on your friends or connections list to send social phishing links that those targets will be more likely to click because they believe it’s from someone they know.

You can limit your risk by going into your profile and making it private to your connections only. This means that only someone that you’ve connected with can see your posts and images, not the general public.

For sites like LinkedIn where many people network for business, you might still want to keep your profile public, but you can follow the other tips below to reduce your risk.

Hide Your Contacts/Friends List

You can keep social phishing scammers from trying to use your social media profile to get to your connections by hiding your friends or connections list. Platforms like LinkedIn and Facebook both give you this privacy option. 

Just be aware that this does not keep scammers from seeing you as a friend or connection on someone else’s profile unless they too have hidden their friends list.

Be Wary of Links Sent via Direct Message & in Posts

Links are the preferred way to deliver phishing attacks, especially over social media. Links in social posts are often shortened, making it difficult for someone to know where they are being directed until they get there. This makes it even more dangerous to click links you see on a social media platform.

A scammer might chat you up on LinkedIn to inquire about your business offerings and give you a link that they say is to their website. Unless you know the source to be legitimate, do not click links sent via direct message or in social media posts. They could be leading to a phishing site that does a drive-by download of malware onto your device.

Even if one of your connections shares a link, be sure to research where it is coming from. People often share posts in their own feeds because they like a meme or picture on the post, but they never take the time to check whether the source can be trusted.

Don’t Participate in Social Media Surveys or Quizzes

While it may be fun to know what Marvel superhero or Disney princess you are, stay away from quizzes on social media. They’re often designed as a ploy to gather data on you. Data that could be used for targeted phishing attacks or identity theft.

The Cambridge Analytica scandal that impacted the personal data of millions of Facebook users did not happen all that long ago. It was found that the company was using surveys and quizzes to collect information on users without their consent.

While this case was high-profile, they’re by no means the only ones that play loose and fast with user data and take advantage of social media to gather as much as they can.

It’s best to avoid any types of surveys or quizzes on any social media platform because once your personal data is out there, there is no getting it back.

Avoid Purchasing Directly from Ads on Facebook or Instagram

Many companies advertise on social media legitimately, but unfortunately, many scammers use the platforms as well for credit card fraud and identity theft.

If you see something that catches your eye in a Facebook or Instagram ad, go to the advertiser’s website directly to check it out, do not click through the social ad.

Research Before You Accept a Friend Request

It can be exciting to get a connection request on a social media platform. It could mean a new business connection or connecting with someone from your Alma mater. But this is another way that phishing scammers will look to take advantage of you. They’ll try to connect to you which can be a first step before reaching out direct via DM.

Do not connect with friend requests without first checking out the person on the site and online using a search engine. If you see that their timeline only has pictures of themself and no posts, that’s a big red flag that you should decline the request.

Can Your Devices Handle a Phishing Link or File?

It’s important to safeguard your devices with things like DNS filtering, managed antivirus, email filtering, and more. This will help protect you if you happen to click on a phishing link.

Find out how we can help!


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Upload, Online, Internet, Files, Cloud, Technology

4 Interesting Cloud Storage Trends to Watch for in 2022

One area of cloud computing that is used widely, but often isn’t as flashy as the software side is cloud storage. Storing files in the cloud to make them easily accessible and shareable from anywhere was one of the very first uses of the cloud that was adopted widely by many users.

As advances like automation and AI come to other types of cloud services, like team communications and business apps, cloud storage is not being left behind. The industry also continues to evolve to make storing data in the cloudless complex, more reliable, and better secured.

It’s estimated that in 2021, 50% of all company data was stored in the cloud. This is an increase of 15% from just five years earlier. With today’s hybrid teams that may be working from home and be hundreds or thousands of miles away from co-workers, it’s important to centrally locate files in cloud systems that can be accessed by everyone.

What can you expect to see in the cloud storage market this year? Here are some of the most interesting trends to keep an eye on.

1. Built-in Ransomware Defenses

Ransomware can impact data no matter where it is stored. Whether on a computer, server or in a cloud storage platform, this malware can encrypt the information and make it unreadable to the business that owns it.

In 2021, the average ransomware payment increased by 82% and ransomware incidents rose 64% during the first half of the year. A survey of CISOs found that over the last 18 months, 98% of organizations suffered a cloud data breach.

To combat ransomware, you’ll begin seeing cloud storage services offering ransomware recovery protection. This involves sophisticated systems that can help prevent files from being encrypted by code as well as those that take a copy of files and store it securely away, so files can be restored at the click of a button.

With ransomware showing no sign of stopping, this is a welcome addition in the cloud storage arena.

2. “The Edge” Becomes More Key in Cloud Storage

One of the new buzzwords of the last few years has been “Edge” or “Edge computing.” This means bringing data applications and storage resources geographically closer to the user that needs to connect to them.

As reliance on cloud storage and other cloud applications has increased, so has the need to improve response times from user to server. When data must travel across large distances, it becomes more difficult to quickly and economically deliver the best user experience. Thus, cloud service providers have been moving to an Edge computing model.

What this means for you is better reliability and faster response when accessing or searching on files because your provider is going to work to provide your service from one of the company’s cloud servers that is geographically closer to your location.

For companies with offices spread out around a country or throughout the world, this means that you’ll want to keep service location in mind when signing up for cloud storage and have a discussion with the provider about distance and how Edge computing factors in.

3. Expect More Help from AI and Machine Learning

AI and machine learning are making just about every area of technology smarter. Microsoft Word and text message apps now predict what you might type to help you fill in the blanks and type faster. Programs like Photoshop can crop around a person in an image in seconds using AI.

AI is also going to become more prevalent in cloud storage this year. You can expect help with automatic organization of your files based on your cloud storage patterns. 

Look for features designed to eliminate manual or repetitive tasks to free up more time. This includes AI helping to automate things like provisioning, obtaining, and importing data (known as “ingesting”), managing data retention, and more.

4. Legacy Vendors Begin Offering More Cloud Options

2022 is going to bring more cloud storage options coming from legacy technology providers. For example, Hewlett-Packard Enterprise recently introduced a new Data Services Cloud Console, and Dell Technologies just announced a new APEX multi-cloud design that it is working on to improve the cloud ecosystem.

More cloud storage options mean you may need more help deciding which model will work best for you, as pricing will vary widely. You don’t want to end up with more storage than you need or be paying a lot for a smaller amount of space.

It pays to keep on top of new offerings and understand that every new cloud storage option might not be a fit for your organization’s specific data storage needs.

Get Help Optimizing Your Cloud Storage & Backup Environment

Your business data is what runs your company, and it needs to be stored securely and in a way that’s accessible. Find out how we can help you optimize your cloud storage to improve cost efficiency.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.