Blog

What is the Dark Web? Reasons It Can Hurt Your Business

 

You may have seen commercials from Experian that offer to scan the dark web for your private data so you won't be a victim of identity theft. Unfortunately, the dark web presents a great danger to businesses as well. Cybercriminals use undercover websites on the deep web to sell confidential data, discuss plans for attacking businesses, and launch malware attacks. Since security breaches are on the rise, you will find there's an increased need to monitor private data on the dark web so you can protect your business and clients.

Intro to the Deep Web
The deep web refers to a network of websites that can only be viewed an identity hiding browser called Tor. As stated by Michael K. Bergman, an expert of the deep web, only 0.03 of the deep web is readily available to standard search engines (Google and Bing for example). The Tor web browser was developed by the federal government to allow individuals to share highly confidential information without exposing their identities or locations. Tor can conceal the location of individuals by directing their traffic randomly through many different offshore servers.

The legitimate use of the deep web helped:
• The federal government protect their online intelligence communications
• Protesters speak out against tyrannical governments
• Journalists receive their scoop from anonymous sources

Deep Web Use for Illegal Activities
Unfortunately, a number of crooks discovered they can use deep websites to conduct criminal activities with virtually no chance of getting caught by law enforcement agencies. These illegal deep websites are collectively known as the dark web. The dark web offers an illegal marketplace (also referred to as the black market) for criminals to buy hacking exploit kits and blocks of personally identifiable information (for example, credit card numbers, intellectual properties, and login information). It's the same black market people mention when talking about the sale of human organs, illegal drugs, and slave labor. To make sure that purchases stay secret, cybercriminals use bitcoin, a form of digital anonymized currency, instead of a credit or debit card.

The dark web also offers secret forums for cybercriminals to prepare attacks against organizations, governments, executives, technologies, and services. Additionally, criminals use the dark web as a hidden staging area for distributing malware on business networks. From there, they can take control of devices to log into online accounts, launch spear phishing campaigns, and collect ransomware funds. On top of that, cybercriminals may go a step further and contract company employees to carry out insider attacks.

Dark Web Monitoring
Dark web monitoring experts can search obscure areas of the web for your organization’s stolen or compromised data. They use advanced crawling software to hunt for confidential data in deep web pages, social media services, forums, bulletin boards, peer to peer sharing networks, and malware samples. If the crawler finds private data, you'll receive an alert and your organization can then begin remediation activities, including updating account passwords, notifying customers of the breach, and reporting the event to industry regulating agencies. Dark web monitoring experts can also conduct cybersecurity sting operations by placing fake personal information on corporate networks and then tracing the data online if a breach happens. It’s comparable to law enforcement officers marking dollar bills to capture mobsters and drug dealers.

You can prevent dark web security breaches by:
• Scanning devices with anti-malware applications frequently
• Performing device operating system updates once they become available. Hackers target devices that do not run these updates for breaches.
• Replacing obsolete operating systems, particularly Windows XP and Vista, with Windows 10
• Not using the same passwords across multiple online accounts and services
• Watching out for employees using consumer cloud services, such as Dropbox and Evernote, for workplace tasks without IT oversight. The consumer version of cloud services do not have sufficient security controls to protect business data against leaks and breaches. If for example, your staff needs to share files with others conveniently, you can ask SwiftTech Solutions to set up company accounts for an encrypted enterprise level cloud application, such as Dropbox for Business, Egnyte, and Box Enterprise.
• Requiring staff members to participate in regular training on safe cybersecurity practices
• Developing a business continuity plan to make sure that your business can maintain operations if there is a breach.

SwiftTech Solutions can provide dark web monitoring services as part of an overall Security as a Service package:
• Web security
• Email security
• Web monitoring
• Enterprise Anti-Virus & Anti-Malware Protection
• Ransomware Protection
• Intrusion Prevention, Detection, and Management

 

Interested in subscribing to our Security as a Service? Contact us at [email protected] or 877-794-3811.

Read more...

Bad Rabbit Ransomware: Beware of Fake Flash Updates

 

A new version of ransomware known as Bad Rabbit is attacking businesses around the world. Impacted users picked up the malware from hacked news and media websites. The malware recommends website visitors to download a phony Adobe Flash update. As soon as the person installs this fake update, the ransomware will encrypt data on the device and extort victims in exchange for the decryption key.

Businesses in Ukraine and Russia were among the first to be attacked by Bad Rabbit. However, the ransomware attack spread to users in the United States and Europe.

How it works:
1. The victim visits a hacked news or media site and sees a fake pop-up notice to update Adobe Flash.
2. The victim clicks on the pop-up to launch a download and installation of a Adobe Flash update coded with Bad Rabbit.
3. Bad Rabbit will then encrypt documents, video, and audio files on Windows devices.
4. When the victim reboots the device, a ransom note will appear informing victims their files are no longer accessible and they’ll need to pay to regain access.
5. The ransom note will then instruct victims to go to a web address that ends with .onion. The website will require users to pay roughly $276 in bitcoins in exchange for the data.
6. In the meantime, the malware will scan the device for saved login information and spread to other computers on the network.

What to do:
• Scan your devices with anti-malware software on a regular basis. This software can identify and prevent ransomware installation attempts.
• Run backups of your device at a data center and to the cloud. If you are attacked by ransomware, we can prevent data loss by wiping the device and restoring the latest working version of your data.
• Keep your operating system software up to date. If a Windows device uses Vista or older, you must upgrade to Windows 10. Also, install patches as soon as they become available.
• Don’t give employees access to network drives if they are not pertinent to their work responsibilities.
• Disable Flash on your computer if you are not using it. Flash is a popular application for cybercriminals to deliver malware because it is full of security holes. As a result, Adobe will stop updating and distributing the software in 2020. If you must use Flash, install updates by going directly to Adobe’s website at this link: https://get.adobe.com/flashplayer.
• If you still use a website built with Flash, hire a web developer to create a brand-new website coded in HTML5. Cybercriminals can take control a Flash-based website and use it as part of their malware distribution network. This may cause Google and anti-virus software to tag the website as dangerous to visit. Plus, Apple and newer Android mobile devices do not support Flash software. Therefore, these visitors will not be able to see your website.
• If you are attacked by Bad Rabbit or any other malware strain, disconnect your device from the internet and contact SwiftTech Solutions immediately. Also, you can file a complaint with the Internet Crime Complaint Center (IC3) at https://www.ic3.gov/.

Thankfully, there are now more cybersecurity tools available that provide multiple levels of protection against ransomware attacks. We can safeguard your business against Bad Rabbit and other malware variants with our Security as a Service:
• Ransomware Protection
• Enterprise Anti-Virus & Anti-Malware
• Web Security
• Email Security
• Intrusion Prevention, Detection, & Protection Management
• Security Monitoring

If you're interested in subscribing to our Security as a Service, please contact SwiftTech Solutions at 877-794-3811.

Read more...

October is National Cyber Security Awareness Month

 

October is not just the month for getting into the Halloween spirit. It’s also National Cyber Security Awareness month, which is sponsored by the Department of Homeland Security and the National Cyber Security Alliance (NCSA). This campaign was created in 2004 to raise the awareness of the role cybersecurity plays in everyone’s lives. Since the emergence of major cybersecurity events this year, such as the WannaCry ransomware attacks and the Equifax breach, there’s now an even greater urgency to adopt safer cybersecurity practices.

 

One of the themes for this month is called “Simple Steps to Online Safety.” The theme encourages people to take simple actions to protect themselves online and to recover in case a cyber event occurs. StaySafeOnline, a NCSA website, provides online safety basics on these topics:

Spam and phishing: Cybercriminals will use sophisticated methods to manipulate people into clicking on a malicious link, disclosing personal information, or sending them money. The email will instruct you to take action quickly because your account has been compromised or there is an urgent matter to address. Follow up with the company using the contact information on their website, not the email. Also, make sure to enable filters on your email accounts, hide emails from social media profiles, and report spam.

Online shopping: With the rise of e-commerce websites, cyber thieves can use shady websites to trick online shoppers into handing over their credit card information or paying for goods they won’t receive. If you’re considering buying items from an unfamiliar website, make sure to read the reviews of previous customers beforehand. Also, the website should display an https:// address to show it will protect information the visitor submits, such as credit card numbers.

Data backups: Data can be lost due to equipment failures, theft, malware, human error, and natural disasters. Make sure to keep backups at a data center and to the cloud. Also, the backups should have file versioning, which means multiple backups are collected at different time intervals.

Malware, botnets, and ransomware: Cybercriminals can spread malicious software that can steal, corrupt, and destroy valuable data. Plus, the device can be included in their bot network to infect other victims. Make sure to scan your devices with anti-virus software on a regular basis. Also, keep your operating system, device application, and web browsing software up to date.

 

Another theme for this month is “Cybersecurity in the Workplace is Everyone’s Business.” This theme urges organizations to create a culture of cybersecurity and for each employee to take a role in preventing cyber-attacks. The National Institute of Standards and Technology (NIST) provided a cybersecurity framework you and SwiftTech can refer to when improving your business’ cybersecurity practices:

Identify: Determine your company’s most valuable assets, such as customer records, employee tax information, and credit card information. NIST recommends keeping an inventory of your data and technology assets. Also, make sure to keep track of the employees who have access to each of those assets.

Protect: Set up safeguards to prevent and protect your assets against cyber threats. Basic protection involves scanning devices with anti-virus software regularly, keeping device software updated, and limiting access to network drives to those who need it. NIST also recommends not reusing passwords on accounts, using a VPN on a public Wi-Fi hotspot, implementing two-factor authentication for online accounts (when possible), and participating in periodic cybersecurity training.

Detect: Monitor IT systems continuously and alert of any cybersecurity events. SwiftTech uses advanced software that monitors your network around the clock for any threats. However, NIST recommends that each employee should be able to spot suspicious activities (e.g., phishing, ransomware, and scams) and then report them. In addition to the tips mentioned in the “Simple Steps to Online Safety” section, make sure to inspect links closely on emails and texts before clicking. Also, don't open unexpected attachments, especially from contacts you don't know.

Respond: Take action in response to detected cybersecurity events. In case this happens, SwiftTech will work diligently to resolve problems that result from the event, such as restoring network operations, recovering lost data, or finding replacements for damaged equipment. However, your organization should have a business continuity plan in place for continuing operations during a disaster, alerting customers and third parties of the event, and reporting to industry regulating agencies.

Recover: Resume normal workplace operations promptly after a cybersecurity attack. Determine the cause of the security breach, implement fixes across the entire organization, and then update your IT policies. For example, if someone was attacked by ransomware because they were using an outdated Windows operating system, such as Vista, you would need to update that person’s system, and then ensure all company devices are kept up to date going forward. Also, if an unsuspecting employee pays a fraudulent invoice, you contact the bank to stop the charges and educate your staff regularly on phishing scams.

 

SwiftTech Solutions wants to make sure your business stays protected. If you have any questions about your company’s security, feel free to contact us by calling 877-794-3811 or emailing [email protected]

 

In addition, our subscription-based cloud service, called Security as a Service, provides added protection against security breaches. The service includes:
• Ransomware Protection
• Email Security
• Web Security
• Enterprise Anti-Virus & Anti-Malware Protection
• Intrusion Prevention, Detection, & Management
• Security Monitoring

 

If you're interested in subscribing to our Security as a Service, please contact SwiftTech Solutions at 877-794-3811.

Read more...

Earthquake Preparation: Is Your Business Ready?

 

Mother Nature has been on a rampage for the past couple months. The Gulf Coast and central Mexico were hit with a series of disasters, leaving devastation and death behind.

With all the disasters occurring, now is a good time to consider preparing your earthquake resiliency plan. Since major earthquakes occur in Southern California at a very low frequency, it’s easy to take the situation for granted and procrastinate on preparation. After all, the last time the region experienced “The Big One” was in 1994 with the Northridge earthquake. However, various news outlets, including The Weather Channel, CNBC, and Newsweek, are reporting that the region is due for a major earthquake.

Earthquakes can strike at any time and can cause severe destruction to your business including injury and/or death within your workforce, broken equipment, and damaged facilities. In turn, these events lead to interruptions in your operations including:
• Service and communication breakdowns
• Lost earnings
• Paying costs insurance does not cover
• Unavailability of employee skill sets

 

Make sure to cover the basics in preparing for an earthquake:

Building a disaster supply kit with water, food, first aid kit, flashlights and more. A comprehensive list of recommended kit supplies is listed on Ready.gov.
Securing hazard areas. Weaknesses in your office building will need to be repaired. Also, make sure to secure bookshelves, desks, cabinets, computers, and lamps to a stable surface. Furthermore, move heavy items on lower shelves and clear boxes away from the exits.
Conducting periodic earthquake drills. Employees should practice going to a safe area, such as under a desk, then perform the drop, cover, and hold on movement. Afterwards, they should go to a designated emergency exit and be sure to use the stairs instead of the elevator, if applicable.

 

Also, we recommend creating a disaster response plan that includes:

Performing a risk assessment to determine your readiness for an earthquake.
Being able to access employee, payroll, and customer vital data. Paper documents should be stored in fire and waterproof containers. Electronic documents should be backed up to the cloud.
Setting up alternate plans for running critical business functions, including sales, billing, customer support, and employee operations.
Ensuring employees can have timely access to a temporary office location, laptops, and software. These plans should also include special arrangements for those with disabilities.
Assigning decision-making roles in the absence of key members of your management team.
Keeping a list of contacts to call on to fix any service operation interruptions, including property management, utility companies, and any other providers, including SwiftTech Solutions.
Keeping a list of customer contacts to notify of any impacts to product or service delivery.

 

SwiftTech Solutions can help your company with earthquake preparation with our business continuity services, which includes:

• Business Impact Analysis
• Disaster Recovery Plan
• Business Resumption Plan
• Business Recovery Plan
• Contingency Plan

 

For more information about our IT services, please contact SwiftTech Solutions at 877-794-3811 or email [email protected]

Read more...

The Equifax Data Breach: What You Need to Know

 

You probably already heard in the news that Equifax was breached. Hackers exploited a security hole in their website application and then stole personal data on an estimated 143 million Americans.

Equifax is one of the big three credit reporting bureaus alongside Experian and TransUnion. They work with companies, banks, retailers, landlords, and lenders to retrieve the credit history of the organization’s customers. For example, if any of their customers are applying for a mortgage, the bank will run a credit check with one of the bureaus to determine if they are financially able to pay back their loans.

In order to conduct the credit checks, Equifax collects personally identifiable data on each person such as:
• Social security numbers
• Birth dates
• Addresses
• Driver licenses
• Credit card numbers

If personally identifiable data falls into the wrong hands, thieves can do the following at your expense:
• Apply for credit cards and mortgages
• Receive medical care
• Collect your tax refund
• Get employment

 

How can I protect myself?

Assume you are vulnerable. Equifax provided the website equifaxsecurity2017.com to check if you are vulnerable. However, users of the website stated that they’ve checked their vulnerability status on both a desktop and mobile device, then got conflicting results. You’re better off taking a more proactive stance on protecting your credit by taking the extra steps below.

Sign up for credit monitoring. Equifax will provide a year of free credit reporting on the equifaxsecurity2017.com website, which includes a copy of the Equifax credit report, a freeze on your credit account, a scan of suspicious websites for your social security number, and up to $1 million worth of identity theft insurance. Visitors of the website reported that there was disclaimer text stating customers waive their right to participate in a class action lawsuit if they sign up for the credit monitoring. In response, Equifax stated this right was not waived and removed the disclaimer text.

Check your credit report with the major credit bureaus. You can visit annualcreditreport.com and check your Equifax, Experian, and TransUnion credit reports. Look for accounts you don’t recognize and remove incorrect address listings.

File for a credit freeze with Equifax, Experian, and TransUnion. This prevents thieves from opening accounts in your name, since the action prevents creditors from viewing your files. It costs $5-10 to freeze your accounts, depending on the credit bureau. However, this must be done after you request your credit monitoring. Also, you’ll need to unfreeze the accounts temporarily if you need to buy a car or take out a mortgage.

Put a fraud alert on your credit account with the major credit bureaus. When the alert is activated, creditors must verify your identity before opening a new account. The alert is active for 90 days.

Watch out for scammers trying to make a profit off the Equifax hack. In particular, watch for:

○ Calls from scammers impersonating Equifax. The bureau will not give unsolicited phone calls asking people to verify their information. Hang up and go the Equifax website to either send a message or call the listed number.
○ Spear phishing emails from scammers pretending to be from a financial institution. These emails will ask recipients to click on a link or open a file to verify their account. Clicking on these items may download spyware or ransomware instead.
○ Tax return fraud. Thieves will get victim’s names, addresses, and social security numbers to file a tax return and collect your refund check. For next year and beyond, make sure to file your tax return as soon as possible. If you find out your tax return was filed without your consent, submit a police report. Then, contact the IRS Identity Protection Specialized Unit at 1-800-908-4490.

If your identity was stolen:
• Go to identitytheft.gov to file an identity theft report.
• Request to close fraudulent accounts in writing.
• Dispute any fraudulent information on your account.

 

If your business has any questions about its cybersecurity, contact us at 877-794-3811 or email [email protected]

Read more...

Beware of Hurricane Harvey Phishing Scams

 

Hurricane Harvey, a category 4 storm, overwhelmed the Houston area with heavy rainstorms. As a result, many residents had to escape severe flooding in their homes and neighborhoods. Most of the residents evacuated of the flooding areas, but over 40 people (and counting) lost their lives. As we witness their stories in the news, many Americans are motivated to help fellow humans in need.

Sadly, you must watch out for opportunistic cyber criminals trying to make a profit from Hurricane Harvey. They will send out messages pretending to be a charity collecting donations for the disaster victims. In reality, these fake charities will pocket the proceeds for themselves and send nothing to the victims. These cyber criminals manipulate their targets into sending money by exploiting their sympathetic feelings for the Hurricane Harvey victims.

The cyber scammers send out their messages primarily through these two methods:
Email: The cyber scammers send out emails pretending to be from legitimate charities, such as the Hurricane Harvey Relief Fund. Then, the email will either instruct users to open an attachment coded with malware or click on a link to a phony charity portal that steals credit card information.
Social Media: On Facebook, cyber scammers are creating bogus charity profiles and then soliciting donations from there. Also on Twitter, bots are tweeting links to malicious impersonated portals.

To protect yourself from this scam:
Realize that scams will pop up with every major event, such as a natural disaster, worldwide news story, and holidays. For cyber criminals, each event is a shameless opportunity to manipulate people into sending them money. They have little to no remorse for stealing funds away from those in dire straits.
Be cautious regarding Hurricane Harvey related emails, links, and attachments, even if it appears to be from someone you know. That contact could possibly be compromised by a hacker.
Keep device and anti-virus software up to date, and then run scans on a regular basis.
• You can report scam emails forwarding them to the Federal Trade Commission at [email protected]

To ensure your contribution goes to Hurricane Harvey victims:
Research the organizations you are considering donating to. You can cross check the charity with Charity Navigator, GuideStar, and the National Association of State Charity Officials.
If a charity is soliciting donations through Facebook, look at their profile. If the page was recently set up and only has a few followers, move on to a different charity.
Submit donations directly to the charity’s website. For example, if you get an unsolicited phone call or email from someone claiming to be from a legitimate charity, go to the website instead to make the donation.
Don’t give donations in cash or by wire. There is no way to get the money back if it turns out to be a scam. Donate by check or credit card so there is a digital paper trail of the transaction.
If you suspect were scammed by a fake charity, call the National Center for Disaster Fraud hotline at (866) 720-5721. Also, report the charge to your bank or credit card company.

For more information about our IT services, please contact SwiftTech Solutions at 877-794-3811 or email [email protected]

Read more...

Social Engineering: How Humans are Hacked

 

The easiest way to hack an IT system is by manipulating a user, rather than a machine. Social engineering allows hackers to gain access to data, systems, or buildings by exploiting human psychology. Cybercriminals can carry out social engineering attacks on the internet, over the phone, and in person.

Social engineering hackers exploit their victims by appealing to these emotions:
• Fear
• Urgency
• Laziness
• Curiosity
• Sympathy
• Greed

 

Types of social engineering attacks:

Pretexting: The hacker will pretend to be someone you know, such as a co-worker. For example, the hacker may use an email address similar to the co-worker, and then urge you to look at their attached spreadsheet report immediately. Unfortunately, the spreadsheet is embedded with malware, which will launch as soon as the file is opened.
Phishing: The hacker, posing as a legitimate organization, will urge the user to take action quickly via email, such as entering login credentials on a data stealing portal. For instance, a recipient could be asked to verify their bank account information by clicking on an official looking email, and then entering their account number and PIN into their fake portal.
Vishing: Similar to phishing, but involves the hacker contacting the victim by phone instead. The hacker can pretend to be a co-worker who urgently needs the login information for client management software.
Scareware: Hackers will trick their victims into thinking their computer is infected with malware or they downloaded illegal content. The hacker will then provide you with a bogus fix and then collect a fee for the service.
Quid Pro Quo: Hackers will encourage user to divulge private information in exchange for prizes or discounts. The information is collected, such as birthdates and passwords, is used to commit fraud and steal your money.
Baiting: The hacker will leave an external storage media, such as a USB drive or CD, where someone can easily find it. The media may have an enticing label, such as employee salary information. The user will then load the media onto their computer and unknowingly install malware.
Tailgating: The hacker will lurk outside in an employee hang out spot, such as a smoking area, and start talking to a group. When the group moves back into their secured building, the hacker will follow them inside. The hacker may even have a stolen or counterfeit badge they can use to enter offices and snoop through company assets.

How can I protect myself?
• As always, make sure to inspect links closely on emails and text messages. Also, don’t open unexpected attachments, especially from unknown recipients.
If you get a random request for personal information, follow up with the source through a different communication method. For example, if you get an email from a co-worker to wire money to a vendor, follow up with a phone call.
Don’t call support phone numbers from random browser pop ups. Close the browser to get rid of the message. If you have any doubts, call SwiftTech Solutions.
Don’t let anyone follow you inside a secure building unless you know it is a fellow tenant. Let them know you can’t let them in because of building’s security policy and they should contact the company he/she is visiting in order to gain entry.
Make sure desktop and mobile devices display a lock screen after five minutes of inactivity.
Make sure to keep your social media accounts private and be careful of accepting friend requests from people you don’t know.
If you use an ID badge to enter the building, keep it with you at all times throughout the work day. If you lose the card, you’ll need to report the incident immediately to the issuing party, such as Human Resources or the building management.
Trust your instincts. If something feels off, chances are you are correct.

If you’ve been scammed by social engineers already:
Contact SwiftTech Solutions immediately for assistance. Call 877-794-3811 or email [email protected].
Call your bank and credit card companies to report any fraudulent charges.
File a complaint with the Federal Trade Commission (FTC). Email your information to [email protected].

To learn more about our IT services, contact us at [email protected] or 877-794-3811.

Read more...

Trojan Horses: Malware in Disguise

 

You may have heard the term Trojan horse before, but not be fully aware of the problems the malware can cause.You may have heard the term Trojan horse before, but not be fully aware of the problems the malware can cause.


A Trojan horse is a malicious program disguised as legitimate software. Trojan horses pretend to provide helpful or fun features, such as goofy images sent through emails, PDF to Excel conversion software, or pirated movies. However, some of these “free resources” may be bundled with malware that can take over your computer. The Trojan horse will then download malicious software in the background.  


The term Trojan horse for malware originates from the Greek story of the Trojan war. The Greeks offered a wooden horse to the Trojans as a peace offering. However, the Greeks hid soldiers inside the horse. The Trojans wheeled the horse behind their city gates. Afterward, the Greek soldiers climbed out of the horse and captured Troy. 


Types of malware usually hidden in Trojan horses:
Remote access: The malware will take complete control of the user’s system.
Data sending: The malware will record sensitive data to send to hackers through keylogging software, such as login information and credit card numbers. 
Destructive: The malware will corrupt and delete data on your hard drive.
Proxy: The malware will use the computer as part of its network for launching attacks on other victims. 
File Transfer Protocol (FTP): The attack will use file transfer software to connect to a computer by opening a port.
Security Software Disabling: The malware will shut off your firewall and anti-virus program.
Denial of Service: The malware will bring down the network by flooding it with spam traffic. 

 

How can I prevent Trojan horse installations?
Run scans of your computer on a weekly basis. Premium versions of trusted anti-virus software will run regular scans on your computer and monitor for threats in the background. Also, make sure to keep the software up to date, since the program will provide patches as new threats emerge.
Update your operating system regularly
Run backups of your device and shared drives regularly
Don’t click on any strange looking links and attachments, especially from unknown senders.
Use tough passwords and store them on a password manager.
Don’t visit sketchy websites, such as media pirating, porn, and peer-to-peer file transfer. Fortunately, your firewall may have most of these websites blacklisted and will block users from accessing them on the network. 
Research software before installing. Look at the reviews and message board postings for your candidate software. Steer clear of the ones reviewers are criticizing as being full of malware. Then, download the software straight from the original vendor. 

 

If you suspect you installed a Trojan horse:
Contact SwiftTech Solutions. Call 877-794-3811 or email [email protected] We’ll work on removing the malicious programs from your computer and restoring your data from available working backups.  
• Disconnect the computer from the internet until further instruction by SwiftTech Solutions.  
• Don’t visit any personal accounts that require a password on the affected device, such as your banking account. If you did this already, go to a different device and change your password immediately.

 

To learn more about our IT services, contact us at [email protected] or 877-794-3811.

 

SOURCES
Bullguard. Computer Trojan Horse Virus Information. Retrieved from: http://www.bullguard.com/bullguard-security-center/pc-security/computer-threats/what-is-a-trojan-horse.aspx
Durkota, M and Dormann, W. Recovering from a Trojan Horse or Virus. Retrieved from: https://www.us-cert.gov/sites/default/files/publications/trojan-recovery.pdf
Combofix. What is Trojan horse virus and how to remove it manually. Retrieved from: http://combofix.org/what-is-trojan-horse-virus-and-how-to-remove-it-manually.php
Beal, V. The Difference Between a Computer Virus, Worm and Trojan Horse. (2015, December 14). Retrieved from: http://www.webopedia.com/DidYouKnow/Internet/virus.asp
PC Tools. What is a Trojan Virus? Retrieved from: http://www.pctools.com/security-news/what-is-a-trojan-virus/
Lemonnier, J. What is Trojan horse malware? (2015, June 6). Retrieved from: https://www.avg.com/en/signal/what-is-a-trojan
Norton. What Is A Trojan? Retrieved from: https://us.norton.com/internetsecurity-malware-what-is-a-trojan.html
Kaspersky Lab. What is a Trojan Virus? - Definition. Retrieved from: https://usa.kaspersky.com/resource-center/threats/trojans

Read more...

Smishing Scams: A Text Messaging Threat on the Rise

 

Phishing scammers are not simply targeting victims by email. They are also sending text messages requesting personal information so they can steal your identity and apply for new credit in your name. This scam, called smishing, or SMS phishing, is any type of phishing activity carried out through text message.

According to Symantec, users tend to trust text messages more than emails. In turn, these users are less cautious with clicking on text message links. 

Smishers generally send text messages instructing the recipient to confirm account information by completing one of these tasks:
Call a phone number: An automated system will usually take the phone call. The automated system will ask you to enter your personal information, such as a bank’s debit card number and PIN number. 
Click on a link: The recipient is directed to a portal cloaked as a legitimate institution. The scam portal will then ask the user to confirm account information by entering personal data. Alternately, the portal can start installing keylogging software that records your keystrokes, including your account login information to financial websites. 

 

Examples of smishing scam messages from USA Today:

• Dear customer, Bank of America needs you to verify your PIN number immediately to confirm you're the proper account holder. Some accounts have been breached. We urgently ask you to protect yourself by confirming your info here.

• IRS Notice: Tax Return File Overdue! Click here to enter your information to prevent being prosecuted.

• Your entry last month has WON. Congratulations! Go to [URL] and enter your winning code – 1122 – to claim your $1,000 Best Buy gift card!

 

What can you do?

• If you get a text asking to confirm information, it’s not coming from a legitimate organization. Government agencies and banks won’t ask for personal and financial information by text message. 
• Don’t reply to text messages from numbers you don’t know, not even to tell them to stop contacting you. Block the number, if the function is available on your phone plan. 
• Don’t open links from numbers you don’t know, especially if it comes from a 5000 number. There’s no filtering program available to block a malicious text from reaching your phone. Delete the message instead.
• Don’t call the number listed in the text message. Go directly to the institution’s website and use their posted phone number instead.
• Report a spam text message to your phone carrier by forwarding messages to 7726 (SPAM). Your phone carrier will look into the issue.
• Install anti-virus/anti-malware protection on your device.
• Examine your phone bill for any unusual charges. 
• Add your phone number to the Do Not Call Registry.
• Don’t post your phone number on social media. 
• Update your smartphone’s operating system to its latest version.
• If you gave out your private information by text already, contact these credit card reporting agencies and they’ll determine if they need to place a fraud alert on your file:

○ Experian

○ TransUnion

○ Equifax

• If you are a victim of a smishing scam, file a complaint with the Federal Trade Commission (FTC). Email your information to [email protected]

 

If you have any questions regarding the security of your smartphone, you can reach out to SwiftTech Solutions at 877-794-3811 or [email protected]

 

SOURCES
Security Through Education. SMiShing. Retrieved from: https://www.social-engineer.org/framework/attack-vectors/smishing/
RSA Security Inc. Phishing, Vishing and Smishing: Old Threats Present New Risks. Retrieved from: https://www.emc.com/collateral/white-papers/h11933-wp-phishing-vishing-smishing.pdf
Swanson, L. Beware of Text Message Phishing — or "Smishing" — Scams. Retrieved from: https://www.ag.state.mn.us/Brochures/pubtextmessagephishingorsmishingscams.pdf
Segarra, L.M. 'Smishing' Is Internet Scammers' New Favorite Trick. Here's How to Avoid It. (2017, July 7). Retrieved from: http://fortune.com/2017/07/07/smishing-scam/
Federal Trade Commission. Text Message Spam. Retrieved from: https://www.consumer.ftc.gov/articles/0350-text-message-spam
CNBC. 'Smishing' scams target your text messages. Here's how to avoid...(2017, July 5). Retrieved from: http://www.cnbc.com/video/2017/07/05/smishing-scams-target-your-text-messages-heres-how-to-avoid-them.html?play=1
Norton. What is Smishing? Retrieved from: https://us.norton.com/internetsecurity-emerging-threats-what-is-smishing.html
Philadelphia Federal Credit Union. Smishing. Retrieved from: https://www.pfcu.com/financial-education/security-resource-center/smishing

Read more...

Latest Version of Petya Malware Attacked Businesses Worldwide

 

Another major malware attack occurred shortly after the recent WannaCry outbreak. A new variation of the Petya ransomware called NotPetya infiltrated businesses around the globe

The latest outbreak originated in Ukraine but spread to businesses throughout Europe and the United States. The malware exploits vulnerabilities in the Microsoft file sharing protocol and the RTF document handling function. Once the ransomware enters the security hole and downloads to a computer, it will start the process of shutting down the computer. The PC will then transition to a screen appearing to be a standard check disk operation. In reality, this fake check disk operation is the ransomware encrypting your files. Once the encryption process ends, the computer will shut down and reboot. Afterward, the user will see a notice that their files have been encrypted and to send $300 worth of bitcoins to an email address

The originator of the latest Petya variant, NotPetya, pirated the original ransomware. The program will still demand a ransom, but will not allow users to regain access once they pay. The NotPetya originator programmed disk wipers in the malware. Once the software is executed, the malware will completely destroy data

The latest Petya outbreak affected companies, organizations, and government agencies around the globe including:

• Maersk, the transport and logistics conglomerate
• Merck Pharmaceuticals
• Heritage Valley Health System
• DLA Piper law firm in Washington DC 


What can you do?

You must backup your devices. SwiftTech can wipe your devices of the malware, and then migrate the latest working version of your data back into your device. If you don’t run regular backups and you get attacked, you'll likely lose the work you stored the devices, such as reports, projects, and client proposals.

• Stay up to date with operating system patches. Many ransomware variants enter through unpatched systems. If even one device on the network is not kept up to date, it leaves an entry point for malware to come in and infect other fully patched systems. 

• Make sure your business is using systems still supported by Microsoft. If you are using a Windows Vista or older operating system, upgrade to Windows 10. 

• Run an anti-virus scan on your device. The major anti-virus programs, including Trend Micro, will constantly update their software to include fixes for the latest attacks, including variants of Petya. Paid versions of antivirus programs will monitor devices in the background continuously and quarantine malicious downloads. 

• Don’t click on email links from unknown senders

• Don’t pay the ransom. There is no guarantee you will get your data back once you pay, especially if the device is attacked by NotPetya. Also, paying the ransom encourages cybercriminals to develop similar ransomware variants. 

• If someone allegedly from Microsoft contacts you out of the blue, claims you have a virus, and offers to help, do not reply. Either you or SwiftTech need to reach out to Microsoft for device support, not the other way around. If you have any doubts, you can follow up with SwiftTech.


Our Security as a Service provides additional protection against Petya and other malware variants:

• Ransomware Protection

• Email Security

• Web Security

• Enterprise Anti-Virus & Anti-Malware Protection

• Intrusion Prevention, Detection, & Management

• Security Monitoring

If your business is interested in subscribing to our Security as a Service, contact us at 877-794-3811 or email [email protected].

 

SOURCES
Cimpanu, C. Petya Ransomware Outbreak Originated in Ukraine via Tainted Accounting Software. (2017, June 27). Retrieved from: https://www.bleepingcomputer.com/news/security/petya-ransomware-outbreak-originated-in-ukraine-via-tainted-accounting-software/
Maunder, M. PSA: Petya Ransomware Affecting Critical Systems Globally: Here’s What to Do. (2017, June 27). Retrieved from: https://www.wordfence.com/blog/2017/06/petya-ransomware/
Washburn, H. Latest Ransomware Outbreak Locks Your Entire Computer. (2017, June 27). Retrieved from: https://www.datto.com/blog/latest-ransomware-outbreak-locks-your-entire-computer
Cimpanu, C. Surprise! NotPetya Is a Cyber-Weapon. It's Not Ransomware. (2017, June 28). Retrieved from: https://www.bleepingcomputer.com/news/security/surprise-notpetya-is-a-cyber-weapon-its-not-ransomware/
Krebs, B. ‘Petya’ Ransomware Outbreak Goes Global. (2017, June 27). Retrieved from: https://krebsonsecurity.com/2017/06/petya-ransomware-outbreak-goes-global/
Downey, B. An MSP’s Guide to the Petya Ransomware Outbreak. (2017, June 28). Retrieved from: https://blog.continuum.net/an-msps-guide-to-the-petya-ransomware-outbreak

Read more...

Protect Your Website From Hackers

 

Websites are considered the official online presence of a business. However, websites sometimes get hacked, whether you have an HTML website built from scratch, a Content Management System (WordPress, Joomla, Drupal), or a cloud DIY builder (Wix, Squarespace, Weebly). A hacked website can have a negative impact on your business through lost website visitors, stolen customer private data, infection of visitor devices with malware, and lost online transactions. Hackers are able to use bots to scan websites and then detect which ones have security holes, especially through out of date CMS plugins and themes.

A few common types of hacking include:
Denial of service attacks: Hackers send large amount of spam traffic at once.
Brute force attacks: Hackers will test millions of username/password combinations at once.
SQL Injection: Hackers will inject malicious code in web form and submit it into the website.
Social Engineering Attacks: Hacker manipulates user into divulging private information, such as a website admin panel password, by pretending to be a legitimate business partner.

Possible effects on the website:
• Website becomes an email relay for spam
• Website serves malware to unsuspecting visitors
• Website redirects to undesirable pages
• Website is defaced with references to porn, drugs, and illegal activity
• Website is mined for private information

Consequences:
• Lost visitors
• Lost e-commerce sales
• Lowered search engine rankings
• Lost time getting the site back up
• Visitor identity theft
• Lost/stolen data
• Blacklisting on anti-virus software and web reputation websites
• Ruined brand reputation

Actions to take for all websites:
Create strong passwords for login pages: For securing access to your hosting and/or website login, make sure your passwords use a mix of letters, numbers, and symbols. Also, store the passwords in a password manager, such as LastPass.
If you get a random request for your hosting or website admin panel login information, follow up with your webmaster.
Don't store confidential information directly on the site: A skilled hacker can scan your website and extract your information through an unrepaired security hole. If you're collecting private data from clients, such as patient information for a healthcare practice, link to a separate portal secured with an SSL certificate. The portal should also be compliant with data security regulations, such as HIPAA and PCI.
Use HTTPS if possible, especially if your site uses an e-commerce capability.
Use VPNs to access any hosting and website admin panels on public Wi-Fi. The public Wi-Fi you access in a cafe or airport is not secure and subject to spying by a nearby hacker.
Ensure that the computers used to manage the website are scanned with anti-virus software regularly.

If you have a static HTML and CMS website (WordPress, Joomla, Drupal):
Realize no website too small for hacking: Owners of small business websites tend to not update and patch their websites very often. Hackers are able to use software to detect unpatched websites quickly, and then attack the site through security holes.
Use a security application: A cloud web application firewall, such as SiteLock, CloudFlare, and Sucuri, can block spambots before they reach your website. If you have a CMS website, you have the option of installing a plugin, such as WordFence for WordPress and Centrora Security for Joomla.

If you have a CMS website:
Don't use the default username: Using the default user name, such as admin for a WordPress website, makes it much easier for a hacker to guess your login information by testing numerous passwords in seconds.
Change the website admin login address: Make sure to customize your login page URL and limit login attempts. For example, on a WordPress website, you can change your website login address to a customized URL of your choice. For example, yourwebsite.com/wp-admin can be changed to to yourwebsite.com/your-new-login.
Control user role privileges on your website admin panel: Administrators have full control over content, users, settings, themes, and more. Reserve administrator access to owners and webmasters. For the rest of your users, you can give them the privilege to create, publish, and/or edit content.
Keep the CMS platform, plugins, and themes up to date: CMS platforms, such as WordPress and Joomla work around the clock to ensure security vulnerabilities are closed. Make sure to update CMS software to the latest version as they become available.
Be selective when choosing plugins: A CMS plugin repository has a seemingly endless array of plug and play functions available, such as contact forms, page builders, e-commerce, and slideshows. Make sure to check when the extension was last updated. If the last update was from a couple of years ago, the developer might not be working on the plugin anymore. Also, the plugin should have high reviews (4-5 stars) and thousands of installs listed.
Remove unused and unsupported plugins: People tend to test out plugins and leave the rejects installed. If you tried out a plugin and it did not function well on your website, delete the program.
Enable CAPTCHAs on your forms: CAPTCHAs can prevent spam submissions on your registration, contact, and comment forms. Traditional contact forms require visitors to solve a CAPTCHA by entering numbers and letters displayed on a small image. However, Google simplified this process by creating a reCAPTCHA software that will only require visitors to select the "I'm not a robot" checkbox.
Keep backups of your website: Most web hosting companies will keep daily backups of your website ranging from two weeks to a month. You'll also want to have additional backups available by using a plugin to automatically send copies to a cloud provider (such as Amazon Web Services). If you get hacked, you can ask your webmaster to restore your website to the latest working version available and then repair the vulnerability.

To learn more about our IT services, contact us at [email protected] or 877-794-3811.

Read more...

How To Prevent Data Theft

 

Many businesses depend on convenient access to data. The types of data crucial to business operations include tax forms, sales records, customer databases, supplier contracts, accounts payable and receivable, and intellectual properties.

However, data thieves can gain access to confidential information by taking advantage of unsafe user habits. The main objective of their attacks is to make a profit from stolen data with as little effort as possible.

The types of data stolen typically include:
• Login information to computer, email, and online accounts
• Financial records
• Employee personally identifiable information
• Customer databases
• Numerous hours worth of projects and reports

These thieves steal personal data from victims with a variety of methods including:
Phishing: Sending emails and text messages pretending to be from a trusted source
Wardriving: Installing spyware on a wireless network
Keylogging: Logging keystrokes on a computer
Physical collection: Collecting misplaced, stolen, and discarded information

Cybercriminals can use successful cyberattacks to:
• Steal your identity for financial gain
• Withdraw funds from a banking account
• Use online accounts to shop at your expense
• Leak sensitive information to competitors and/or the general public
• Delete data critical to operating the business

 

How can I protect my sensitive data?

Scan computers and smartphones with an anti-malware program. Your anti-malware program should be set up to constantly watch for signs of an attack. Also, run updates of the software as soon as they are available in order to receive fixes to security vulnerabilities.
Encrypt data on devices, during transit, and in the cloud.
Enable remote wipe of electronic devices,such as computers, tablets, and smartphones, in case they are misplaced or stolen.
Wipe data from electronic devices before disposing of them.
Shred paper documents, such as vendor payment invoices, cancelled checks, and price lists, when they are no longer needed.
Password protect computers, laptops, and smartphones. Also, change the passwords to the devices every three months.
Secure physical confidential records by storing paper files and removable storage devices in a locked cabinet or safe.
Disable the printing function of confidential digital records.
Enforce access policies on an as-needed basis. For example, your salespeople don't need access to the accounting shared network drive.
Audit your physical location for data breach risks, such as confidential documents left on a fax machine. SwiftTech Solutions can assist your company with this task.
Keep operating systems and applications up to date.
Avoid opening links and attachments from untrusted sources.
Conduct cybersecurity training periodically so your employees can keep an eye out for attempts by outsiders to get confidential information.

As your IT partner, SwiftTech Solutions wants to ensure your data stays protected. If you have any questions about your data security, feel free to contact us by calling 877-794-3811 or emailing [email protected]

In addition, our subscription-based cloud service, called Security as a Service, provides another level of protection against data security breaches. The service includes:
Email Security: Filters spam and threats before they reach your business network
Web Security: Tracks web browsing activities, including bandwidth use and downloads
Endpoint Protection: Provides anti-virus and anti-malware protection on company devices
Intrusion Management: Detects, manages, and reduces network intrusions based on security policy
Security Monitoring: Network Operations Center (NOC) will monitor systems around the clock
Perimeter Security: Secures location with surveillance cameras, digital door locks, and user best practice education

If your business is interested in subscribing to our Security as a Service, contact us at 877-794-3811 or email [email protected]

Read more...

Tech Support Scammers Using WannaCry to Attract Victims

 

The WannaCry ransomware outbreak from a couple of weeks ago affected about 300,000 PCs around the world. The ransomware infected machines through unpatched Windows operating system software, encrypted user files, and then demanded money in exchange for regaining access. People and organizations are patching their Windows operating system to ensure they don't become the next victims.

Unfortunately, tech support scams typically follow a widespread malware attack. These scam artists see the buzz surrounding the WannaCry ransomware spread as an opportunity to make a profit. These scammers hook their victims by launching a suspicious tech support pop-up browser window that displays a phone number for people to call.


How Tech Support Pop-Up Scams Work:

1. Victims will see a fake Microsoft splash page appear out of nowhere. The notice will state the computer is infected with the WannaCry ransomware and then instruct the user to call their listed help number. Most users will have trouble closing the pop-up window.
2. Victims will call the number and allow the scammers to access their computer remotely.
3. The scammers will perform a fake malware removal service and install the already free Windows Malicious Software Removal Tool.
4. The scammers will collect hundreds of dollars for their so-called service.
5. These criminals might call days or weeks later to say you have another malware infection so they can collect more money for their "services."

How do I prevent myself from falling for this scam?

Remember that Microsoft will never offer unsolicited tech support. They are not a "Big Brother" corporation that knows if every PC in cyberspace, including yours, is having technical difficulties. You (or SwiftTech) would need to be the one to initiate contact.
Don't call numbers from pop-up messages. Microsoft error and warning messages on your PC will never include a phone number. Close down the entire browser program (Chrome, Firefox, etc.) to remove the message.
Be cautious about unsolicited phone calls. If someone claiming to be from Microsoft calls randomly and offers to help you with computer problems, hang up immediately.
Don't give out personal information to a cold caller, including passwords, pin numbers, and social security numbers.
Don't allow remote access to your PC to a cold caller.
• If you believe you are already a victim, contact SwiftTech Solutions to scan your computer for unwanted programs. Also, call your bank or credit card company to report the charge. Furthermore, you can also report the scam to the Federal Trade Commission at ftc.gov/complaint.

 

SwiftTech Solutions realizes our clients depend on us for their critical IT needs and we take this responsibility very seriously. You can contact us about the security of your IT systems at 877-794-3811. To keep your business running smooth and secure, we now have new cloud subscription-based service available called Security as a Service. This service provides next level protection against WannaCry and similar malware attacks:
• Ransomware Protection
• Email Security
• Web Security
• Enterprise Anti-Virus & Anti-Malware Protection
• Intrusion Prevention, Detection, & Management
• Security Monitoring


If your business is interested in subscribing to our Security as a Service, contact us at 877-794-3811 or email [email protected]

 

SOURCES
Palmer, D. Now tech support scams are exploiting WannaCry ransomware fears. (2017, May 24). Retrieved from: http://www.zdnet.com/article/now-tech-support-scams-are-exploiting-wannacry-ransomware-fears/
Cimpanu, C. Tech Support Scammers Are Exploiting Mass Hysteria Surrounding WannaCry. (2017, May 24). Retrieved from: https://www.bleepingcomputer.com/news/security/tech-support-scammers-are-exploiting-mass-hysteria-surrounding-wannacry/
Luna, J. Tech support scams are now exploiting the WannaCry fiasco to trick users. (2017, May 24). Retrieved from: https://www.neowin.net/news/tech-support-scams-are-now-exploiting-the-wannacry-fiasco-to-trick-users
Honorof, M. Don't Fall for These Lame WannaCry Scams. (2017, May 25). Retrieved from: http://www.tomsguide.com/us/wannacry-tech-support-scams,news-25161.html
Parris, R. Tech support scams follow WannaCry ransomware. (2017, May 24). Retrieved from: http://www.which.co.uk/news/2017/05/tech-support-scams-follow-wannacry-ransomware/
ActionFraud. Alert: Microsoft Tech-Support Scammers using WannaCry attack to lure victims. (2017, May 23). Retrieved from: http://www.actionfraud.police.uk/news/alert-microsoft-tech-support-scammers-using-wannacry-attack-to-lure-victims-may17

Read more...

Security as a Service: Protect Your Business From The Latest Ransomware Attacks

 

WannaCry, a new strain of ransomware, is attacking PCs around the world. The ransomware affected businesses and government agencies in more than 100 countries and attacked more than 200,000 systems.

What does the WannaCry ransomware do?
WannaCry enters a system through a vulnerability in the Windows operating system. Microsoft released the patch for the vulnerability back in March, but computers not updated with the fix are at risk. WannaCry will travel across corporate networks and into file sharing systems. Once the ransomware infects the computer, it will encrypt all the files, essentially blocking access for the user. Then, WannaCry will launch a screen demanding your pay a ransom of at least $300 in bitcoins to regain access to those files.

There is no software available on the market to decrypt the files. Your business would need to have SwiftTech Solutions wipe out the entire computer, reinstall the operating system, and then transfer files from backups into the device.

How can I protect my business from WannaCry?
Make sure to implement robust security measures, as researchers are on the watch for more sophisticated WannaCry variants. Our Security as a Service can block these threats from your network with our cloud prevention, detection, and resolution services


SwiftTech's Security as a Service includes:
Ransomware Protection: Filter out threats such as WannaCry or other variations
Email Security: Filters spam and threats before they reach your business network
Web Security: Tracks web browsing activities, including bandwidth use and downloads
Endpoint Protection: Provides anti-virus and anti-malware protection on company devices
Intrusion Management: Detects, manages, and reduces network intrusions based on security policy
Security Monitoring: Network Operations Center (NOC) will monitor systems around the clock

 

If your business is interested in subscribing to our Security as a Service, contact us at 877-794-3811 or email [email protected]

 

SOURCE:
Panettieri, J. Microsoft Windows Patch for WannaCry, WannaCrypt Ransomware. (2017, May 15) Retrieved from:https://www.channele2e.com/2017/05/15/microsoft-windows-patch-wannacry-wannacrypt-ransomware/
Kharpal, A. How to tell if you're at risk from the WannaCry ransomware and what to do if you have been attacked. (2017, May 15). Retrieved from: http://www.cnbc.com/2017/05/15/ransomware-wanncry-virus-what-to-do-to-protect.html
Reuters. Cyberattack hits 200,000 in at least 150 countries - Europol. (2017, May 14) Retrieved from: http://www.cnbc.com/2017/05/14/cyber-attack-hits-200000-in-at-least-150-countries-europol.html
Maunder, M. New WannaCry Ransomware and How to Protect Yourself. (2017, May 14). Retrieved from: https://www.wordfence.com/blog/2017/05/how-to-protect-yourself-against-wannacry/
O'Brien, C., Boyle C., and Pearce, M. 'WannaCry' ransomware shares code with Sony hack, raising possibility of North Korea connection. (2017, May 15). Retrieved from: http://www.latimes.com/world/europe/la-fg-europe-ransomware-attack-20170515-story.html

Read more...

Mobile Devices Can Threaten Your Cybersecurity

 

Business workers need to get the job done from anywhere with a mobile device, whether it's to use email, the internet, apps, or GPS navigation features. However, mobile device security is not keeping up with threats increasing rapidly in cyberspace. On the one hand, corporations are obligated to continue using mobile devices for business in order to increase convenience, raise productivity, and keep a competitive advantage. On the other hand, these same corporations must protect sensitive company data, including employees' personally identifiable information, classified documents, and customer records.

Security breaches on mobile devices are becoming increasingly popular within cybercriminal circles as a result user popularity and careless security practices. A 2016 Ponemon Institute study found that 67 percent of surveyed IT professionals said it was certain or likely that a breach had occurred as a result of mobile device use. In addition, 64 percent admitted that their organization wasn't vigilant about protecting sensitive data on this hardware, and 63 percent had no policy regarding what type of company data could be stored on employee mobile devices.

A mobile device increases the surface area of attack for a corporation. The potential risks associated with corporate mobile device use include:
Tendency to lose the device: Mobile devices are small, easily portable, and extremely lightweight. Users can easily leave the device behind in airports, taxicabs, and airplanes.
Standard computer security methods not being used: Traditional forms of security, such as firewalls, anti-virus, and encryption, are not commonly applied on a mobile device.
Unsafe user habits: Lax mobile device user habits can leave the business open to breaches. Many users leave PIN protection disabled and don't update the device on a regular basis.
Connecting to public Wi-Fi: Many users put corporate data at risk by not scrutinizing the security of public access points. These workers are anxious to get work done and will connect to Wi-Fi by any means necessary. However, a cybercriminal can create a legitimate sounding name for the Wi-Fi signal, such as "Airport Wi-Fi" and then spy on the information being transmitted to your mobile device.
Rogue Third-Party App Stores: The official iOS and Android app stores have rigorous standards for evaluating programs for safe download and use. However, the apps in third-party stores operating outside these channels typically don't have these same guidelines. Users are at risk of downloading apps that either has security holes or are coded with malware.
Devices infecting business network: A compromised device may become an attack agent and spread malware in the business network.
Phishing attacks: Malicious links in emails, SMS text messages, and mobile apps can execute keylogging software or encourage you to give away sensitive information to an untrusted source.

These risks can lead to:
• Stolen data due to loss, theft, or disposal
• Unauthorized access
• Electronic eavesdropping
• Spread of malware

 

What can you do?

Avoid unsafe Wi-Fi connections: If you're in a public place, such as a coffee shop or airport, confirm the name of the official network with an employee. Also, once you are on the network, make sure to turn off sharing, use two-factor authentication for online accounts, and sign off when finished using the network.
Enable the lock screen on your mobile device: Set the lock on your phone by requiring a PIN for access.
Use security software: Use protection software on your mobile device, including anti-virus/anti-malware protection and data encryption.
Download apps from authorized marketplaces such as Apple's App Store, Google Play, or the company's designated app marketplace.
Keep the device's Bluetooth setting out of discovery mode when not in use
Connect your device to networks via a Virtual Private Network (VPN): VPNs create a secure connection by encrypting network activity and enforcing password/location based policies. This security combination makes it more difficult for cybercriminals to intercept corporate data.
Be careful with what your click on: Make sure to inspect links closely on emails and texts. Also, don't open unexpected attachments, especially from people you don't know.
Implement a mobile device management (MDM) solution: SwiftTech can help your business monitor and manage your mobile devices on an ongoing basis. Our MDM deployment projects include a mobility assessment, expert recommendations, integration with IT systems, onboarding, and much more.

If the phone is lost or stolen:
• Report the loss to your organization, mobile device provider, and if necessary, the local authorities.
• Log into account websites on another device and change your passwords.
• Wipe the phone remotely if needed.

To learn more about our IT services, contact us at [email protected] or 877-794-3811.


SOURCES
Johnson, E. New Study Shows Mobile Devices The Cause Of Some Data Breaches. (2016, February 23). Retrieved from: http://www.darkreading.com/endpoint/new-study-shows-mobile-devices-the-cause-of-some-data-breaches/d/d-id/1324415
Lella, A. Smartphone Apps Are Now 50% of All U.S. Digital Media Time Spent. (2016, September 1). Retrieved from: http://www.comscore.com/Insights/Blog/Smartphone-Apps-Are-Now-50-of-All-US-Digital-Media-Time-Spent
Trend Micro. 4 ways mobile devices still threaten your business. (2017, April 19). Retrieved from: http://blog.trendmicro.com/4-ways-mobile-devices-still-threaten-your-business/
Kerravala, Z. Mobile devices pose biggest cybersecurity threat to the enterprise, report says. (2015, August 24). Retrieved from: http://www.networkworld.com/article/2974702/cisco-subnet/mobile-devices-pose-biggest-cybersecurity-threat-enterprise-report.html
Ruggiero, P. and Foote, J. Cyber Threats to Mobile Phones. (2011). Retrieved from: https://www.us-cert.gov/sites/default/files/publications/cyber_threats-to_mobile_phones.pdf
Dignan, L. Your Biggest Cybersecurity Weakness Is Your Phone. (2016, September 22). Retrieved from: https://hbr.org/2016/09/your-biggest-cybersecurity-weakness-is-your-phone

Read more...

Experts Say Apple Will See Even More Cyberattacks in 2017

 

For years, users of Apple desktops and laptops have generally been isolated from the cyber-attacks that target Microsoft PCs. However, according to TrendMicro, Apple is being targeted more than ever before by hackers.

Apple devices are gaining market share from Microsoft in computing devices. ExtremeTech reports that Microsoft dropped below 90% in US market share for the first time in years. Also, IDC stated that Apple’s Mac shipments rose nearly 6% each year. In addition, TrendMicro states that declining PC sales and the switch to mobile devices lowered the interest in targeting devices running on Windows.

Cybercriminals will plan attacks that will make the most money by targeting the largest group of users they can reach. While Windows devices users are still the biggest group by far, Mac use is steadily increasing. As the platform popularity increases, the chances of a cyber-attack will increase as well. The cyber criminals deciding to attack Apple devices see a group of users that are typically wealthier than Microsoft PC users and do not secure their products as much.

How can I keep our Apple devices secure?
If you think Apple devices can’t get hacked, think again: Don’t click on everything you see because you are on an Apple device and think you’re safe from cyber-attacks. No device is immune to cyber security threats. You should protect Apple devices with as tough of security as Microsoft PCs.
Keep the operating system up to date: Apple will find security vulnerabilities on their devices on occasion and send fixes as they happen. Also, the operating system uses gatekeeper software called XProtect that work in the background to protect malware from running on your device. The program blacklists individual pieces of malware and inspects each file you download. It also restricts the types of programs you can run on your device. XProtect is updated through Apple’s normal software update process.
Run anti-virus/anti-malware scans regularly: The XProtect software does not remove existing infections and does not clean in the background. You’ll need to use a separate endpoint protection program to complete these duties.
Be careful with what you click on: As with any device, don’t open unexpected email attachments and do not download files without checking the credibility of the source.
Set up an entry password for each device: Lock your screen whenever you leave your device unattended. Also, use a complicated password with a mix of upper/lower case letters, numbers, and symbols.
Backup computers regularly: In case your computer does get a virus, your IT company will be able to restore your computer to the latest working version available.
Set up policies and procedures for technology use: Establish your policy for proper use of email, internet browsing, collaboration software, and social media.

To learn more about our IT services, contact us at [email protected] or 877-794-3811.

 

SOURCES
Trend Micro. Will Apple see even more cyber attacks in 2017? Experts say “yes”. (2017, March 6). Retrieved from: http://blog.trendmicro.com/will-apple-see-even-more-cyber-attacks-in-2017-experts-say-yes/
Hruska, J. Windows drops below 90% market share for the first time in years; Windows 7 falls below 50%. (2016, May 3). Retrieved from: https://www.extremetech.com/computing/227693-windows-drops-below-90-market-share-for-the-first-time-in-years-windows-7-falls-below-50

Read more...

Microsoft Ended Support for Windows Vista

 

If your business uses a PC that runs on the Windows Vista operating system, pay close attention: Microsoft ended support for Windows Vista on April 11, 2017. If a PC is still using Windows Vista, you must upgrade to a supported operating system, such as Windows 10, to maintain the security of your desktops and laptops.

According to the Spiceworks 2017 OS Adoption Trends report, 9% of businesses worldwide are still running at least one instance of Windows Vista. Also, 52% of businesses are running at least one instance of Windows XP, despite the OS reaching its end of support in April 2014.

A PC operating on Windows Vista will continue to work. However, it will be more vulnerable to security risks and viruses. Windows will not be offering these features for Vista:
• Security updates
• Non-security hotfixes
• Paid assisted support from Microsoft
• Online technical content updates

Unsupported and unpatched operating systems put the security of an organization at risk. Malware attacks aimed at Windows Vista machines are predicted to increase. Hackers can examine the latest Windows security updates and look for vulnerabilities that won’t be patched for Windows Vista. Attacks could be designed to steal personal data, gain access to your banking account, or to use the computer as part of their cybercriminal network.

Risks of continuing to use an unsupported Windows operating system include:
• Malware attacks
• Attacks on security holes Microsoft previously did not discover
• Incompatiblity with software and supplemental hardware (printers, webcams, etc.)
• Violation of industry data security compliance standards

To find out if you're running Windows Vista, follow these steps:

1. Click the Start button, and then type winver in the search box.

start winver

2. Double-click winver in the list of results to open the About Windows dialog box, where you'll see the version of Windows that your PC is running.

winver

If you're running Windows 7, 8, and 10, Microsoft is still supporting your operating system. If you are running any other operating system on a PC, such as Windows XP, you'll need to update.

Organizations that are considering upgrading from Windows Vista might have some obstacles they need to overcome including:
Budget: Moving dozens, hundreds or even thousands of machines and users incurs high costs. However, the costs of not upgrading are much higher.
Stubborn Users: Some workers may be resistant to change, especially if they used the same work processes for years. These workers might not be computer savvy and believe it takes too much effort to update their skills. Consider training a few of the late adopters at first, then encouraging them to bring the rest of the group on board.
Incompatibility of critical applications: The updated Windows operating system may not be backward compatible with some legacy business applications.

My company is willing to upgrade its operating system. Now what?
SwiftTech Solutions can assist with migrating your devices to Windows 10. We suggest:

Backing up data before transferring to the new system.
• If a computer meets the system requirements, install Windows 10.
• If your machine does not meet the system requirements, consider purchasing a new business PC with Windows 10.
• If your organization has a legacy application that is not compatible with Windows 10, upgrade the application if possible. The latest versions of applications introduce new tools that can help employees work more efficiently. If upgrading the application is not possible at the moment, employees can use the application from a virtualized and protected Windows Vista workspace.

To learn more about our IT services, contact us at [email protected] or 877-794-3811.

 

SOURCES
Microsoft. Windows Vista support has ended. Retrieved from: https://support.microsoft.com/en-us/help/22882/windows-vista-end-of-support
Tsai, P. Windows 10 adoption surges, yet businesses still hang on to Windows XP and Vista. (2017, April 3). Retrieved from: https://community.spiceworks.com/networking/articles/2628-windows-10-adoption-surges-yet-businesses-still-hang-on-to-windows-xp-and-vista
Clay, J. Time to Upgrade as Microsoft Ends Vista Support. (2015, April 5). Retrieved from: http://blog.trendmicro.com/time-upgrade-microsoft-ends-vista-support/

Read more...

Parasitic Viruses on the Rise: How Do They Infect Your Devices?

 

Is your computer is running slowly and not functioning properly? One possibility of the slowdown is a virus infection.

A type of virus, called a parasitic virus, spreads by piggybacking onto computer programs. When a user launches the infected program, the virus will run as well. Then,
the virus can replicate, install itself into the memory, and release its payload.

The payload is a part of the virus that performs the malicious operation. Examples include:
• Opening a back door for remote attackers to access an infected computer, and then downloading and executing more malicious files.
• Formatting the hard disk of the infected computer and deleting files with no possibility for recovery.
• Spreading the virus on the computer and infecting the drives, including removable and shared drives.
• Disabling the computer operations and showing a “blue screen of death.”
• Running key logging programs to collect system and network information, record user login information, and steal sensitive information.
• Disabling or deleting files associated with security related software, including anti-virus and firewall programs.
• Damaging operating system files by modifying system level files and the Windows registry.

How do parasitic viruses infect devices?
• Users clicked and/or downloaded infected email attachments.
• Users installed malicious software masked as virus removal tools.
• Users visited and downloaded materials from shady websites, such as media pirating and porn websites.
• Users inserted infected external media into their device, such as a thumb drive, external hard drive, DVD, and memory card.
• Users downloaded infected documents circulating on peer-to-peer file sharing networks and torrent sites.
• Users installed programs designed to crack licensed software and use it for free, such as Microsoft Office.

Symptoms of a parasitic virus:
• Sluggish computer performance.
• Your internet browser’s default home page and new tab page changed unexpectedly.
• You get bombarded with numerous pop up messages.
• You get redirected to malicious web pages
• Weird tool bars appear at the top of your web browser.
• Your web browser freezes and/or becomes unresponsive.
• Access to security related websites is blocked
• Strange shortcut icons appear on your computer desktop.
• Files and folders inexplicably disappear
• Your computer displays the “blue screen of death.”
• You experience problems with starting legitimate software.

Prevention is the best method of fighting against viruses:
• Scan the system with up-to-date anti-virus software on a weekly basis.
Run backups of device and shared drives regularly.
• Be careful with inserting other people’s USB media. Make sure your anti-virus software scans the drive upon insertion.
• Don’t visit questionable websites, such as media piracy, torrent, and porn sites.
• Don’t open strange email attachments, especially from recipients you don’t know.

If you suspect your computer is already infected with a virus:
• Contact your IT support provider. If you need assistance from SwiftTech Solutions, call 877-794-3811 or email [email protected]
• Make sure other factors aren’t the cause of any device slowdowns, such as running out of memory and hard drive space.
• Disconnect the computer from the internet until further instruction by your IT provider. This can prevent the virus from spreading and stealing private data
further.
• Boot the computer in safe mode and scan your computer with two antivirus programs, such as Trend Micro and Malwarebytes. After the scans, use CCleaner to clean the
Windows registry. Your IT provider can assist you with this task.
• Don’t visit any personal accounts that require a password, such as banking or social media. If you did this already, go to a different device and change your
password immediately.
• Your IT provider can attempt to use the computer’s restore function to return the computer back to a point in time before the virus infection. However, some viruses
disable this function.
• The last resort option is to perform a complete system wipe of your devices by reformatting your hard drive and reinstalling the operating system. Make sure to
backup virus free files before performing this operation.

To learn more about our IT services, contact us at [email protected] or 877-794-3811.

Read more...

Phishing Attacks Rise By Several Hundred Percent Per Quarter

 

Phishing emails contain links or attachments intended to steal information and distribute malware. The emails will pretend to be from a trusted source, such as a colleague or third party partner. A popular form of malware is ransomware, which encrypts data on a device and then extorts money from victims in exchange for the decryption key.

The latest phishing emails are becoming less obvious to detect. Cybercriminals are getting better at creating phishing emails that are official looking, personalized, and programmed to bypass detection software.

Plus, many recipients are inundated with emails throughout the day. They are less likely to examine each email carefully and may quickly respond to requests to transfer funds, open attachments, or provide confidential data.

Both phishing and crypto ransomware are increasing at the rate of several hundred percent per quarter, a trend that Osterman Research believes will continue for at least the next 18-24 months.

 

The costs of a successful phishing ransomware campaign are high for businesses:
• Stolen, leaked, or deleted confidential data
• Identify theft
• Lawsuits
• Violation of data protection regulations
• Ruined reputation
• Possible closing of the business

 

What can you do?
Take the threats seriously: Threats of a breach exist within communication systems, personal devices, and even users themselves. This threat to your business is an opportunity for cybercriminals to make a profit.
Conduct regular cyber security trainings: Staff members are the first line of defense against phishing and malware campaigns. Periodic security awareness trainings can help your staff detect cyber threats through online training sessions, handouts, presentations, and mock attacks.
Set up policies and procedures for technology use: Establish your policy for proper use of email, internet browsing, collaboration software, and social media.
Use an anti-malware program on your devices: This type of software will detect and eliminate phishing and malware attempts. Make sure to install the software on personal devices that connect to your office network. Malware scans are already included in our month-to-month services.
Run network vulnerability tests: SwiftTech can search for and repair security holes in your network. Network scanning is already included in our month-to-month services.
Backup data on a regular basis: We recommend backing up your data to an onsite device and to a cloud service. If disaster strikes, SwiftTech will be able to minimize data loss by restoring from a good backup taken before the infection occurred. Without backups, you either lose your data or pay a ransom for it.
Enforce permission based access to data: Do not give employees access to network drives and programs that house confidential data if it is not relevant to their job duties.
Watch where you click: Email attachments and links should be opened only from trusted sources. If you get an attachment from a contact that typically does not send them, follow up.
Don't overshare on social media: Cybercriminals can use the information you share on social media to create a more personalized phishing email.
Report suspicious emails: If you spot a malicious email, report it in your spam filtering software.

 

Need help? Contact us at [email protected] or 877-794-3811.

 

SOURCES
Osterman Research, Inc. Best Practices for Dealing With Phishing and Ransomware. (2016, August). Retrieved from: https://dm-mailinglist.com/subscribe?f=6b1c24a7
McCall, J. 3 Ways To Keep Your Customers Ransomware-Free. (2016, July 13) Retrieved from: https://www.bsminfo.com/doc/ways-to-keep-your-customers-ransomware-free-0001?
Shuchami, N. How To Keep Your Customers Protected From Constantly Changing Ransomware. (2016, November 18). Retrieved from: https://www.bsminfo.com/doc/how-to-keep-your-customers-protected-from-constantly-changing-ransomware-0001?
Yarbrough, B. Email Is A Major Security Risk For Small Business. (2016, August 24). Retrieved from: https://www.bsminfo.com/doc/email-is-a-major-security-risk-for-small-business-0001?

Read more...

Gmail Phishing Attack Steals Passwords

 

Do you have a Gmail account? Look out for a new phishing attack that's stealing account passwords.

 

How it’s done: 

1. You will receive a believable looking email from a contact that had their account hacked.
2. The email will include an image attachment embedded with a malicious script. The attacker will make the image look legitimate by screen-capping an attachment previously used by the contact.
3. When the attachment is clicked on, a browser tab will pop up with a fake Google account page. The page will look just like the real thing by using the Google logo, slogan, and login fields.
4. You will be asked to sign in to Gmail again. Once the task is complete, the login information is sent to the attackers and they will now have access to your Google account.
5. The attackers will then send the same phishing emails to your contacts.

 

Google released a statement in response to the phishing attack:
“We’re aware of this issue and continue to strengthen our defenses against it. We help protect users from phishing attacks in a variety of ways, including: machine learning based detection of phishing messages, Safe Browsing warnings that notify users of dangerous links in emails and browsers, preventing suspicious account sign-ins, and more. Users can also activate two-step verification for additional account protection.”

 

What can you do?
• If you suspect your Gmail account was hacked, change your password immediately.
Enable two factor authentication on your Google account. The setting will require you to enter a code sent to your phone after you enter your username and password. When this setting is in place, it will be harder for an attacker to sign into your account, even if they have your password.
If you click on an email attachment and you are asked to login again, don't do it. You should not get this request when you are already logged into your Gmail account.
Pay close attention to your web browser's address bar when signing into Gmail. It should read https://accounts.google.com and not contain any funny looking text before the web address, such as "data:text/html."
Do not enter passwords without seeing a green lock before the address bar.
If you receive any phishing emails in your Gmail account, report it to Google. Here's how: https://support.google.com/mail/answer/8253?hl=en
Check your login activity in Gmail to see if anyone else is logging into your account. Remove sessions that do not come from any of your devices. Here's how: https://support.google.com/mail/answer/45938?hl=en


For more information about our IT company, contact SwiftTech Solutions by calling 877-794-3811 or emailing [email protected]


SOURCES
Maunder, M. Wide Impact: Highly Effective Gmail Phishing Technique Being Exploited. (2017, January 12). Retrieved from: https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/
Moscaritolo, A. Don't Fall for This Sophisticated Gmail Phishing Scam. (2017, January 18). Retrieved from: http://www.pcmag.com/news/351113/dont-fall-for-this-sophisticated-gmail-phishing-scam
Hackett, R. Everyone Is Falling For This Frighteningly Effective Gmail Scam. (2017, January 18). Retrieved from: http://fortune.com/2017/01/18/google-gmail-scam-phishing/
AOL Finance. New Gmail phishing scam is even fooling tech-savvy users. (2017, January 18). Retrieved from: https://www.aol.com/article/finance/2017/01/18/new-gmail-phishing-scam-is-even-fooling-tech-savvy-users/21657796/

Read more...

Fake Netflix Emails Can Steal Credit Card Information

 

Netflix watchers, be on the lookout. Cybercriminals are using fake Netflix emails to steal personal information from unsuspecting victims.

 

How it’s done:

1. Cyberthieves will send out official looking emails that appear to be from Netflix. The emails will advise users to update their account information by clicking on a link.
2. Next, the victim will be brought to a phony Netflix login page. The victim will enter the login information, which would be sent to the cybercriminals.
3. After logging in, the victims will be directed to another form and will be asked to enter their personal information, such as name, birth date, address, credit card information, and social security numbers. This information would be sent to the cyber criminals.
4. Finally, the victims will be directed to the real Netflix.com home page.


Netflix states in their policy they will never ask for personal information by clicking on an email including:
• Payment information (credit card number, debit card number, direct debit account, PIN, etc.)
• Social security number or tax identification number
• Your account password

 

What can you do?

Exercise caution when responding to emails requesting personal information. If you receive this type of email claiming to be from Netflix:

• Look at the sender email address. If it doesn’t have the same URL as netflix.com, such as netflix.someotherdomain.com, it’s likely not a legitimate email.
• If the email has numerous instances of improper spelling and grammar, it’s almost certainly not from Netflix.
Don’t click on email links for updating account information. Go directly to Netflix.com and sign in. Then, check for new notices on your account.
• If you suspect you were tricked by a Netflix phishing email already, change the password on your account and contact Netflix immediately. Also, make sure to contact your bank and credit card companies to let them know your personal information was stolen.

 

For more information about our IT company, contact SwiftTech Solutions by calling 877-794-3811 or emailing [email protected]


SOURCES
Brook, C. Netflix Phishing Campaign Targeted User Information, Credit Card Data. (2017, January 10). Retrieved from: https://threatpost.com/netflix-phishing-campaign-targeted-user-information-credit-card-data/122988/
Sadler, A. Warning: This new Netflix email scam will steal your banking info. (2017, January 12) Retrieved from:
http://www.clark.com/netflix-email-scam-targets-apple-users-bank
Online Threat Alerts. Beware of Netflix "Problem with Your Membership" Phishing Scam. (2016, May 19). Retrieved from: https://www.onlinethreatalerts.com/article/2016/5/19/beware-of-netflix-problem-with-your-membership-phishing-scam/
Kelly, A. Beware of legit-looking Netflix phishing scam aiming to steal password and credit card details. (2016, March 3) Retrieved from: http://www.independent.ie/entertainment/television/beware-of-legitlooking-netflix-phishing-scam-aiming-to-steal-password-and-credit-card-details-34508859.html

Read more...

Evernote Employees Can Read Your Notes

 

Evernote is the go-to note taking software for many office workers, since it helps users stay organized and productive. However, the software firm will start using machine learning tools in late January 2017 and will need their employees to read your notes in order to improve these features.

Evernote will use these tools to improve note search, provide additional tips on using the software, and suggest different features based on the way you are inputting your notes. However, the improvement in user experience may come at the expense of your privacy.

The update in the service sparked controversy among Evernote users across the web. In response, Evernote updated their privacy policy so that opt-in approval is required from each customer before allowing employee access to notes for machine learning purposes.

Keep in mind that Evernote employees can still read your notes in certain situations:
• If they believe you’re violating their Terms of Service
• For software service troubleshooting and maintenance
• If they feel it’s necessary to protect the rights, property, or personal safety of Evernote and its users.
• To comply with legal obligations, such as a warrant, court orders, subpoenas, or other government requests.


What can you do?
• Opt out of allowing Evernote employees reading your notes for machine learning purposes.
• Use the software to store only non-private data, such as meeting notes and news articles from the internet.
• You can select and encrypt text within a note, and then require a password to view the information. However you cannot encrypt whole notes, images, and notebooks.
• Most importantly, do not store your private data on the software, including client information, passwords, and financial statements. Instead, use enterprise grade software that encrypts information in transit and at rest.
• If you’re dissatisfied with your Evernote experience, you can export your data to another note taking software program and deactivate your account.


For more information on our IT services, contact SwiftTech Solutions at [email protected] or call 877-794-3811.

Read more...

What is Workspace as a Service?

 

Millennials (ages 18-34 in 2015) are the largest share of the American workforce, according to the Pew Research Center analysis of U.S. Census Bureau data. One of the top requests of Millennials in the workplace is for an improved work/life balance. These workers would like to take additional maternity leave, spend more time with their children, live in a less expensive area, avoid long commutes to work, take care of their home, travel, and pursue hobbies. Technology provides employees an opportunity to complete their work duties away from the office.

Workspace as a Service meets the demand for workplace flexibility. The service provides a virtual desktop through the user logging into a browser based service. From there, your IT company will install software and operating system updates on a remote server, instead of the local PC.

How do use the virtual workspace?
On a traditional workspace, a worker is confined to a single computer. With virtual workspaces, workers can access their desktops from the devices of their choosing, whether it’s a work or home computer. They would simply need to open a web browser, and then log into the workspace service. Afterwards, the workers will see a standard computer desktop, complete with Windows operating system, office productivity software, and unified communications functions. The workspaces can be personalized with preferred settings from wallpapers, icons, shortcuts, and more. Furthermore, workers can use their existing software licenses on the workspace or download an application from the service's marketplace.

Virtual workspaces are accessible on:

• PC
• Mac
• Chromebook
• iPad
• Kindle Fire
• Android


Benefits

• Supports work/life balance efforts
• Anywhere access on any device
• Encourages growth of branch offices
• More frequent and comprehensive workspace management
• Reduced need to purchase additional devices
• In the event of a malware attack, the workspaces won't contaminate other devices on a company network


As a side note, there is an ongoing debate amongst Baby Boomers (born 1946-1964), Gen-Xers (born 1961-1981), and Millennials on whether employees should do their work in the office under a supervisor watch versus completing their work on their own at home. While Baby Boomers and Gen-Xer supervisors may favor working in the office, flexibility in working conditions needs to be taken into greater consideration. A key reason for Millennials to look for new work is because they desire to improve their work/life balance, and they are willing to take a pay cut or relocate for the opportunity. Like it or not, the demand for workplace flexibility will increase as more millenials enter the workforce. Ultimately, supervisors would need to judge if flexibility and productivity will mix with certain employees.


SwiftTech Solutions can set up virtual workspaces for your remote employees. We'll run updates to the operating system and application software on an ongoing basis. For more information about our Workspace as a Service, please contact us by calling 877-794-3811 or emailing [email protected]

 

SOURCES
Kobialka, D. Workspace-as-a-Service: 7 Trends for MSPs to Watch. (2016, January 15) Retrieved from: http://mspmentor.net/software-service-and-hardware-service/workspace-service-7-trends-msps-watch#slide-2-field_images-61561
Helms, J. Six Workspace as a Service Myths Debunked. (2015, November 16). Retrieved from: http://www.itbriefcase.net/six-workspace-as-a-service-myths-debunked
Reportlinker. Workspace as a Service (WaaS) Market - Global Industry Analysis, Size, Share, Growth, Trends and Forecast 2015 - 2022. (2016, January 28). http://www.prnewswire.com/news-releases/workspace-as-a-service-waas-market---global-industry-analysis-size-share-growth-trends-and-forecast-2015---2022-300211851.html
Smith, S. Workspace as a service market poised for growth. (2015, October 9). Retrieved from: http://searchitchannel.techtarget.com/news/4500255227/Workspace-as-a-service-market-poised-for-growth
Vizard, M. The Rise of Workspace as a Service. (2016, May 4). Retrieved from: http://www.channelinsider.com/blogs/managed-services/the-rise-of-workspace-as-a-service.html
Stroud, F. WaaS - Workspace as a Service. Retrieved from: http://www.webopedia.com/TERM/W/waas-workspace-as-a-service.html
Hess, K. What's next in aaS? Workspace-as-a-Service. (2015, October 12) Retrieved from: http://www.zdnet.com/article/whats-next-in-aas-workspace-as-a-service/
Schulte, B. Millennials want a work-life balance. Their bosses just don’t get why. (2015, May 5). Retrieved from: https://www.washingtonpost.com/local/millennials-want-a-work-life-balance-their-bosses-just-dont-get-why/2015/05/05/1859369e-f376-11e4-84a6-6d7c67c50db0_story.html

Read more...

What is a Virtual CIO?

 

As mentioned in Creating a Business Technology Strategy, business technology initiatives tend to be a lower priority among CXO's in the boardroom. However, these projects should be considered a higher priority, since IT services affect employee productivity and company growth. An IT executive, such as a CIO, can bring in much needed IT expertise into the boardroom.

However, many small businesses cannot afford to hire a CIO full time. At best, they have an IT department that focuses solely on day-to-day operational tasks. A CIO will understand how to use technology to accomplish an organization's business objectives:

• Increase revenue
• Use technology more efficiently
• Acquire new customers
• Improve collaboration with colleagues and third parties
• Enter new markets
• Onboard new employees quicker
• Reduce capital and operating expenses


Fortunately, these small businesses can bring this expertise on board by hiring a CIO contractor, otherwise known as a virtual CIO. The virtual CIO can be hired on an as-needed basis by paying an hourly rate or subscribing to a monthly plan.

What does a virtual CIO do?

• Create a business technology strategy
• Create security and disaster plans
• Provide guidance on industry audits
• Analyze and rework business processes
• Develop policies and procedures
• Facilitate technology changes


Benefits

• HR won't have to worry about hiring costs
• Can supplement an existing IT department
• Helps achieve a more competitive advantage in the marketplace
• Enables more informed decision making
• Significantly more economical than paying a full time staff member



SwiftTech Solutions can offer your business virtual CIO services on a ongoing basis. For more information, please contact us by calling 877-794-3811 or emailing [email protected]

 

SOURCES
MAXfocus. Hone Your Skills to Become the True Outsourced CIO. (2014, February 25). Retrieved from: http://mspmentor.net/blog/hone-your-skills-become-true-outsourced-cio
Barker, I. The rise of the virtual CIO [Q&A]. (2016, May). Retrieved from: http://betanews.com/2016/05/05/virtual-cio-qa/
Baker, A. Life as a Virtual CIO. (2012, October 12). Retrieved from: http://www.biztechmagazine.com/article/2012/10/life-virtual-cio
Rouse, M. vCIO (virtual CIO). (2015, June). Retrieved from: http://searchitchannel.techtarget.com/definition/vCIO-virtual-CIO
Veraldi, J. Three tips for becoming your customers' virtual CIO. (2013, May). Retrieved from: http://searchitchannel.techtarget.com/opinion/Three-tips-for-becoming-your-customers-virtual-CIO

Read more...

How does Unified Communications Work?

 

Numerous professionals these days aren't just doing their work in the office, but at home and while on the move. You should be prepared to stay in communications with work colleagues, clients, and service providers continuously. As mentioned in SoftwareAdvice.com, 75% of small business workers use a personal cell phone for work. Any missed calls can result in client dissatisfaction and loss of would-be customers to competitors.

 

Unified Communications delivers a simpler way for you to get in touch with your contacts by enabling you to access your voice, email, instant messaging, fax, and conferencing systems in a single platform. For instance, you can check your work email from your own cell phone or use your laptop computer to make a conference call.

 

Features:

• VoIP integration
• Send voicemail message sound file to email
• Use the same phone number on different devices
• Send an email of the transcribed voicemail message
• Combine calendars and scheduling
• Access social media streams in dashboard
• Include with Google, Microsoft, and Salesforce applications
• Log in to work mail on tablets and smartphones
• ...and more!

 

Benefits:

• Make affordable worldwide phone calls: You won't need to use your minutes on your own voice and data plan. Simply sign in your unified communications portal to make your phone call.
• Boost efficiency by accessing alternate communication methods instantly
• Answer back to staff, clientele, and partners in a prompt manner
• Sales staff can close deals quicker by allowing work colleagues to reach them on their most efficient mode of communication
• Prevent phone tag by routing calls to device of employee's preference
• Enhanced communication levels among team members
• Supports best practice BYOD policies
• Reduces operating costs by offering less dependence on land lines and decreased need to add on locations
• Makes it possible for employees to work remotely, provided that they have an internet connection
• Unified Communications system can grow with business
• Saves time and money on travel

 

SwiftTech Solutions can assist in transitioning your employees to a Unified Communications system by performing an evaluation of your current business phone infrastructure. We'll help you plan, purchase, and install a Unified system best suited for your business requirements. For more information, you can call us at 877-794-3811 or email [email protected] for a free assessment.

 

SOURCES
Small Business Trends Radio. Unified Communications For Small Business. (2008, March 12). Retrieved from: http://www.smbtrendwire.com/unified-communications-for-small-business/
Cheng, R. A Tough Call. (2010, June 21). Retrieved from: http://www.wsj.com/articles/SB10001424052748704875604575281113831177050
Billhorn, J. The Benefits of Unified Communications for Small Business. (2012, June 7). Retrieved from: http://www.smallbusinesscomputing.com/News/ITManagement/the-benefits-of-unified-communications-for-small-business.html

Read more...

You Should Get a Password Manager

 

Whenever you register for services over the internet, such as banking or insurance, websites will require you to create a password. These passwords provide a layer of protection for your confidential information. A number of websites will have various criteria for making a password, such as adding capitalized letters and special characters. A few may even require you to change your password after a specific length of time. Should you have too many incorrect login tries, some websites will lock you out of your account.

 

Trying to remember all of these passwords can be inconvenient, so many people will use unsafe memorization methods, including using the same password for every website and writing passwords down on a piece of paper. Also, quite a few professionals will exchange passwords back and forth by email. Even worse, many people will even use easy to guess passwords, which leave them prone to security breaches, such as identity theft and data leaks. SplashData listed the 25 worst passwords of 2015. If you are using these, please change your passwords now:

 

• 123456
• password
• 12345678
• qwerty
• 12345
• 123456789
• football
• 1234
• 1234567
• baseball
• welcome
• 1234567890
• abc123
• 111111
• 1qaz2wsx
• dragon
• master
• monkey
• letmein
• login
• princess
• qwertyuiop
• solo
• passw0rd
• starwars

 

A password manager can offer storage of your login data inside an encrypted cloud vault that can only be accessed by a master password. A browser extension will capture your password and offer to save it into the system. Then, the password manager will automatically enter your login information. Additionally, the system will flag weak passwords and create strong passwords for you. If you change your password, the system will discover the event and update the information. Many online password managers will even synchronize their services from the desktop computer to mobile device and vice versa.

 

These are the most common password managers

• Dashlane
• LastPass
• Zoho Vault
• ManageEngine Password Manager Pro

 

In an effort to help keep your password protected, we suggest:

• Setting up a password policy
• Keeping browsers, plugins, and operating systems updated
• Steer clear of using public Wi-Fi when entering in passwords
• Enable two-factor authentification
• Change all your passwords so they are hard to crack. Check out this tip from security expert Bruce Schneier:
"Come up with an entire phrase that’s easy for you to remember, and then use the first instance of each letter, number and symbol from each word in the phrase, keeping punctuation intact as well."

 

If you’re interested in a review of the security of your business technology and setting up a password manager, contact SwiftTech Solutions by calling 877-794-3811 or emailing [email protected] for a free consultation.

 

SOURCES
Widder, B. Avoid Google Chrome’s security flaw with these password manager apps. (2015, April 5). Retrieved from: http://www.digitaltrends.com/computing/quick-guide-to-password-manager-apps/
Peters, S. 10 Password Managers For Business Use. (2015, September 28). Retrieved from: http://www.darkreading.com/endpoint/10-password-managers-for-business-use/d/d-id/1322326
Glaser, A. You Need a Password Manager. Here Are Some Good Free Ones. (2016, January 24). Retrieved from: http://www.wired.com/2016/01/you-need-a-password-manager/
Williams, Z. Passwords, phones and privacy settings: how to protect yourself online. (2016, April 19). Retrieved from: https://www.theguardian.com/technology/2016/apr/19/how-to-protect-yourself-online-passwords-phones-privacy-settings
Barker, I. Frustration with conventional password management leads to risky behavior. (2016, April 22). Retrieved from: http://betanews.com/2016/04/20/password-frustration/
Rubenking, N. The Best Password Managers for 2016. (2016, February 9). Retrieved from: http://www.pcmag.com/article2/0,2817,2407168,00.asp
Waxman, O. These Are The 25 Worst Passwords of 2014. (2015, January 20). Retrieved from: http://time.com/3672431/worst-passwords/
Chang, L. Wookie Mistake: 'starwars' is Now One of the World's 25 Worst Passwords. (2016, January 19). Retrieved from: http://www.digitaltrends.com/web/splashdata-worst-passwords/

Read more...

Malvertising: The Hidden Threat

 

Many news organizations make a sizable profit on renting out virtual ad space on their websites. This ad space is usually rented out to third party ad networks, such as Google, Yahoo, and Microsoft. However, cybercriminals are now inserting malicious code into online advertising to infect unsuspecting website visitors. Unlike malicious advertising of the past, the ads don't need to be clicked on, but simply shown to the visitor. From there, the visitor will find his/her computer is infected with spyware and/or ransomware. These types of malware can slow down devices, record keystrokes, and encrypt files.

 

How it works:

• Cybercriminals will upload malicious Flash multimedia to an ad network
• The ad network accepts the ad and stores it in their database to serve to viewers at a later time
• Advertisers will bid on the opportunity to serve their ads to a target audience
• The ad network will serve an ad to the cybercriminal's desired audience
• When a user visits the website, the ad will display and the malicious code will download to their computer
• The code will then search for a backdoor through unpatched software, especially Flash, Java, and Silverlight
• Once the backdoor is found, the code will install malware onto the device


You can protect yourself from malware by:

• Keeping your web browser updated
• Adjusting your web browser setting so mulitimedia ads won't run automatically unless you click on them. This article has instructions here.
• Use ad blocking software, such as Adblock Plus
• Keep browser plugins updated
• Disabling or uninstall plugins you don't use
• Limiting the amount of employee accounts that can install software on their computers
• Installing software that will monitor and protect your web browser for exploit attempts, such as Malwarebytes Anti-Exploit

 

SwiftTech Solutions can help your staff stay protected against the dangers of web browsing. Contact us by calling 877-794-3811 or emailing [email protected] for a free network assessment.

 

SOURCES
Painter, L. How to stop autoplaying ads, videos and media on web pages: Stop videos autoplaying in Chrome, Firefox, Internet Explorer. (2015, August 13). Retrieved from: http://www.pcadvisor.co.uk/how-to/internet/how-stop-autoplaying-ads-videos-media-on-web-pages-chrome-firefox-internet-explorer-3497991/
Hern, A. Major sites including New York Times and BBC hit by 'ransomware' malvertising. (2016, March 16). https://www.theguardian.com/technology/2016/mar/16/major-sites-new-york-times-bbc-ransomware-malvertising
Malwarebytes Labs. What is malvertising? (2015, February 24). Retrieved from: https://blog.malwarebytes.org/the-basics/2015/02/what-is-malvertising/
Ducklin, P. Malvertising – why fighting adblockers gets users’ backs up. (2016, January 15) Retrieved from: https://nakedsecurity.sophos.com/2016/01/15/malvertising-why-fighting-adblockers-gets-users-backs-up/
Scharr, J. Malvertising Is Here: How to Protect Yourself. (2014, November 5). Retrieved from: http://www.tomsguide.com/us/malvertising-what-it-is,news-19877.html
O'Kelley, B. Malvertising: Three Things You Need To Know. (2016, January 11). Retrieved from: http://www.forbes.com/sites/valleyvoices/2016/01/11/malvertising-three-things-you-need-to-know/#48cbb1df219b
Miller, J. Malvertising – the new silent killer? (2015, October 21). Retrieved from: http://www.cio.com/article/2995078/malware/malvertising-the-new-silent-killer.html
Hoffman, C. What is Malvertising and How Do You Protect Yourself? (2015, September 1). Retrieved from: http://www.howtogeek.com/227205/what-is-malvertising-and-how-do-you-protect-yourself/
Kashyap, R. Why Malvertising Is Cybercriminals’ Latest Sweet Spot. Retrieved from: http://www.wired.com/insights/2014/11/malvertising-is-cybercriminals-latest-sweet-spot/

Read more...

Internet of Things - What Can It Do For My Business

 

You may have heard the buzz surrounding the Internet of Things (IoT). The general definition of the Internet of Things is to give any device the ability to connect to the internet. Then, the device exchanges data to its associated cloud software, then analyzes the information necessary to carry out your desired functions. Most Internet of Things devices function using sensors, wireless connectivity, and data analytics software.


The Internet of Things may be making your personal life easier already. For example, every time you use your phone to find your car keys, retrieve workout information from a fitness board, and turn off the lights at home, you are already using the Internet of Things.


The most common Internet of Things applications on the market can monitor:

• Assets
• Facilities
• Products
• Customers
• Supply chain

 

The Internet of Things technology can provide valuable benefits for your organization such as:

• Increased control of expenses
• More efficient and responsive work procedures
• New business opportunities
• More comprehensive asset monitoring and troubleshooting
• Lessened dependency on staff members
• Manual work procedures can be turned into digital processes


Several industries are already using Internet of Things technology:

Healthcare:

• Patients can check vital signs at home using specialized scales and probes. From there, the information would automatically be sent to the healthcare staff.
• Healthcare facilities can track temperatures of freezers storing medicines and vaccines remotely to prevent spoiling.
• Hospitals can track inventory by adding RFID tags to each item.

 

Manufacturing:

• Staff can monitor equipment remotely for malfunctions that can cause breakdowns and endanger the safety of workers.
• Sensors on the assembly line equipment can send status updates on production processes to managers
• Sensors can be added to inventory to prevent out-of-stock situations

 

Transportation:

• Staff can monitor vehicle diagnostics, fuel, location, and more, using a built in computer
• Sensors on trailers can track if trailers are loaded, when the door opens, and when pallets move.
• Smart devices on vehicles can send data on driver behaviors to fleet managers

 

Food Service:

• Sensors in refrigerators can track temperatures so food won't spoil
• Customers can place order at the table using a tablet
• Restaurants can allow customers place their order ahead of time from their app

 

Hospitality:

• Use smartphone to check in, unlock hotel room, and access amenities (pool, gym, parking garage)
• Guest that use the mini bar are automatically charged if items are removed.
• Hotels can track operations of their heating, ventilation, air conditioning, plumbing, and more.

 

As the Internet of Things becomes more widespread, you will discover new ways to optimize your traditional work processes. A business technology analyst, such as SwiftTech Solutions, can assist your organization in adopting new technologies that can solve problems and create growth for your business. For more information, please contact us by calling 877-794-3811 or emailing [email protected].



SOURCES
Young, A. The Internet of Things: The Impact on the Travel and Hotel Industry. (2015, August 27). Retrieved from: http://www.hospitalitynet.org/news/4071511.html
eMarketer. How the Internet of Things Is Transforming Travel. (2016, January 21). Retrieved from: http://www.emarketer.com/Article/How-Internet-of-Things-Transforming-Travel/1013487
Wakefield, K. How The Internet Of Things Is Transforming Manufacturing. (2014, July 1). Retrieved from: http://www.forbes.com/sites/ptc/2014/07/01/how-the-internet-of-things-is-transforming-manufacturing/#1341ada228e5
Phillips, E. Internet of Things Reaches Into the Trucking Business. (2015, April 29). Retrieved from: http://www.wsj.com/articles/internet-of-things-reaches-into-the-trucking-business-1430342965
Transport Topics. The ‘Internet of Things’ Takes Hold in Trucking. (2016, March 18). Retrieved from: http://www.ttnews.com/articles/basetemplate.aspx?storyid=41285&page=2
Key, C. Implementing the Internet of Things in Logistics and Transportation. (2015, November 10). Retrieved from: https://www.getstructure.io/blog/implementing-the-internet-of-things-in-logistics-and-transportation
Libelium. 50 Sensor Applications for a Smarter World. Retrieved from: http://www.libelium.com/top_50_iot_sensor_applications_ranking/
Internet of Things Wiki. Internet Of Things(IoT) Applications In Retail. Retrieved from: http://internetofthingswiki.com/iot-applications-examples/541#Retail
Pickett, D. What the 'Internet of Things' Means for Enterprising Entrepreneurs. (2014, November 14). Retrieved from: http://www.entrepreneur.com/article/239782
Schur, M. The Internet of Things Could Change How Small Businesses Operate. (2014, August 28). Retrieved from: http://www.nfib.com/article/the-internet-of-things-could-change-how-small-businesses-operate-bizhelp-66363/
Pellet, J. Are You Ready for the Internet of Things. (2015, March). Retrieved from: https://www.microsoft.com/en-us/server-cloud/internet-of-things/default.aspx
McKinsey Global Institute. Unlocking the potential of the Internet of Things. (2015, June). Retrieved from: http://www.mckinsey.com/business-functions/business-technology/our-insights/the-internet-of-things-the-value-of-digitizing-the-physical-world
Robb, D. What the 'Internet of Things' Means For Small Business. (2015, August 18). Retrieved from: http://www.smallbusinesscomputing.com/News/Networking/what-the-internet-of-things-means-for-small-business.html
Shein, E. How The Internet Of Things Is Helping Small Businesses. (2015, December 14). Retrieved from: http://www.forbes.com/sites/centurylink/2015/12/14/how-the-internet-of-things-is-helping-small-businesses/#19b3c68959fe
DeMers, J. A Small-Business Guide to the Internet of Things. (2015, January 14). Retrieved from: https://www.americanexpress.com/us/small-business/openforum/articles/7-things-every-business-owner-needs-know-internet-things/
Spors, K. How the 'Internet of Things' Will Revolutionize Small Business. (2014, June 3). Retrieved from: https://www.americanexpress.com/us/small-business/openforum/articles/how-the-internet-of-things-will-revolutionize-small-business/

Read more...

Business Continuity – Staying Prepared in Case of a Disaster

 

Is your organization prepared to stay in business in the event that the following disasters occur?
• Fire
• Flood
• Widespread illness
• Equipment breakdown
• Social unrest
• Human error
• Power outage
• Cyber attack

You should consider any catastrophic events disrupting your company operations a threat. Fortunately, a business continuity plan can help your organization ensure important business services can continue during and after a disaster event.

Failure to prepare for a disaster can result in:
• Service and communication breakdowns
• Lost earnings
• Paying costs insurance does not cover
• Major team members leaving

 

Your organization should focus on keeping these business departments operating:
• Sales and order taking
• Customer support
• Billing
• Employee operations

 

Also, these key components are needed in order to continue operating your business
• Location
• Staffing
• Equipment, primarily phone systems, shared network drives, and applications

 

Your IT provider can help your organization develop a business continuity plan. This document will include:

Business Impact Analysis: Forecasts the outcomes of business operations disruption. You will list each negative consequence, such as data lost and broken communications. After that, you will determine the cost of these events in dollars and cents.
Disaster recovery plan: IT strategies to implement after a disaster
Business resumption plan: Plans for sustaining business services at your location.
Business recovery plan: Identify, document, and execute strategy to recover vital business functions and procedures for each department
Contingency plan: Planning work around procedures for specific systems failures or a disruption of operations. This can include an alternate work space or replacement laptop.

 

SwiftTech Solutions can assist your organization in preparing a business continuity plan. For more information, please contact us by calling 877-794-3811 or emailing [email protected].

 

SOURCES

Reeder, J. Building and Maintaining a Business Continuity Program. Retrieved from: http://www.mcafee.com/us/resources/white-papers/foundstone/wp-business-continuity.pdf
Symatec. Disaster Recovery Planning Guide . Retrieved from: https://www.symantec.com/content/en/us/enterprise/white_papers/b-disaster-recovery-planning-guide-WP-21319723.pdf
Rouse, M. Business Continuity and Disaster Recovery (BCDR). (2009, July). http://searchstorage.techtarget.com/definition/Business-Continuity-and-Disaster-Recovery-BCDR
Potts, J. Disaster Recovery Is Not Business Continuity. (2013, January 4). Retrieved from: http://www.datacenterknowledge.com/archives/2013/01/04/disaster-recovery-is-not-business-continuity/
Lindros, K. and Tittel, E. How to Create an Effective Business Continuity Plan. (2013, November 14). Retrieved from: http://www.cio.com/article/2381021/best-practices/how-to-create-an-effective-business-continuity-plan.html
Ready.gov. Business Continuity Plan. Retrieved from: https://www.ready.gov/business/implementation/continuity
Rouse, M. Business Continuance (Business Continuity). (2006, January). Retrieved from: http://searchstorage.techtarget.com/definition/business-continuance
Margiottiello, M. and Chao, H. Contingency Planning: Addressing Critical Business Processes That Support Implementation of HIPAA Transactions. (2003, February 12). Retrieved from: https://www.cms.gov/research-statistics-data-and-systems/computer-data-and-systems/mmis/downloads/contingency.pdf

Read more...

What is a NOC?

 

The Network Operations Center (NOC), pronounced "knock," is considered the Central Nervous System of an MSP's operations. NOCs focus on monitoring and managing the operations of hardware devices, software operating systems, and applications. They also ensure constant uptime of services and respond proactively to issues that may arise.

The tasks a NOC technician concentrates on include:

• Network troubleshooting
• Router and domain name management
• Performance monitoring
• Software distribution and updates
• Creating reports on network systems health
• Responding to issues disrupting IT systems
• Providing customer support when needed

 

A NOC technician uses sophisticated network monitoring tools on a series of computer monitors to monitor for performance, network system device operations, power failures, and more. If the NOC's network monitoring system detects any problems that may threaten efficient IT services operations, the on-call technician will automatically receive a notice. From there, the NOC technician will create a support ticket, and then work on resolving the issue immediately or escalate it to the proper technician before it disrupts the client's service.

NOC services offer these benefits to clients:

• Around the clock monitoring
• Ongoing maintenance prevents issues before they start
• Maintains agreed upon service levels
• Keeps IT costs under control

 

NOC services offered by SwiftTech Solutions can help your organization maintain worker productivity and prevent IT downtime. For more information, please contact SwiftTech Solutions at 877-794-3811 or email [email protected].


SOURCES
Webopedia. NOC - network operations center. Retrieved from: http://www.webopedia.com/TERM/N/NOC.html
Simpson, E. The Best NOC and Service Desk Operations Book Ever!Retrieved from: http://www.n-able.com/resources/_documents/runbook_special.pdf
Techopedia. Network Operations Center (NOC). Retrieved from: https://www.techopedia.com/definition/5377/network-operations-center-noc
TechTarget. network operations center (NOC).Retrieved from:http://searchnetworking.techtarget.com/definition/network-operations-center
Fulton, C. 5 Tips for Building an Efficient NOC & Help Desk (2015, July 20). Retrieved from: http://www.connectwise.com/blog/5-tips-for-building-an-efficient-noc-and-help-desk/

Read more...

Creating a Business Technology Strategy

 

In the past, technology implementation was a lower priority project tacked on after other business projects were complete. Today, businesses can use technology to run a more profitable and competitive business. They can strengthen product development, gather customer insight, increase worker efficiency, and much more. With thorough research and planning, business technology projects can reinforce the vision, mission, values, and goals of an organization. Consider creating a business technology strategy.

According to ICT Knowledgebase, a business technology strategy can enable an organization to:

• Reduce costs
• Standardize work processes
• Improve workflow and communications
• Sustain repeatable service levels
• Control risk
• Implement new business strategies
• Facilitate growth
• Gain a competitive advantage

 

The strategy document itself will likely include the following and more:

• Business mission, vision, and values
• Business goals
• Economic, demographic, industry, and technology trends
• Current business processes
• IT asset identification
• Budgetary constraints
• Functions of the IT department
• Technology road map


A business technology analyst, such as SwiftTech Solutions, can help your organization prepare your business technology strategy. For more information, please contact SwiftTech Solutions at 877-794-3811 or email [email protected]


SOURCES
Rouse, M. IT strategy (information technology strategy) definition. (2012, August). Retrieved from: http://searchcio.techtarget.com/definition/IT-strategy-information-technology-strategy
Fenwick, N. Business Technology Strategy Template. (2013, September 20). Retrieved from: http://blogs.forrester.com/nigel_fenwick/13-09-20-business_technology_strategy_template
Beveridge, C. Aligning IT with Business Strategy. Retrieved from: http://www.ictknowledgebase.org.uk/fileadmin/ICT/pdf/NCC/Align_IT_with_strategy.pdf
Fenwick, N. Adopt a business technology strategy to gain competitive advantage: Forrester. (2011, March 18). Retrieved from: http://www.cio.com.au/article/380221/adopt_business_technology_strategy_gain_competitive_advantage_forrester/
Nixon, N. Technology Strategies for Business Plans. Retrieved from: http://smallbusiness.chron.com/technology-strategies-business-plans-2592.html
Fenwick, N. 4 steps in developing a business technology strategy. (2011, January 10). Retrieved from: http://www.cio.co.uk/insight/strategy/4-steps-in-developing-a-business-technology-strategy/

Read more...

Choosing an IT Security Consultant for Your Business

 

IT security is an increasing concern among businesses of all sizes and industries. These businesses must protect against malware, hackers, employee mistakes, and natural disasters. According to a 2013 Symantec report, 31% of attacks were aimed a businesses with fewer than 250 employees. with these dangers come the risk of a site outage, loss of intellectual property, leaked customer information, and worker downtime. If these risks are realized, this can lead to a drop in revenue, lawsuits, negative publicity, and even loss of the business. Fortunately, an IT Security Consultant can protect your business from these failures.

An IT Security Consultant will complete the following tasks:

• Increase application security
• Update company security policies
• Set up virus/malware protection and firewall management
• Prevent/Stop Denial of Service (DoS) attacks
• Secure the business Wi-Fi network
• Create Bring Your Own Device (BYOD) Policies, primarily for mobile devices

 

When selecting an IT Security Consultant, you must ask these questions:

What is my company's biggest security risk?: You and your IT Security Consultant must determine which failures would put the company's livelihood at the greatest risk. From there, the IT Security Consultant should conduct an IT security analysis.
What experience do you have?: Your IT Security Consultant should have more to their credit than certifications. They should tell you stories about managing specific security failures with their other clients.
Who will do the work?: If the consultant has to delegate any advanced level work, they must use a Tier 3 or Tier 4 technician.
How will you communicate with me?: The consultant must let you know when they will contact you during each step of implementing the IT security project.
What will you do in case of a disaster?: The IT Security Consultant must have a policy in place in case disaster does strike.
Will the rest of the company support these efforts?: If your employees do not commit to following the company's updated IT policies, efforts to tighten IT infrastructure security will be undermined.


SwiftTech Solutions can protect your business livelihood by managing your organization's security risk. Protect your business now by contacting SwiftTech Solutions for a review of your IT security. You can call 877-794-3811 or email [email protected] for a free consultation.

 

SOURCES

Humphries, D. 7 Essential Questions to Ask When Hiring an IT Security Consultant. (2014, March 6). Retrieved from: http://intelligent-defense.softwareadvice.com/questions-to-ask-when-hiring-security-consultants-0314/

Dell SecureWorks. Application Security. Retrieved from: http://www.secureworks.com/consulting/technical-testing-assessments/application-security-testing/

Jain, N. Startup guide to become an Information Security Consultant. Retrieved from: http://www.myinfosecjob.com/2010/10/startup-guide-to-become-an-information-security-consultant/

WikiHow. How to Become a Computer Security Consultant. Retrieved from: http://www.wikihow.com/Become-a-Computer-Security-Consultant

Ferrell, R. How to hire an IT security consultant. (2005, March 28). Retrieved from: http://www.infoworld.com/article/2672379/security/how-to-hire-an-it-security-consultant.html

Read more...

Why does my business need a Managed Service Provider?

 

Many small businesses start out managing the IT tasks for their office themselves. This can work if your business only has a couple of employees. However, when the business starts to grow, you won’t have the time or the patience to complete data backups, software updates, and repair your employees’ tech issues.  If this situation sounds familiar to you, then consider outsourcing your IT tasks to a Managed Service Provider (MSP).

Here are a few reasons your business needs an MSP:

  • You can’t afford system downtime and data loss: Let’s say your data backup and recovery systems stopped working for weeks without you realizing it. Then, your email server goes down. Since the email server data wasn’t backed up, any valuable emails, such as customer information, legally binding documents, and company reports, are gone. Long term repeated outages and data loss issues can hurt your business operations, create distrust among your clients, and even threaten to shut down your business altogether. An MSP will create fast and secure IT operations by assessing your current technology environment, then creating a customized business technology plan. Overtime, executing this plan will help increase employee productivity, cut down on financial loss, and ensure peace of mind.

  • Monitoring IT systems yourself can get too complex: Most business need to use multiple vendors for their computer software, such as Microsoft, Adobe, Symantec, VMware, Oracle, and much more. An MSP already has a comprehensive alerting system in place for monitoring the activity for your applications, devices, data backups, and security. Plus, they will send you reporting via email at an interval you prefer (daily, weekly, etc.).

  • Systems operation could be at risk from unapplied software patches:  Software vendors, such as Microsoft and McAfee, will create update patches for their product to fix any problems relating to performance, usability, and security. For example, if a patch for McAfee is not applied, your employees can be leaving their computers vulnerable to virus and malware attacks, and eventually lost hours of work from downtime. An MSP will keep track of your software and update on a regular basis.

  • You might be losing money fixing a preventable issue: Traditionally, small businesses usually call on an IT support technician only when something breaks. However, if something major breaks down, such as a server, a technician could spend many hours trying to save the device. These hours of labor can lead to a large invoice to your business. An MSP uses a combination of quantitative data and real world experience to forecast any upcoming IT issues.  That way, you and your MSP can still have the option to find and use less expensive and less time consuming solutions.

  • Your expertise on IT support may be limited: You may know your industry like the back of your hand. However, someone who been focusing on running a restaurant for example, will likely not have the same amount of expertise with IT. An MSP’s employees are a source of dedicated IT know-how, thanks to a combination of certifications and on the job experience. You, the business owner, can access this expertise with one phone call to the MSP’s help desk.

  • Your tech systems don’t allow for company innovation: Most companies typically spend 80% of their budget keeping their basic infrastructure running, which do not contribute to the growth of their business.  An MSP can help you spend less in the long run by providing a predictable monthly or yearly fee for keeping your IT systems well maintained.  With your savings, you and your MSP can discuss using technology to grow your business and adapt to changing business conditions. For example, you might consider purchasing automating software that will help your employees complete common tasks more efficiently.


If you’re interested in hiring a Managed Service Provider for your business, SwiftTech Solutions can help. You can call 877-794-3811 or email [email protected] for a free consultation.



SOURCES

Cisco Systems, Inc. (2007). Are Managed Services Right for Your Business. Retrieved from: http://www.cisco.com/en/US/solutions/collateral/ns339/ns416/ns458/net_brochure0900aecd805cedea.pdf

Tonge, S. (2012). Five reasons why Managed Services help with IT-Business Alignment. Retrieved from: http://blog.unify.com/2012/08/five-reasons-why-managed-services-help-with-it-business-alignment/

Sweetman, D. (2012). How to Increase Your Profits As a Managed Service Provider. Retrieved from: http://www.crn.com/blogs-op-ed/channel-voices/240002262/how-to-increase-your-profits-as-a-managed-service-provider.htm

Smith, J. (2011). Do you need to hire a managed service provider? Retrieved from: http://www.quora.com/Jenny-Smith-14/Posts/Do-you-need-to-hire-a-managed-service-provider

Peretson, R. (2011). Managed Services The Win-Win Model for Your IT Support Business. Retrieved from: http://www.mspbusinessmanagement.com/sites/default/files/whitepaper/WP0003-v1.0-EN-win-win-model-it-support.pdf

Goodrich, R. (2013). Managed Services: Advantages of Outsourcing IT. Retrieved from: http://www.businessnewsdaily.com/5115-managed-services.html

Rouse, M. (2007). managed service provider (MSP). Retrieved from: http://searchenterprisewan.techtarget.com/definition/managed-service-provider

Massachusetts Institute of Technology. Software Patches & OS Updates. Retrieved from: http://ist.mit.edu/security/patches

Processor. (2006). Accurate IT Forecasting. Retrieved from: http://www.processor.com/

Read more...

The Business Benefits of Virtualization

 

You may have heard the buzz term “virtualization,” but not be too familiar with it. Virtualization means to create a virtual form of computing, such as a desktop, operating system, server, storage device, or software. However, you may be asking, “Why should my business do this?” Virtualization is not a passing fad that will go away in a couple of years. Here are four benefits to consider:


•    Better customer service: Virtualization will allow you to decrease planned and unplanned computer downtime. When this happens, you’ll automatically switch over to a backup server. Also, the server will have snapshot in time of when your server was last working. These snapshots will allow your employees to be up and running on their devices within minutes, instead of hours. Most importantly, your customers will be less likely to visit a downed website and leave to your competitors.

•    Reduced expenses: Virtualizing your tech systems will allow your IT department to consolidate data into fewer servers. Having less hardware to maintain will mean fewer licenses to buy, reduced use of facility space, lower power bills, and shortened work hours. Plus, a virtualized environment will leave you less tied down to a certain vendor, which means you can buy less expensive hardware and not necessarily need to have identical hardware on hand. The savings from virtualizing your business technology systems can go to your other business goals or investing back into more competitive technologies.

•    More flexible working environment: Traditional technology systems will only allow you to run one operating system on one computer. Imagine being able to run multiple operating systems, such as Windows and Apple, on a single computer. This is done by using different virtualized desktops on a single piece of hardware. This comes in handy when you need to use legacy applications that are not compatible on a single operating system. You can now use these applications on your primary computer and get rid of that outdated machine.

•    Increased monitoring of IT environment:  The consolidation of devices decreases the complexity of the technology infrastructure, which lowers security risk. Within the virtual environment, IT admins can deploy custom security settings for each VM user so only certain people can get access to sensitive company information.  If someone’s virtual machine becomes infected with malware, you can isolate the affected device so it does not penetrate the corporate server. Also, the infected device can be rolled back to the latest “secure” state before the attack.

Keep in mind that implementing a virtualized technology environment is not a one-size fits all solution. You’ll need to determine the right mix of hardware, software, server platform, network, processor, and infrastructure. SwiftTech Solutions can help you come up with a virtualization technology plan that suits your company’s requirements and budget. You can call 877-794-3811 or email [email protected] for a free consultation.


SOURCES
AMD. Business and Financial Benefits of Virtualization. (2011). Retrieved from http://www.amd.com/Documents/Business_and_Financial_Benefits_of_Server_Virtualization_FINAL.pdf

ITBusinessEdge. 10 Ways Virtualization Can Help Your Business. Retrieved from http://www.itbusinessedge.com/slideshows/show.aspx?c=78378

Marshall, D. (2011, November 2). Top 10 benefits of server virtualization. Retrieved from http://www.infoworld.com/d/virtualization/top-10-benefits-server-virtualization-177828

Clancy, H. (2011). 4 reasons "virtualization" saves money. Retrieved from http://www.microsoft.com/

Waters, J. (2013). Virtualization Definition and Solutions. Retrieved from http://www.cio.com/article/40701/Virtualization_Definition_and_Solutions

Burger, T. (2012, March 5). The Advantages of Using Virtualization Technology in the Enterprise. Retrieved from http://software.intel.com/en-us/articles/the-advantages-of-using-virtualization-technology-in-the-enterprise

ViewSonic. (2012). The Business Benefits of Virtualization. Retrieved from http://www.viewsonic.com/us/news/solutions/the-business-benefits-of-virtualization/

Advanced Micro Devices, Inc. (2012). Business & Financial Aspects of Server Virtualization. Retrieved from http://www.amd.com/us/Documents/Business-and-Financial-Benefits-of-Server-Virtualization.pdf

Vincenti, B. (2010, December 24). 5 Benefits of switching to Virtualization Technology. Retrieved from http://www.gfi.com/blog/5-benefits-switching-virtualization-technology/

InfoSec Institute. Virtualization Security. Retrieved from http://resources.infosecinstitute.com/virtualization-security-2/

Mortleman, J. (2009, March). Virtualisation: security benefits. Retrieved from http://www.computerweekly.com/feature/Virtualisation-security-benefits

Read more...

The Importance of Business Data Backups

 

Your business needs to rely on immediate and constantly available data, especially those who work in heavily regulated industries. The types of business data critical to your operations include tax information, sales records, customer databases, supplier contracts, accounts payable and receivable, intellectual properties, and much more. It’s common for many employees to back up their data in one place, such as USB drives, CDs, and external hard drives. Worse, some may even rely on their computer hard drive as a sole source of storage. Unfortunately, these methods of storage and backup are faulty and are vulnerable to these common causes of business data loss:

• Hardware/software failure
• Accidental deletion
• Viruses/malware
• Theft
• Disasters (fires, floods, power outages)
• Accidental formatting of hard drive, USB drive, and/or SD card


Loss of your critical business data can lead to these disastrous consequences:

• Lost revenue
• Exposed sensitive customer information
• Lost productivity
• Valuable projects are wiped out
• Regulatory penalties
• Possible loss of business


To prevent the above scenarios, we strongly recommend business data backups to an onsite and offsite location. For example, Veeam Backup and Replication can archive your information to an onsite device dedicated to disaster recovery and offsite to a cloud storage provider, such as Windows or Amazon. If disaster does strike and, for example, a flood destroys your laptop, you can access your data from the cloud and resume your work on another device. Plus, the latest backup methods employ sophisticated methods of encryption so unauthorized individuals cannot access your confidential business data easily.

SwiftTech Solutions can setup a plan for backing up your business data. We'll ensure your solution suits your company's needs and budget. You can call 877-794-3811 or email [email protected] for a free consultation.



SOURCES

Beesley, C.  Got Backup? Finding the Best Backup Option for Your Small Business Data. (2012, March 5). Retrieved from: http://www.sba.gov/community/blogs/community-blogs/small-business-matters/got-backup-finding-best-backup-option-your-sm
Baker, P. A Guide to Small Business Data Backup and Recovery. (2013, January 3). Retrieved from: http://www.smallbusinesscomputing.com/News/ITManagement/a-guide-to-small-business-data-backup-and-recovery.html
Klein, K. How to Protect Your Company's Data. (2012, March 26). Retrieved from: http://www.businessweek.com/articles/2012-03-26/how-to-protect-your-companys-data
Webopedia. Data Backup Basics for Business. (2010, August 31). Retrieved from: http://www.webopedia.com/DidYouKnow/Computer_Science/2007/data_backup_basics.asp
Mah, P. 4 ways to disaster-proof your data backups. (2013, October 1). Retrieved from: http://www.pcworld.com/article/2050337/5-ways-to-disaster-proof-your-data-backups.html
IBM. SmartCloud Managed Backup. Retrieved from: http://www-935.ibm.com/services/us/en/it-services/managed-backup-cloud.html
Brooks, C. Online Data Backup: A Small Business Guide. (2013, May 31). Retrieved from: http://www.businessnewsdaily.com/4565-online-data-backup-guide.html
Rashid, F. In Case of Laptop Loss, Encrypt and Back Up Your Data. (2013, November 3). Retrieved from: http://securitywatch.pcmag.com/backup/317587-in-case-of-laptop-loss-encrypt-and-backup-your-data

Read more...

What is CryptoLocker and How Can You Protect Your Business?

 

If your business operates on Windows computers, be on the lookout.  Cybercriminals created malicious computer software, called CryptoLocker, which can invade your computer, encrypt your data, and then demand you pay a ransom. Afterwards, you have roughly 72 hours to pay the ransom of at least $200 in bitcoins. If you don’t pay the ransom on time, the price can go up to $2,000. Or don’t pay and lose your data forever, which likely won’t be an option if CryptoLocker encrypted files critical to operating your business, such as legal documents, payroll forms, and customer information.

 

How does a computer become infected with CryptoLocker malware?: Computing devices become infected with CryptoLocker malware largely through phony FedEx and UPS tracking notices containing malicious attachments.  When the recipient opens the email attachment, the malware will install on network drives, external hard drives, network file shares, and even cloud storage files.  From there, the CryptoLocker malware will scan and then encrypt documents, photos, music, and video files.  Afterwards, the victims will see a popup window notifying them their personal files are encrypted and they have 72 hours to pay the ransom or the malware will delete the key that will decrypt all their device files.

 

How can I prevent CryptoLocker from infecting my business computers?:
•    Do not open attachments from an unknown sender. If you need to view an attachment from a known sender, save the files to disk before opening them.
•    Use an email filtering software, such as Symantec Mail Security for Microsoft Exchange. This type of software will scan for malware, including CryptoLocker, and then filter the bad emails out of your inbox.
•    Back up your important files to DVD, hard drive, and an offsite location, such as the cloud. Keep in mind if you are backing files up to the cloud, do not sync your files automatically, or else they may be updated with CryptoLocker -infected files. Disconnect your backup from your computing device until the next time you need it.
•    Have your IT provider enforce an email group policy preventing people from opening executable files, such as a zip file. However, some cybercriminals are getting around this obstacle by password protecting zip files.
•    Keep your antivirus and anti-malware software updated. Each update provides patches for detecting the latest virus and malware attacks available.
•    Use a next generation firewall with an intrusion prevention system, such as Dell SonicWALL. A traditional firewall mostly involves keeping cybercriminals out of your networks. The next generation firewall takes the traditional method a step further and also incorporates anti-mail ware protection, in addition to user authentication, URL filtering, and application-level security.

 


My computer is infected with CryptoLocker malware. What should I do?: Unfortunately, there is no software available to decrypt files infected with CryptoLocker yet. Plus, the authorities currently don’t have a way to track down these criminals, thanks to the crooks frequently changing their servers and accepting a global currency as payment. Here’s how to respond to a CryptoLocker infection:

•    Disconnect your corrupted device from the network and turn it off immediately. This will prevent other files and devices from being infected.
•    If you had any recent backups, you can recover from the CryptoLocker malware much less painlessly. Use your antivirus software to clean out the infection, then copy the backed up files to your hard drive.
•    If you don’t have your files backed up, try using Windows’ System Restore. This feature will return your system files and settings to an earlier point in time.
•    Do not pay the ransom, unless you have no way to recover your files. By paying the cybercriminals for their devious acts, victims are reluctantly encouraging a criminal operation to continue.
•   If you absolutely and positively need the infected files and are willing to pay the ransom, don’t clear out the CryptoLocker malware yet. You’ll need the infection to stay on the computer for the decryption key to work. Some bold CryptoLocker criminals have customer service sites set up to help people pay the 2 bitcoin ransom. If you miss the deadline, the ransom will likely increase to 10 bitcoins (equivalent to $2,000). In general, victims stated paying the ransom is effective in getting their files decrypted, especially since the criminals don’t want to leave money on the table.

 

Right now, the best method of fighting the efforts of CryptoLocker criminals is prevention. SwiftTech Solutions, an IT managed services provider, can analyze your IT systems and set up a network and computer security plan for your business so you can protect your critical business data.  If you are interested in these services, call 877-794-3811 or email [email protected] for a free consultation.

 

SOURCES:
Westervelt, R. 5 Ways To Defend Against Ransomware Threats. (2013, November 8). Retrieved from: http://www.crn.com/slide-shows/security/240163653/cryptolocker-5-ways-to-defend-against-ransomware-threats.htm?cid=nl_sec

Weisbaum, H. CryptoLocker crooks launch 'customer service' site. (2013, November 14). Retrieved from: http://www.cnbc.com/id/101195861

Templeton, G. Cybercrime evolved: Cryptolocker virus gets user-friendly with brilliantly twisted update. (2013, November 14). Retrieved from: http://www.extremetech.com/computing/170842-cybercrime-evolved-cryptolocker-virus-gets-user-friendly-with-brilliantly-twisted-update

United States Computer Emergency Readiness Team. CryptoLocker Ransomware Infections. (2013, November 5). Retrieved from: http://www.us-cert.gov/ncas/alerts/TA13-309A

Gephardt, B. Malware 'CryptoLocker' forces computer user to pay ransom for files. (2013, November 18). Retrieved from: http://www.ksl.com/?nid=148&sid=27682515

Neal, R. CryptoLocker Virus Infects 12,000 Computers In One Week: How Hackers Are Avoiding Detection. (2013, November 16). Retrieved from: http://www.ibtimes.com/cryptolocker-virus-infects-12000-computers-one-week-how-hackers-are-avoiding-detection-1473046

Abrams, L. CryptoLocker Ransomware Information Guide and FAQ. (2013, October 14). Retrieved from: http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

Orsini, L. How To Fight CryptoLocker And Evade Its Ransomware Demands. (2013, November 8). Retrieved from: http://readwrite.com/2013/11/08/cryptolocker-prevent-remove-eradicate#awesm=~onFBLsmBGkTsM6

Read more...

The Benefits of a Network Security Plan

 

As the technology landscape becomes more complex, cybercriminals have and will continue to develop software that will search for vulnerabilities in any business’s network. Once these breaches in security are found, they can use your network to steal information, exploit targets for money, distribute spam to other networks, and promote their own agenda.

If you think your business is too small for a hacker to attack, think again. According to PC World, 31% of cyber-attacks were aimed at small businesses. Worse, 60% of the SMBs affected ultimately went out of business.
 
Don’t have the staff to manage your network? A managed service provider can review, monitor, and maintain your network for a low monthly rate. They can help you protect your network by finding the holes in your security, configuring your firewall to allow certain applications to access the network, executing a powerful Intrusion Prevention System, and setting up employee technology use policies. Furthermore, they’ll use a comprehensive monitoring system to ensure the safety of your network.

Here’s the ways a network security plan can benefit your business:

•    Protects against business disruption: Your employees could be working from a slow computer, possibly from bloated upgrade patches or a recent malware infestation. Worse yet, your website may be down and your customers cannot order your products and services. A complete network security plan can minimize these instances plus offer increased productivity and decreased revenue loss.

•    Helps you manage your business reputation: An unprotected network an open the door for a hacker to hijack your website and post any topic they feel like. For example, cybercriminal group Lulzsec defaced the PBS.org site with a suggestion that Tupac was still alive and living in New Zealand. A network security plan can help your business remain in control of their digital assets by using an Intrusion Prevention Service to stop these exploits from happening. Consequently, staying in control of your network activity will help keep your business’ reputation intact.

•    Helps company meet industry compliance standards: Audits from the government and your industry bureau can come at any time. For example, if your company is not encrypting sensitive data, the governing agency can levy it with a heavy fine. A comprehensive network security plan help your company guard your databases and ensure the privacy and integrity of confidential data.

•    Protects customer data: If a hacker gains access to your database and collect customer credit card data, bank account records, and social security numbers, your customer can become victims of identity theft and subsequently take legal action against your business. A network security plan can include buying SSL certificates so online registration and transactions can’t be intercepted. Plus, the “https” in the browser address can assure your customers your business is a trustworthy place to buy products and services.

•    Allows an employee to work remotely: A network security plan can allow for an employee to access a Virtual Private Network (VPN). The VPN can give employees easy, secure access to tools and applications they need to perform their day-to-day tasks. That way your business can add new office branches quickly, allow workers flextime, and hire top-notch talent from anywhere in the world.

Protect your business now by contacting SwiftTech Solutions for a review of your network security. You can call 877-794-3811 or email [email protected] for a free consultation.



SOURCES:
Cisco. What is Network Security? Retrieved from: http://www.cisco.com/cisco/web/solutions/small_business/resource_center/articles/secure_my_business/what_is_network_security/index.html

Arar, Y. Small-Business Network Security 101. (2009, July 1).Retrieved from: http://www.pcworld.com/article/167647/network_security.html

Bradley, T. Secure your small-business network without spending a dime. (2013, September 5). Retrieved from: http://www.pcworld.com/article/2048137/secure-your-small-business-network-without-spending-a-dime.html

Poremba, S. 7 Steps Toward Better Small Business Security. (2013, October 3). Retrieved from: http://smallbusiness.foxbusiness.com/technology-web/2013/10/03/7-steps-toward-better-small-business-security/

Sutton, C. When the Pros Secure Your Network You Keep Away the Cons. (2013, November 27). Retrieved from: http://smallbiztrends.com/2013/11/secure-your-network.html

CIOL Bureau. Top 10 tips to make your business secure. (2013, November 27). Retrieved from: http://www.ciol.com/ciol/features/202175/top-tips-business-secure/page/1

Slade, H. How Small Businesses Can Win On Security And Speed This Cyber Monday. (2013, November 26). Retrieved from: http://www.forbes.com/sites/hollieslade/2013/11/26/how-small-businesses-can-win-on-security-and-speed-this-cyber-monday/

Pascucci, M. Key steps to perform a successful information security gap analysis. (2012, March). Retrieved from: http://searchsecurity.techtarget.com/tip/Key-steps-to-perform-a-successful-information-security-gap-analysis

Watchguard. Network Security Essentials for Your New Small Business. Retrieved from: http://www.watchguard.com/tips-resources/grc/wp-network-security-essentials-for-your-small-business.asp

Read more...

Hacker Tricks: How You Can Protect Yourself

 

Whenever a form of technology is developed, there’s a new opportunity cybercriminals to use hacker tricks take advantage of their users. Everyday, millions of devious cybercriminals look for different methods for exploiting security vulnerabilities in a business network so they can steal data, extort money from victims, send spam, and promote their view point.  Here’s an overview of hacker tricks used to access your network and devices:


•    Fake Wireless Access Points: Cybercriminals can set up phony wireless access points at coffee shops and airports with portals requiring you to create a user name and password. They typically call their network a legitimate sounding name such as “Starbucks Wireless Network.” Once an unsuspecting victim enters their information, they can access your data in clear, unencrypted text. Once these hackers receive your user name and password, they attempt to access your accounts to popular sites, such as Facebook, Twitter, and Amazon. To avoid these type of hacker tricks, use your mobile carrier’s (AT&T, T-Mobile) hotspot, which is usually displayed as WPA or WPA2. If you’re using a hotspot that doesn’t support a WPA or WPA2, use your company’s Virtual Private Network (VPN) so your private data will be encrypted for hackers. 
 
•    Password Cracking Programs: Many people set up their passwords the following way —capitalize the first letter of the word, use a name of a place or a common word as the seed, use numbers or special characters for letter. For example, California would now look like this “[email protected]@.” Unfortunately, the hackers are aware of these patterns and developed password cracking programs. With their software, these cybercriminals can try billions of password combinations in seconds. To create strong passwords, make sure they are at least eight characters long and there should be at least three upper and lowercase numbers, punctuation, symbols, and numbers.  Also make sure to change your password often and not use the same password for everything.

•    Cookie Theft: Whenever users navigate a website, a cookie will track and store information, including user name and password. This makes it easier for them to navigate the page by not having to enter login credentials each time they go on the site. Cybercriminals now have another item in their bag of hacker tricks. They can use a cookie theft plugin they can use on Firefox called Firesheep. Once they are logged in to a public network, hackers can steal unprotected cookies from you, and then take over your entire session. If you plan on going to a public network, make sure you clear the cookies on your browser beforehand. If you use Firefox, you can set the browser to automatically clear your cookies each time the window is closed.

•    Phishing Scams: A hacker can send malware to your email account by sending a phony DHL or FedEx delivery notice to your email account. The attachment file names are usually something that would encourage unsuspecting users to click on it. Once the user clicks on the attachments, malware will install on your computer. To hacker tricks like these, do not open attachments from an unknown sender. If you need to view an attachment from a known sender, save the files to disk before opening them. You can also use email filtering software, such as such as Symantec Mail Security for Microsoft Exchange. This type of software will scan for malware and then filter the bad emails out of your inbox.

•    Free Software Downloads: Many users download free applications that will provide premium fonts, file conversions, and free music downloads. However, many of these “free” applications are bundled with malware and can take over your entire computer once downloaded. Make sure you only download applications from trusted software manufacturers, such as Microsoft, Adobe, TrendMicro, to name a few.

•    Cracking HTTPS: Many computer users were taught that a closed padlock icon and the “S” in HTTPS mean you established a secure connection. Sadly, this is no longer the case, since cybercriminals learned how to hack this protocol. If you’re on a site with the HTTPS closed padlock icon and you get a prompt about an invalid certificate, you may not be on a trustworthy site. In addition, you have the option of viewing the website certificate information and decide if the issuing authority, such as VeriSign and GoDaddy, is trusted.

•    Text Message Malware: Cybercriminals typically send their victims an SMS message with a picture attachment bundled with malware. Once the picture is downloaded, the malware will install on your smartphone. Afterwards, the malware will force the smartphone to send SMS message to sites that charge users each time the message is sent, thereby racking up their phone bill. The malware can also steal user names and passwords they have stored on their phone. Make sure to keep your phone’s software up-to-date, since most of the malware tends to circulate on older Android operating systems. Also, don’t share your cell phone to websites that ask for your number as a part of a survey or sweepstakes. Finally, do not click on any suspicious links in text messages, especially from unknown senders.


Keep in mind this is not an exhaustive list of hacker tricks used to attack victims, especially since technology is constantly changing. Many cybercriminals work ruthlessly to test the boundaries of network security in the devices we use for the sake of getting confidential information and extorting money.


Fortunately, a managed service provider can help you protect your devices from hacker tricks by finding the holes in your security, executing a powerful Intrusion Prevention System, and setting up employee technology use policies. Furthermore, they’ll use a comprehensive monitoring system to ensure the safety of your device usage.


If you’re interested in a review of the security of your business technology and advice on ways you can avoid hacker tricks, contact SwiftTech Solutions by calling 877-794-3811 or emailing [email protected] for a free consultation.

 

SOURCES:

Grimes, R. 7 sneak attacks used by today's most devious hackers. (2013, September 30). Retrieved from: http://www.infoworld.com/d/security/7-sneak-attacks-used-todays-most-devious-hackers-227557

Sabhlok, R. 5 Top Targets for Today's Hackers. (2013, August 8). Retrieved from: http://www.forbes.com/sites/rajsabhlok/2013/08/02/5-top-targets-for-todays-hackers/

Pinola, M. Your Clever Password Tricks Aren't Protecting You from Today's Hackers. (2012, August 23). Retrieved from: http://lifehacker.com/5937303/your-clever-password-tricks-arent-protecting-you-from-todays-hackers

Glassberg, J. On the Lookout: New Hacker Threats. (2013, July 31). Retrieved from: http://www.foxbusiness.com/personal-finance/2013/07/31/7-new-hacker-threats-to-watch-out-for/

Phifer, L. How to know if you're connecting to fake or real access points (APs). (2008, January). Retrieved from: http://searchnetworking.techtarget.com/answer/How-to-know-if-youre-connecting-to-fake-or-real-access-points-APs

Microsoft. Create strong passwords. Retrieved from: http://www.microsoft.com/security/online-privacy/passwords-create.aspx

Brown, M. How to Prevent Online Cookie Theft. (2009, October 31). Retrieved from: http://voices.yahoo.com/how-prevent-online-cookie-theft-4746492.html

Rockwell, M. Android users warned about increased malware attacks. (2013, August 27). Retrieved from: http://fcw.com/articles/2013/08/27/android-malware-warning.aspx

Read more...

Internet Browsing Security Risks

 

Many people browse the internet at work to research a certain topic, make transactions, use social media, and much more. To enhance the website experience, programmers add features, such as videos, slideshow animations, sign-up forms, and search boxes. However, adding a feature to a website lowers the browsing security for the visitor by potentially adding a security hole a hacker can enter. These cybercriminals concentrate on searching for vulnerabilities on the most commonly used website and browser features. Once the vulnerabilities are found, the hackers can steal your information, destroy your data, take over your computer, and track your online activities. These attacks can result in slowed work processes, lost work time, increased risk of identity theft, and possibly a ruined business reputation.
 

Several common areas of internet browsing security risks to watch out for include:

  • Running the Java software platform:  Java is a computing language that allows software programmers to create applications that can run on almost any type of computer, including Microsoft Windows, Apple OSX, and Linux. This software operates with your browser and used for enterprise programs such as Citrix Go To Meeting. However, hackers target this platform heavily, since many people install Java software and don’t run the updates on a regular basis. Make sure to have the most recent version of Java installed on your computer. Also, only use your browser’s Java plugin if you’re using a trusted program. Otherwise, leave the plugin off.

 

  • Enabling Javascript for any site: Javascript is a scripting language that allows website to have interactive elements, such as roll-over buttons and dropdown menus. Javascript is NOT the same as Java; they are two completely different scripting languages. Even though the Javascript platform is updated regularly, it should be used with caution, since it’s also a popular area to attack. Therefore, the Javascript plugin on your browser should be set to enabling it for trusted sites only.

 

  • Phony security alert pop ups: You’ve likely seen a window pop up warning stating your computer has a virus, which would then prompt you to download removal software. This so-called remedy will actually infect your computer with malware. This scareware can slow your computer, steal your personal data, redirect you to a malicious site, and even block your visits to anti-virus provider websites. Make sure to install anti-virus software, such as Symantec Endpoint Protection, and stay current with the software updates. Also, ensure your browser is set to block pop-up windows; Firefox has this setting on by default.

 

  • Not clearing out your browser cookies: Cookies allow visitors to store their data on their computers for specific websites, such as login credentials, user preferences, and credit card numbers, so they can get a faster, more customized user experience. However, these bits of personal information are stored in one place on your hard drive. If your employee has their laptop stolen or login session hijacked, the criminal can search through your temporary internet files and steal this data. Make sure to only share your confidential information with a known, trusted website over an encrypted, HTTPS connection. Also, set your browser to delete cookies at the end of a session. Furthermore, third party cookies should be blocked altogether; the cookies are used by advertisers on the website that may be untrustworthy. Finally, we don’t recommend using autocomplete for your personal information.

 

  • Overloading on add-ons: Add-ons, such as gTranslate, Pocket, and Hootsuite can add extra functionality to your browsing session by allowing you to translate text, save articles for offline reading, and share content on your social media sites.  However, add-ons provide an increased surface area of security risk to your browsing experience. Make sure to install a minimal amount of add-ons from trusted sources and heed any warnings of the contrary. Also, your browser should be configured for websites to not automatically install add-ons without permission.



As technology changes, new browser and website user experience features will be introduced, thus presenting new opportunities for cybercriminals to exploit their victims. A proactive network and computer security plan can help your business manage these risks by at least including the following:
 

  • Use of a next generation firewall, such as Dell SonicWALL: A firewall's basic task is to regulate the flow of traffic between computer networks of different trust levels. Dell SonicWALL will scan your business’ network usage and block your employees from accessing potentially risky websites.

 

  • Deploying anti-virus/anti-malware protection, such as Symantec Endpoint Protection: This software will scan your computer regularly and stop viruses and malware from being installed. As new threats arise, Symantec Endpoint Protection will provide update patches so your employees won’t lose work hours from attacks.

 

  • Keep up with Windows updates regularly: Microsoft will periodically provide service packs and patches for the Windows operating system to prevent malicious attacks. A managed services provider can monitor your workplace’s network and make sure these updates are deployed as they become available.



SwiftTech Solutions can help your business manage security risks involved with employee internet browsing. Protect your business now by contacting SwiftTech Solutions for a review of your network security. You can call 877-794-3811 or email [email protected] for a free consultation.

 

SOURCES


Komando, K. Java: How to fix your biggest Internet security risk. (2013, January 26). Retrieved from: http://www.foxnews.com/tech/2013/01/26/java-how-to-fix-your-biggest-internet-security-risk/

Macavinta, C. Web Browsers and Computer Security Risks. Retrieved from: http://us.norton.com/yoursecurityresource/detail.jsp?aid=web_browser_security

Dormann, W. & Rafail, J. Securing Your Web Browser. (2008, Febrary 14). Retrieved from: http://www.cert.org/tech_tips/securing_browser/

Lord, N. Browser Security Settings for Chrome, Firefox and Internet Explorer: Cybersecurity 101. (2013, March 22). Retrieved from: http://www.veracode.com/blog/2013/03/browser-security-settings-for-chrome-firefox-and-internet-explorer/

How-To Geek. HTG Explains: Should You Disable JavaScript?. Retrieved from: http://www.howtogeek.com/138865/htg-explains-should-you-disable-javascript/

Finkle, J. US warns on Java software as security concerns escalate. (2013, January 11). Retrieved from: http://www.nbcnews.com/technology/us-warns-java-software-security-concerns-escalate-1B7938755

Microsoft. Watch out for fake virus alerts. Retrieved from: http://www.microsoft.com/security/pc-security/antivirus-rogue.aspx

McCormack, C. & Wisniewski, C. 5 Tips to Reduce Risk From Modern Web Threats. Retrieved from: http://www.sophos.com/en-us/security-news-trends/whitepapers/five-tips-to-reduce-risk-from-modern-web-threats

Fisher, T. Windows Update. Retrieved from: http://pcsupport.about.com/od/keepingupwithupdates/p/windows-update.htm

Read more...

Microsoft Will Be Ending Support for Windows XP

 

If your computer uses the Windows XP operating system, pay close attention: Microsoft will be ending support for Windows XP on April 8, 2014. Many workers believe Windows XP works just fine, since 1 in 5 people still use the operating system. After all, the failure of the Windows Vista operating system, launched in 2006, with its security and incompatibility issues, reinforced the view of sticking with the tried and true XP. However, the upgrade to a supported operating system, such as Windows 7 or 10, is very necessary for maintaining the security of company computing environments.
 


After April 8, 2014, Microsoft will not be offering these features for XP anymore:

• Security updates
• Non-security hotfixes
• Free support
• Online technical content updates

 

Unsupported and unpatched operating systems put the security of an organization at risk. Malware attacks aimed at Windows XP machines are predicted to increase after April 8th. Hackers can examine the latest security updates and look for holes that ultimately won’t be patched after the cutoff date. When the security breaches are found, these cybercriminals can release malware that can slow down work processes, steal data, and take over your computer.
 


Once the machine is under attack, an organization’s efforts to meet industry compliance standards are also compromised, possibly resulting in these consequences:

• Fines
• Legal action
• Public notification
• Damaged reputation


For companies that are wisely considering upgrading from Windows XP, they may have some obstacles they need to overcome including:

Budget: Moving dozens, hundreds, or even thousands of machines and users does incur high costs. Workers in senior positions are pressured to cut back and do more with less. However, the costs of not upgrading are much higher. A business technology analyst can help an organization control costs by using their expertise to study their IT infrastructure and create a cost-effective upgrade plan.

Stubborn Users: Some workers may be resistant to change, especially if they used the same work processes for years. These workers might not be computer savvy and consequently think it takes too much effort to update their skills. Consider training a few of the late adopters at first, then having them bring the rest of the group on board.

Incompatibility of critical applications: If your organization has a legacy application that is not compatible with Windows 7 or 10, we strongly recommend upgrading the application. The newer applications have new tools that can help employees work more efficiently. If upgrading is not possible at the moment, employees can use the application from a virtualized and protected Windows XP workspace.

 

My company is willing to upgrade its operating system. Now what?

• Make sure to backup any data before transferring to the new system

• If a computer meets the system requirements, you can install the Windows 7 Professional or Windows 10. Windows 7 has a strong record of support and compatibility for hardware, software, and business critical applications, plus a user experience similar to Windows XP. In addition, the operating system comes with an XP mode, provided that you still have the XP installation media and activation code.

• If your machine does not meet the system requirements, consider purchasing a new business PC with Windows 10. The newest PCs come with a touch screen with a user experience more similar to a mobile device, complete with popular applications and functions tiled on the start page. If the environment is too much of a change for your workers, many computer manufacturers will offer a downgrade to Windows 7.


If your company won’t be able to upgrade their computers before April 8th, you can get extended support at $200/PC for a year, and then the price increases to $400/PC for the next year. Since these costs can quickly add up, especially for hundreds of users, this should be a last resort.

SwiftTech Solutions can help your company’s computers and users make a smooth transition to the new operating system. We'll ensure your upgrade plan suits your company's needs and budget. You can call 877-794-3811 or email [email protected] for a free analysis.



SOURCES

Microsoft. Windows XP SP3 and Office 2003 Support Ends April 8th, 2014. Retrieved from: http://www.microsoft.com/en-us/windows/enterprise/endofsupport.aspx

Seitz, P. Windows XP End Could Bring More Bad News for PCs. (2014, January 13). Retrieved from: http://news.investors.com/technology/011314-686142-microsoft-windows-xp-end-could-spell-pc-security-problems.htm

Bridgwater, A. Failure to migrate from Windows XP could torpedo your business. (2014, January). Retrieved from: http://www.computerweekly.com/feature/Failure-to-migrate-from-XP-could-torpedo-your-business

Palermo, E. Microsoft Ending Anti-Virus Protection for Windows XP. (2014, January 10). Retrieved from: http://www.tomsguide.com/us/no-more-xp-av,news-18190.html

Sparkes, M. End of Windows XP support will be 'starting pistol for hackers.' (2013, December 23). Retrieved from: http://www.telegraph.co.uk/technology/internet-security/10534462/End-of-Windows-XP-support-will-be-starting-pistol-for-hackers.html

Spiceworks. Getting Over Your XP: Windows XP end-of-life and why breaking up is hard to do. (2013, December). Retrieved from: http://itreports.spiceworks.com/reports/spiceworks_voice_of_it_windows-xp-end-life-2013.pdf

Bayon, D. Windows 7 vs Windows 8: what’s the best upgrade from XP? (2013, November 20). Retrieved from: http://www.pcadvisor.co.uk/buying-advice/software/3490112/windows-7-vs-windows-8/?pn=1

Read more...

Is Outdated Technology Hurting Your Business?

 

Many smaller businesses strapped for cash see cutting edge technology as an unnecessary expense. They may think the hardware and software they do business with still gets the job done. Plus, some employees don’t want to spend the time learning new processes upgraded software will require. However, according to a recent Microsoft survey, 90% of respondents said they would stop doing business with a company that uses outdated technology, citing privacy and security as a big concern. In addition, using outdated technology results in reduced productivity and ultimately, lower profits.

Unsure if your technology is out of date? Here are a few signs and suggested actions to take instead:

  • Outdated website:  If you have a website designed for smaller, 800 x 600 resolution screens, your website may look tiny in your customers screen. Also, those Flash websites circa 2007, complete with annoying introductory music and animations, are inoperable on iPhones and iPads.  Your website design is the difference between getting new customers versus having them move on to your competitor.  Many view a company with an obsolete website difficult and unsafe to conduct business with.  Look into creating an HTML5 site with a responsive design; the website size will adapt to smartphones, tablets, and desktop devices. Plus, the HTML5 coding of the site will allow for subtle website animations to show up in a wide variety of mobile devices.

  • Working with computers older than 5 years old: That Compaq Presario you bought back in 2002 may be slowing you down. Computers should be replaced about every 4 years, since the parts wear down throughout its use, leading to slow performance and costly repairs. A business technology consultant can help your business select computers with features that will complement and speed up your workplace procedures.

  • Running old operating systems: If you’re using Windows XP and 2003, upgrading to a newer operating system, such as Windows 7 or 8, is strongly recommended.  Windows is ending their support for both on April 8th, 2014, meaning you won’t get any more updates that keep your computer protected and running smoothly. Attending to repairs of faulty operating systems can lead to lost hours of work for repairs, maintenance, and security patching.

  • Using dial up internet: If you are accessing a telephone network to connect with the internet, you are using the slowest type of internet connection available. Even though dial up internet is cheaper than using a broadband connection, it may cost your company over time with lost productivity. Using fiber-optic, broadband internet, such as Verizon FiOS, Comcast, and AT&T, will help your company access the internet at much higher speeds. Plus, your company should strongly think about offering your guests Wi-Fi access in your business, especially since many of them need to work and communicate outside of their office.

  • Processing forms by paper: For example, if you are billing a customer with paper invoices for services rendered, it may take days or even weeks to receive your cash. An employee has to gather the data by hand, enter it onto a spreadsheet, print the invoice and send it in the mail, then wait for the client to send a check. Consider storing and processing your forms in electronically in a cloud database instead so your employees will only have to enter data one time. There are now mobile apps available on a smartphone or tablet computer that will allow you to enter data by selecting from auto populated fields, scan barcodes, send invoices via email, and much more.  Plus, your skilled employees will spend more of their efforts on tasks that grow your business, not tedious and repetitive busy work.

  • Legacy software applications: Old software, such as Adobe Photoshop CS, that were made for Windows 2003 may not operate as well on Windows 2008. Also, many manufacturers no longer offer technical support if you’re too many versions behind on certain software. Replacing your software after two releases is recommended, such as upgrading from Photoshop CS4 to Photoshop CS6. Not only will this ensure compatibility on newer hardware, your employees will also get to access new features that will speed up their common work procedures.


Operating an up-to-date technology structure will help your company operate at its full potential, saving you thousands of dollars per year. SwiftTech Solutions offers a full business technology analysis of your systems, infrastructure, IT costs, and other related issues. We’ll help your company determine the right technological mix of hardware, software, server platform, network, processor, etc. If your company is interested in more information, you can call 877-794-3811 or email [email protected] for a free consultation.

 


SOURCES:

Bates, C. What the technology you're using says about your business. (2013, December 12). Retrieved from: http://www.microsoftbusinesshub.com/News_Updates/Cindys_Blog?post=What+the+technology+you%E2%80%99re+using+says+about+your+business

Fuscaldo, D. Survey: Customers Will Leave You Over Outdated Tech. (2013, November 11). Retrieved from: http://smallbusiness.foxbusiness.com/technology-web/2013/11/11/survey-customers-will-leave-over-outdated-tech/

Simpson, K. 3 Ways Outdated Tech is Costing Your Business. (2013, December 15). Retrieved from: http://smallbusiness.yahoo.com/advisor/3-ways-outdated-tech-costing-business-021011441.html

Microsoft. How Outdated Technology Can Cost Your Business. (2013, September 13-16). Retrieved from: http://smb.blob.core.windows.net/smbproduction/Content/themes/base/images/SMB_Get2MInfographic_FINAL.pdf

Clancy, H. How much does outdated technology hurt SMB competitiveness? (2013, October 31). Retrieved from: http://www.zdnet.com/how-much-does-outdated-technology-hurt-smb-competitiveness-7000022621/

Piltch, A. 12 obsolete technologies Americans still use. (2013, June 8). Retrieved from: http://www.nbcnews.com/technology/12-obsolete-technologies-americans-still-use-6C10252994

Patterson, R. Two Ways Old Technology Hurts Your Business. Get Rid Of It As Soon As You Can (2011, April 13). Retrieved from: http://www.smallbiztechnology.com/archive/2011/04/two-ways-old-technology-hurts-your-business-get-rid-of-it-as-soon-as-you-can.html/

Howard Bear, J. When Should I Upgrade My Desktop Publishing Software? Retrieved from: http://desktoppub.about.com/od/swbuyingadvice/f/When-Should-I-Upgrade-My-Desktop-Publishing-Software.htm

Sutton, C. A Blazing Fast Internet Connection May Make or Break Your Next Deal. (2013, December 11). Retrieved from: http://smallbiztrends.com/2013/12/fast-internet-connection-make-break-deal.html

Read more...

Cloud Faxing: 6 Reasons To Transition

 

Sending documents by fax is crucial to the way many workers do business. Numerous organizations consider this form of communication a reliable way to transmit reports, invoices, and contracts to one place to another, especially to businesses with spotty internet connections. However, the costs of using ink and paper for a traditional fax machine can add up, not to mention repairs and replacement to the machine itself. Plus, processing and filing paper faxes can divert precious time away from your skilled workers. These distractions decrease your company’s chances to respond quickly to an ever-changing, competitive environment. Consider making the switch to cloud faxing instead.

Sending and receiving faxes through the cloud, instead of a conventional machine, is an easier, more efficient solution. The reasons to transition to cloud faxing include:

  • Increased productivity: Imagine the amount of time you wasted waiting in line to the fax machine, handling the paper, waiting for the delivery report, and looking for lost faxes. With an e-faxing service, such as MyFax, you can stay at your desk and send the fax by email instead. Also, when an incoming fax arrives, you can attach text, insert checkmarks, and add a legal signature without the use of a scanner. These pockets of time that you’ll save can be used for more critical business growing tasks.

  • Compatibility with traditional fax machines: The vast majority of cloud faxes can be routed to a standard fax machine, so that your late adopting partners will still get documents in the format they prefer. Plus, your existing fax number can be rerouted to your cloud faxing service, ensuring there’s little interruption to the fax communication flow.

  • Supports compliance efforts:  Many organizations working with confidential information must stay compliant with industry regulations, such as Sarbanes-Oxley, HIPAA, local legislation, and much more. These regulations set forth require the affected organizations to send documents in through a highly secure method. Breaches in privacy can result in a fine of hundreds of thousands of dollars. A cloud fax program, such as Xerox iXware Online Fax Service, can secure this process by allowing an encrypted document to be sent straight to the computer, rather than a potentially unmonitored fax tray.

  • Digitized paper trail: Thumbing through file cabinets for a single report can take hours. Storing faxes as a digital file, such as a PDF, TIFF, or JPEG, can speed up this process by allowing you to search through captured and tagged text.  Then, these digital files can be archived to a database that can be easily retrieved in case of an audit or court order.

  • Reduced costs: In order to implement a conventional fax system, companies have to pay for hardware, set up, supplies, and repair. Cloud faxing eliminates the cost for hardware and supplies, while providing a tested and approved system that’s ready to use. Also, cloud faxing providers, such as MyFax, can offer a service at a fraction of the cost by charging companies per user.

  • Anywhere access to faxes: In today’s workforce, there’s a growing trend of employees working away from the office. When a fax is delivered as an email attachment or to a cloud location, the recipient has an opportunity to view the document on any device they prefer. Desktop, laptop, tablet, smartphone, you name it. Some vendors, such as Hello Fax, can even enable you to retrieve faxes conveniently through Google Drive, Dropbox, SkyDrive, and Evernote.


If you’re interested in transitioning to cloud faxing, SwiftTech Solutions can help. We'll review your IT infrastructure and develop a project plan that meets your business requirements. Contact SwiftTech Solutions by calling 877-794-3811 or emailing [email protected] for a free consultation.



SOURCES:

MyFax. Migrating from Fax Servers to the Cloud. (2010). Retrieved from: http://www.myfax.com/resources/pdf/whitepaper_migrating_from_fax_servers_to_the_cloud.pdf

Wilson, J. Send2Fax (Spring 2011). (2011, May 20). Retrieved from: http://www.pcmag.com/article2/0,2817,1841667,00.asp

Pinola, M. Free Fax Services. (2011, June 19). Retrieved from: http://mobileoffice.about.com/od/softwarewebapps/tp/free-fax-services.htm

WiseGeek. What Is a Digital Fax. Retrieved from: http://www.wisegeek.com/what-is-a-digital-fax.htm

Null, C. Why the fax still lives (and how to kill it). (2014, January 13). Retrieved from: http://www.pcworld.com/article/2083980/why-the-fax-still-lives-and-how-to-kill-it.html

Xerox. iXware Online Fax Service. Retrieved from: http://www.office.xerox.com/software-solutions/ixware-online-fax-service/enus.html

eFax Corporate. Making the case for digital faxing. (2007).Retrieved from: http://www.efaxcorporate.com/scorp/resources/j2corporate2/en2/eFax_Corporate_for_law_offices_07.pdf

Read more...

Outsourcing Your IT Helpdesk Services

 

If your business has an in-house IT department, your technicians might be spending too much time repairing the existing technology systems. Some of the employee issues many in-house technicians are occupied with include password resets, changing Outlook addresses, not being able to open a Microsoft Word document, telling them how to access voicemail, and much more. Unfortunately, when your higher level technicians are occupied with basic customer support issues an entry-level worker can fix, they are not spending time on technology that will grow your business. However, hiring additional IT staff can be costly, since they require salary plus benefits.  If this scenario sounds familiar, you should consider using an outsourced IT helpdesk department.


How does an outsourced IT helpdesk service work?

An outsourced IT helpdesk service will first examine the hardware and software your company has and choose which ones the service. Then, the helpdesk service and your IT department will develop a list of frequently asked questions and document them into a knowledge base system. Afterwards, the IT helpdesk service will set up several layers of prioritization, depending on the issues your employees typically encounter. If the issue requires onsite support, the IT helpdesk service will contact your designated IT administrator. Finally, the IT helpdesk service will set up a phone number for your users to call, whether it’s assigning the helpdesk an office extension or creating a toll-free number.


How will this outsourced IT helpdesk service benefit you?

  • Lower level issues will be delegated:  The outsourced IT helpdesk service will be the first point of contact for your employees. Level 1 and 2 technicians will work on resolving on simple technical support functions, such as basic troubleshooting, software setup, and navigating around office applications.  If an issue requires higher level and/or onsite support, it will be sent to your company’s IT department.

  • Lower costs of running IT services:  With an IT helpdesk system, you can get access to a full staff of IT technicians at a fixed monthly payment. Your company will not be responsible for benefits (Medical, vacation days, etc.), overhead, equipment expenses, training, and certifications. This responsibility would belong to the IT helpdesk service.

  • Increased productivity: Your employees will not have to wait for your busy System Administrator to become available. They will be able to contact a Help Desk Representative and have the problem resolved quicker so they can get back their duties.

  • Access to new IT skill sets:  Your IT helpdesk will typically have the experience of operating as the IT department for a number of companies. These front-line technicians will already have the knowledge and flexibility to solve a wide variety of employee technical issues. The IT helpdesk can therefore become a rich resource of technical knowledge your employees can rely on.


If your company is interested in an outsourced IT helpdesk, SwiftTech Solutions can help. We have over 13 years of experience as a Managed Service Provider for SMBs, enterprises, government agencies, and non-profit organizations. You can call us at 877-794-3811 or email [email protected].

 

 

SOURCES
Marsh, J. IT SLA Model for Tiered IT Support Services. (2012, May 31). Retrieved from: http://blog.thehigheredcio.com/2012/05/31/it-sla-model-for-tiered-it-support-services/
Windley, P. Delivering High Availability Services Using a Multi-Tiered Support Model. (2002). Retrieved from: http://www.windley.com/docs/Tiered%20Support.pdf
Burgess, T. The Pros and Cons of Outsourcing Your IT Help Desk.(2012, September 6). Retrieved from: http://www.samanage.com/blog/2012/09/the-pros-and-cons-of-outsourcing-your-it-help-desk/
Jenkins, A. The Advantages of Outsourcing a Help Desk. Retrieved from: http://smallbusiness.chron.com/advantages-outsourcing-desk-15977.html
Ricketts, S. The Case for Outsourced Help Desks. (2012, September 7). Retrieved from: http://mspmentor.net/blog/case-outsourced-help-desks

Read more...

Cloud Applications for Businesses

 

If you’re not familiar with cloud computing, you may be using it without knowing it. Cloud computing allows workers to use a program over the internet, such as saving files to Dropbox or talking to a family member on Skype. Many employees are now working away from their office on laptops, smartphones, and tablets. With cloud computing, these workers can now access an abundance of business applications on the device they choose.


How can applications on the cloud help my employees?

•    Available from anywhere at anytime: Their information will no longer be trapped in the confines of their office desktop. For example, during work hours, your employee can edit a Word document on their desktop and save it online.  After work, this employee can open this same Word document on their smartphone during their train ride home.

•    Won't need to install hardware and software: There are no more software DVDs to unwrap and hardware devices to set up. The business application will be stored, launched, and maintained by the application vendor, such as Microsoft or Google. Plus, if you need to add another license for a new employee or additional storage, this can be done with a few quick changes to your account.

•    Stay on pace with competitors:  Your business must respond to customer demand and the industry landscape quickly, or else get left in the dust.  With a cloud computing application, an executive at the airport can get quick access to an analytics dashboard and make an intelligent decision about their business.

•    Can recruit talent outside the immediate regional area: The internet and its far reach will allow you to widen your net and get top notch talent. These remote workers can get access to the tools they need to perform their day-to-day tasks.  

•    Can drive global operations for small businesses: Cloud applications will provide small business an access to technology that was cost prohibitive for all but the largest companies.

•    Improve communications with customers: Many of the cloud business applications provide a customer portal for customer to view invoices, submit payments, and track shipments.

•    Add/extend features easier and faster: Many business applications allow customization by adding new fields, change workflows, building reports quickly, integrating with outside applications.


What kinds of business applications are available on the cloud?

Productivity

•    Office 365: Exchange, Sharepoint, Office
•    Google Apps for Business: Gmail, Calendar, Drive, Docs, Sheets, Slides

HR/Employee Management

•    Tribe HR: Employee notes, job postings, skills tracking, vacation calendar
•    Bamboo HR: Employee self-service, training, benefit tracking, leave tracking

Communications

•    Citrix GoToMeeting: Allows web conferencing for up to 25 people
•    RingCentral: fax, voice, text, conferencing

Customer Relationship Management

•    Salesforce: Email marketing, sales forecasts, customer service tools, reporting and analytics, sales leads, integration with social accounts
•    Zoho: Analytics, inventory management, workflow management

Enterprise Resource Planning

•    NetSuite ERP: Accounting, supply chain, invoicing, shipping, employee management
•    Oracle Enterprise Resource Planning Cloud: Finance, project management, procurement, billing

Finance

•    QuickBooks: Bookeeping, invoicing, billing, reporting
•    Freshbooks: Online payments, expense tracking, time tracking
•    Sage One: Project tracking, invoicing, expense management



The above list is not exhaustive, but a sample of the applications available for your business to use.  Some businesses go a step further and have in-house applications custom built to their requirements, then integrate them with their existing software. SwiftTech Solutions can help your employees transition to the cloud by doing a business technology analysis. We'll help you pick and design cloud applications suited for your business requirements. For more information, you can call SwiftTech Solutions at 877-794-3811 or email [email protected] for a free consultation.



SOURCES
Strickland, J. How Cloud Computing Works. Retrieved from: http://computer.howstuffworks.com/cloud-computing/cloud-computing.htm
Beal, V. 5 Top Picks for Small Business Cloud-Based Accounting. (2013, February 27). Retrieved from: http://www.cio.com/article/729385/5_Top_Picks_for_Small_Business_Cloud_Based_Accounting
NetSuite. NetSuite ERP. Retrieved from: http://www.netsuite.com/portal/products/netsuite/erp/main.shtml
O'Flaherty, K. Cloud applications for small businesses: the best apps for you. (2013, October 7). Retrieved from: http://www.techradar.com/us/news/software/business-software/cloud-applications-for-small-businesses-the-best-apps-for-you-1184593
GetApp. BambooHR. (2014, February 6). Retrieved from: http://www.getapp.com/bamboohr-saas-hr-software-application
GetApp. TribeHR. (2014, February 6). Retrieved from: http://www.getapp.com/tribehr-application
Fallon, N. (2014, January 22). Retrieved from: http://www.businessnewsdaily.com/5802-cloud-business-communications-trends.html
Lynn, S. 20 Top Cloud Services for Small Businesses. (2012, December 11). Retrieved from: http://www.pcmag.com/article2/0,2817,2361500,00.asp
Knorr, E., Gruman, G. What cloud computing really means. Retrieved from: http://www.infoworld.com/d/cloud-computing/what-cloud-computing-really-means-031
Kurtzig, S. Business Apps Belong In The Cloud. (2013, December 23).Retrieved from: http://www.informationweek.com/cloud/software-as-a-service/business-apps-belong-in-the-cloud/d/d-id/1113207
GetApp. Communications Software. Retrieved from: http://www.getapp.com/it-communications-software
Oracle. Oracle Enterprise Resource Planning Cloud. Retrieved from: http://www.oracle.com/us/solutions/cloud/cloud-applications/erp/index.html

Read more...

Mobile Applications for Business Usage

 

The smartphone has gone beyond use for talking on the phone, browsing the internet, and playing Cut the Rope—it‘s indispensable our daily work lives. According to a Google Report, 56% of the population use smartphones and 82% of these users multi-task while doing other activities. Many common workplace activities are at the palm of your hand. You can send emails, post on social media sites, message co-workers, take notes, and more. Then, your company can gain a competitive edge by raising productivity and collaboration of employees away from the workplace.  

There are a plethora of smartphone apps available to use for business. Some apps listed below even take advantage of the GPS, camera, and audio recognition features available on most smartphones. Here’s a few of the more popular candidates:
 

File Access: Box will allow you to store your company data online and access the information from anywhere. Also, Evernote is handy for saving notes, web pages, files, images, and audio.

Communication: OWA for iPhone and Outlook Web Mobile (Android) will provide access to your workplace Outlook email account from a smartphone. Also, you can run your internet phone, messaging, and video with the Skype app—it’s free if you communicate to another Skype user. Furthermore, the Bump app will allow you to exchange contact information by tapping phones together. Fring will stream your Facebook, Twitter, Skype, MSN Messenger, Google Talk, Yahoo, and AIM messaging in one place. Finally, the Cisco WebEx app will allow you to schedule, attend, and host meetings with anyone in the world.

Document Editing: DataViz Documents to Go will let you to edit Word, Excel, and PowerPoint documents on your smartphone. DocuSign will allow you to send, sign, and save documents from anywhere on your device. With Scan2PDF mobile, you can snap a photo of your contracts and receipts, and then convert the image to a PDF. Furthermore, TextGrabber is a convenient way of collecting your research from magazines and books.  Snap a photo of your text and it will transcribe to a digital format.

Financial: Need to access your business’s Quickbooks, Freshbooks, and Sage accounts to record sales and send an invoice? There’s an app available. Also, you can accept credit card payments with Square by swiping your customer's card through the reader that plugs into your smartphone.

Security: LastPass.com provides safe storage for your business passwords on your mobile device. Lost your phone? WaveSecure will allow you to lock your smartphone, track your SIM card, and backup your data.

Maps: Need directions to a potential client’s business? Waze will give you directions and real time traffic alerts. Google Maps is another option, as it will provide voice-guided GPS navigation and street view images for your destination.

Social Business: Research and connect with your business contacts with the LinkedIn app. Also, Here for Business will look into your LinkedIn contacts and notify you when they are near.

Do you have any favorite business apps you like to use? You can sound off in the comments section below. Some businesses may find it necessary to build a mobile version of an existing in-house application. SwiftTech Solutions can help your business select mobile applications and even plan your own to suit your business needs. For more information, you can call SwiftTech Solutions at 877-794-3811 or email [email protected] for a free consultation.


SOURCES
TwistImage. The Best Business Apps For Your Smartphone. Retrieved from: http://www.twistimage.com/blog/archives/the-best-business-apps-for-your-smartphone/
Sebastian, M. 13 Business Apps for Busy Entrepreneurs (Infographic). (2013, March 17). Retrieved from: http://www.entrepreneur.com/article/226105
Inc. The Best Smartphone Apps for Business. Retrieved from: http://www.inc.com/ss/best-smartphone-apps-for-business#0
Strout, A. 30 Essential Business Apps For Your Smartphone. (2012, December 13). Retrieved from: http://marketingland.com/30-essential-business-apps-for-your-smart-phone-27781
Conneely, M. Making mobile the new business norm. (2014, February 20). Retrieved from: http://www.abc.net.au/technology/articles/2014/02/20/3948638.htm
Torkildson, A. Mobile App vs Mobile Website – Which is Right For Your Business? (2014, January 22). Retrieved from: http://www.searchenginejournal.com/mobile-app-vs-mobile-website-right-business/85887/
Gonsalves, C. Mobile Apps Tell the Real BYOD Tale. (2014, February 13). Retrieved from: http://channelnomics.com/2014/02/13/mobile-apps-tell-real-byod-tale/
EnterpriseAppsToday. Business Intelligence One of Fastest-Growing Enterprise Mobile Apps. (2014, February 14). Retrieved from: http://www.enterpriseappstoday.com/business-intelligence/business-intelligence-one-of-fastest-growing-enterprise-mobile-apps.html
Roos, D. How to Convert to Mobile Business Communications. Retrieved from: http://money.howstuffworks.com/business-communications/mobile-business-communications4.htm
Ipsos Media CT. Our Mobile Planet: United States of America. Retrieved from: http://think.withgoogle.com/databoard/media/pdfs/US_OurMobilePlanet_Research_English_2013_2.pdf

Read more...

Creating Mobile Applications for Existing Database Applications

 

In our last blog, we discussed the variety of mobile applications available for use on the smartphone. However, what if your company has a legacy workhorse application that’s integral to your everyday business functions? Staying with the status quo is not the best option, since not being able to access the application information in real-time could eventually result in your business lagging behind the competition. Modifying this legacy application for mobile use might be they solution for your smartphone users. These workers will have up-to-the-minute information needed to improve response times, business processes, and overall productivity.  The time and efforts saved, prevented errors, and increased customer satisfaction can result in a strong return on investment.

Before getting started, your business must ask themselves these questions:

•    What business value does my legacy application offer today?
•    What features of the legacy application do you want to mobile enable?
•    What benefits and opportunities can be gained by moving a mobile platform?
•    Does your legacy application have any Application Programming Interface (API) documentation?
•    Can I make updates or changes to the systems in a timely and economical way?
•    How will you deal with business processes too complex to be performed on a mobile device?
•    How will you deal with service interruptions that will require backlogging processes for later completion?

Once you’ve answered the above questions, you can review options for executing your mobile application:

•    Online Applications: An online application requires your worker to remain in an area with internet connection at all times. The benefit of this option is your programmers won’t need to put as much effort on programming code for the mobile device. However, this type of application is recommended for short requests and responses.

•    Offline Applications: An offline application would be installed completely to the mobile device. Unlike the online application, this solution will work without an internet connection. Your workers would download the data they need in the morning, and then upload their changes at the end of the day. However, there’s a potential for conflict, since someone could accidentally overwrite a co-worker’s information.

•    Occasionally Connected Applications: This solution combines the real-time updating of an online application to the local installation of an offline application. However, the response of the application might be inconsistent, depending on the strength of the network your employee is working in.


When mobile enabling your legacy application, we recommend the following:

•    Don’t make a large application run on a small device: The large processing and data loads of a desktop application can slow down and crash a mobile device. Determine which work processes can be done on a mobile device; leave the rest of the work for your desktop or laptop computer. Furthermore, features should be mobile enabled piece by piece, instead of all at once.

•    If using a mainframe application, have your programmer convert the language for mobile use: Legacy applications that were written for specific mainframe systems, such as IBM and Hitachi, do not interact well with the mobile language of today. The code would need to be converted so that it’s compatible with mobile application platforms.

•    Provide up-to-date documentation on the legacy application: Ideally, this documentation contains the road map of how your application works, including any glitches that required update patches. If this documentation is not available, your programmers and employees could encounter the same issues again.

•    Set up security policies for smart phone users: For example, if your CEO loses his or her smartphone, make sure someone else won’t be able to access its data, applications, and networks. Also, data and communications should be encrypted, especially when this employee is in a public Wi-Fi area.

•    Manage the connection between the mobile application and the backend: Your IT department should monitor the operation of the application, from the mobile device through the back end infrastructure. When any issues arise, release patches and updates.

SwiftTech Solutions can help your company enable your legacy application for mobile use. We'll develop a project plan and redesign your application to suit for your business requirements. For more information, you can call SwiftTech Solutions at 877-794-3811 or email [email protected] for a free consultation.

 

SOURCES

Morgan, L. Killing Your Company’s Legacy Applications – the Right Way. (2013, February 18). Retrieved from: http://www.mendix.com/think-tank/killing-your-companys-legacy-applications-the-right-way/

HP. Five mobile application challenges for IT. (2012, February). Retrieved from: http://h20195.www2.hp.com/v2/GetPDF.aspx%2F4AA3-8985EEW.pdf

Jones, K. Get more out of the cloud by moving your legacy applications. (2013, January 8). Retrieved from: http://blogs.computerworld.com/cloud-computing/21578/get-more-out-cloud-moving-your-legacy-applications

Brans, P. How To Mobilize Your Legacy Applications. (2010, September 20). Retrieved from: http://mobileenterprise.edgl.com/how-to/How-To-Mobilize-Your-Legacy-Applications62179

Jones, D. The Essentials Series: Cloud-Enabling Legacy and Mainframe Applications. Retrieved from: http://nexus.realtimepublishers.com/esce.php

Kawamura, R. 2011 Themes: The Mobilization of Legacy Applications. (2010, December 23). Retrieve from: http://www.cmswire.com/cms/enterprise-cms/2011-themes-the-mobilization-of-legacy-applications-009664.php

Motorola. Maximizing the value of legacy applications with mobility and best-in-class Terminal Emulation (TE). Retrieved from: http://www.motorolasolutions.com/web/Business/Products/Software%20and%20Applications/Mobility%20Software/Mobile%20Application%20Utilities/Terminal%20Emulation/_Documents/_staticfiles/WP_TerminalEmulation.pdf

Hariharan, K. Best Practices: Extending Enterprise Applications to Mobile Devices. Retrieved from: http://msdn.microsoft.com/en-us/library/bb985493.aspx

Miller, J. Speaking Mainframe (2010, October). Retrieved from: http://www.ibmsystemsmag.com/mainframe/tipstechniques/applicationdevelopment/Speaking-Mainframe/

Read more...

Automating Business Processes

 

Your employees may be wasting time on unproductive and routine tasks. Inefficient activities, such as paying bills by snail mail, sending social media updates at different times of the day, and writing commonly sent emails from scratch, will use up precious hours from your week. Doing routine procedures manually, from memory, and square leaves your projects predisposed to typographical and omission errors. Your business should take a good look how tasks are accomplished by breaking them down step by step. Consider manual and mental activities, how long each step takes, frequency of the task, and how it is allocated to other people. Once your task is broken down, look for areas that can be automated using the below functions. Each will have an example to kick start your own ideas for automating your own processes:

Batch processing: Your employees should group tasks that are similar, and then complete them all at once.

Examples

○ Rotate, resize, and compress image files in Photoshop instantly creating a custom function called an action.
○ Save your repeated Excel formatting tasks by writing a macro for later use.

 

Auto responding: A response should be sent to someone requesting information.

Examples

○ A new customer who fills out a form on your website should automatically be sent an email stating, “Thank you for your interest in our services. A representative will be in contact with you shortly.”
○ Setting up an out of office vacation reply for contacts in Outlook.

 

Self-help: Refer a customer or an employee to a knowledgebase instead of answering the same questions over and over.

Examples

○ Company Wiki sites with training documents for new employees.
○ An FAQ page on your website for customers with the most commonly asked questions.

 

Templates: Create or use a partially completed file that can be changed to suit your current needs.

Examples

○ Your accounting department can use a Sage template to quickly report on profit and return on equity.
○ Your employees can fill out pre-formatted InfoPath forms so they can turn in vacation requests and expense reports.

 

Consolidation: Data and services should be accessed in one place instead of divided by many areas.

Examples

○ Salesforce will allow your sales employees to track progress with leads, send out email campaigns, search for new contacts, post social media updates, access a reporting dashboard, and more.
○ Microsoft Lync will allow users to use instant messaging, audio-video calls, and conduct online meetings in one platform.

 

Benefits:

• Reduced error from manual input
• Greater efficiency in completing tasks
• Increased output
• Quicker and smarter decision making
• More time for business growth projects
• Increased client satisfaction

 

If you need assistance with deciding which work procedures should be automated, a business technology analyst, such as SwiftTech Solutions, can help. You can call 877-794-3811 or email [email protected] for a free consultation.

 

SOURCES

TechRepublic. Gain a competitive edge with process automation. (2013, November 24). Retrieved from: http://www.techrepublic.com/blog/tech-decision-maker/gain-a-competitive-edge-with-process-automation/#.

LaPonsie, M. 3 Ways to Automate Your Small Business. (2013, March 19). Retrieved from: http://www.smallbusinesscomputing.com/tipsforsmallbusiness/3-ways-to-automate-your-small-business.html.

Hosting Xtreme. How To Automate Your Business Tasks. (2013, July 12). Retrieved from: http://news.hostingxtreme.com/how-to-automate-your-business-tasks/.

IBM. Business analytics: Make informed and optimized decisions everywhere, to improve outcomes and manage risk. Retrieved from: http://www-03.ibm.com/software/products/en/category/business-analytics.

SearchCIO. business process automation (BPA). Retrieved from: http://searchcio.techtarget.com/definition/business-process-automation.

KissFlow. Top 5 Reasons why you should automate your business process. (2013, July 26). Retrieved from: http://kissflow.com/process_playbook/5-reasons-why-you-should-automate-your-business-process/.

Porter, J. 7 Ways You're Wasting Time and Don't Even Know It. (2012, July 30). Retrieved from: http://www.entrepreneur.com/article/224090#

Read more...

Why does my business need SEO?

 

Back in the day, if someone needed a product or service, such as a plumber, they would flip through the Yellow Pages. Today, many people are searching for these services by typing a term on an internet search engine, such as Google, then searching through several online listings. However, the vastness of the internet can make it hard for a small business to be seen by a potential customer. On top of that, people generally don’t search past the first page or even the first few listings. Therefore, your business needs a way to draw people to your website and either make a phone call, fill out a contact form, or buy a product online. SEO may be the solution for you.

 

SEO or Search Engine Optimization is the process of getting traffic from the free listings on the Google, Yahoo, and Bing search engines. These search engines use a special formula, called an algorithm, to determine where a listing will be ranked in the results; the more relevant the listing is to the search request, the higher the listing will appear. If you heard the term before and think this method is a passing fad, here are a few reasons you should use this method:

Customers use search to find businesses: Online search is a more relied upon source for finding products and services than newspapers, word of mouth, television, and radio. According to Yelp, 85% of consumers use the internet to find local businesses.

Attracts potential buyers to your website: When you integrate the same terms your potential customers are using in your website, social media, and directory listings, you’ll be more likely to appear in front of them in the search engine results.

Allows you to control how your company is seen on the web: By claiming listings and editing the listing information, you’re not at the mercy of how anyone and any site portrays your business. You’ll be able to proactively monitor your online reputation and respond to any issues that could potentially damage your business' reputation.

Builds trust and credibility for your company: Customers tend to view listings at the top of the search results as their best choice.

Encourages in-person sales: Many prospective customers research their options online before buying a product or service in person.

 

To start on your SEO efforts , an SEO consultant can help you do research on the terms people will use to find your business. Ideally, these words would have high average monthly searches and low competition. For example, if you are running a plumbing business in Irvine, CA, you may come across these keyword variations:

• Plumber Irvine
• Emergency plumber Irvine
• Plumbing repair Irvine
• Find me a local plumber
• Plumbing repair services
• 24 hour plumber

 

Once you find suitable keywords, then they would be sprinkled throughout your website and referral pages. Here are a few properties an SEO consultant will help you concentrate on in your efforts:

Your website: First of all, if you don’t already have website, have one created; it’s your primary point of contact for your internet visitors. Then, incorporate your keywords as much as you can without sacrificing readability. Use in your headers, pages, images, URL, title, alt tag, and description.

Local directory listings: Listing in popular online directories, such as Google+ Local, Yelp, FourSquare, and Manta, can be a quality method of getting prospective customers to come to your website. Encourage people to leave reviews for your business by inserting a notification in your email signature and leaving post cards at the reception desk.

Informative content: You’ll want to create newsworthy content in order to establish a sense of expertise with your online visitors and the search engines. A few examples include blogs, press releases, interviews, and whitepapers.

Social media sites: Popular sites, such as Facebook, Twitter, LinkedIn, and Pinterest, are also another way to get traffic to your website and distribute your informative content. Make sure to fill out the About section and integrate your keywords and website link. Plus, any like, retweets, repins, and comments can contribute to a search engines ranking boost.

 

However, there are some SEO methods that either no longer work or result in your business getting penalized in the Google search engine rankings. We don’t recommend the following:

Anchor links: Don’t embed a link to your website on one of your keywords in content you share to other websites. If for example, you distribute press release for your law firm, don’t hyperlink Irvine Law Firm.

Link Farms: These types of websites are set up with the sole purpose of getting a link to point to a website using a group of unrelated sites. The search engines do a good job pushing those sites way down in the results listings.

Guest blogging: This method was once a respected way to reach people and get a link back to your website. However, spammers have abused the method and posted unreadable content on low-quality websites. Therefore, Google webspam team leader, Matt Cutts, declared this method as dead.

Article Spinning: This method involves taking an original article, then replacing existing words or phrases in order to get a “unique” article. Then, this article would be distributed to spammy article directories.

Meta keywords: This method involves adding special tags to the head section of your website to help Google index the website properly. However, this method was also abused by spammers stuffing this section with too many keywords.

 

If these efforts seem too time consuming, an SEO consultant can help. SwiftTech Solutions can help you create an SEO strategy that will ultimately get more visitors to your website. You can call 877-794-3811 or email [email protected] for a free consultation.

 

 

SOURCES
Cormier, D. 6 Uncomplicated Social SEO Tips for Small Businesses. Retrieved from: http://blogs.constantcontact.com/product-blogs/social-media-marketing/social-seo-tips/

Kilbourn, C. SEO in the Age of Penguin 2.0 and Hummingbird: You’re Doing It Wrong. (2013, October 2). Retrieved from: http://blog.crazyegg.com/2013/10/02/seo-in-the-age-of-penguin-2-0/

Godfrey, K. Running a small business? 5 reasons why you need SEO. Retrieved from: http://leadersinheels.com/business/running-a-small-business-5-reasons-you-need-seo/

Lyngbo, T. The Ultimate List of Reasons Why You Need Search Engine Optimization. (2012, May 17). Retrieved from: http://searchengineland.com/the-ultimate-list-of-reasons-why-you-need-search-engine-optimization-121215

Steimle, J. The One Thing Non-SEOs Need To Know About SEO. (2013, September 4). Retrieved from: http://www.forbes.com/sites/joshsteimle/2013/09/04/the-one-thing-non-seos-need-to-know-about-seo/

Agarwal, G. Why Do Websites Need Local SEO? (2014, February 26). http://www.business2community.com/seo/websites-need-local-seo-0784518

Search Engine Land. What Is SEO / Search Engine Optimization? Retrieved from: http://searchengineland.com/guide/what-is-seo

HollSurvey: 85% of Consumers Use the Internet to Find Local Businesses. (2012, April 6). Retrieved from: https://biz.yelp.com/blog/survey-85-of-consumers-use-the-internet-to-find-local-businesses

PewResearch Internet Project. Where people get information about restaurants and other local businesses. (2011, December 14). Retrieved from: http://www.pewinternet.org/2011/12/14/where-people-get-information-about-restaurants-and-other-local-businesses/

Read more...

The Risks of Downloading Free Software

 

Many people use the internet to search for free software to help them complete tasks such as edit documents, change screen savers, download fonts, and scan for viruses. However, freeware is not a bargain when your employees are dealing with system crashes, bandwidth slowing, data breaches, malware infestations, and so forth. These free software installs can actually cost companies thousands of dollars in decreased employee productivity, lost data, identity theft clean-up, and lawsuits. Plus, efforts to get rid of unwanted settings typically do not succeed without the help of an IT expert.

 

During installation, take notice of these suspicious software activation components:

Fake download buttons: Most freeware sites, such as CNET Downloads and SourceForge, use display advertising to generate profits. Some of these ads have download buttons that look like part of the site, but will take you to another site instead. When you hover your mouse over these ads, they will typically include “googleads.g.doubleclick.net.” Some ads may also include an AdChoices small triangular shape in the upper right hand corner.

Options for partner software installations: Many free software sites will need you to use their installer to activate their program. Some will force or trick you into installing other software by already check marking the option. They rely on people to quickly click the next button on the installation dialog box to do this.

 

Employees will typically see these scenarios after they’ve downloaded malicious freeware:

Browser hijacking: The software will change the computer settings and install a random looking search engine, such as Conduit Search, MyStart.IncrediBar Search, and Snap.do.

Suspicious pop-up advertisements: You or your employee will notice a dramatic increase in pop-up ads, particularly for dating and porn sites. These pop ups typically interfere with viewing internet content and can steal your personal information.

Extra toolbars: A strange toolbar will suddenly appear on your browser and cover parts of the websites page that you want to see. When you or your employees try to remove the rogue toolbar, it keeps coming back.

Redirects to undesirable websites: When searching on a browser and clicking on a link, you’ll redirect to an unwanted website each time.

 

Here are some tips you can use to protect your workspace:

Use comprehensive endpoint protection: Symantec Endpoint Protection will not only treat virus and malware infestations, but it will also help your employees identify unsafe websites. Your IT department should run scans on your employee workstations regularly.

Use ad blocking software: AdBlocker Plus will block banner, pop-up, and video ads from intruding on your internet browsing activities.

Create a restore point on your computer: Windows System Restore will allow you to roll back your computer to a time before problems occurred. While the function will remove program and system files installed after this point, it will not affect your documents and photos.

Research software before downloading: If you found free software on a site, such as CNET Downloads, that seems to meet your requirements, look up review sites and message boards to see if it actually does what it claims. If others are bashing the software as being loaded with malware, avoid it.

Run data backups regularly: We recommend doing backups of your business workstations onsite and offsite. Veeam Backup & Replication can archive your information to a onsite device and offsite to a cloud storage provider, such as Windows or Amazon. That way, if malware does take over your computer, your critical business data will still be intact.

Only download from trusted sites: Ideally, you’ll want to download your free software straight from the vendor, such as Microsoft and Adobe. If the website looks like an amateur created it in his/her basement, steer clear. Do the same if you’re in the US and being directed to a website with a .ru or .pl site. Even more so for torrent and peer-to-peer sites, such as BitTorrent and FileHippo.

Look before clicking: Don’t be in a big rush to get through the installation. When installing software, stop and view which options have a check mark before pushing the next button. Toggle any extra partner toolbars and software so they are not check marked.

Consider well-known cloud based applications instead: Many productivity applications, such as Microsoft Office 365, Evernote, Dropbox, and Freshbooks, will enable you to enter your information into your browser-based account. Our previous blogs, Cloud Applications for Businesses and Mobile Applications for Business Usage, can give you some ideas. Even small monthly payment for a well-known program is a better value for your business than taking your chances with a free application.

 

SwiftTech Solutions, an IT managed services provider, can analyze your business’s IT systems, help you choose productivity software, and set up a network security plan. If any programs infected your business workstations, SwiftTech can help your business remove malware and retrieve your business data. You can call 877-794-3811 or email [email protected] for a free consultation.

 


SOURCES             

Pirillo, C. Is it really safe to download software? (2009, April 22). Retrieved from: http://www.cnn.com/2009/TECH/expert.q.a/04/22/downloading.software/index.html?iref=24hours

Wasserman, E. Why Free Software Downloads Aren't Always Safe. Retrieved from: http://us.norton.com/yoursecurityresource/detail.jsp?aid=freewarerisks

Defending The Net. I downloaded a free screensaver, now my computer is acting up! Why did this happen? Retrieved from: http://www.defendingthenet.com/downloadingfreestuff.htm

IDC. The Dangerous World of Counterfeit and Pirated Software. (2013). Retrieved from: http://www.microsoft.com/en-us/news/download/presskits/antipiracy/docs/idc030513.pdf

Pytlovany, B. The Dangers of Downloading Free Software. (2012, October 21). Retrieved from: http://billpstudios.blogspot.com/2012/10/the-dangers-of-downloading-free-software.html

NetSafe. Download dangers: what is safe to download online? Retrieved from: http://www.netsafe.org.nz/download-dangers-what-is-safe-to-download-online/

Whitley, C. Risks to Watch For When Downloading & Installing Free Software. (2011, December 2). Retrieved from: http://www.7tutorials.com/risks-watch-when-downloading-installing-free-software

Read more...

Is your data on the cloud at risk?

 

In a previous blog, Cloud Applications for Businesses, we’ve mentioned that many employees are now working away from their office on laptops, smartphones, and tablets. They need to be able to make decisions in real time to improve response times, business processes, and overall productivity. In order to make this situation a reality, companies had to move data to the cloud and allow employees to access this information on a web browser or mobile application. Data migration to the cloud allowed companies to save money by buying only the storage capacity they need, leaving the ongoing maintenance to a third party, and reducing the need for physical storage facilities.



However, companies must be aware of the following situations that will increase the risk of a cloud data breach:

A larger third party cloud provider won’t protect your data as diligently: When companies move their data to a larger cloud service provider, they are at their mercy. A larger third party provider may not be as tough with protecting your data as your IT employees.

Many companies use the same cloud system: When your company shares the same computing resources with other companies, there’s a chance your data can leak out to your neighbors.

Larger third party cloud providers are targets for hackers: These cloud computing providers are a prime target for cybercriminals. It’s easier for them to disrupt and steal data in groups, rather than one by one, especially if the provider is using the single sign-on experience.

Your users may not be able to contact customer support: Some larger third party providers will give you all the attention you need when they are trying to get your business. However, once they get your business and you need customer support, the less trustworthy providers will either leave you on hold for a considerable amount of time or pass your phone call off from department to department. These delays can be costly if an in-house based application goes down, which can ultimately lead to extended employee down time and lost profits.

Your company may no longer be the sole owner of the data: If ownership terms of your cloud services were not clearly set during the contract signing, the data may also belong to the provider. Once the provider has the data, they can either use it to solicit your customers or sell the data to a broker.



In order to alleviate these risks, companies can follow these recommendations:

Consider a private cloud: Your company can set up your private cloud within the corporate firewall by using your own dedicated storage device. This private cloud can be under the administration of either your IT department or a managed services provider. If disaster does strike, it’ll be much easier to contact support and resolve the issue with minimal downtime.

Ask the cloud provider about their management software: Your company should ask about software they use to manage the cloud, the version it’s on, the frequency of software updates, and the people allowed to log into your account.

Assign levels of access to certain types of data: Employees handling confidential information and database administrators should get assigned a high level of access. These privileged users should receive training on handling their data securely.

Limit data access based on employee’s current computing situation: Levels of access should be assigned to the different types of user locations (office, home, public place) and the device they are using (office desktop, personal smartphone). For example, an employee using a smartphone in an airport should use more sign in steps then when he/she is at the office on a desktop.

Ask your cloud provider about their disaster recovery plan: Disasters, such as flood, tornados, and earthquakes, can wipe out your business data in a flash. Your cloud provider should have a backup and recovery procedure in place so your company can get back to work quicker and not lose valuable data.

Ask for regular security-event alerts: You and cloud provider should decide which service interruption events (outage, maintenance), should require a phone call or email to your company, and then send out those alerts accordingly.

Make sure your provider has an understanding of your compliance regulations: Some companies, such as health or legal, are bound by industry regulations. In case of an audit, they must demonstrate to regulators and insurers they are protecting company data properly. Your cloud provider should be familiar with those regulations and set up strict management and encryption procedures.

Your cloud services contact should confirm your ownership of data: Many cloud vendors are including language clarifying ownership of data. Your company should also state the limitations of the ways your cloud provider can use the data so it won’t be mined for their own purposes.



SwiftTech Solutions can help your company transition to the cloud by doing a business technology analysis. We'll help you design a cloud hosting plan suited for your business requirements. Once the plan is put into place, our technicians will monitor your cloud data and devices diligently, as well as be available 24/7 for support. For more information, you can call SwiftTech Solutions at 877-794-3811 or email [email protected] for a free consultation.

 

SOURCES
Bendekgey, L. Cloud computing reduces HIPAA compliance risk in managing genomic data. (2013, September 4). Retrieved from: http://www.healthcareitnews.com/blog/cloud-computing-reduces-hipaa-compliance-risk-managing-genomic-data

Grimes, R. The 5 cloud risks you have to stop ignoring. (2013, March 19). Retrieved from: http://www.infoworld.com/d/security/the-5-cloud-risks-you-have-stop-ignoring-214696

Angeles, S. 8 Reasons to Fear Cloud Computing. (2013, October 1). Retrieved from: http://www.businessnewsdaily.com/5215-dangers-cloud-computing.html

Pant, P. How to assess risk when considering cloud computing. (2013, October 21). Retrieved from: http://www.networkworld.com/news/tech/2013/102113-assessing-cloud-risk-275056.html

Marx, G. Can cloud computing be secure? Six ways to reduce risk and protect data. Retrieved from: http://www.theguardian.com/media-network/media-network-blog/2013/sep/05/cloud-computing-security-protect-data

Goodwin, B. Is your data at risk in the cloud? (2012, May 14). Retrieved from: http://www.computerweekly.com/news/2240150186/Is-your-data-at-risk-in-the-cloud

Trappler, T. When your data's in the cloud, is it still your data?. (2012, January 17). Retrieved from: http://www.computerworld.com/s/article/9223479/When_your_data_s_in_the_cloud_is_it_still_your_data_

Read more...

Overtime Lawsuits: How to Prevent Them

 

Many workers today are aware of their rights to get all of their pay, since the Department of Labor provides Fair Labor Standards Act (FLSA) promotional items to employers. Some workers start overtime lawsuits because they may feel their old job owes them extra pay after they end their employment. According to ADP, out of all state and federal court employment class action lawsuits, 90% are hour and wage claims. Many law firms are aware of this statistic and encourage potential clients to go forward with overtime lawsuits by airing television, direct mail, and radio advertising. These clients don’t have much to lose by suing an employer, since most companies prefer to settle cases. Also, they won’t have to pay back the defense’s legal fees, unless the court decides the overtime lawsuit is frivolous.

 

Unfortunately, it’s the burden of the company to produce solid evidence in an overtime lawsuit, or else the courts will need to rely on the employee’s documentation. If the latter happens, the courts typically side with the employee and award them the overtime pay. Also, this payoff would not be the only fee an employer would have to deal with, as there are also attorney’s fees, Department of Labor fines (at least $1,100 per violation), and lost time at work to consider. The thousands or even millions of dollars lost dealing with overtime lawsuits can cause a company to shut its doors permanently.

 

Examples of overtime lawsuits include:

•    Farmers Insurance Exchange was ordered to pay $90 million to their claims adjusters for not paying them for their long hours.

•    A police officer in Chicago sues the city for overtime pay for checking emails and answer calls from bosses on a department-issued Blackberry.

•    A class action overtime lawsuit is in motion against HP for supposedly not classifying their technicians as exempt from overtime, therefore denying them pay for all their hours worked.

•    A Verizon customer service representative filed a class action suit against her employer by claiming she was unlawfully required to report to the call center at least 10 to 15 minutes before her shift officially started.

 

Most small business owners do make every effort to follow the rules and treat their employees fairly. However, the people running your payroll are human and mistakes are made from time to time, especially if they work on any part of the paycheck process by paper. As a result, a worker may feel cheated out of earnings they feel is rightfully theirs. Worse, a sneaky worker will see an opportunity to make extra cash with frivolous overtime lawsuits.

 

Your company is vulnerable to overtime lawsuits if these situations apply:

•    Incorrectly labeling employees as exempt:  According to the FLSA, all workers must be paid time and a half for all hours worked over 40 in a work week. However, the law allows exceptions against overtime pay for highly paid professional, administrative, and executive employees. However, it’s easy for employers mislabel their workers as exempt if they are paid a salary, therefore setting the stage for potential overtime lawsuits.

•    Labeling the wrong employees as independent contractors, rather than employees:  According the IRS, if the company controls the way the worker does his/her job, reimburses for expenses, receives benefits (insurance, vacation pay), intends to continue a long term working relationship, and works on a key feature of the business, the worker should be labeled an employee. Therefore, the worker should receive overtime.

•    Workers are using a company computer from home: When an employee works away from the office, they’re not in the supervision of their boss. The company would therefore not have a way to witness if the worker is doing any overtime work.

•    Use of outdated, inaccurate time tracking processes: If your company is still using punch clocks and hand written time sheets, your time keeping practices are subject to error. Payroll typically has to translate the data, calculate the hours by hand, then type it into their system. Sometimes the data is not readable; other times, payroll might enter the data into the system incorrectly.

•    Automatically deducting time for meals: This automatic task may seem easier for payroll and the worker. However, this adjustment can lead to unpaid overtime if the employee works through their meal time.

 

Your biggest defense against overtime lawsuits is solid, time-tracked data. Your company can protect themselves against overtime lawsuits by:

•    Switching to an electronic time keeping solution: An electronic time keeping solution can help your company record employee paid time by submitting data to payroll and a secure database. For example, our STS User Tracking Software can track computer login/logoff times and the computer used for working.

•    Digitize employee communication tasks: Employees should submit their scheduling, time off requests, and availability with an electronic, rather than a paper form. SwiftTech can help your company create Microsoft InfoPath forms your employees can automatically email to HR and payroll when completed.

•    Keep company handbooks up to date: Your company should have a clear attendance policy instructing the times and methods for clocking in and out, along with amount of hours a worker is allowed to work. Each employee should review the handbook and sign letters of agreement. Also, your company should review any changes to the labor laws and update the handbooks accordingly.

•    Stay in compliance with the FLSA: Your payroll department can review the terms of the Act by taking advantage of the tools offered on its assigned United States Department of Labor page. Workforce management software, such as Kronos Workforce Central, can combine these pay rules and regulations to ensure compliance with the Act.

 

SwiftTech Solutions can help your company prevent overtime lawsuits by studying your payroll processes. We'll help you design an attendance record keeping plan, select time-keeping software, as well as be available 24/7 for support. For more information, you can call SwiftTech Solutions at 877-794-3811 or email [email protected] for a free consultation.

 

SOURCES

ADP. Time and Attendance: Practical Steps to Help Employers Stay Ahead of Wage and Hour Litigation Trends. Retrieved from: https://www.adp.com/tools-and-resources/adp-research-institute/insights/insight-item-detail.aspx?id=4A78647D-DE35-4DBC-B408-6C20DCBEA9B0
United States Department of Labor. Wages and Hours Worked: Minimum Wage and Overtime Pay. (2009, September). Retrieved from: http://www.dol.gov/compliance/guide/minwage.htm
Ansari, M. For Employee Lawsuits, Trial or Settlement? (2013, February 22). Retrieved from: http://blogs.findlaw.com/free_enterprise/2013/02/for-employee-lawsuits-trial-or-settlement.html
Koba, M. Court Battles Heat Up: 'I Want Overtime Pay.' (2013, June 17). Retrieved from: http://www.cnbc.com/id/100820627
Lucci, K. Opinion: Frivolous Lawsuits a Growing Threat to Our Industry. (2013, June 28). Retrieved from: http://www.limodigest.com/2013/06/opinion-frivolous-lawsuits-growing.html
Girion, L. Massive Award in Overtime Lawsuit. (2001, July 11). Retrieved from: http://www.rezlaw.com/News-Events/Massive-Award-in-Overtime-Lawsuit.shtml
Tarm, M. Checking Work Email Outside of Work Should Count As Overtime, Lawsuit Claims. (2013, February 6). Retrieved from: http://www.huffingtonpost.com/2013/02/07/overtime-for-checking-email_n_2637581.html
Cabraser, L. HP Technical Workers Overtime Lawsuit. Retrieved from: http://www.lieffcabraser.com/Case-Center/HP-Technical-Workers-Overtime-Lawsuit.shtml
United States Department of Labor. Wage and Hour Division (WHD). Retrieved from: http://www.dol.gov/whd/overtime_pay.htm
Kronos. Workforce Central 7. Retrieved from: http://www.kronos.com/products/workforce-management-suite.aspx

Read more...

A Guide to Employee Computer Tracking

 

Are your employees using company computers for work? It’s common for workers to send personal emails, visit social media websites, and watch YouTube videos on paid company time. According to Top Ten Reviews' 2014 Employee Monitoring Software Comparisons & Reviews, 1/3 of workers waste two hours a week online. Companies have the legal right to set up employee computer tracking, since the machines are their property. Fortunately, employee computer tracking is easier to do, since any activity will leave an electronic paper trail on the computer.  If the user deletes files or browsing history, the evidence will still appear on another area of the computer the average person does not know about.

 

Here’s some examples of inappropriate personal use of company computers, some more extreme than others:

•    Using the printer to produce personal materials, such as invitations and fliers.
•    Spending company hours playing solitaire.
•    Completing school work on the clock.
•    Doing side projects with clients that should be brought into the company.
•    Sending emails with private company information to a competitor.
•    Using IM to make insulting remarks about other employees.


 
The above examples, and many other personal computer activities, can put the livelihood of a company at risk. Employee computer tracking can help:

•    Increase efficiency: Your employees won’t waste time on impractical websites.

•    Lower legal risk: Users exposing other employees to offensive content relating to race, sexual orientation, religion, and more can lead to harassment and discrimination lawsuits.

•    Protect confidential information: Careful monitoring of computers can help your company spot people who are leaking business strategies, trade secrets, and private customer information.

•    Bill clients fairly: Blocking time wasting websites will encourage employees to stay focused on client work. After all, your client should not be billed for your employee’s YouTube habit.

•    Stay current with system updates: Many users postpone launching updates to their computers to prevent unwanted interruptions to their work day.  Employee computer tracking will allow IT support to send updates remotely.

•    Comply with industry regulations: Employee computer tracking will help your company prove it's staying in compliance by keeping detailed activity logs. These reports can save the company from fines, penalties, and a public reprimand.

•     Prevent theft of company computers: Employee computer tracking systems can also find the location of your devices, saving hundreds or even thousands in replacement costs.

 

What can employee computer tracking software monitor?

•    Applications
•    Websites visited
•    Location of laptops
•    Amount of bandwidth used
•    Attempted system adjustments
•    Email attachments sent
•    Chat conversations
•    File uploads


 
We recommend following these tips for setting up your employee computer tracking:

•    Track computer activities remotely: Remote monitoring software is available for following employee computer activity by sending a signal every time an action is taken. Our STS User Tracking Software can monitor computer logon/logoff times for each employee. Other software, such as InterGuard Sonar, can record emails, IM, web, keystrokes, and websites.

•    Block certain programs from your network: Software, such as Dell SonicWALL and SpectorSoft, will help your IT provider block time wasting websites. Focus on limiting access to social networking, shopping, entertainment, dating, adult, and job search websites.

•    Install and maintain endpoint protection software: This type of software typically is a combination of virus and malware protection, firewall program, and web browser security. Software, such as Symantec Endpoint Protection and Trend Micro Worry-Free Security Services, will allow IT support to adjust acceptable use settings and send system security updates.

•    Apply additional monitoring for suspicious employees: If you suspect an employee is breaking company policies or any laws, you can have their activity reports emailed to you more often and block additional time-wasting websites.

•    Check user report regularly: Your IT support should check activity reports often so they can identify any problematic programs and take action. For example, if an employee is claiming to watch YouTube for educational tutorials, but is viewing funny cat videos instead, you can take away his or her privilege to the site.

•    Create a written policy: Let your employees know everything they do on company computers is being monitored by IT support. Then mention how your company is monitoring computer use, whether it’s keeping track of website visits, blocking certain websites, or recording keystroke activity. Afterwards, set up rules for acceptable use for email, internet browsing, social networks, software downloads, and instant messaging. Warn them that failure to follow company policies could result in job loss or even criminal prosecution.

•    Keep personal activities on their own devices: Employees should keep any non-work related emails, phone calls, instant messaging on their own smartphone over a cellular network.  For example, if your assistant Jane sends an email to her mother from her Hotmail account on a company computer discussing an illness, the message can still get reported on the network.

 

SwiftTech Solutions can help your company with employee computer tracking. Protect your business now by contacting SwiftTech Solutions to set up a remote monitoring plan. You can call 877-794-3811 or email [email protected] for a free consultation.

 

SOURCES
Hardy, M. Monitoring employees online: How much is too much? (2012, August 20). Retrieved from: http://fcw.com/articles/2012/08/20/monitoring-employees.aspx
Texas Workforce Commission. Monitoring employees' use of company computers and the internet. Retrieved from: http://www.twc.state.tx.us/news/efte/monitoring_computers_internet.html
Petrecca, L. More employers use tech to track workers. (2010, March 17). Retrieved from: http://usatoday30.usatoday.com/money/workplace/2010-03-17-workplaceprivacy15_CV_N.htm
Richmond, R. 3 Tips for Legally and Ethically Monitoring Employees Online. (2012, May 31). Retrieved from: http://www.entrepreneur.com/article/223686#
Bonsor, K. Is your workplace tracking your computer activities? Retrieved from: http://computer.howstuffworks.com/workplace-surveillance.htm
Stevens, P. Employee Monitoring Software Review. Retrieved from: http://employee-monitoring-software-review.toptenreviews.com/
Strohmeyer, R. How to Monitor Your Employees' PCs Without Going Too Far. (2011, March 22). Retrieved from: http://www.pcworld.com/article/222169/how_to_monitor_your_employees_without_going_too_far.html

Read more...

Heartbleed Bug: Prevent Attacks Before They Begin

 

The Heartbleed bug is now the newest threat to your internet browsing security. The heartbleed bug affects sites that many users visit every day by potentially exposing valuable personal information to hackers. This bug exploits a hole found in the open-source software that encrypts communications for many popular websites, called Open SSL. Normally, a secure website connection between users and websites will show encrypted data for unauthorized parties. The site will also display a padlock and the https extension in the web address bar. With the heartbleed bug, an attacker can now use a special script to translate private encrypted information stored on servers to readable text using the Open SSL software. Some hackers can even create fake websites to trick people into handing over their personal information, such as credit card numbers for online shopping.


 
What private information can the heartbleed bug collect?

• User names
• Passwords
• Credit card information
• Data in your internet browsing cookies
• Confidential company documents


 
Popular sites that were affected include, but not limited to:

• Facebook
• Instagram
• Pinterest
• GoDaddy
• Dropbox
• Yahoo
• Google


 
These are a few sites that were not affected, since they either don’t use OpenSSL to encrypt their data or did not use the problematic version.

• American Express
• Apple, iCloud, and iTunes
• Bank of America
• Chase bank
• Healthcare.gov
• LinkedIn
• Microsoft, Hotmail, and Outlook


 
To see a more complete list of affected and unaffected websites, you can visit this page on money.cnn.com.


 
What should I do?

• Check if any websites you use are vulnerable to the heartbleed bug. On the Heartbleed test webpage on https://filippo.io/Heartbleed/, you can enter the website address to see if it is safe to visit.

• Change the passwords to your heartbleed affected websites if the site is fixed or unaffected.

• If the site is not fixed, do not visit it at all until their encryption system is repaired. Any new passwords you enter to an unfixed website will be compromised.

• If you used one password to access all your websites, you will need to replace the passwords to all your websites. This includes the websites unaffected by the heartbleed bug. Do not use the same password for all your websites going forward.

• Clear out the cache on your web browser (Internet Explorer, Firefox, Chrome, and Safari) so you won’t have old passwords available to use on another site. This WikiHow article will show you how to do this for different types of browsers.

• If your website has an SSL certificate, typically for visitors to make credit card payments online, replace it. Contact your hosting site (GoDaddy, GlobalSign, Comodo) to get a fresh SSL certificate.

• Consider a password service for managing your website login information. LastPass and RoboForm will create hard to crack passwords, store them, and automatically fill in your information when you go to the site of your choice. The communications between the password manager and your favorite website is encrypted.


 
SwiftTech Solutions can help your business manage security risks involved with employee internet browsing, including the heartbleed bug. Protect your business now by contacting SwiftTech Solutions for a review of your network security. You can call 877-794-3811 or email [email protected] for a free consultation.

 

 

SOURCES
Vaughan-Nichols, S. How to protect yourself in Heartbleed's aftershocks. (2014, April 10). Retrieved from: http://www.zdnet.com/how-to-protect-yourself-in-heartbleeds-aftershocks-7000028311/#ftag=RSS86a1aa4

Vaughan-Nichols, S. How to recover from Heartbleed. (2014, April 9). Retrieved from: http://www.zdnet.com/how-to-recover-from-heartbleed-7000028253/

Fung, B. Heartbleed is about to get worse, and it will slow the Internet to a crawl. (2014, April 14). Retrieved from: http://www.washingtonpost.com/blogs/the-switch/wp/2014/04/14/heartbleed-is-about-to-get-worse-and-it-will-slow-the-internet-to-a-crawl/

Whitney, L. Beyond Heartbleed: Why you need a password manager. (2014, April 15). Retrieved from: http://www.cnet.com/news/beyond-heartbleed-why-you-need-a-password-manager/

CloudTweaks Newsletter. Heartbleed – Which Sites Are Vulnerable? (2014, April 15). Retrieved from: http://us2.campaign-archive2.com/?u=04809abc68958c8c94da79e96&id=4ab610ae0b&e=3856292924

Nieva, R. Heartbleed bug: What you need to know (FAQ). (2014, April 11). Retrieved from: http://www.cnet.com/news/heartbleed-bug-what-you-need-to-know-faq/

Codenomicon. The Heartbleed Bug. Retrieved from: http://heartbleed.com/

Kirk, J. Tests confirm Heartbleed bug can expose server's private key. (2014, April 13). Retrieved from: http://www.pcworld.com/article/2143080/tests-confirm-heartbleed-bug-can-expose-servers-private-key.html

Campbell, J. Heart Bleed Virus Test: Bug Update - Test Websites Before Changing Security Passwords on Gmail, Yahoo etc. (2014, April 14). Retrieved from: http://www.christianpost.com/news/heart-bleed-bug-test-virus-update-test-websites-for-computer-bug-before-changing-gmail-yahoo-facebook-paypal-security-passwords-117856/

Shankland, S. 'Heartbleed' bug undoes Web encryption, reveals Yahoo passwords. (2014, April 8). Retrieved from: http://www.cnet.com/news/heartbleed-bug-undoes-web-encryption-reveals-user-passwords/

Valsorda, F. Heartbleed Test. Retrieved from: https://filippo.io/Heartbleed/

WikiHow. How to Clear Your Browser’s Cache. Retrieved from: http://www.wikihow.com/Clear-Your-Browser's-Cache

Pagliery, J. Change these passwords right now. (2014, April 14). Retrieved from: http://money.cnn.com/2014/04/10/technology/security/heartbleed-passwords/

Read more...

VoIP: 6 Reasons Your Business Should Switch to Internet Phone Calls

 

Many businesses need to cut costs in order to protect their bottom line. Using a landline telephone system can be expensive if your company is using many lines for connecting employees. If you add in long distance phone calls to co-workers in another state or country, the costs can add up. Fortunately, high speed internet is becoming cheaper and more widespread. Why not get rid of your telephone company and make your phone calls over the internet?


How does VoIP work? : VoIP systems make phone calls over the internet possible by breaking up the phone’s audio signal into small pieces, then transferring them over the internet. On the receiver’s end, the small pieces are put back together so they can be converted to an audio signal. Your workers can use IP phones that look like a traditional office phone. This IP phone will connect to a router so that phone calls can be made from any Wi-Fi hotspot. An alternative to using the IP phone is to connect your headset to a computer and make the phone calls from there.

 

VoIP systems can offer these basic features available on most landlines:

• Voicemail
• Caller ID
• Traditional conference calling

 

VoIP systems can also offer these extras:

• Virtual receptionists
• Greeting function
• Forwarding rules
• Do not disturb functions
• Music on hold
• Door entry buzzer
• Video conferencing

 

Benefits of using a VoIP system:

Lowered costs: With data and voice traffic on one network, your business won’t need to buy as much hardware. Also, long distance calling would be unlimited co-worker to co-worker, and lower cost to landlines.

Access to phone calls anywhere: Your IT department can set up rules on an employee’s phone system so calls can go to the office, home landline, and cell phone. Another option is to access phone calls on a smartphone by using the VoIP provider’s app.

Increased access to quality talent: Your company can recruit talent outside the immediate regional area. These remote workers will already have an important tool to completing their day-to-day tasks--access to the company telephone system.

Improved customer relationships: By giving your customers more ways to get in touch with you, you give them additional peace of mind. They’ll feel their needs are being attended to and therefore will be more likely to stay with your company in the long haul.

Decreased downtime: If there are any outages, your company will not have to endure the long wait for a telephone provider. Your IT department will work on getting the telephone system up and running right away. In the meantime, phone calls can be forwarded to cell phones first, then to voicemail.

Increased speed of decision making: Your business can make critical decisions without waiting for someone to travel to a destination. With video conferencing, an employee in Los Angeles can have a meeting with a colleague in San Francisco without leaving the office.

 

Before jumping to a VoIP system, the following risks must be alleviated:

No internet, no phone: If the power or the internet signal goes down, your employees will not be able to make phone calls. Make sure inbound calls are routed to someone’s cell phone; some will even allow each extension to use this failover plan for their own smartphones.

Phone calls are occasionally distorted: Some people experience either hear garbled sounds, loss, or even dropped calls. Make sure your IT department is monitoring the internet network for any bandwidth hogs, such as unnecessary YouTube viewing and large downloads. Otherwise, have your IT department negotiate an upgrade price for increased internet speed.

Requires training for users: There’s a learning curve with using a new phone system, which will displease some late adopting employees. Your IT department will have the knowledge and the patience to train your employees on the new VoIP system.

 

SwiftTech Solutions can help your employees transition to VoIP by conducting an analysis of your existing business technology. We'll help you plan and install a VoIP system suited for your business requirements. For more information, you can call us at 877-794-3811 or email [email protected] for a free consultation.



SOURCES
TechRepublic. 10 VoIP features that can benefit your small business. (2013, July 8). Retrieved from: http://www.techrepublic.com/blog/10-things/10-voip-features-that-can-benefit-your-small-business/#.
Cisco. Small Business Phones: The Basics. Retrieved from: http://www.cisco.com/cisco/web/solutions/small_business/resource_center/articles/serve_customers_better/small_business_phones/index.html
Stone, J. Signs It's Time to Move to VoIP. (2014, April 11). Retrieved from: http://www.wilmingtonbiz.com/insights/joey_stone/signs_its_time_to_move_to_voip/135
Fabian, K. Business VoIP Review. (2014, March 10). Retrieved from: http://business-voip-review.toptenreviews.com/
Kennedy, J. How Switching to VoIP Can Save You Money. (2012, April 30). Retrieved from: http://www.pcworld.com/article/254659/how_switching_to_voip_can_save_you_money.html
Chacos, B. VoIP buying guide for small business. (2012, August 14). Retrieved from: http://www.pcworld.com/article/260859/voip_buying_guide_for_small_business.html
Valdes, R. and Roos, D. How VoIP Works. Retrieved from: http://computer.howstuffworks.com/ip-telephony.htm

Read more...

Video Surveillance: Why should my business use it?

 

In a previous blog, we offered advice for monitoring employee computer use. However, you should not forget about the risks to your business inside your office walls. The threats can come from thieves, attackers, competitors, and even your own employees. According to a 2007 American Management Association survey, 48% of companies use video monitoring to prevent theft, violence, and sabotage. Also, the US Department of Commerce notes that employee theft contributes to 30% of business failures. Consider protecting your business with video surveillance.

 

How does it work?
Traditionally, businesses used analog closed circuit television (CCTV) systems, which records low resolution video to a DVR. Today’s IP video systems will capture real-time or previously recorded footage of your business. This camera will transfer footage over the internet to your cloud based account. Then, you can login to this account from a desktop, smartphone, and tablet device. The higher quality video will allow users to zoom in much closer to an image. In addition, each camera will have its own channel, ranging from four in a small business to 32 for a large enterprise. It depends on the amount of office areas your business needs to monitor.

 

Benefits:

•    Added sense of security: You’ll be able to see which employees and visitors come into your business. Also, an employee who works late in the office by him or herself may feel safer knowing your business is monitoring the office.

•    Prevents theft: The existence of a video camera discourages would-be thieves from stealing. In addition, if a customer is sneaking one of your products into a bag without paying, you can catch this person in the act. The same goes for employees helping themselves to your inventory without permission.

•    Deters harassment: If an employee accuses other co-workers of bullying and noted when each incidence took place, you can review footage from those time and places. From there, you can look for any visible signs of ridicule, exclusion, and violence towards the employee.

•    Manage insurance claims: Video surveillance helps your business spot any safety issues causing injury to employees. Also, video evidence of any events can prevent any false claims against your business. Some insurance companies will even kick in a discount if the business installs a video surveillance system.

•    Watch employee work habits: Video surveillance allows you to see how your employees are working. You can boost employee efficiency by encouraging their reported good habits and minimize weak areas.

•    Monitor business while away: The saying, “While the cat’s away, the mice will play,” may apply to your business. If you’re going on vacation, you can log into your video surveillance account from a mobile device and view office activities in real-time. In addition, if your business has multiple branches, you can manage each location from one computer screen.

 

 

If your business is seriously thinking about installing a video surveillance system in your office:

•    Make sure to review the laws about video surveillance in your state. Your IT consultant and lawyer can explain the regulations behind workplace video surveillance in your area.

•    Notify your employees the business will use video surveillance in the office. Your HR department should update the written company policy with this change. Then, tell your employees about the new video surveillance system via email, memo, or company-wide meeting. Let them know the video surveillance system is in place to protect the business, not to invade their personal business.

•    Your security cameras should visible to any employee in the office. In most cases, we recommend limiting hidden camera use to areas with ongoing theft and attacks.

•    Don’t put video surveillance cameras in places where privacy is expected. This includes bathrooms, locker rooms, dressing rooms, and lounge areas.

•    Don’t record any sound on the cameras, as this falls under wiretapping. This type of activity is illegal in most states.

•    Check the video surveillance cameras and related equipment on a regular basis. Your business can’t catch any threats if the batteries are dead or the camera is not working.

 


SwiftTech Solutions can help your business set up and monitor your video surveillance system. For more information, call SwiftTech Solutions at 877-794-3811 or email [email protected].

 

SOURCES
Huebsch, R. Pros & Cons of Using Security Cameras in Privately Owned Businesses. Retrieved from: http://smallbusiness.chron.com/pros-cons-using-security-cameras-privately-owned-businesses-2707.html

Smigielski Acker, S. SMALL BUSINESS NAVIGATION Surveillance cameras, stricter bookkeeping guard against employee theft. (2013, June 14). Retrieved from: http://insidebiz.com/news/small-business-navigation-surveillance-cameras-stricter-bookkeeping-guard-against-employee-thef

Buyer Zone. Video Surveillance Buyers Guide. (2011, June 20). Retrieved from: https://smallbusiness.yahoo.com/advisor/video-surveillance-buyers-guide-185605391.html

Ebay. What Business Owners Should Know Before Buying Surveillance Gadgets. (2013, August 20). Retrieved from: http://www.ebay.com/gds/What-Business-Owners-Should-Know-Before-Buying-Surveillance-Gadgets-/10000000177630852/g.html

Robinson, M. How To Buy The Right Video Surveillance System. (2012, May 24). Retrieved from: http://ext.homedepot.com/community/blog/how-to-buy-the-right-video-surveillance-system/

Macchia, P. 4G LTE Video Surveillance Enhances Business Security. (2012, December 12). Retrieved from: http://www.verizonwireless.com/news/article/2012/12/4G-LTE-video-surveillance.html

Security Camera World. NVR and DVR Security Cameras. Retrieved from: http://www.securitycameraworld.com/

Westervelt, A. Small Firms Use Security Cameras to Boost Business. (2013, August 19). Retrieved from: http://online.wsj.com/news/articles/SB10001424127887324412604578514541384395664

Fox, V. Security Cameras Vs. Employee Rights. Retrieved from: http://smallbusiness.chron.com/security-cameras-vs-employee-rights-13147.html

Deutsch, W. Using Security Cameras While Respecting Privacy. Retrieved from: http://bizsecurity.about.com/od/privacyissues/a/video_privacy.htm

American Management Association. The Latest on Workplace Monitoring and Surveillance. (2010, August 5). Retrieved from: http://www.amanet.org/training/articles/The-Latest-on-Workplace-Monitoring-and-Surveillance.aspx

Mohr, A. Are Office Surveillance Cameras a Good Idea? (2013, April 12). Retrieved from: http://blog.intuit.com/employees/are-office-surveillance-cameras-a-good-idea/

ApexCCTV. How Many Channels Does Your Security DVR System Need? (2013, December 17). Retrieved from: http://blog.apexcctv.com/how-many-channels-does-your-security-dvr-system-need/

Read more...

Computer Investigation: Employees

 

As an owner, your want to believe the people who work for you are trustworthy individuals looking out for the company’s best interests. However, you suspect an employee is violating company policy. This employee’s violation may fall into one of these situations:

• Committing bribery by getting a kickback from a vendor in exchange for a signed contract
• Acting as a double agent for competitors by sending confidential information
• Stealing money through padding expense reports
• Embezzling money from the company by having accounting paying invoices for their fake company.
• Forging time and attendance records
• Watching and storing pornography on company computers
• Sending threatening messages to other employees.
• Using company computer to run their own competing business
• Leaking or deleting information to get revenge on your company

 

A computer forensics expert can help your company look for evidence of employee misconduct. An employee computer investigation will find, pull, examine, and secure data from workplace devices. The computer forensic expert will preserve the data for a trial so data cannot be destroyed or lost. The preserved data can be used as strong evidence in a court of law, along with any relevant witness interviews, letters, and memos.

 

A computer forensics expert uses specialized software to keep track of staff computer activity such as:

• Web activity
• Chat/messaging
• Emails
• Network logs
• Download activities
• Recently created, opened, retrieved, and deleted files
• Hidden folders

The computer forensics expert will also save any physical evidence, such as:

• Storage tape data
• Memory cards
• CDs
• USB drives
• Smartphones

 

To get started on your employee computer investigation, your organization should:

Create an internet usage policy: Let your employees know their activities, such as website activities and keystrokes, is being monitored by IT support. Then, set up rules for acceptable use for internet browsing, email, social networks, instant messaging, and file downloading. Finally, warn them that failure to follow the company’s policy can result in job loss and possible criminal prosecution.

Do not use any affected computers: Once your company suspects an employee of misconduct, store the device in a secure location until a computer forensics expert can start the investigation. Do not take matters into your own hands and search through the employee files yourself. Booting the computer and opening documents can cause the file time stamp to change, thereby compromising the evidence.

Assure a reliable chain of custody: The computer forensics expert must preserve the exact state of the hard drive in order to avoid claims of tampering in a trial. The expert will take a snapshot of the hard drive, and then pull relevant documents and activity logs for examination.

Use an IP video surveillance system: Your company should consider video surveillance to prevent, prove, and stop employee misconduct. An IP video surveillance system will capture real-time or recorded footage of your business. From there, the camera will transfer this footage to a cloud based account. Finally, you can login to this account from your desktop and mobile device. Our blog, Video Surveillance: Why should my business use it?, covers this area in more detail.

 

SwiftTech Solutions can help you conduct your employee computer investigation. We'll help your company collect reliable computer evidence and track employee activity, as well as offer 24/7 technical support. For more information, call SwiftTech Solutions at 877-794-3811 or email [email protected].

 


SOURCES

Smith, Gambrell & Russell, LLP. Today's Employee, Tomorrow's Defendant? (2006). Retrieved from: http://www.sgrlaw.com/resources/trust_the_leaders/leaders_issues/ttl17/827/

Fischer, A. Misuse of Confidential Information – Are You Prepared? Retrieved from: http://hicks.com/index.php?name=News&file=article&sid=1183&catid=6

Office of Inspector General. Summaries of Investigative Cases. Retrieved from: http://oig.state.gov/aboutoig/offices/inv/c40045.htm

Lype, B. Privacy In The Workplace and Conducting An Internal Investigation. (2008, October). Retrieved from: http://www.lypelaw.com/privacy-in-the-workplace-and-conducting-an-internal-investigation.html

Wunsch, J. Keep Company and Employee Information Safe. Retrieved from: http://humanresources.about.com/od/healthsafetyandwellness/a/protect_data.htm

Pidanick, R. An Investigation of Computer Forensics. Retrieved from: http://www.isaca.org/Journal/Past-Issues/2004/Volume-3/Pages/An-Investigation-of-Computer-Forensics.aspx

Rouse, M. computer forensics (cyber forensics). (2013, May). Retrieved from: http://searchsecurity.techtarget.com/definition/computer-forensics

Shinn, J. Employer Liability for Employee’s Internet Misconduct – Or When Surfing the Web can Wipe out your Business. (2010, March 15). Retrieved from: https://jshinn.wordpress.com/category/employee-investigation/

Wilcox, T. Computer Investigation Shows Employee Embezzlement is Digital Now, Too. (2013, August 6). Retrieved from: http://www.iiiweb.net/blog/computer-investigation-shows-employee-embezzlement-is-digital-now-too/

Read more...

HIPAA Compliance: What you need to know

 

Many organizations are transitioning from paper to digital information systems, such as client management, Electronic Health Record (EHR), and Computerized Physician Order Entry (CPOE) software. These types of systems enable providers to give higher quality health care to clients by allowing collaboration with colleagues and access to personal information from remote locations. However, the shift to digital records brings new risks to organizations that can compromise patient confidentiality and result in HIPAA compliance violations.

 

The Health Insurance Portability and Accountability Act (HIPAA) require health related organizations to protect information by ensuring patient privacy. The rules of HIPAA are to:

• Ensure the confidentiality, integrity, and availability of all electronic protected health information your organization creates, receives, maintains or transmits.

• Identify and protect against reasonably anticipated threats to the security or integrity of the information.

• Protect against reasonably anticipated, impermissible uses or disclosures.

• Ensure compliance by your workforce.

 

According to YourDictionary.com, the most common HIPAA compliance violations include:

• Failure to follow the authorization expiration date: Clients can set a date when their authorization expires. An organization releasing confidential records after that date would be violating HIPAA rules.

• Failure to promptly release information to patients: According to HIPAA, a client has the right to receive electronic copies of medical records on demand.

• Improper disposal of patient records: Shredding is necessary before disposing of client records.

• Insider snooping: This refers to family members or co-workers looking into a person’s medical records without authorization.

• Missing patient signature: Any HIPAA forms without the client’s signature is invalid, so releasing information would be a violation.

• Releasing information to an undesignated party: Only the exact person listed on the authorization form may receive client information.

• Releasing unauthorized health information: This refers to releasing the wrong document that has not been approved for release. A client has the right to release only parts of their medical record.

• Releasing wrong client's information: Through a careless mistake, someone releases information to the wrong person. This sometimes happens when two clients have the same or similar name.

• Right to revoke clause: Any forms a client signs need to have a Right to Revoke clause or the form is invalid. Therefore, any information released to a third party would be in violation of HIPAA compliance regulations.

• Unprotected storage of private health information: A good example of this is a laptop that is stolen, then thieves selling confidential information. Private information stored electronically needs to be stored on a secure device. This applies to a laptop, thumbnail drive, or any other mobile device.

 

The consequences of not following HIPAA compliance standards include:

• Fines of at least $50,000, but could possibly go into the millions
• Audits
• Imprisonment of up to a year
• Legal action from patients

 

In order to ensure HIPAA compliance, your organization needs to:

• Implement written security policies and procedures: Your organization must set rules for acceptable use for accessing, storing, sharing, and protecting patient information. You’re your employees that failure to follow this policy can result in job loss and possible criminal prosecution. SwiftTech Solutions IT support can create this policy and procedures document for your organization.

• Employees must protect their office workspace: Your staff members should monitor any computers, monitors, printers, and fax machines they use closely and shield confidential information from prying eyes. Log out from your computer when you step away from it and lock up workplace mobile devices when not in use.

• Get client consent before releasing personal information to third parties: First, your organization should make sure to the client approves a document for release, typically with a signature. Once permission is granted for sharing information with third parties, obey the authorized expiration date stated by the form. Finally, your organization should inform patients they have the right to remove consent to access their confidential medical information.

• Use a strong anti-virus/anti-malware software and update it regularly: Viruses and malware can invade your computer from untrusted websites, email attachments, and file downloads. If you’re using the free AVG anti-virus protect software, this will not provide enough protection. We recommend using endpoint protection software, such as Symantec Endpoint Protection and Trend Micro Worry-Free Security Services. This software combines virus and malware protection, firewall program, and web browser security.

• Create a backup and disaster recovery plan: SwiftTech strongly recommends data backups to an onsite and offsite location. For example, Veeam Backup and Replication can archive your information to an onsite device dedicated to disaster recovery and offsite to a cloud storage provider, such as Windows or Amazon. If disaster does strike and, for example, a flood destroys your laptop, you can access your data from the cloud and resume your work on another device. Plus, the latest backup methods employ sophisticated methods of encryption so unauthorized individuals cannot access your confidential business data easily.

• Manage your passwords securely: Do not share passwords nor leave them on a piece of paper in your desk drawer. Consider a password service for managing your website login information. Imprivata OneSign Single Sign-On will create hard to crack passwords, store them, and automatically fill in your information when you go to the application of your choice.

• Encrypt sensitive organizational emails: McAfee SaaS Email Protection & Continuity will allow your organization to protect confidential outbound email with gateway-to-gateway encryption. Also, McAfee SaaS Email Archiving will provide encrypted storage of old emails in the cloud.

• If using Windows XP, upgrade your operating system: Microsoft ended support for Windows XP on April 8, 2014, which means they will no longer be offering security updates. Unpatched operating systems leave computers vulnerable to malware that can damage, leak, or even wipe out patient data. Your organization should update computer operating systems to Windows 7 or 8 to ensure continued security updates.

 

SwiftTech Solutions can help your organization follow HIPAA compliance data protection standards. Our IT consultants can help your organization with weekly HIPAA preparation audits, O.S. vulnerability inspections, external intrustion testing, and much more.  You can call 877-794-3811 or email [email protected] for a free analysis.

 

SOURCES

YourDictionary.com. Examples of HIPAA Violations. Retrieved from: http://examples.yourdictionary.com/examples-of-hipaa-violations.html

Wlodarz, D. 5 big myths surrounding computer security and HIPAA compliance. (2013, September). Retrieved from: http://betanews.com/2013/09/02/5-big-myths-surrounding-computer-security-and-hipaa-compliance/

Kibbe, D. Ten Steps to HIPAA Security Compliance. (2005, April 12). Retrieved from: http://www.aafp.org/fpm/2005/0400/p43.html#

American Medical Association. HIPAA Violations and Enforcement. Retrieved from: http://www.ama-assn.org/ama/pub/physician-resources/solutions-managing-your-practice/coding-billing-insurance/hipaahealth-insurance-portability-accountability-act/hipaa-violations-enforcement.page?

Imprivata. Authentification Management. Retrieved from: http://www.imprivata.com/products-solutions/authentication-access-management/authentication-management

Read more...

Virtual Private Networks (VPNs): Reasons your company should install them

 

Many companies today are no longer content to conduct business in their immediate geographical region. Many are expanding into different global markets, either by having an employee work from their home in another city to opening an entire branch office. Furthermore, they are accessing their information at the coffee shop, hotel, or at the airport.

 

However, when workers use the public Wi-Fi signal, their devices are vulnerable to attacks, such as fake wireless access points and cookie theft. As covered in a previous blog, “Hacker Tricks: How You Can Protect Yourself,” hackers steal confidential data, scrape login information, take credit card numbers, install malware, and even take over your device. A Virtual Private Network can prevent many of these problems.

 

How VPNs work:

A Virtual Private Network (VPN) is a virtual type of a secure wired network. This VPN will connect remote employees to a central company server so they can access and share internal documents quickly and securely. VPNs create a secure connection by encrypting network activity and enforcing password/location based policies. This security combination makes it more difficult for cybercriminals to intercept the company’s data. To connect the VPN, users will either login to a software on the computer or automatically connect to a dedicated device in the office.

 

Benefits:
Protects online privacy: Checking your emails at the mall can put your company at risk, especially if you’re using a network the general public can access. A VPN will block outsiders from peeking at your emails and confidential data by encrypting the information on the device. Note: You must be careful of where you physically point your monitor so a passerby will not be able to view your private information.

Supports remote and branch offices: Work from home? Opening another satellite office? No problem. A VPN will allow your network to grow with your clients by giving remote access to files, applications, printers, and other resources on the office network.

Bypasses regional restrictions on certain websites: Let’s say you’re vacationing in China and you want to post an update to your company’s Facebook account. If you try to complete this simple task on a Chinese network, you’re out of luck—the social networking site is blocked in the country. However, if you use a VPN, the network will treat you as if you are using your device in your home country (the United States in our case), and you’ll be able to access the site.

Supports industry data security compliance standards: Many industry compliance regulations, such as HIPAA and SOX, require organizations to send and receive confidential information through encrypted channels. VPNs will ensure remote workers will continue to do exactly that.

Cost efficient alternative to buying owned or leased lines: Owned and leased lines will connect one office to another securely, but they can be cost prohibitive. With a VPN, your company can inexpensively add new users and minimize the need for buying expensive equipment by using the local provider’s internet access.


Your options:
Hosted VPNs: If your company simply wants to share file and network resources to individual users without having to configure a router or use a PC as a VPN server, Hosted VPNs will be a great solution for your company. This option is excellent for employees working at home or on the go. There are free options available, such as Hotspot Shield, but the program will track your activities and deliver advertising. Subscription based services, such as Strong VPN and Century Link, will provide greater security and privacy. Your IT department would need to preinstall the client software on the company devices. Then, every time a user needs to use the VPN, they will log into the software with a user name and a password before entering the protected network.

Use own VPN router: If you want more control over company devices and employee computer activities, consider using your own VPN devices. This solution is excellent for companies rolling out entire branch offices. Unlike Hosted VPNs, your IT department will not have to pre-install client software on each user computer. Dell SonicWALL Secure Remote Access appliances will allow users to use their PC and mobile device to access files, emails, applications, remote desktops, and more on the company’s Local Area Network (LAN). Along with encryption, platforms similar to SonicWALL will provide tough firewalls to protect against malware attacks and cookie theft. All users would need to do is log into a Virtual Office portal.


If you’re interested in a review of the security of your business technology and setting up a VPN, contact SwiftTech Solutions by calling 877-794-3811 or emailing [email protected] for a free consultation.

 

SOURCES
Tarantola, A. VPNs: What They Do, How They Work, and Why You're Dumb for Not Using One. (2013, March 26). Retrieved from: http://gizmodo.com/5990192/vpns-what-they-do-how-they-work-and-why-youre-dumb-for-not-using-one

Cisco. How Virtual Private Networks Work .(2008, October 13). Retrieved from: http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/14106-how-vpn-works.pdf

Rouse, M. virtual private network (VPN). (2007, May). Retrieved from: http://searchenterprisewan.techtarget.com/definition/virtual-private-network

Dell SonicWALL.Secure Remote Access. Retrieved from: http://www.sonicwall.com/us/en/solutions/Solutions_Secure_Remote_Access.html

Henry, A. Why You Should Start Using a VPN (and How to Choose the Best One for Your Needs. (2012, September 5). Retrieved from: http://lifehacker.com/5940565/why-you-should-start-using-a-vpn-and-how-to-choose-the-best-one-for-your-needs

Geier, E. How (and why) to set up a VPN today.(2013, March 19). Retrieved from: http://www.pcworld.com/article/2030763/how-and-why-to-set-up-a-vpn-today.html

Read more...

SOX: A Short Guide to Compliance

 

In the early 2000’s, the financial world was turned upside down by accounting scandals. Corporations, such as Enron, WorldCom, and Tyco hid large debts, inflated their assets, diverted earnings, and manipulated stock prices. These events resulted in bankruptcy filings and class action lawsuits for the companies, charges against top executives, loss of earnings for investors, and lost employee jobs. The Sarbanes-Oxley (SOX) Act was enforced in 2002 to improve financial reporting systems of publicly-traded corporations and to increase the accountability of their top executives.

In order to stay compliant with SOX, publicly traded corporations must at minimum:
• Require corporate executives to sign financial reports to confirm they are accurately presented. 
• Protect their data diligently to ensure financial reports are not using inaccurate and/or tampered data.
• Create safeguards that can be verified by external auditors and report any security breaches affecting finances.
• Enforce controls on access to confidential financial data. The company must detect any data tampering quickly and take steps to reduce the negative consequences of these problems.
• Include information about the reach and effectiveness of the security control procedures in the financial reports.
• Save paper and digital records for no less than five years.
• Remind executives the consequences of destroying, damaging, hiding, and falsifying documents relevant to a legal investigation. If auditors discover intent to obstruct, or influence the investigation, the company will be fined heavily and the liable executives can get up to 20 years of imprisonment.


According to the SANS Institute, these threats to an IT system can undermine a corporation’s ability to stay SOX compliant:
• Abuse of access privileges by an otherwise authorized user
• Misuse of access privileges by employees
• Accidental errors
• Attempted unauthorized access by an outsider
• Communication loss
• Computer virus
• Data integrity loss
• Deliberate attach
• Destruction of data
• Fire
• Natural Disasters
• Non-disaster downtime
• Power loss
• Theft or destruction of computing resource
• Successful unauthorized access by outsider


How can my organization stay compliant with SOX? 
• Store documents in an electronic database: Database software will store your confidential documents in a highly-protected digital file cabinet. These kinds of software will allow your organization stay compliant with SOX by enforcing employee access policies, keeping documents protected with SSL encryption, and allowing for quick retrieval of records. Plus, storing your documents in a database, rather than on your computer, will prevent any loss, destruction, and leaks of confidential data caused by malware intrusions. Furthermore, your CEO can access a dashboard of accurate data so he/she can ensure the organization’s finances are on the up-and-up.

• Use a next generation firewall with an intrusion prevention system, such as Dell SonicWALL. A traditional firewall mostly involves keeping cybercriminals out of your networks, thus away from your financial information critical for SOX audits. The next generation firewall, such as Dell SonicWALL, takes the traditional method a step further and also incorporates virus/malware protection, in addition to user authentication, URL filtering, and application-level security.

• Have your IT department monitor servers and applications around the clock: An IT support company, such as SwiftTech Solutions, will have access to advanced server software that will monitor the activity of SQL databases. For example, Solarwinds SQL Server Performance will keep track of performance issues, such as outages and login failures, and set off automated alerts should these events occur. This will allow the IT company to take immediate remedial action so data will stay remain intact. This software will also generate a report your organization can give to an auditor.

• Hire an employee to help your company follow the requirements of the PCAOB: The Public Company Accounting Oversight Board (PCAOB) conducts audits of public companies so they can protect the interests of investors. The PCAOB looks at audit reports, logs, and other related material to ensure an organization is staying in compliance with SOX. Your firm should hire an expert to help the organization follow the requirements of the SOX / PCAOB, since the bylaws themselves are lengthy and complex.

• Create backup and recovery procedures: Your organization's critical data should be backed up to an onsite and offsite location. For example, Veeam Backup and Replication can archive your information to an onsite device dedicated to disaster recovery and offsite to a cloud storage provider, such as Windows or Amazon. If disaster does strike and, for example, a flood destroys your laptop, you can access your undamaged financial data (or your SOX auditor) from a browser on another device.


SwiftTech Solutions can help your organization follow SOX compliance data protection standards. Our IT consultants can help your organization create a “Policies & Procedures” handbook, implement a backup and disaster recovery plan, and much more. You can call 877-794-3811 or email [email protected] for a free analysis.


SOURCES:
Accounting-Degree.org. The 10 Worst Corporate Accounting Scandals of All Time. Retrieved from: http://www.accounting-degree.org/scandals/
Seider, D. Sarbanes-Oxley Information Technology Compliance Audit. (2004). Retrieved from: http://www.sans.org/reading-room/whitepapers/auditing/sarbanes-oxley-information-technology-compliance-audit-1624
Taft Law. Sarbanes-Oxley Act. Retrieved from: http://taft.law.uc.edu/
Sarbanes-Oxley Act. Sarbanes-Oxley Act Summary and Introduction. (2003). Retrieved from: http://www.soxlaw.com/introduction.htm
Rouse, M. Sarbanes-Oxley Act (SOX). (2007, September). Retrieved from: http://searchcio.techtarget.com/definition/Sarbanes-Oxley-Act
ManageEngine. Compliance Audit Reports for Sarbanes-Oxley (SOX) Act, 2002. Retrieved from: http://www.manageengine.com/products/eventlog/sox-compliance-reports.html
InformationWeek Dark Reading. 10 Best Practices For Meeting SOX Security Requirements. (2011, December 15). Retrieved from: http://www.darkreading.com/10-best-practices-for-meeting-sox-security-requirements/d/d-id/1136818?

Read more...

IPv6 Connectivity: Why does my organization need it?

 

More people are using PCs, laptops, tablets, smart phones, and video game systems to connect to the internet. Each device is assigned an IP address in order to send packets of data to other computers on the internet. This process is a virtual version of someone addressing a letter to send through snail mail.


The most typical way to format the IP address of a device is an IPv4 standard. This address is written in decimal as four numbers separated by periods.


Example: 1.160.10.240


However, thanks to skyrocketing use of mobile devices, the internet is running out of IPv4 addresses. In order to satisfy the need for more internet addresses, the IPv6 standard of IP addresses was created. This address is written in hexadecimal and separated by colons.


Example: 3ffe:1900:4545:3:200:f8ff:fe21:67cf


Unfortunately, the two standards are not compatible. This is a problem, since those with older IPv4 devices cannot connect with people using newer IPv6 machines. For the US Government, this mismatch can hamper their legislative, economical, and humanitarian efforts. Therefore, the US Government set a mandate for all of their agencies to have their public facing websites and email services available over IPv6 starting September 30, 2012. In turn, contractors working with the government are required to convert by September 30th, 2014.


According to Cisco, additional reasons to convert from IPv4 to IPv6 include:

• Meeting anticipated corporate growth
• Extending connectivity to sensors or other small devices
• Communicating with other IPv6 users and organizations


In order to make the conversion, your organization has three options for your existing devices:

Dual Stack Network: With this option, the network routers and switches will run both IPv4 and IPv6 at the same time. Devices, such as Cisco’s Catalyst switches, will route traffic to a suitable server. This is the preferred method.

Tunneling: This method is used to provide a point-to-point IPv6 link over an existing IPv4 network. This method takes IPv6 packets and encapsulates them in IPv4 packets to be sent across portions of the network that haven't been upgraded.

Network Address Translation-Protocol Translation (NAT-PT): This method will simply translate IPv6 packets to IPv4 packets, but should be used only as a last resort.

 

IPv6 Chart

Image courtesy of Network World


SwiftTech Solutions can help your organization meet the US Government’s September 30, 2014 conversion deadline. We’ll help you select the most cost effective methods and equipment for your IPv6 networking needs. You can call 877-794-3811 or email [email protected] for a free consultation.

 

SOURCES

Cisco. Solution Overview—Getting Started with IPv6. (2011). Retrieved from: http://www.cisco.com/web/strategy/docs/gov/whitepaper_c11-637821_v5.pdf

Hogg, S. IPv6: Dual stack where you can; tunnel where you must. (2007, September 5). Retrieved from: http://www.networkworld.com/article/2285078/tech-primers/ipv6--dual-stack-where-you-can--tunnel-where-you-must.html

Cisco. Dual Stack Network. (2010). Retrieved from: http://www.cisco.com/web/strategy/docs/gov/IPV6at_a_glance_c45-625859.pdf

Beal, V. What is The Difference Between IPv6 and IPv4? (2014, January 22). Retrieved from: http://www.webopedia.com/DidYouKnow/Internet/ipv6_ipv4_difference.html

Bradley, T. IPv6: Five Things You Should Know. (2012, June 6). Retrieved from: http://www.pcworld.com/article/257037/ipv6_five_things_you_should_know.html

Remaker, P. How to get IPv6, now. (2011, February 23). Retrieved from: http://blogs.cisco.com/enterprise/how-to-get-ipv6-now/

Crawford, S. What is an IP address? Retrieved from: http://computer.howstuffworks.com/internet/basics/question549.htm

Read more...

IT Support Options in 2015

 

itsupportinirvine


Chances are you have used some sort of IT support (or technical support) for at least one of your electronic devices, or you will use in the future. The use of an expert to help you with your computer issues or questions is a very common occurrence today, and in fact, is a growing field. With the ever increasing use of laptops, PCs, tablets, and other electronic devices, for personal and business alike, IT support has expanded and will continue to expand.

Because of the daily changes in technology, the IT support model has had to evolve to handle the growing need of support from consumers. Below are a few of the options you have for PC support today:

Live Chat

live chat support has become very popular recently. In fact, it is the most common method of IT support used today. Because of the limited time that individuals and businesses possess today, live chat support is a viable method of receiving help quickly. In order to receive the most productive session with live chat, you should have detailed information about your problem.

Remote

another popular option is remote PC support. This option, similar to live chat support, is very convenient for consumers, but this option allows the IT support representative to access your computer remotely. This is helpful, as you do not need to try and explain the problem or try to fix it based on instructions given. They will be able to determine your issue and most times can correct the problem.

Traditional

you always have the option of traditional repair services. You can choose to bring your computer to the repair shop, or sometimes, they offer in-home repair. Even with the two options mentioned above, you still may need to have traditional repair service completed. If the problem you are experiencing is unfixable via chat and remote sessions, you may need to resort to old-fashion PC repair shops.

itsupportirvine


There is also support software that you can purchase, which has different purposes and can be purchased with different features. This is a fairly new concept and not widely accepted by many people, therefore, the support options mentioned above are the most prevalent. No matter what kind of PC support you need or what problem you are having, there is an option available to meet your needs. Businesses and individuals alike will at some point need PC support. Knowing your options, will make the process easier and hopefully have you back up and running in no time.

Read more...

Data Backup and Recovery

 

Although computers are well-developed systems with capacity to store large amounts of data, they are susceptible to data loss resulting from virus damage, crashing and corruption of files or theft. Also, networked systems may lose data due to errors in connections between computer systems and hacking. Since data is a crucial asset for any business, it must be well-leveraged.

A data backup and recovery solution can be an effective tool for ensuring your data is safe and secure. The program enables users to choose the type of service or application to use without the concern of losing important data. Various organizations use different methods to support their data base system; which have diverse pros and cons attached to them. Backup systems use application proxies and shared service to keep data intact in the event of any errors that may occur to the computer system or connections. In case of error, the data backup and recovery program configures the system back to its original setting and restores any important files. An effective data backup and recovery solution requires sufficient storage space in order to accommodate the large amount of data to be recovered and requires a certain level of knowledge in IT support to ensure this is completed successfully. This is known as a data repository model and entails the transfer of data from one system to another while preserving its state, and protecting it from loss or damage. Any data backup and recovery solution incorporates an effective data repository model. This model is mainly used as a system for storing information and files—computers, hard disk and other related devices.

A data repository model may also include other registers that contain Meta data such as storage devices, scanners, papers and other computerized catalogues. These types of devices can store lots of information which can easily get lost or damaged. The data contained in these devices can be copied and used elsewhere. It is therefore crucial to create a differential back up that consists of different files and folders. The Data repository model also uses a reversed delta system that is capable of reversing information between different systems. Further there are some computers which are built with full back up system which can recover without another important element of data repository device is the full back up system that is designed to allow entire PC to recover without installation of operating system, application software and data.

Virtual tape libraries (VTLS) are common data backup and recovery solutions that are very popular with educational institutions. Such systems are admired due to their capability to update without reconfiguration. Nevertheless, they are susceptible to attack and infiltration from cyber criminals. VTLs are risky because valuable data may be lost or user identity may be stolen, causing infringement of people’s identity and privacy. Data backup and recovery solutions offer both security and protection from loss of data as well as the capability to restore the data to its initial state in accidentally deleted or altered. Before choosing an appropriate data backup and recovery system, an organization must clearly understand its data needs and the requirements that support such a system.

Read more...

Contact us at 877-794-3811 or [email protected] for Professional IT Support

get in touch