Remote Monitoring and Maintenance Keeps Your Business In Business

Depending on your business’ setup, you might have an in-house IT department that manages any of your technological assets, or you might have an outsourced vendor that you prefer to work with. Regardless, you know that as a business owner, you don’t have time to worry about managing IT–especially if you’re a small organization that has a limited budget and a limited workforce to do the work.

Internal IT departments may resolve an issue in a particular way, but that’s only if you can afford to hire an internal IT department. If you are like many other small businesses, you might find that outsourcing is a more viable approach to IT maintenance and management. There’s nothing to be ashamed of–outsourcing is great for a lot of reasons.

For an example, consider the difference between short-term spending and long-term spending. Short-term means that you get instant gratification in most cases, whereas long-term spending means that you’re investing in the future. In this instance, support costs are more effective when they have the long-term mindset. The reason for this is that you ultimately minimize any damage done to your systems, as well as any costs associated with those damages, by preventing them from happening in the first place. This is accomplished through a remote monitoring and management agent.

Remote monitoring and management, or RMM, allows managed service providers to handle most issues regarding your technology without an on-site visit. Using our agent, we can monitor your network’s resources to ensure that everything is flowing as efficiently as possible, as well as notice any security updates that need to take place before your weaknesses are taken advantage of by a hacker. We can even remotely deploy patches and security updates to each of your workstations, server units, and network devices to ensure that nobody can take advantage of your security discrepancies easily.

The main advantage of utilizing a RMM is that it requires little to no actual hands-on work from your in-house workforce. It’s handled exclusively by your outsourced managed service provider. In this way, it’s almost like an automated solution all on its own. We can handle most issues that your business runs into in such a way that you won’t even notice problems until they’re already resolved. This lets your business focus primarily on its own operations without being hindered by IT troubles, but more than anything else, it makes service accessible when it’s needed–not when it’s most convenient for an on-site visit.

While some issues might still need an on-site visit to resolve, we try to keep those to a minimum–not because we don’t want to travel to help you, but because your company benefits most from swift, prompt service. To learn more about KiteTech’s remote monitoring and management solution, reach out to us at 855-290-KITE.

 

Malware Moves to Office 365

Another day, another scam!  This one is aimed directly at your Office 365 mailbox!

Our partner, KnowBe4, has released a video showing proof of a concept social engineering attack that would allow a hacker to remotely encrypt your entire Office 365 mailbox in a matter of minutes.  The attack works like this:

You receive an email claiming to be an enhancement to your spam filtering.  Clicking the link prompts you to sign in to Office 365 and grant the new spam filter access to your mailbox.  Shortly after that, you’ll see your emails encrypt right before your eyes.

 

If you want to see the hack in action, you can check it out here: https://youtu.be/VX59Gf-Twwo

This attack takes advantage of Microsoft’s lack of a verification process for apps that access Office 365, so it’s very simple to replicate and deploy.  You’ll certainly be seeing this one in the future!

Social Engineering is the process of attempting to trick a person into allowing an attacker to gain access to confidential information, often by compromising security credentials.  Ready for some fun facts?

  • In 2016, 65% of enterprises were the victim of a Social Engineering attack.
  • 66% of the malware came from malicious email attachments

So, the big question:  What can you do to protect yourself?  Well, there are three key things that will go a long way towards improving your defenses!

 

1:  Tune Your Spam Filter

It’s not enough to just deploy a spam filtering and call it a day.  You need to make sure you’re taking advantage of all of the features it has to offer, such as language filtering, anti-spoofing, and country-based filtering.  In 2017, we blocked almost 25 MILLION spam messages for our clients!

 

2: Know Your Enemy

Education on how to identify threats, known as Security Awareness Training, is a crucial part of any Cybersecurity Program.  We recommend that all staff with computer logins regularly receive training that helps them identify and deal with suspicious emails and phone calls.  This training should be followed up with regular testing, to ensure you’re providing the right training to the right people.

We chose to partner with KnowBe4 because they do both!  Their package provides an easy and effective way to keep track of both your training and testing initiatives.  For a small monthly cost, you gain visibility into your network’s weakest link.

 

3: Have A Backup Plan

Office 365 has some built in recovery options, but most are tuned towards protection from human error, not malicious attacks.  If you’re relying solely on Microsoft’s built-in recovery options, you’re leaving yourself open.  Bolstering Microsoft’s options with a cloud-based backup strategy is critical to quickly recovering from an incident.

A Cloud Backup Solution can provide cloud-based backups of email, OneDrive, and Sharepoint deployments.  With one click, we can recover an entire mailbox that’s been compromised!

There are plenty of other methods to enhance your security, such as multi-factor authentication and mobile device management, but if you implement the three strategies outlined above, you’ll be well on your way to a safer experience!

Tip of the Week: Protecting Your Company from Invoice Impersonation

While you should be sure to keep yourself apprised of threats, it could be argued that it is even more important for your employees to be aware of them. After all, they are the ones utilizing your business’ workstations, software solutions, and even Internet-based apps to facilitate their daily duties. You need to make sure that your employees are able to spot attacks and react to them properly.

While many of today’s employees do have to undergo some sort of security training as part of their employment, the increased sophistication of these attacks makes them more difficult to spot; and, subsequently, harder to react to. One of the most common ways that this occurs is through invoice impersonation attacks. These attacks send customized emails under an assumed name–usually one that is a real-world contact–that includes a link to an online invoice, where the user can download the invoice.

Instead of downloading the invoice, the victim downloads malware to their device. Ransomware is often spread in this fashion, hoping that the victims will download the invoice in a state of panic, wondering what in the world they are being billed for.

Warning Signs

To keep yourself from being tricked by an invoice impersonation attack, or any other type of phishing email, the best route is to provide training and remain aware of the warning signs.

One of the most common ways a hacker will take advantage of email is by sending a message demanding payment, with a link to make things convenient for the user to do so. The problem with email is that the user is forced to take it on good faith that the message comes from the proper recipient. If it were a phone call, you might recognize that the voice is different from whoever should be calling, and if it were a handwritten message, you might notice a discrepancy–but with a message with no identity, it gets considerably more difficult to identify a falsified message.

If you ever receive an email claiming to be from someone who needs a payment from you, there’s a good chance that the link leading to a “payment portal” is just a link to a ransomware program or other type of threat.

Securing Your Business

Phishing attacks naturally rely on the victim trusting the impersonation, so you can take advantage of this opportunity to sow the seeds of distrust–that is, to train your employees to identify emails and distrust anything suspicious that they receive in their inboxes. Your employees should always be wary of risk factors, but they should also attend regular training sessions that test how much they remember about cybersecurity best practices.

You can also take it one step further by implementing spam filters, malware blockers, and other security solutions designed to prevent infections in the first place. If you minimize the chances that your employees are exposed to threats in the first place, they are less likely to make a mistake that has great ramifications for your network security.

Kite Technology can equip your business with enterprise-level security solutions designed to augment and maintain network security for small businesses. To learn more about how you can manage the risk associated with security threats, reach out to us at 855-290-KITE.

 

VR and AR Made a Scene at CES 2018

The International Consumer Electronics Show (CES) is designed to showcase new technology and products to the world, with a focus on industry professionals and companies that want to showcase their latest projects. The show, which was held in Las Vegas in January, saw the introduction of many consumer products, but the ones that showed off new virtual and augmented reality capabilities made a considerable impact on attendees.

Hype has been building over VR and AR for years now; hype which has failed to meet the considerable expectations placed on the technologies. It turns out that these innovators are coming up with valuable new ways in which to leverage these rather complex technologies.

Virtual Reality

Even now, virtual reality is a huge deal. Manufacturers are still finding ways to develop both hardware and software for it specific use. However, the problem that developers are finding is that VR has taken too central of a role in the entertainment industry compared to its more practical or business-oriented purposes. In the future, manufacturers are hoping to create valuable applications for the technology to keep the demand high.

In an article for Forbes, Charlie Fink showcases that VR will most certainly show a profit, but the market is still only at around $2 billion per annum. Judging from previous trends set by color TV, VCR, PC, cell phones, and the Internet, it’s not beyond the realm of possibility that the standard consumer will see VR as a worthwhile investment before too long. However, Fink points out that “…before VR companies can understand how consumers want to spend, they need to cater to how consumers want to consume.”

Even though it’s not as profitable as other technologies at the moment, VR had a huge presence at CES. New technologies in VR ranged from novelty to necessity, including the HTC Vive Pro and an analytical tool called Looxid. Looxid allows for marketers and analysts to track eye movement and brain activity during use, providing information that should improve the way businesses understand consumers. For a more practical tool, the Meshroom VR headset can turn CAD drawings into legitimate 3D prototypes that can be effective for the use of architecture or engineering.

Regardless, even though VR has been around for quite some time, it is still a developing and volatile technology. It’s clear that it will be worth the investment in the near future–particularly when more useful applications are developed that can take advantage of it.

Augmented Reality

Compared to virtual reality, augmented reality is a bit more tame and less of an attention-grabber. Instead of transporting the user to a virtual world, augmented reality adds virtual elements to your surroundings. The easiest example to help explain this technology is to add a top-down overlay interface to your field of vision, allowing for the viewing of information or analytics at a glance. Yet, AR has found plenty of use in the real world already, from statcasts in the sports world to smartphone games like Pokémon Go. Some developers, like Google and Apple, have invested considerably in the creation of augmented reality applications, and it’s only going to improve in popularity as more companies create effective ways of leveraging AR.

At CES 2018, AR was a prominent force. Manufacturers are finding new and improved ways to take advantage of displays. Some of the more notable products include Vuzix Smart Glasses with Alexa–much like Google Glass, but with Amazon’s Alexa built into it. WinRay’s AR windshield is another device you should keep your eye on. This windshield can display directions, roadside information, and even basic car functions. Even Apple’s iOS 11 comes with built-in AR.

 

Tip of the Week: Protecting Your Mobile Device in 2 Easy Steps

3d cubes

Mobile devices are one of the greatest tools available for business use today. However, because society has come to rely so much on mobile devices, these devices have become a treasure trove for cybercriminals to obtain information from. For this week’s tip, we’ll go over some simple ways to protect yourself from such threats.

Do You Really Need to Connect?

Wi-Fi and Bluetooth connectivity give our phones a heightened level of utility, but this benefit can also come with severe risks. Mobile devices, for the sake of simplicity and convenience, are ready and willing to connect with any Wi-Fi or Bluetooth signal they can. Unfortunately, this puts them at risk of being hijacked by any threat that may be lurking on the signal.

To mitigate this risk, make sure that you aren’t connecting to Wi-Fi or Bluetooth signals that aren’t secure and trustworthy. In fact, when not using them, keep these connections disabled just in case.

The same goes for public charging stations. These can also be used to spread threats, so it is better to rely on a portable charger or a wall outlet to power your device.

Furthermore, if you are connecting to something, make sure you aren’t sharing more than you need. For instance, if you need to rent a car while on a business trip, there’s nothing wrong with using Bluetooth to make hands-free calls. However, if prompted, there is no reason to sync your contacts with the car’s storage, effectively handing them to the next person that rents that car. Being cautious as you connect will only help you to stay safe in the long run.

Keep it Locked Up

The contents of your phone shouldn’t be available to just anyone who picks it up. Whether you have access to sensitive business information through the device, or you have apps that help you manage the rest of your life, your information is at risk unless you have protections in place to keep it safe.

The simplest way to do so is to leverage the phone’s built-in security features. Whether your phone accepts PIN numbers, passcodes, or a pattern set it up so that only you know how to open it. Furthermore, with more devices today leveraging biometric and facial recognition technology, there are other means for you to secure your mobile device.

Security is a crucial consideration to keep in mind, whenever you’re using a mobile device.