10 Cybersecurity Tips for Your Small Business

If you run a small business, you have a responsibility to your employees and customers. Your employees rely on you to provide them with a steady paycheck in exchange for all their hard work, and your customers rely on you to provide top quality products and

services.

Your customers also expect you to keep their personal data safe, from the credit cards they use to make their payments to the names and addresses they provide. If you run a small business, you have a responsibility to those customers, and you need to take cybersecurity very seriously.

It seems sometimes that not a day goes by without another data breach, and many of those intrusions are aimed squarely at the small business community. If you want to protect your business and its data, start by building these cybersecurity tips into your daily operations.

  • Train all employees on the importance of cybersecurity, including the security of their personal devices. Continue their education with regular refreshers and warnings about current cyberattacks.
  • Set up a separate Wi-Fi network to let workers and guests connect their smartphones and other handheld devices. Personal devices can be a weak link in the security chain, so keeping them off the corporate network improves your overall protection.
  • Use strong spam filters and check their accuracy regularly. Many cyberattacks originate with infected emails.
  • Consider turning off clickable links in incoming emails, at least for emails that originate outside the company.
  • Establish a strong firewall and keep it updated. Whether you use a software firewall, a hardware device or a combination of both, your firewall is your first line of defense against cyberattacks.
  • Test your backups on a regular basis by doing dummy restores. Your cybersecurity and ransomware defense is only as good as your latest backup, and it is important to know where you stand.
  • Keep every device on your network, from network attached storage devices like external hard drives to the servers in the data room to the computers on the desks, up to date with the latest security patches. Make sure your operating systems and software packages are up to date, and do spot checks to make sure the recommended updates are being applied.
  • Stay abreast of end dates for software support. When support for a given operating system or software package ends, so do the security updates. Always have a plan in place to update your operating systems as the support end dates approach.
  • Consider outsourcing your IT operations to a third party. It can be hard for small business owners to keep up with the never-ending security requirements, and outsourcing those tasks can improve safety and give those owners one less thing to worry about.
  • Give employees only the access they need. Insider threats run the gamut, from the unintentional sharing of proprietary information to the deliberate theft of company secrets. Following the least access policy can minimize these dangers.

Running a small business is hard, and keeping your customer data safe can be even more challenging. The threats to data security are not going away – if anything they are ramping up with every passing day. Small businesses are increasingly the targets of sophisticated hacking attempts, ransomware attacks and other online threats, and it is easy for your own business to be caught unaware. Building cybersecurity into your daily operations is the best way to protect yourself, starting with the 10 security pointers listed above.


10 Ways Nonprofit Agencies Can Enhance the Privacy of Their Data

Data breaches are nothing new, and they are no longer confined to for-profit businesses. More and more nonprofit agencies are finding their data compromised, leaving their donors, volunteers and the people they serve vulnerable to identity theft and other serious ramifications.

There are several reasons that nonprofit agencies are increasingly becoming the targets of hackers and the writers of ransomware. One of the most significant reasons for the targeting is the perception that nonprofit agencies often lack the sophistication to protect their data adequately, and there is some truth to this assertion.

Nonprofit agencies often run on shoestring budgets, with little money left over for IT staff or outsourced data monitoring. For many years, some nonprofits have treated security as an afterthought, but these days no one can afford to be blasé about protecting the integrity of their information.

If you run a nonprofit agency or work for one, you need to take a proactive approach to data security. Here are 10 things you can do right now to protect your donors, your customers and the data with which you are entrusted.

  • Collect only the information you need. Whether you are collecting money from donors, working with the people you serve or bringing new volunteers onboard, minimize the amount of data you collect.
  • Recruit volunteers with solid technical skills. Having volunteer staff with up-to-date technical skills is a great way to protect your data without interfering with the good work you do.
  • Store sensitive information offline. If you must store Social Security numbers, credit card data and other confidential information, keep it in an offline database.
  • Provide employees and volunteers with the least necessary amount of access. Giving staff members access to only the information they need to do their jobs reduces the chance of data leakage and helps keep everyone safe.
  • Train your employees and volunteers on security best practices. Provide each new worker or volunteer with data security training, and hold regular sessions to remind them how important it is to keep the firm’s data safe.
  • Install a quality email filter and check it regularly. A good spam filter can reduce the chances of email-based phishing attempts and data breaches.
  • Filter internet traffic as well. Just loading a compromised website could put the security of the entire network in danger, and a good filter is your first line of defense.
  • Turn on automatic updates for all your connected equipment. Keeping your software up to date is an essential part of data security for nonprofits.
  • Schedule an annual security test for your network. Intrusion testing should be an integral part of your data security, and a yearly review will give you, and your customers, peace of mind.
  • Require strong passwords for website access. Online access can make it easier to give donations to the nonprofit, but weak passwords can put those donors at risk. By requiring a secure password for the nonprofit website, you force everyone who logs on to take their security seriously.

Nonprofit agencies face significant challenges when keeping their data safe. From the assumption of weak security to the reality of stretched budgets, these difficulties can create real problems. By taking a proactive approach to the safety of your donor, volunteer and customer data, you can enhance data security and make a data breach far less likely.


What You Need to Know About Ransomware

ransomware protection with Elevated Tech

Social media is full of scare stories about ransomware and the damage it can do to businesses and personal users. However, taking a few precautions and planning ahead can minimise the potential for damage. Understanding what ransomware is and how it works enables you to protect your computers and important files. Here’s what you need to know about ransomware.

Ransomware

Ransomware is an increasingly prevalent form of malicious software (malware) that works by blocking access to files, folders or whole devices. Once cybercriminals have taken control of your system, they can demand a ransom to restore your files. Ransom payments are usually made with cryptocurrency, although credit cards, PayPal and even cash payments are sometimes used.

Types of Ransomware

Encryption ransomware works by encrypting individual files or folders so that you can only access them with a special code or encryption key. With this type of ransomware, you should still be able to use your computer and any unaffected files.

Screen lockers work by blocking access to your entire computer. If your computer has been infected with screen-locking ransomware, you will see a full-size window covering the whole screen. This window will contain instructions for making the ransom payment. The message on the lock screen may claim that your computer has been locked due to suspicious or illegal activity and will often appear to come from an official source, such as law enforcement or legal departments.

Another common type of ransomware is the security scam, which starts by displaying a pop-up window that appears to come from your antivirus or security software. The window may claim that your computer is infected with a virus and the only way to remove it is to make a one-off payment for a special removal tool.

File encryptors, screen lockers and security scams are the most common forms of ransomware, but there are new types being developed all the time.

Sources of Ransomware

Ransomware can come from a number of sources, including email attachments, infected websites and malicious advertisements. Spam emails containing attachments or links to malicious websites are among the most common causes of malware infections. Links in social media posts, online forums and even messaging apps can also direct users to infected websites.

Malicious advertisements can contain code and webpage elements that distribute ransomware and other malware to unprotected computers. These advertisements are automatically loaded when you visit particular websites, which means that your computer can be infected with malware even if you don’t click on the advertisement or link. Browser add-ons, infographics, program installation files and many other files downloaded from the Internet can also contain malware.

Protecting Against Ransomware

Staying vigilant and being cautious when opening email attachments, clicking on links and downloading files from the Internet will significantly reduce the risk of ransomware infection, but there are other things you can do to increase security and protect your computer from malware. Installing a security suite and antivirus software is essential for any computer or device with access to the Internet.

Most operating systems and browsers provide extra security settings to increase online safety. However, the best protection against ransomware is to make regular backups of all your files. If you keep up-to-date backups of your data, you will be able to restore any files encrypted by the ransomware.

Ransomware Infection

If your computer is infected by ransomware, you can try using decryption tools to recover encrypted files. You can also try using software available from trusted security companies to regain access to a locked computer. However, these tools are not effective for some types of ransomware. Often, the best solution is to wipe the hard drive and reinstall the backup files. Security experts advise users never to pay the ransom, as there is no guarantee that cybercriminals will restore the files.

Finally, you should report any ransomware attacks to the relevant authorities in your country, as this helps security experts to design tools to protect against this ongoing threat.


Five Online Scams to Watch for in 2018

scam alert

Online scammers never rest. They always find new ways to trick people. You must be vigilant. If you are active online, it is important to stay educated about the scammer’s methods. Here are five scams to watch out for in 2018.

Netflix Phishing Scam: Netflix has a customer base of over 100 million users. That makes it a frequent target of scammers. Some users have received an email asking them to update their billing information before their membership is suspended. If you receive such a message, be cautious. It is always risky to follow links in an email. Before updating your information with Netflix, go directly to the official website and log in from there.

Google Chrome Browser Freeze: Google Chrome is the most widely used browser, which makes it a frequent target of scammers. Upon visiting certain infected websites, Google Chrome will begin to download thousands of files. Soon after, your Chrome browser is likely to become unresponsive. Next, you receive a pop-up with a toll-free number to a fake technical support line.

This malware spreads through the use of infected ads on reputable websites, so using an ad blocker will prevent most attacks. Make sure that your computer’s virus protection is up-to-date. If your browser freezes, you can still close Chrome through the task manager by selecting Control-Alt-Delete on your keyboard.

New 2018 Microsoft Phishing Scam: Many Microsoft Hotmail, Live, and Outlook users have received fraudulent emails claiming that their account will be frozen if they don’t update to 2018 Microsoft. If you follow the link in the email, you are asked to enter your username and passwords. If you do as the scammers request, they will have access to your login information and can take control of your Microsoft-related accounts.

If you receive this message, go to Hotmail, Live, or Outlook directly. After you log in to your account, you will receive instructions if there are indeed any problems. Remember: don’t ever follow a link in a suspicious email.

FedEx Parcel Scam: Many FedEx users have received phishing emails with a subject line stating “FedEx: Delivery Problems Notification”. The scammers have created an email template almost identical to FedEx’s official email template, so beware. If the email asks for information about credit cards, invoices, or account numbers, it is not a genuine email from FedEx. If you have any questions about your FedEx account, go directly to the FedEx website and log in from there.

$1,000 Amazon Gift Card scam: This scam has been around for years, and is still a problem in 2018. Infected ads at reputable websites install adware that shows pop-ups. Once infected with the adware, you will receive a message claiming you have won a $1,000 Amazon gift card. If you click the pop-up, it takes you to a short survey. After you complete the survey, you are asked to provide personal information, such as banking details and contact information.

Never click any pop-ups that claim you have won an Amazon gift card.

Online scammers are very creative, continually developing new tools and methods. But the criminal’s best weapon always remains the same: exploiting user complacency. Even if you know the site is reputable, be suspicious when you receive emails and pop-ups. If you have a question about one of your accounts, go directly to the website and log in. Don’t ever follow a link in an email unless you are 100% certain it is authentic. Keep up-to-date on the latest scams. Be smart and stay safe.  Contact Elevated Tech today for user awareness training!


Dark Web Monitoring Is Here!

 

Elevated Technologies Now Delivers Dark Web Monitoring Services through ID Agent Partnership

 Elevated Technologies Offers Monitoring and Alerting of Stolen Digital Credentials, Increasingly Valuable Asset on Dark Web

 Houston, TX – January 30, 2018 – Elevated Technologies announced its new Dark Web monitoring services provided through its partnership with ID Agent, provider of Dark Web monitoring and identity theft protection solutions. With Dark Web ID, Elevated Technologies offers around the clock monitoring and alerting for increasingly compromised digital credentials, scouring millions of sources, including botnets, criminal chat rooms, peer-to-peer networks, malicious websites, bulletin boards and illegal black market sites.

“With the security landscape ever changing and more small / medium size businesses are being targeted, a partnership with ID Agent was a must.  They add a robust Dark Web monitoring solution to our new Cyber Security department Elevated Cyber Security.  This new department is solely focused on a vast amount of security services for the SMB community.  We welcome ID Agent onboard and look forward to a great business partnership assisting the Elevated family.” said Jason Rorie, Founder of Elevated Technologies.

The Dark Web is made up of various digital communities, and while there are legitimate purposes for the Dark Web, it is estimated that over 50 percent of all sites on the Dark Web today are used for criminal activities, including the disclosure and sale of digital credentials.

“Digital credentials such as usernames and passwords are widely used to connect to critical business applications – the reason these credentials are among the most valuable assets found on the Dark Web,” said Kevin Lancaster, CEO of ID Agent. “Unfortunately, the unaffordability of cyber offerings has played into the cyber poverty line experienced by small businesses. Dark Web ID, however, delivers an affordable model that provides small businesses with the same advanced credential monitoring capabilities used by Fortune 500 companies to organizations in the SMB and mid-market space.”

Dark Web ID is the industry’s only commercial solution available to detect customers’ compromised credentials in real-time on the Dark Web. It vigilantly searches the most secretive corners of the Internet to find compromised data associated with your customers’ employees, contractors and other personnel, and notifies them immediately when these critical assets are compromised. There are a few competitors in the market but none completely focused on the Dark Web as ID Agent’s solution.

About ID Agent

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions to private and public sector organizations and to millions of individuals impacted by cyber incidents. The company’s flagship product, Dark Web ID, combines human and sophisticated Dark Web intelligence with capabilities to identify, analyze and monitor for compromised or stolen employee and customer data, mitigating exposure to clients’ most valuable assets – their digital identity. From monitoring your organization’s domain for compromised credentials to deploying identity and credit management programs in order to protect the employees and customers you serve – ID Agent has the solution. For more information, visit: http://www.idagent.com or go to LinkedIn, Twitter or Facebook.

About Elevated Technologies

If you want more from your IT support company and are in need of a robust system to solve even your most challenging technology problems, your solution starts with Elevated Technologies. With Houston’s most advanced team of IT support experts and one-of-a-kind IT solutions, even your most challenging technology problems are no match for Elevated Tech. Our team of IT support experts implement advanced technology strategies, leveraging IT as a competitive advantage. Our mission is to create a personal, trusting relationship with every client in order to serve each business to the fullest.


Things Every Business Should Check After a Disaster

Disasters happen—storms rage, lightning strikes, and, as all Houstonians now know, hurricanes devastate. But if there’s one thing we also know is that cities recover. So, in the days and weeks following Hurricane Harvey as you return to work, you may find yourself walking back into your office wondering what you’ll come back to, unsure of where to even begin.

Elevated Tech makes it simple for you. Here are the things every business should check after a natural disaster like Hurricane Harvey.

One of the most common dangers of a hurricane is flooding, and it’s the first thing you should check for when you walk into your office. If the carpet is wet, or smells as if it once was, you’ll want to see if any devices that had contact with the ground or were left on the ground are also wet. (Tip: if you know a storm is coming, always put devices and cords up high to avoid water damage).

Once you have checked the floor, wiring, and devices that could have been affected by flooding, you want to move on to checking the second most common problem with any storm: power outages.  You’ll want to check and see if the servers or computers were forced to go down temporarily. Can all of them power on again? Sometimes improper or forced shutdowns can cause computers to fail at rebooting properly, and this can also lead to data loss due to corruption.

Finally, you should test all your systems to ensure that they are working as expected. You should check: wireless connection, printing, server access, etc. Any systems that aren’t working should be fixed immediately to ensure the productivity of your office and business.

So now you have all of this information—what do you do with it? Many businesses turn to MSPs like Elevated Tech after a disaster in order to get assistance at a fast and reasonable price.  You may be unsure of how much information to cover when introducing your problems to new support.

It’s best to answer these three questions: “What is happening, what isn’t happening, and what steps were taken to figure it out?”

If your business needs help after Hurricane Harvey, contact Elevated Tech with this information to ensure a fast and reliable network diagnosis that will get your business on the road to recovery. Harvey may have caused some damage, but it’s nothing that Elevated Technologies cannot handle.

 

 

 


Don’t Let Hurricane Harvey Cloud Your Business

With Hurricane Harvey reminding us how quickly our resources can be ripped away from us, businesses all over the city are scrambling to keep on track while the streets continue to flood. Many employees will be working from home for days or even weeks—if they can. The rest are down for the count. The question that everyone seems to be asking is: How could we have prepared for this?

The answer: The cloud. With the cloud, your employees can work from home with full access to all their files 24/7 365 days a year—even in the middle of a disaster.

How?

Cloud storage providers such as Elevated Technologies give you a remote data center, where it manages the infrastructure, servers, and virtualization of your data, and you simply access your virtual files using the internet, giving you access anywhere, anytime.

With the cloud regularly backing up your important files and allowing your employees to work from anywhere in the world, your business can be prepared for the worst and maintain efficiency and productivity as much as possible.

Disaster recovery plans are also imperative for protecting your most valuable information. Does your IT support offer full cloud solutions and disaster recovery plans? The answer to this question could mean the difference between hundreds of corrupted files while your employees are left without work for weeks, or the security of your data and your business’ productivity.

Be the company that was one step ahead and endured the storm. Contact Elevated Tech today to ensure that your data is always safe and secure—even in the middle of a hurricane.

 


Disaster Recovery

 

A disaster is any accident or event that causes great damage or loss. A disaster can be a flood, sudden loss of power, physical damage, or any natural or human-induced disaster. Many businesses do not have a backup plan or disaster recovery plan in place. Some companies who have backup plans often backup to an on-site location. On-site backup is fine as long as there are no major accidents. If your backup is on-site and a flood occurs, all of your information could potentially be lost. This is why it is crucial to have a disaster recovery plan and a backup plan in place. Disaster recovery (DR) involves a set of policies and procedures to enable the recovery of vital technology infrastructure and systems following a natural or human-induced disaster. Data recovery focuses on the technology systems supporting critical business functions which involve keeping all essential aspects of a business functioning despite significant disruptive events. Elevated Technologies can provide your company with disaster recovery services that will protect your data through cloud based storage and recovery. Our cloud backup services are off-site and automatically backup as frequently as your business needs it, even if it is every 15 minutes. With our backups, the off-site replication is constantly monitored. If there is a problem that arises, you are alerted. Elevated Technologies provides you with a monthly report to let you know that your data is safe. In the event of a disaster, your downtime with be minimized with faster restore times. This ensures that you can access your most critical data that impacts your day-to-day operations. A disaster recovery plan makes the difference between losing everything or having a temporary headache. With a secure disaster recovery plan manager by Elevated Technologies, you never have to worry about recovering from a disaster.