10 Cybersecurity Tips for Your Small Business

If you run a small business, you have a responsibility to your employees and customers. Your employees rely on you to provide them with a steady paycheck in exchange for all their hard work, and your customers rely on you to provide top quality products and

services.

Your customers also expect you to keep their personal data safe, from the credit cards they use to make their payments to the names and addresses they provide. If you run a small business, you have a responsibility to those customers, and you need to take cybersecurity very seriously.

It seems sometimes that not a day goes by without another data breach, and many of those intrusions are aimed squarely at the small business community. If you want to protect your business and its data, start by building these cybersecurity tips into your daily operations.

  • Train all employees on the importance of cybersecurity, including the security of their personal devices. Continue their education with regular refreshers and warnings about current cyberattacks.
  • Set up a separate Wi-Fi network to let workers and guests connect their smartphones and other handheld devices. Personal devices can be a weak link in the security chain, so keeping them off the corporate network improves your overall protection.
  • Use strong spam filters and check their accuracy regularly. Many cyberattacks originate with infected emails.
  • Consider turning off clickable links in incoming emails, at least for emails that originate outside the company.
  • Establish a strong firewall and keep it updated. Whether you use a software firewall, a hardware device or a combination of both, your firewall is your first line of defense against cyberattacks.
  • Test your backups on a regular basis by doing dummy restores. Your cybersecurity and ransomware defense is only as good as your latest backup, and it is important to know where you stand.
  • Keep every device on your network, from network attached storage devices like external hard drives to the servers in the data room to the computers on the desks, up to date with the latest security patches. Make sure your operating systems and software packages are up to date, and do spot checks to make sure the recommended updates are being applied.
  • Stay abreast of end dates for software support. When support for a given operating system or software package ends, so do the security updates. Always have a plan in place to update your operating systems as the support end dates approach.
  • Consider outsourcing your IT operations to a third party. It can be hard for small business owners to keep up with the never-ending security requirements, and outsourcing those tasks can improve safety and give those owners one less thing to worry about.
  • Give employees only the access they need. Insider threats run the gamut, from the unintentional sharing of proprietary information to the deliberate theft of company secrets. Following the least access policy can minimize these dangers.

Running a small business is hard, and keeping your customer data safe can be even more challenging. The threats to data security are not going away – if anything they are ramping up with every passing day. Small businesses are increasingly the targets of sophisticated hacking attempts, ransomware attacks and other online threats, and it is easy for your own business to be caught unaware. Building cybersecurity into your daily operations is the best way to protect yourself, starting with the 10 security pointers listed above.


10 Ways Nonprofit Agencies Can Enhance the Privacy of Their Data

Data breaches are nothing new, and they are no longer confined to for-profit businesses. More and more nonprofit agencies are finding their data compromised, leaving their donors, volunteers and the people they serve vulnerable to identity theft and other serious ramifications.

There are several reasons that nonprofit agencies are increasingly becoming the targets of hackers and the writers of ransomware. One of the most significant reasons for the targeting is the perception that nonprofit agencies often lack the sophistication to protect their data adequately, and there is some truth to this assertion.

Nonprofit agencies often run on shoestring budgets, with little money left over for IT staff or outsourced data monitoring. For many years, some nonprofits have treated security as an afterthought, but these days no one can afford to be blasé about protecting the integrity of their information.

If you run a nonprofit agency or work for one, you need to take a proactive approach to data security. Here are 10 things you can do right now to protect your donors, your customers and the data with which you are entrusted.

  • Collect only the information you need. Whether you are collecting money from donors, working with the people you serve or bringing new volunteers onboard, minimize the amount of data you collect.
  • Recruit volunteers with solid technical skills. Having volunteer staff with up-to-date technical skills is a great way to protect your data without interfering with the good work you do.
  • Store sensitive information offline. If you must store Social Security numbers, credit card data and other confidential information, keep it in an offline database.
  • Provide employees and volunteers with the least necessary amount of access. Giving staff members access to only the information they need to do their jobs reduces the chance of data leakage and helps keep everyone safe.
  • Train your employees and volunteers on security best practices. Provide each new worker or volunteer with data security training, and hold regular sessions to remind them how important it is to keep the firm’s data safe.
  • Install a quality email filter and check it regularly. A good spam filter can reduce the chances of email-based phishing attempts and data breaches.
  • Filter internet traffic as well. Just loading a compromised website could put the security of the entire network in danger, and a good filter is your first line of defense.
  • Turn on automatic updates for all your connected equipment. Keeping your software up to date is an essential part of data security for nonprofits.
  • Schedule an annual security test for your network. Intrusion testing should be an integral part of your data security, and a yearly review will give you, and your customers, peace of mind.
  • Require strong passwords for website access. Online access can make it easier to give donations to the nonprofit, but weak passwords can put those donors at risk. By requiring a secure password for the nonprofit website, you force everyone who logs on to take their security seriously.

Nonprofit agencies face significant challenges when keeping their data safe. From the assumption of weak security to the reality of stretched budgets, these difficulties can create real problems. By taking a proactive approach to the safety of your donor, volunteer and customer data, you can enhance data security and make a data breach far less likely.


What You Need to Know About Ransomware

ransomware protection with Elevated Tech

Social media is full of scare stories about ransomware and the damage it can do to businesses and personal users. However, taking a few precautions and planning ahead can minimise the potential for damage. Understanding what ransomware is and how it works enables you to protect your computers and important files. Here’s what you need to know about ransomware.

Ransomware

Ransomware is an increasingly prevalent form of malicious software (malware) that works by blocking access to files, folders or whole devices. Once cybercriminals have taken control of your system, they can demand a ransom to restore your files. Ransom payments are usually made with cryptocurrency, although credit cards, PayPal and even cash payments are sometimes used.

Types of Ransomware

Encryption ransomware works by encrypting individual files or folders so that you can only access them with a special code or encryption key. With this type of ransomware, you should still be able to use your computer and any unaffected files.

Screen lockers work by blocking access to your entire computer. If your computer has been infected with screen-locking ransomware, you will see a full-size window covering the whole screen. This window will contain instructions for making the ransom payment. The message on the lock screen may claim that your computer has been locked due to suspicious or illegal activity and will often appear to come from an official source, such as law enforcement or legal departments.

Another common type of ransomware is the security scam, which starts by displaying a pop-up window that appears to come from your antivirus or security software. The window may claim that your computer is infected with a virus and the only way to remove it is to make a one-off payment for a special removal tool.

File encryptors, screen lockers and security scams are the most common forms of ransomware, but there are new types being developed all the time.

Sources of Ransomware

Ransomware can come from a number of sources, including email attachments, infected websites and malicious advertisements. Spam emails containing attachments or links to malicious websites are among the most common causes of malware infections. Links in social media posts, online forums and even messaging apps can also direct users to infected websites.

Malicious advertisements can contain code and webpage elements that distribute ransomware and other malware to unprotected computers. These advertisements are automatically loaded when you visit particular websites, which means that your computer can be infected with malware even if you don’t click on the advertisement or link. Browser add-ons, infographics, program installation files and many other files downloaded from the Internet can also contain malware.

Protecting Against Ransomware

Staying vigilant and being cautious when opening email attachments, clicking on links and downloading files from the Internet will significantly reduce the risk of ransomware infection, but there are other things you can do to increase security and protect your computer from malware. Installing a security suite and antivirus software is essential for any computer or device with access to the Internet.

Most operating systems and browsers provide extra security settings to increase online safety. However, the best protection against ransomware is to make regular backups of all your files. If you keep up-to-date backups of your data, you will be able to restore any files encrypted by the ransomware.

Ransomware Infection

If your computer is infected by ransomware, you can try using decryption tools to recover encrypted files. You can also try using software available from trusted security companies to regain access to a locked computer. However, these tools are not effective for some types of ransomware. Often, the best solution is to wipe the hard drive and reinstall the backup files. Security experts advise users never to pay the ransom, as there is no guarantee that cybercriminals will restore the files.

Finally, you should report any ransomware attacks to the relevant authorities in your country, as this helps security experts to design tools to protect against this ongoing threat.


Five Online Scams to Watch for in 2018

scam alert

Online scammers never rest. They always find new ways to trick people. You must be vigilant. If you are active online, it is important to stay educated about the scammer’s methods. Here are five scams to watch out for in 2018.

Netflix Phishing Scam: Netflix has a customer base of over 100 million users. That makes it a frequent target of scammers. Some users have received an email asking them to update their billing information before their membership is suspended. If you receive such a message, be cautious. It is always risky to follow links in an email. Before updating your information with Netflix, go directly to the official website and log in from there.

Google Chrome Browser Freeze: Google Chrome is the most widely used browser, which makes it a frequent target of scammers. Upon visiting certain infected websites, Google Chrome will begin to download thousands of files. Soon after, your Chrome browser is likely to become unresponsive. Next, you receive a pop-up with a toll-free number to a fake technical support line.

This malware spreads through the use of infected ads on reputable websites, so using an ad blocker will prevent most attacks. Make sure that your computer’s virus protection is up-to-date. If your browser freezes, you can still close Chrome through the task manager by selecting Control-Alt-Delete on your keyboard.

New 2018 Microsoft Phishing Scam: Many Microsoft Hotmail, Live, and Outlook users have received fraudulent emails claiming that their account will be frozen if they don’t update to 2018 Microsoft. If you follow the link in the email, you are asked to enter your username and passwords. If you do as the scammers request, they will have access to your login information and can take control of your Microsoft-related accounts.

If you receive this message, go to Hotmail, Live, or Outlook directly. After you log in to your account, you will receive instructions if there are indeed any problems. Remember: don’t ever follow a link in a suspicious email.

FedEx Parcel Scam: Many FedEx users have received phishing emails with a subject line stating “FedEx: Delivery Problems Notification”. The scammers have created an email template almost identical to FedEx’s official email template, so beware. If the email asks for information about credit cards, invoices, or account numbers, it is not a genuine email from FedEx. If you have any questions about your FedEx account, go directly to the FedEx website and log in from there.

$1,000 Amazon Gift Card scam: This scam has been around for years, and is still a problem in 2018. Infected ads at reputable websites install adware that shows pop-ups. Once infected with the adware, you will receive a message claiming you have won a $1,000 Amazon gift card. If you click the pop-up, it takes you to a short survey. After you complete the survey, you are asked to provide personal information, such as banking details and contact information.

Never click any pop-ups that claim you have won an Amazon gift card.

Online scammers are very creative, continually developing new tools and methods. But the criminal’s best weapon always remains the same: exploiting user complacency. Even if you know the site is reputable, be suspicious when you receive emails and pop-ups. If you have a question about one of your accounts, go directly to the website and log in. Don’t ever follow a link in an email unless you are 100% certain it is authentic. Keep up-to-date on the latest scams. Be smart and stay safe.  Contact Elevated Tech today for user awareness training!


Dark Web Monitoring Is Here!

 

Elevated Technologies Now Delivers Dark Web Monitoring Services through ID Agent Partnership

 Elevated Technologies Offers Monitoring and Alerting of Stolen Digital Credentials, Increasingly Valuable Asset on Dark Web

 Houston, TX – January 30, 2018 – Elevated Technologies announced its new Dark Web monitoring services provided through its partnership with ID Agent, provider of Dark Web monitoring and identity theft protection solutions. With Dark Web ID, Elevated Technologies offers around the clock monitoring and alerting for increasingly compromised digital credentials, scouring millions of sources, including botnets, criminal chat rooms, peer-to-peer networks, malicious websites, bulletin boards and illegal black market sites.

“With the security landscape ever changing and more small / medium size businesses are being targeted, a partnership with ID Agent was a must.  They add a robust Dark Web monitoring solution to our new Cyber Security department Elevated Cyber Security.  This new department is solely focused on a vast amount of security services for the SMB community.  We welcome ID Agent onboard and look forward to a great business partnership assisting the Elevated family.” said Jason Rorie, Founder of Elevated Technologies.

The Dark Web is made up of various digital communities, and while there are legitimate purposes for the Dark Web, it is estimated that over 50 percent of all sites on the Dark Web today are used for criminal activities, including the disclosure and sale of digital credentials.

“Digital credentials such as usernames and passwords are widely used to connect to critical business applications – the reason these credentials are among the most valuable assets found on the Dark Web,” said Kevin Lancaster, CEO of ID Agent. “Unfortunately, the unaffordability of cyber offerings has played into the cyber poverty line experienced by small businesses. Dark Web ID, however, delivers an affordable model that provides small businesses with the same advanced credential monitoring capabilities used by Fortune 500 companies to organizations in the SMB and mid-market space.”

Dark Web ID is the industry’s only commercial solution available to detect customers’ compromised credentials in real-time on the Dark Web. It vigilantly searches the most secretive corners of the Internet to find compromised data associated with your customers’ employees, contractors and other personnel, and notifies them immediately when these critical assets are compromised. There are a few competitors in the market but none completely focused on the Dark Web as ID Agent’s solution.

About ID Agent

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions to private and public sector organizations and to millions of individuals impacted by cyber incidents. The company’s flagship product, Dark Web ID, combines human and sophisticated Dark Web intelligence with capabilities to identify, analyze and monitor for compromised or stolen employee and customer data, mitigating exposure to clients’ most valuable assets – their digital identity. From monitoring your organization’s domain for compromised credentials to deploying identity and credit management programs in order to protect the employees and customers you serve – ID Agent has the solution. For more information, visit: http://www.idagent.com or go to LinkedIn, Twitter or Facebook.

About Elevated Technologies

If you want more from your IT support company and are in need of a robust system to solve even your most challenging technology problems, your solution starts with Elevated Technologies. With Houston’s most advanced team of IT support experts and one-of-a-kind IT solutions, even your most challenging technology problems are no match for Elevated Tech. Our team of IT support experts implement advanced technology strategies, leveraging IT as a competitive advantage. Our mission is to create a personal, trusting relationship with every client in order to serve each business to the fullest.


How to Stay Safe on Public Wi-Fi

public wifi safety

Public Wi-Fi connections provide free access to the internet, allowing you to stay connected while away from home. However, using public Wi-Fi can be risky, as any personal details and sensitive information sent over an unsecured wireless connection could be intercepted by other people using the same network. If you intend to use public Wi-Fi connections, there are a few precautions you should take to keep your device and data safe.

Keep Updated

Software updates provide the newest patches to protect against security threats, so it’s crucial to keep your operating system, software and apps up to date. Ideally, you should be using the auto-update option on all computers and devices with internet access. Elevated Technologies provides IT management of mobile devices along with laptops, desktops, servers, etc.

Install Security Software

A firewall is essential for all computers, but a good all-around security system should also protect against viruses and spyware. For mobile phones and other devices, there are many free security apps available from reputable companies, such as McAfee, AVG and Avast.

Tweak Your Settings

Turn off file and printer sharing before connecting to public Wi-Fi. Most computers will do this automatically if you set up the Wi-Fi connection as a public network. Most mobile phones, tablets and other devices also offer extra protection for public Wi-Fi connections, but these security options vary greatly from one device to the next.

Add Extensions and Privacy Apps

Browser extensions like AdBlock Plus, Ghostery and Privacy Badger can help to protect privacy and keep your data secure. For mobile phones and other devices, Ghostery Privacy Browser and Firefox Focus offer enhanced privacy protection when browsing the internet.

Use a VPN

A virtual private network (VPN) enables you to route all of your online activities through a private and secure network. The easiest way to set up a VPN is by using a service, such as IPVanish, TunnelBear or ExpressVPN. You can also set up your own VPN, but this can be complicated, so it’s important to do plenty of research before attempting to create your own private network.  Let us assist with setting us your secure company VPN for traveling devices!

Use Extra Security Measures

Many websites now use secure connections (HTTPS), but some older websites still use unsecured connections (HTTP), so it’s important to look at the address bar to make sure that you are accessing a secure website, especially if you intend to enter sensitive information, such as usernames or passwords. Whenever possible, use two-step security settings for your email and other personal accounts, as this will provide an extra layer of protection.

Public Wi-Fi is a convenient and free way to access your online accounts, but it also leaves your data vulnerable to hackers. Taking a few precautions will help to secure your computer and devices, but you still need to be careful when entering sensitive information. In particular, you should avoid accessing your bank, credit card or other financial accounts through public Wi-Fi.  Contact Us Today for a no-cost IT Security Assessment of your IT Network and Devices!

 


Prevention is Ideal, but Detection is Essential!!

network security with Elevated Cyber Security

Looking back at all the threats and breeches of 2017, the threats today and the ones in the future, Elevated Technologies has developed a new, robust security solution for Houston Businesses. We now have a 24/7/365 Cyber Security Operating Center and Incident Response Team!

This means we can collect, correlate, and monitor the logs generated from infrastructure devices whether on premises, cloud or hybrid. By monitoring the logs, our expertly trained security analysts can detect malicious network, domain, and web traffic. Often this malicious traffic will come from known suspicious geographical areas or from domains known to be connected to criminal organizations.

62% of cyber victims are small and midsize businesses. This can’t be ignored. Even if you current have someone doing your IT support, this solution is different and needs to be addressed!

Become compliant with most regulations such as PCI-DSS, SOX, GLBA, FDIC, HIPAA.

Identify and address these (an more) threats

  • Port scans, host scans, denied scans, sudden change of traffic between certain IPs or other anomalies in traffic
  • Network server/device and admin logon anomalies – authentication failures at all times an unusual IPs
  • Network access irregularities from VPN, wireless logons and domain controller. Account lockouts, password scans and unusual logon failures
  • Rogue endpoints, wireless access points
  • Botnets, mail viruses, worms, DDOS and other “zero day” malware identified by cross correlating
  • DNS, DHCP, web proxy logs and flow traffic
  • Abnormalities in web server and database access

Contact Us Today And Receive Our “Understand The Advanced Threat Landscape” Report and Take Advantage Of Our No-Cost Cyber Security Vulnerability Scan


How to Avoid Getting a Computer Virus

A computer virus will lay dormant on your computer until you do something to activate it. The simple act of opening an email can make a computer virus active. Once a virus is activated, it will send itself to people you know, and it will infect their computers like it infected yours. Here are some helpful tips you can use to prevent computer viruses from troubling you:

  • Go directly to a company’s website if you want to download one of their programs. Don’t download a program from some other website. When a site is reputable, it will usually scan its computer for viruses and remove them.
  • Make sure the music or videos you download are from well-known and reputable websites. Networks designed to share music and videos often carry viruses. These sites are also known to carry spyware.
  • Stay away from programs you find on forums or blogs. These programs may be infected with a virus. No matter how tempting these programs are, do not initiate these them.
  • Make sure you have antivirus protection. Protection such as this can be purchased or downloaded for free. Once installed, an antivirus program should be updated regularly. Updates may be done automatically.
  • Don’t download a program a friend sent you. Your friend’s intentions may be good, but there could be a virus on your friend’s computer that unknowingly infected the program you received. If you feel you must have that program, find out which website your friend found it on and download it from there.
  • Never open an attachment you receive from an unknown source. If you have no idea who sent the attachment, don’t be curious to find out what it is about and click on it. Just delete it and forget about it. Don’t open attachments you get via email even if you do know who they’re coming from, as there are viruses that can get email addresses from a computer and infect other computers. Some viruses can send out virus infected emails without the owner of the infected computer knowing about it.

Be cautious of links you receive in emails, as emails are sometimes used to send viruses. If you happen to click on a link that came to you in an email and it asks for personal information, don’t give it out. Don’t click on the link if you are not absolutely sure you know where it will take you.   If you concerned about your computer and network security, contact Elevated Technologies today for a no cost, non-intrusive tune up!


Cybercrime 101: Recognizing Malware

recognizing malware

The word malware means mysterious sounds, blank screens, and crashing computers to many people. What they often don’t realize is the subtle nature of cybercrime. Malware creators don’t want their victims to find their malicious software: it can’t do its damaging and lucrative work if they discover it too quickly. Thankfully, anyone can learn how to recognize malware in all its forms and avoid becoming the next victim of cybercrime.  If you are experiencing any of the below symptoms on your IT network, contact us immediately!

Sudden Poor Performance

Most computer owners experience performance issues because they either install too many programs or run software that uses too much of the computer’s resources. Malware, however, will run silently as a background program and use up your computer’s processing power, which can lead to several problems if your machine can’t handle the extra load. If your computer suddenly struggles to run web pages and programs as well as it did before, you probably have malware.

New, Unwanted Toolbars

Many programs install toolbars, but malware versions are almost impossible to remove. If an unexpected toolbar appears that you can’t uninstall, or if it keeps reappearing after you delete it, you probably have malware somewhere on your computer.

Unexplained Pop-ups

Malware creators love pop-ups, though they aren’t as common today as they were a few years ago. Although being bombarded with mysterious pop-ups is annoying enough, malware ads will sometimes link to websites that will install more malicious software on your computer. Thankfully, it is easy to recognize malicious pop-ups since they commonly appear when no internet browser is open.

Scary Security Warnings

Installing fake security programs is one popular method criminals use to extract money from their victims. Malware security programs usually appear with no warning; they typically come with downloads from file sharing sites and display scary warnings about fake problems. These programs will scan your computer much more quickly than safe software since they’re not looking for anything, and there’s nothing to find.

You Lose Access To Your Computer

Some malware programs work by holding computers hostage. They will restrict access in some way until their victim pays a ransom. Corrupting personal files and permanently blocking the computer screen with large, immovable warning signs are their favorite techniques. The images they display often claim to represent a law enforcement agency, like the FBI, and will accuse the victim of committing a cybercrime. They will then ask the victim to pay a fine. Of course, paying them off is no guarantee that they will release your property.

Your Online Contacts Receive Erratic Messages

Scammers sometimes use spamming email and social media contacts to deceive their victims. If your contacts claim they are receiving messages from you that you haven’t sent, your computer is either infected with malware or a criminal has your account details. Malware often hides in messages sent this way and will activate if someone opens an infected attachment or navigates to a malicious website.

Malware messages share a few characteristics and learning them is the best way to avoid becoming a victim. Oddly enough, some messages will warn you that your computer has malware on it, and will install software when you open an attachment or navigate to their website to fix the problem. Others will imitate transaction confirmations or software updates from bogus companies. Some even hack email accounts so they can spam your inbox with messages from your contacts that don’t match their usual tone or writing style.

Malware isn’t merely an annoyance. Not only can it destroy your files, but it sometimes even leads to identity theft and extortion. That is why it is so important that you understand malware’s warning signs so you can react quickly and limit the damage.

Elevated Technologies Managed Network Security – Contact Us Today!


Tax Season and Cyber Security

Doing our taxes online: the majority of Americans are doing it, which increases the number of cyber criminals ready to target unsuspecting individuals every year. However, there are ways to protect your information and lower your risk for identity theft, fraudulent tax filings, and more.

Protect yourself. You can create a pin on IRS.gov to prevent the misuse of your social security number. To get a pin, you must pass the IRS identify verification process and then create a user profile. Always password protect your electronic tax files and encrypt any information you share electronically—although you should never submit personal information through email. Avoid using public Wi-Fi and unsecured wireless networks.

Know what to look for in phishing scams. Many people get shaken up by a supposed email from the IRS, but most of these emails are scams that are aimed to make people feel panicked and click on a harmful link. Do not click any embedded links—go to IRS.gov to gather information about what is required of you. The IRS never demands payment without having first sent written notice, and they will never ask for payments over the phone. Make sure to delete any harmful or suspicious emails from your inbox.

One of the best ways to protect your data is by getting informed. Understand that as the taxpayer, you are primarily responsible for your taxes even if you received help from a tax preparer. This is why you must ensure that whichever company you go through is reliable and legitimate.

Choose a preparer who has tons of information about them online, asks specific questions, and provides you with your own signed copy of your return. Avoid tax preparers who base their fees on a percentage of the refund or that have no proof online of their services or expertise. Avoid submitting information through websites that don’t have HTTPS in their url, as HTTPS pages use encryption that HTTP sites do not.

Elevated Tech values cyber security and always wants to ensure the safety of all businesses and individuals. To learn more about cyber security, data recovery, and the extra mile Elevated Tech takes to protect your business, contact us todaywe’ve got you covered.