It’s Time to Have a Talk with your IT Company

The relationship between a business and IT team or IT person used to be so simple. Do you remember those old Saturday Night Live skits with Jimmy Fallon playing “Nick Burns: Your Company’s Computer Guy?” It was kind of like that, only with less sarcasm.

You would call up your IT Company when you had an issue with your server or a company computer, and someone would come over and fix it.

Today, things are much more complicated. Akron, OH IT Service providers are not only tasked with keeping your networks up and running, but they are also your first line of defense against cyberattacks. If they fail to adequately protect your network, or if their own system gets hacked into, your IT provider could destroy your business and everything you worked so hard for.

We meet with one or two companies every month whose business is on the brink of disaster because their IT company failed to properly secure their network or because they didn’t have a proper backup plan in place. Please, don’t let this happen to your business.

It’s OKAY to ask questions

It’s important to have an open dialogue with your in-house IT team or outsourced IT company to learn everything about what they are doing, and what they plan to do in regards to your company’s Information Technology.

Whether or not you outsource your IT or have an in-house team on staff, your IT provider is an extension of your business. You need to stay on top of what they are up to just as you would one of your employees. Often, business leaders will simply write a check and let the IT provider do “their job.”

10 questions to ask your IT Company

 

Please, have a conversation with your IT Company and ask specific questions about things like cybersecurity, backup plans, and network monitoring.

As we wrote in the article The Wild West of IT Services, there are no regulations governing IT Service Providers. It’s up to you to do your homework before hiring an IT person or team, and to continuing monitoring the work you are doing for you.

What Questions should you ask?

We have created a Cyber Security Risk Assessment that we encourage you to take. This questionnaire takes less than five minutes to complete and will give you an idea of how well your IT Service Provider is managing your network security and protecting your business against cyberattacks.

IN ADDITION, feel free to ask your IT Company any of the questions from this assessment. If there is a question you are unsure of, ASK your IT Provider for the answer. This is a great tool to help you get the conversation started.

 

Feel free to email me directly with any questions.

Pat Carroll

Cyber Tricks to Watch out for!

It’s fitting that Halloween falls during Cyber Awareness Month. That’s because cyber criminals and hackers love to dress up in costumes to try and lure us into online scams or to steal our passwords and sensitive data. This year’s most popular costumes are sure to include the usual suspects: IRS employees, friends and family members in need of cash, and the timeless classic–wealthy Nigerian princes and princesses.

But cyber criminals are also now wearing more sophisticated disguises that are becoming harder for us to identify who they really are. It’s up to us to stay on top of the latest cyber trends and be proactive when it comes to protecting our personal and business information.

Below are 4 current Cyber “Tricks” to look out for:

1 Malware & Ransomware

What’s scarier than werewolves? How about someone holding your computer files hostage while demanding a large sum for you to get them back! This year alone, ransomware attacks are estimated to cost businesses and individuals close to $12 billion in damages!

How to prevent Malware & Ransomware attacks? There are many things you can do to prevent becoming a victim of a malware or ransomware attack. You can start by changing your passwords regularly, using multifactor authentication, not using public or unsecured WIFI, installing proper firewalls and antivirus software, as well as following these IT Best Practices.

2 Social Media Scams

Hackers love to dress up as old high school friends or relatives trying to connect on Facebook and Linkedin, only to take advantage of your trust by asking you to click a corrupt link, viewing your private data, or even stealing your identity.

How to prevent Social Media Scams? Don’t post anything on social media that you wouldn’t want a stranger to know or see. In addition, be careful using apps that log you in through third-party sites; exercise caution when accepting friend requests; and never click on suspicious links or send money to someone asking for cash online (even if it is grandma)!

3 Corrupt Email Attachments and Downloads

Phishing scams are becoming harder and harder to detect. They may appear in the form of normal looking, everyday emails from trusted senders asking you to download a corrupt attachment or click on a corrupt link (often the source of a ransomware attack).

Also, as we discussed in the Cyber Crimes article: Case #104: The Heavy Machinery Hacker, some hackers are so bold that they impersonate vendors or trusted company employees and then ask for money to be wired for business-related purchases or expenses.

How to prevent online phishing scams? First, stay up-to-date on the latest phishing scams and educate yourself on what to look out for. Second, don’t click on any links or attachments without being 100% sure they are from a trusted source. Third, if anyone asks you to send money or for your private information, such as a credit card number, reach out to them by phone to verify that the transaction is in fact authentic.

4 Attacks on Service Providers

Is your IT company the weak link in your company’s online security? How about your cloud computing service provider? It’s becoming more and more common for hackers to go after vendors rather than individual companies.

Why? First off, there are no regulations in the IT Industry. That means your IT provider—the same company who has access to many of your passwords and sensitive company data—may not be practicing the high level of cyber security they preach, and thus are an easy target for hackers. In addition, IT companies work with multiple clients. So when a hacker infiltrates their network they gain information to all of their customer’s data.

It’s like leaving a candy jar out on the porch and letting anyone grab what they like.

How can you prevent a 3rd party vendor from being your weakest link? Only work with trusted service providers. You can start by making sure the vendors you work with have been thorough vetted by an independent auditing firm and are SOC certified.


For more cyber security tips follow PCR Business Systems on Linkedin and Facebook.