IT Best Practices Archives - Page 2 of 5

How to Prevent a Ransomware Attack

2021-05-20/in cyber security, IT Best Practices, ransomware, Small Business Resources /by Drew Dinan

Northeast Ohio companies that fall victim to a ransomware attack (and that do not have their files properly backed up) usually only have two choices—both of which could put a company out of business.

The first choice presented by cybercriminals is to pay a ransom for the release of the data they are holding hostage. This could cost your business hundreds of thousands or even millions of dollars (it is reported that Colonial Pipeline paid upwards of $5 million for the release of their files) and there is no guarantee you will even get your data back. It is estimated that less than a quarter of companies who paid cybercriminals a ransom in 2020 got all of their data returned.

The second option is to do nothing and risk the confidential data of your customers being released. Not only could this destroy the reputation of your business, but you could potentially face lawsuits or fines for violating compliance laws.

As you can see, neither of these options are good and many businesses that fell prey to a ransomware attack never recovered. The best way to deal with a ransomware attack is to prevent one from ever taking place in the first place.

Here are five things your business must do to keep cyber criminals from holding your files and client data hostage.

1. Keep all programs and operating systems up to date with the latest patches.
2. Use and maintain proper antivirus software, email filters, and firewalls while regularly monitoring your system for possible infections.
3. Use multi-factor authentication for all logins and transactions.
4. Train staff on what fishing attacks look like and how they can prevent them.
5. Backup your systems regularly and ensure your backups work.

To further limit the chances of a successful ransomware attack on your business, it is also important to only work with SOC Audited outsourced IT service providers like PCR Business Systems. PCR has been SOC 2, Type 2 Certified to guarantee that we have the highest level of security controls in place to protect your critical data. You can learn more about what the SOC 2 Audit is and what it means for your business here.

Have questions about protecting your business from ransomware attacks? Contact PCR President, Pat Carroll for a free Q&A.

Know When to Outsource IT Services

2021-03-26/in Cloud Computing, cyber security, information technology, IT Best Practices, managed IT, outsourced IT /by PCR Business Systems

Some companies benefit more from outsourcing their IT rather than having an in-house team. Learn if IT outsourcing is right for you.

Work-From-Home Done Right!

2020-06-04/in cyber security, IT Best Practices, Remote Employees, Work-From-Home, working remotely /by PCR Business Systems

You don’t need to work in cybersecurity to work-from-home safely. Just use common sense, and practice these 15 online safety tips for remote employees.

IT Security for Working at Home

2020-03-13/in cyber security, information technology, IT Best Practices, Small Business Resources, working remotely /by PCR Business Systems

Unfortunately, due to the Coronavirus many employees have been forced to work from home, or may be working from home in the near future. If you find yourself in this situation it’s important to remember to follow the best IT security practices when working from home to not put your company at risk of an online virus or cyberattack.

Working remotely can be challenging because you likely don’t have the same security safeguards in place at home as you do in the office. In addition, most people have multiple devices connected to their home Wifi, including personal computers, smartphones, game consoles, etc. These can all offer hackers a gateway into your home Wifi which can then give them a backdoor into the corporate device you are working from. It’s up to you to implement your own layers of security controls at home to prevent your company’s data from being breached.

Cyber criminals love to prey on companies when they are most vulnerable, and one of the weak spots they look for is employees who are not following the best IT security practices for working remotely.

Below is a list of things you can do to prevent cyberattacks while working remotely. You should follow these guidelines whenever you are logged into a corporate laptop or phone, even if it’s just to check a few emails.

IT Security Checklist for Remote Employees

Only Use Secure Wifi

Avoid using Public WiFi
Use a VPN (Virtual Private Network)
Change the default Wifi router passwords to something more secure
Update router firmware

Protect Your Workspace

Don’t use your personal computer for work
Don’t let anyone eavesdrop on what you are working on
Encrypt sensitive data in emails
Don’t use the same passwords on work devices as you do personal devices
Update software for all devices that are connected to your home network (this includes personal computers, television services, game consoles, thermostats, etc.)

Secure Your Devices

Update firmware
Create strong passwords using multi-factor authentication
Review and follow corporate policies and procedures
Don’t leave your work devices unaccompanied in a vehicle
Keep your home or apartment securely locked

Read about having a secure bring your own device policy >>

Use Common Sense

Don’t share your work devices with family or friends
Don’t post business itineraries or corporate information online. This includes posting photos that may show addresses, client information, or any other personal or business information in the background
Don’t let your guard down. It’s easy to feel comfortable at home but practice the same IT security best practices at home as you would at work

Report Any Security Issues Immediately

Don’t wait until it’s too late. If you fear your work computer has been breached contact an IT professional within your company immediately

Want to learn more about working from home safely? Read about Threat Remediation while working from home >>

Fill out the form below or contact PCR Business Systems if you have any questions about setting up a secure workspace for your remote employees.

Our SOC Audit Is Complete!

2020-02-14/in cyber security, IT Best Practices, Small Business Resources, Uncategorized /by PCR Business Systems

We are proud to announce that we completed our SOC 2, Type 1 Audit and are compliant with the AICPA’s Trust Service Criteria for Managed Service Providers.

An independent auditing firm did a thorough examination of PCR Business System’s security policies and procedures and concluded that we have the highest level of controls in place to protect your company’s privacy and sensitive data.

(Click here for more information about SOC Audits)

WHY THIS IS A BIG DEAL

To start, it means that you can rest assured knowing that we will keep your network and data safe from cyber-attacks. With the growing trend of managed service providers being hacked, you can’t take any chances with your Information Technology Company.

As we discussed in the article “The Wild West of IT Services,” the IT industry is unregulated. This means no one is watching over IT Service Providers and no one is keeping tabs on how they store and protect your network and data.

Therefore, you must do your homework to make sure you are working with an IT Company who has the highest security controls in place.

We chose to have the SOC Audit to reinforce that we provide the best IT services in Akron and to show our partners that we will continue to take whatever steps necessary to keep their trust.

Email us to read the full report!

How to Stop Robocalls

2019-12-05/in best apps, cyber security, information technology, IT Best Practices, Uncategorized /by PCR Business Systems

My phone rings at four a.m. jolting me from a peaceful dream straight into a panic. I race to answer it. Who’s calling me this early? Something terrible must have happened!

I glance at the screen and see my hometown area code. I don’t recognize the number, but that doesn’t mean it’s not the police or the hospital calling with some awful news.

I reluctantly answer the phone, expecting the worst. “Hello?”

“Your auto insurance is about to expire. Touch seven or stay on the line to speak to…”

I thumb at the hang-up phone icon with rage, not listening to the conclusion of the prerecorded message. I try and fall back to sleep but can’t. My adrenaline is pumping. My heart rate has spiked. I lie in bed wondering what kind of person or business would stoop so low as to spam fellow humans with robocalls.

Telemarketers are bad enough, but at least there’s a real person on the other end of the line that you yell at. Robocalls don’t even give you that satisfaction. Now that I can’t sleep, I lie in bed searching the internet for ways to make these calls stop for good.

Here’s what I found.

According to a call-blocking company called YouMail, approximately 48 billion robocalls were made to Americans in 2018, with even more being placed this year. In October alone, Americans were bombarded with 5.7 billion robocalls stemming from political pitches to fake IRS scams.

Complaints to the FCC and Federal Trade Commission have been pouring in for years topping the list of consumer complaints. In December, the House passed The Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act, aka the Traced Act— aimed to put an end to robocalls for good.

According to House leaders the new legislation “combats the robocall epidemic by ensuring every call Americans receive will be verified and can be blocked at no extra cost to consumers. It also gives the Federal Communications Commission and law enforcement the authority to quickly go after scammers.”

(Detailed information can be found here).

But will this new law stop those intrusive robocalls from waking us up at night and pestering us during our lunch breaks?

Time will tell, but I’m not going to lose more sleep waiting around to find out. Just as cyber crooks are finding new ways to hack into our networks with ransomware and viruses, the people behind the robocalls will likely do everything they can to scoot around these new regulations and continue to badger us with their scams and bogus offers.

So what can we do to proactively block robocalls and keep us from smashing our new smartphones against the wall? Here are a few tips I found that will hopefully help.

1). Add your number to the FCC’s Do Not Call list by visiting donotcall.gov. According to the FCC, once you add your number, “Telemarketers must remove your numbers from their call lists and stop calling you within 31 days from the date you register.”

This is the first step I took when doing research for this article. I entered my number on the Do Not Call list, and then waited several minutes before I received a confirmation email. Once the email I arrived I was excited to open it. Could stopping robocalls really be this simple?

Then I read the email stating that I had already registered my phone…back in 2005!

Epic fail, FCC. I must have received over a thousand calls from telemarketers in the past 15 years.

2). Manually block numbers that have come from telemarketers and robocalls. All smartphones have this option. Depending on the type of phone you have the process should be simple. On my iPhone I simply click the information icon to the right of the number, and then scroll down to the bottom and click where it says “Block this Caller.”

Unfortunately, this also hasn’t seemed to stop the problem for me. It has limited it, but the calls have kept coming despite blocking over 150 numbers on my phone.

3) Use a third-party app and utilize your phone’s features. All four major wireless carriers offer some type of call blocking feature to their customers, and most smartphones offer some kind of special blocking tool. For example, Apple’s iOS 13 has an option to “Silence Unknown Callers” which will send unknown numbers directly to your voicemail.

To turn on Silence Unknown Callers, simply go to your iPhone Settings, then Phone, then scroll down and select “Silence Unknown Callers.” It’s that simple.

This is a great option for avoiding robocalls, but be aware, this could also cause you to miss important calls from your doctor or your child’s school. Callers will show up on your recent calls list, but if it’s an emergency, you may not realize they have called in time.

Another step you can take is to download a third-party app to block robocalls. Hiya is a free app for Android and iOS that has received good reviews. Other popular apps you may want to research include Nomorobo (used by Verizon), YouMail, and RoboKiller, just to name a few.

4). Follow the FCC’s best practices to reduce robocalls. These are mostly common sense, but it can’t hurt to remind yourself of these simple rules:

Ignore calls from blocked, unknown numbers, or numbers you don’t recognize. Note: This includes “spoofed” calls that have the appearance of coming from a local number. I continue to get calls from my hometown area code even though I haven’t lived there in years.
If a caller or voice message asks you to hit a button to speak with a representative you should immediately hang up. Hitting a button can be a sign to scammers that you are a vulnerable target.
Do not respond to any questions, especially those that you would answer with a “yes.”
Never give out any personal information!
If someone claims to be affiliated with a certain company or government agency, and you have doubts, hang up and double check the number to make sure it is associated with the business or organization they claim to be with.

(Further tips can be found on the FCC website).

5) Trust that the Traced Act will do what it claims. In practice, The TRACED Act would make it a law that phone companies block robocalls free of charge to customers, while also ensuring that calls originate from real numbers.

Let’s hope this is true. In the meantime, it can’t hurt to take a few extra steps on our own to try and stop robocalls from adding unnecessary frustration to our lives.