How to Prevent a Ransomware Attack

Northeast Ohio companies that fall victim to a ransomware attack (and that do not have their files properly backed up) usually only have two choices—both of which could put a company out of business.

The first choice presented by cybercriminals is to pay a ransom for the release of the data they are holding hostage. This could cost your business hundreds of thousands or even millions of dollars (it is reported that Colonial Pipeline paid upwards of $5 million for the release of their files) and there is no guarantee you will even get your data back. It is estimated that less than a quarter of companies who paid cybercriminals a ransom in 2020 got all of their data returned.

The second option is to do nothing and risk the confidential data of your customers being released. Not only could this destroy the reputation of your business, but you could potentially face lawsuits or fines for violating compliance laws.

As you can see, neither of these options are good and many businesses that fell prey to a ransomware attack never recovered. The best way to deal with a ransomware attack is to prevent one from ever taking place in the first place.

Here are five things your business must do to keep cyber criminals from holding your files and client data hostage.

    1. Keep all programs and operating systems up to date with the latest patches.
    2. Use and maintain proper antivirus software, email filters, and firewalls while regularly monitoring your system for possible infections.
    3. Use multi-factor authentication for all logins and transactions.
    4. Train staff on what fishing attacks look like and how they can prevent them.
    5. Backup your systems regularly and ensure your backups work.

To further limit the chances of a successful ransomware attack on your business, it is also important to only work with SOC Audited outsourced IT service providers like PCR Business Systems. PCR has been SOC 2, Type 2 Certified to guarantee that we have the highest level of security controls in place to protect your critical data. You can learn more about what the SOC 2 Audit is and what it means for your business here.


Have questions about protecting your business from ransomware attacks? Contact PCR President, Pat Carroll for a free Q&A.

IT Security for Working at Home

Unfortunately, due to the Coronavirus many employees have been forced to work from home, or may be working from home in the near future. If you find yourself in this situation it’s important to remember to follow the best IT security practices when working from home to not put your company at risk of an online virus or cyberattack.

Working remotely can be challenging because you likely don’t have the same security safeguards in place at home as you do in the office. In addition, most people have multiple devices connected to their home Wifi, including personal computers, smartphones, game consoles, etc. These can all offer hackers a gateway into your home Wifi which can then give them a backdoor into the corporate device you are working from. It’s up to you to implement your own layers of security controls at home to prevent your company’s data from being breached.


Cyber criminals love to prey on companies when they are most vulnerable, and one of the weak spots they look for is employees who are not following the best IT security practices for working remotely.

Below is a list of things you can do to prevent cyberattacks while working remotely. You should follow these guidelines whenever you are logged into a corporate laptop or phone, even if it’s just to check a few emails.

IT Security Checklist for Remote Employees

Only Use Secure Wifi

  • Avoid using Public WiFi
  • Use a VPN (Virtual Private Network)
  • Change the default Wifi router passwords to something more secure
  • Update router firmware

Protect Your Workspace

  • Don’t use your personal computer for work
  • Don’t let anyone eavesdrop on what you are working on
  • Encrypt sensitive data in emails
  • Don’t use the same passwords on work devices as you do personal devices
  • Update software for all devices that are connected to your home network (this includes personal computers, television services, game consoles, thermostats, etc.)

Secure Your Devices

  • Update firmware
  • Create strong passwords using multi-factor authentication
  • Review and follow corporate policies and procedures
  • Don’t leave your work devices unaccompanied in a vehicle
  • Keep your home or apartment securely locked

Use Common Sense

  • Don’t share your work devices with family or friends
  • Don’t post business itineraries or corporate information online. This includes posting photos that may show addresses, client information, or any other personal or business information in the background
  • Don’t let your guard down. It’s easy to feel comfortable at home but practice the same IT security best practices at home as you would at work

Report Any Security Issues Immediately

  • Don’t wait until it’s too late. If you fear your work computer has been breached contact an IT professional within your company immediately

Fill out the form below or contact PCR Business Systems if you have any questions about setting up a secure workspace for your remote employees.


It’s Time to Have a Talk with your IT Company

The relationship between a business and IT team or IT person used to be so simple. Do you remember those old Saturday Night Live skits with Jimmy Fallon playing “Nick Burns: Your Company’s Computer Guy?” It was kind of like that, only with less sarcasm.

You would call up your IT Company when you had an issue with your server or a company computer, and someone would come over and fix it.

Today, things are much more complicated. Akron, OH IT Service providers are not only tasked with keeping your networks up and running, but they are also your first line of defense against cyberattacks. If they fail to adequately protect your network, or if their own system gets hacked into, your IT provider could destroy your business and everything you worked so hard for.

We meet with one or two companies every month whose business is on the brink of disaster because their IT company failed to properly secure their network or because they didn’t have a proper backup plan in place. Please, don’t let this happen to your business.

It’s OKAY to ask questions

It’s important to have an open dialogue with your in-house IT team or outsourced IT company to learn everything about what they are doing, and what they plan to do in regards to your company’s Information Technology.

Whether or not you outsource your IT or have an in-house team on staff, your IT provider is an extension of your business. You need to stay on top of what they are up to just as you would one of your employees. Often, business leaders will simply write a check and let the IT provider do “their job.”

10 questions to ask your IT Company


Please, have a conversation with your IT Company and ask specific questions about things like cybersecurity, backup plans, and network monitoring.

As we wrote in the article The Wild West of IT Services, there are no regulations governing IT Service Providers. It’s up to you to do your homework before hiring an IT person or team, and to continuing monitoring the work you are doing for you.

What Questions should you ask?

We have created a Cyber Security Risk Assessment that we encourage you to take. This questionnaire takes less than five minutes to complete and will give you an idea of how well your IT Service Provider is managing your network security and protecting your business against cyberattacks.

IN ADDITION, feel free to ask your IT Company any of the questions from this assessment. If there is a question you are unsure of, ASK your IT Provider for the answer. This is a great tool to help you get the conversation started.


Feel free to email me directly with any questions.

Pat Carroll

5 Ways to Protect your Business from Cyber Threats

Think of your internet and sensitive data like you would a car. We take several preventative measures to keep our vehicles from being the target of thieves. We lock our doors, hide valuables from plain sight, install car alarms and anti-theft devices like the Club, and avoid parking in unsafe and dimly lit areas.

So why don’t we always take similar steps to protect our computers and smart phones from people looking to steal our valuable information or money from our online accounts?

Just like car thieves, most hackers look for easy targets. They’ll prey on victims with weak passwords or who use unsecured WiFi to access important financial accounts or to make online purchases. Fortunately, just like with keeping our cars from getting stolen or broken into, a little cyber defense can go a long way in keeping you from getting hacked.

Below are 5 simple things you can do RIGHT NOW to minimize your chances of being hacked.

1). Make sure your security software is up-to-date. Don’t ignore those notifications that pop-up on your screen telling you that your operating system requires an update. That update may contain critical security patches that must be installed in order to keep your system protected from hackers.

Email programs, apps and web browsers should all be updated whenever a software update is available. In addition, as we wrote in the article “End of the Road for Windows 7 and Windows Server 2008,” make sure you are using an operating system (OS) that is not obsolete. Using an OS or any software that is no longer supported can leave you extremely vulnerable to a cyber-attack.

2). Create strong passwords, change them regularly, and don’t use the same password for everything. This seems pretty simple, and it is! In the unfortunate event that a hacker gains access to one of your passwords, for example your Facebook login; you can mitigate the damage by ensuring that password is ONLY used for Facebook. If you use the same password for Facebook as you do for your online banking, email, etc. you could be in real trouble as hackers will have access to all of those accounts.

Fortunately, you can prevent hackers from gaining access to any of your accounts by creating strong passwords with a variety of numbers, capital letters, and unique characters, and changing them regularly. Keep a log of your passwords locked in a safe place in your desk or your home.

3). Use Multi-Factor Authentication on all devices. In addition to password protection, you can also thwart off hackers by using multi-factor authentication for all connected devices. Multi-factor authentication simply means that you must present multiple credentials (in addition to just a single password) to gain access to your device or account. Using Multi-factor authentication will help protect your sensitive data against the leading cause of data security breaches– stolen credentials.

4). Install proper antivirus software. If you already have up-to-date security software installed, good for you! You’re one step ahead. If you don’t, make sure you install a firewall today and stay current with updates. Do your research before installing any program or software, and feel free to give us a call at 330.572.7575 or email directly at and we can recommend the best antivirus and antimalware software on the market today.

5). Limit the use of public WiFi and unsecured devices. Do your best to only browse the internet from a secure network. While we understand this may be difficult while traveling, especially if you need to book a last minute hotel or pay a bill online, try to find a network that is safe and password protected. Never use open Wifi for accessing email or important accounts. Just as you wouldn’t leave your purse or laptop on the front seat of your car for a would-be thief to see, you should never display sensitive data on an unsecured network for hackers to get their hands on.

Staying ahead of hackers can be a challenging task. However, implementing these five things today will at the very least make it more difficult for hackers to gain access into your data–limiting the chances they’ll go after you in the first place.

For more information on how you can protect your business from cyber attacks visit  us at and check out more posts from our blog.


In Business since, 2004, PCR Business Systems is the leading IT Service Provider in Akron, OH and is SOC 2 Audited and Certified. Schedule a free review of your IT today!

End of the Road for Windows 7 and Windows Server 2008 and 2008 R2

On January 14, 2020, Microsoft will end support for Windows 7 and Windows Server 2008 and 2008 R2. Is your company prepared?

It seems like yesterday that we were upgrading our PCs to the new Windows 7 Operating System and migrating services and applications to Windows Server 2008 and 2008 R2. But as we all know, time flies in the world of technology where last week’s innovation is tomorrow obsolete. The new technological advancements and upgrades can be difficult to follow and stay on top of, especially for small business owners who already have a lot on their plates.

I’m writing this article to remind local Northeast Ohio business owners of one significant deadline that you need to be prepared for. On January 14, 2020, Microsoft will end support for Windows 7 and Windows Server 2008 and 2008 R2. This means that Microsoft will no longer help you fix problems that occur nor will they provide regular security updates or patches, leaving your IT infrastructure and applications vulnerable and unprotected.

We are currently working with our clients to upgrade their operating systems and migrate their Windows Server 2008 over to the cloud or a new server. Your business should be doing the same (if you haven’t already).

Unfortunately, we have talked to a few businesses that are aware of these deadlines but have not yet been approached by their current IT service providers about what the next steps are. This is inexcusable. Please make sure that you have a plan in place.

We also get a lot of questions from business owners asking if they should replace their servers or migrate to the cloud. I will write more about this soon (or you can email me directly if you have questions), but for now it’s important to remember that what is right for each business depends on their specific needs.

If you have any questions about upgrading from Windows 7, or migrating your Windows Server 2008 or 2008 R2 please don’t hesitate to give me a call. I’ll be happy to answer any questions you have or help you put a plan in motion.

Jan. 2020 will be here before you know it. Please take the necessary steps today to make sure your company’s technology will be protected tomorrow.

A good place to start is with our free IT Strategy Discussion.

Patrick Carroll

President, PCR Business Systems

Best Practice Approach to Data Security

Below is a summary of the presentation given by PCR Business Systems president, Pat Carroll, at the 2019 Day Ketterer CyberSecurity Seminar. For more information on protecting your business from cyber attacks, or if you have any doubts about your network security you can contact Pat directly at or (330) 572-7526 x 1001.

PCR is also offering Northeast Ohio businesses a free network security audit to make sure you have the proper cybersecurity measures in place. Remember, it’s much easier to prevent a cyber attack than it is to recover from one.

Simple things that companies can do to guard against cyber attacks. These items need to be in place before anything else:

  • Centrally controlled, monitored Antivirus
  • Device control with routine patching – not just Windows, all programs – java, adobe etc
  • Unique user IDs with central control
  • Modern Backup – no tapes

Preventative measures that all companies need to implement:

  • No users with admin rights to computers
  • No elevated permissions logging in for normal computer use – domain admin or 365 admin etc
  • User awareness training – people are the easy target
  • Best in class, properly configured email security – .js, .exe, .zip should never get through
  • Multifactor authentication on all web facing logins – Office365 is a must

Know your risks and review at least annually:

  • Where is sensitive data stored?
  • Typical – PII, EHI
  • Trade Secrets
  • Non-Typical

In addition, schedule periodic reviews of accounts, permissions and don’t allow access if it is not needed.

Know how an attacker is most likely to strike:

  • Use information
  • Trick users to send money
  • Demand a ransom
  • Expose your information?

You have been attacked, what will save you?

Properly configured backup

  • Test it
  • Attack it – test permissions, try to get to it

Properly configured firewall


  • Intrusion Detection with alerting configured
  • IP Reputation
  • Content Filtering
  • Look for suspicious activity leaving the network


  • Banking – Know your exposure. Consider Positive Pay on checks and ACH
  • Cyber Liability Insurance
  • Be careful on the questions they require
  • Know what they won’t cover




Pat Carroll  (330) 572-7526 x 1001