These days most people are familiar with what Cryptolocker and Ransomware are. Either your business has been affected, you have a friend who has a friend who’s has fallen victim or maybe heard about it on the nightly news. Ransomware is a particular malware advanced enough to limit users from accessing their information unless a ransom amount is paid.

The number of professionals and small businesses being targeted by ransomware is increasing.

As we all know information and the ability to access it is the foundation of any business. The only way to protect this information is to execute an effective backup solution in your IT environment and make sure you’re ready for any possible threat.

In the event of a disaster your backup solution is only as good as its restoration capability. In situations where hardware fails or becomes infected, a little preparation can go a long way. A lot of businesses spend a lot of time and resources picking and investing in a backup solution but often times forget one vital step: regular testing of their backup’s restorability as part of their disaster recovery plan.

If there is a problem with a backup that hasn’t been tested, often you won’t know until it’s too late. A lot of ransomware will try to encrypt data on a network, as well as on removable drives. To make sure your business stays safe, it’s important to make sure at least one copy of your backups are safe in your local environment.

There is an effective has a strategy called the “3-2-1” rule. This rule states that your business should have 3 copies of your data, stored in 2 different types of media with 1 backup kept off site. Also, ensuring all files in a backup are readable and making sure backups are intact physically all goes into testing your backups and making sure they’re able to be restored when you need them.

Ideally backups should be tested after any change is made. If a new backup is created, test it. If a new machine or server is added, test it. It can be time consuming and seemingly impossible for some organizations depending on the size of the backup. If you can’t check backups after every change, be sure you are checking them regularly.

Standard practice is to replicate a full restore at least quarterly. By not testing applications and files you’re making the assumption that not only have you correctly selected everything that will be required to recover from a failure, and that everything backed up properly, but also that it will restore perfectly at the times when you need it most.

To learn more about these ransomware threats and how you can protect your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from Arianna Carter.  SOURCE

Implementing a virtualized data storage solution at your business is no small feat. It’s a complicated process that requires immense amounts of technical expertise. Unfortunately, getting it up and running is only half the battle. For the most efficient solution possible, watch out for the three most common management issues outlined in this post.

Poorly structured storage from the get go

Within a virtualized data storage framework, information is grouped into tiers based on how quickly that information needs to be accessible when requested. The fastest drives on the market are still very expensive, and most networks will have to organize data into three different tiers to avoid breaking the bank.

For example, archived or redundant data probably doesn’t need to be on the fastest drive you have, but images on your eCommerce website should get the highest priority if you want customers to have a good experience.

Without a virtualization expert on hand, organizing this data could quickly go off the rails. Ask your IT service provider to see a diagram of where your various data types are stored and how those connect to the software-defined drive at the hub of your solution. If there are too many relays for your server to pass through, it’ll be a slower solution than the non-virtualized alternatives.
Inadequately maintained virtualized storage

How long will your intended design last? Companies evolve and expand in short periods of time, and your infrastructure may look completely different months later. Virtualized data storage requires frequent revisions and updates to perform optimally.

Whoever is in charge of your virtualization solution needs to have intimate knowledge of how data is being accessed. If you’re using virtual machines to access your database and move things around, they need to be precisely arranged to make sure you don’t have 10 workstations trying to access information from the same gateway while five other lanes sit unoccupied.

Incorrect application placement

In addition to watching how your data is accessed as the system shifts and grows, administrators also need to keep a close eye on the non-human components with access to the system. Virtualized applications that access your database may suffer from connectivity problems, but how would you know?

The application won’t alert you, and employees can’t be expected to report every time the network seems slow. Your virtualization expert needs to understand what those applications need to function and how to monitor them closely as time goes on.

Deploying any type of virtualized IT within your business network is a commendable feat. However, the work doesn’t stop there. Without the fine-tuning of an experienced professional, you risk paying for little more than a fancy name. For the best virtualization advice in town, contact us today.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

What is phishing?
Email Phishing scams are carried out online by tech-savvy con artists and identity theft criminals. They use spam, fake websites constructed to look identical to real sites, email and instant messages to trick you into divulging sensitive information, like bank account passwords and credit card numbers. Once you take the phisher’s bait, they can use the information to create fake accounts in your name, ruin your credit, and steal your money or even your identity.
How do phishing scams find me?
This style of identity theft is extremely widespread because of the ease with which unsuspecting people share personal information. Phishing scams often lure you with spam email and instant messages requesting you to “verify your account” or “confirm your billing address” through what is actually a malicious Web site. Be very cautious. Phishers can only find you if you respond.
What can email phishing scams do to me?
After you’ve responded to a phishing scam, the attacker can:

  • Hijack your usernames and passwords
  • Steal your money and open credit card and bank accounts in your name
  • Request new account Personal Identification Numbers (PINs) or additional credit cards
  • Make purchases
  • Add themselves or an alias that they control as an authorized user so it’s easier to use your credit
  • Obtain cash advances
  • Use and abuse your Social Security number
  • Sell your information to other parties who will use it for illicit or illegal purposes

How will I know?
Phishers often pretend to be legitimate companies. Their messages may sound genuine and their sites can look remarkably like the real thing. It can be hard to tell the difference, but you may be dealing with a phishing scam if you see the following:

  • Requests for confidential information via email or instant message
  • Emotional language using scare tactics or urgent requests to respond
  • Misspelled URLs, spelling mistakes or the use of sub-domains
  • Links within the body of a message
  • Lack of a personal greeting or customized information within a message. Legitimate emails from banks and credit card companies will often include partial account numbers, user name or password.

How can I get phishing protection?
When you arm yourself with information and resources, you’re wiser about computer security threats and less vulnerable to phishing scam tactics. Take these steps to fortify your computer security and get better phishing protection right away:

  • Do not provide personal information to any unsolicited requests for information
  • Only provide personal information on sites that have “https” in the web address or have a lock icon at bottom of the browser
  • If you suspect you’ve received phishing bait, contact the company that is the subject of the email by phone to check that the message is legitimate
  • Type in a trusted URL for a company’s site into the address bar of your browser to bypass the link in a suspected phishing message
  • Use varied and complex passwords for all your accounts
  • Continually check the accuracy of personal accounts and deal with any discrepancies right away
  • Avoid questionable Web sites
  • Practice safe email protocol:
    • Don’t open messages from unknown senders
    • Immediately delete messages you suspect to be spam

Make sure that you have the best security software products installed on your PC for better phishing protection:
Use antivirus protection and a firewall
Get antispyware software protection
An unprotected computer is like an open door for email phishing scams. For a more potent form of protection, use a spam filter or gateway to scan inbound messages. Products like Webroot Spy Sweeper® and Webroot Internet Security Essentials thwart dangerous malware before it can enter your PC, stand guard at every possible entrance of your computer and fend off any spyware or viruses that try to enter, even the most damaging and devious strains. While free anti-spyware and antivirus downloads are available, they just can’t keep up with the continuous onslaught of new spyware strains. Previously undetected forms of spyware can often do the most damage, so it’s critical to have up-to-the-minute, guaranteed protection.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from Webroot SOURCE

 

As technology consultants, we’re stuck between a rock and a hard place. We want to provide our clients with enterprise-level IT, but that requires that we specialize in overwhelmingly intricate technology. Explaining even the most foundational aspects of our cyber-security would most likely put you to sleep before convincing you of our expertise. But if you really want to know, here are a few summaries of how we focus on proactive strategies rather than reactive ones.

Understand the threats you’re facing
Before any small- or medium-sized business can work toward preventing cyber-attacks, everyone involved needs to know exactly what they’re fighting against. Whether you’re working with in-house IT staff or an outsourced provider, you should review what types of attack vectors are most common in your industry. Ideally, your team would do this a few times a year.

Reevaluate what it is you’re protecting
Now that you have a list of the biggest threats to your organization, you need to take stock of how each one threatens the various cogs of your network. Map out every device that connects to the internet, what services are currently protecting those devices, and what type of data they have access to (regulated, mission-critical, low-importance, etc.).

Create a baseline of protection
By reviewing current trends in the cyber-security field, alongside an audit of your current technology framework, you can begin to get a clearer picture of how you want to prioritize your preventative measure versus your reactive measures.

Before you can start improving your cyber-security approach, you need to know where the baseline is. Create a handful of real-life scenarios and simulate them on your network. Network penetration testing from trustworthy IT professionals will help pinpoint strengths and weaknesses in your current framework.

Finalize a plan
All these pieces will complete the puzzle of what your new strategies need to be. With an experienced technology consultant onboard for the entire process, you can easily parse the results of your simulation into a multi-pronged approach to becoming more proactive:

  • Security awareness seminars that coach everyone — from receptionists to CEOs — about password management and mobile device usage.
  • “Front-line” defenses like intrusion prevention systems and hardware firewalls that scrutinize everything trying to sneak its way in through the front door or your network.
  • Routine checkups for software updates, licenses, and patches to minimize the chance of leaving a backdoor to your network open.
  • Web-filtering services that blacklist dangerous and inappropriate sites for anyone on your network.
  • Antivirus software that specializes in the threats most common to your industry.

 

As soon as you focus on preventing downtime events instead of reacting to them, your technology will begin to increase your productivity and efficiency to levels you’ve never dreamed of. Start enhancing your cyber-security by giving us a call for a demonstration.

The field of cyber security is overwhelming — even for seasoned IT professionals. But not for us. We spend our days researching and experimenting to craft the best security solutions on the market. If you’re interested in one of our cutting-edge cyber-security plans, call us today.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE