“Are You A Sitting Duck?”

The 7 Most Critical IT Security Protections Every Business Must Have In Place Now To Protect Themselves From Cybercrime, Data Breaches And Hacker Attacks

You, the CEO of a small business, are under attack. Right now, extremely dangerous and well-funded cybercrime rings in China, Russia and the Ukraine are using sophisticated software systems to hack into thousands of small businesses like yours to steal credit cards, client information, and swindle money directly out of your bank account. Some are even being funded by their own government to attack American businesses.

Don’t think you’re in danger because you’re “small” and not a big target like a J.P. Morgan or Home Depot? Think again. 82,000 NEW malware threats are being released every single day and HALF of the cyber-attacks occurring are aimed at small businesses; you just don’t hear about it because it’s kept quiet for fear of attracting bad PR, lawsuits, data-breach fines and out of sheer embarrassment.

In fact, the National Cyber Security Alliance reports that one in five small businesses have been victims of cybercrime in the last year – and that number is growing rapidly as more businesses utilize cloud computing and mobile devices, and store more information online. You can’t turn on the TV or read a newspaper without learning about the latest online data breach, and government fines and regulatory agencies are growing in number and severity. Because of all of this, it’s critical that you have these 7 security measures in place.

1. The #1 Security Threat To ANY Business Is… You! Like it or not, almost all security breaches in business are due to an employee clicking, downloading or opening a file that’s infected, either on a web site or in an e-mail; once a hacker gain’s entry, they use that person’s e-mail and/or access to infect all the other PCs on the network. Phishing e-mails (e-mails cleverly designed to look like legitimate messages from a web site or vendor you trust) is still a very common occurrence – and spam filtering and anti-virus cannot protect your network if an employee is clicking on and downloading the virus. That’s why it’s CRITICAL that you educate all of your employees on how to spot an infected e-mail or online scam. Cybercriminals are EXTREMELY clever and can dupe even sophisticated computer users. All it takes is one slip-up; so constantly reminding and educating your employees is critical.

On that same theme, the next precaution is implementing an Acceptable Use Policy (AUP). An AUP outlines how employees are permitted to use company-owned PCs, devices, software, Internet access and e-mail. We strongly recommend putting a policy in place that limits the web sites employees can access with work devices and Internet connectivity. Further, you have to enforce your policy with content-filtering software and firewalls. We can easily set up permissions and rules that will regulate what web sites your employees access and what they do online during company hours and with company-owned devices, giving certain users more “freedom” than others.

Having this type of policy is particularly important if your employees are using their own personal devices and home computers to access company e-mail and data. With so many applications in the cloud, an employee can access a critical app from any device with a browser, which exposes you considerably.

If an employee is logging into critical company cloud apps through an infected or unprotected, unmonitored device, it can be a gateway for a hacker to enter YOUR network – which is why we don’t recommend you allow employees to work remote or from home via their own personal devices.

Second, if that employee leaves, are you allowed to erase company data from their phone or personal laptop? If their phone is lost or stolen, are you permitted to remotely wipe the device – which would delete all of that employee’s photos, videos, texts, etc. – to ensure YOUR clients’ information isn’t compromised?

Further, if the data in your organization is highly sensitive, such as patient records, credit card information, financial information and the like, you may not be legally permitted to allow employees to access it on devices that are not secured; but that doesn’t mean an employee might not innocently “take work home.” If it’s a company-owned device, you need to detail what an employee can and cannot do with that device, including “rooting” or “jailbreaking” the device to circumvent security mechanisms you put in place.

2. Require STRONG passwords and passcodes to lock mobile devices. Passwords should be at least 8 characters and contain lowercase and uppercase letters, symbols and at least one number. On a cell phone, requiring a passcode to be entered will go a long way toward preventing a stolen device from being compromised. Again, this can be ENFORCED by your network administrator so employees don’t get lazy and choose easy-to-guess passwords, putting your organization at risk.

3. Keep your network and all devices patched and up-to-date. New vulnerabilities are frequently found in common software programs you are using, such as Adobe, Flash or QuickTime; therefore it’s critical you patch and update your systems and applications when one becomes available. If you’re under a managed IT plan, this can all be automated for you so you don’t have to worry about missing an important update.

4. Have An Excellent Backup. This can foil the most aggressive (and new) ransomware attacks, where a hacker locks up your files and holds them ransom until you pay a fee. If your files are backed up, you don’t have to pay a crook to get them back. A good backup will also protect you against an employee accidentally (or intentionally!) deleting or overwriting files, natural disasters, fire, water damage, hardware failures and a host of other data-erasing disasters. Again, your backups should be AUTOMATED and monitored; the worst time to test your backup is when you desperately need it to work!

5. Don’t allow employees to access company data with personal devices that aren’t monitored and secured by YOUR IT department. The use of personal and mobile devices in the workplace is exploding. Thanks to the convenience of cloud computing, you and your employees can gain access to pretty much any type of company data remotely; all it takes is a known username and password. Employees are now even asking if they can bring their own personal devices to work (BYOD) and use their smartphone for just about everything.

But this trend has DRASTICALLY increased the complexity of keeping a network – and your company data – secure. In fact, your biggest danger with cloud computing is not that your cloud provider or hosting company will get breached (although that remains a possibility); your biggest threat is that one of your employees accesses a critical cloud application via a personal device that is infected, thereby giving a hacker access to your data and cloud application.

So if you ARE going to let employees use personal devices and home PCs, you need to make sure those devices are properly secured, monitored and maintained by a security professional. Further, do not allow employees to download unauthorized software or files. One of the fastest ways cybercriminals access networks is by duping unsuspecting users to willfully download malicious software by embedding it within downloadable files, games or other “innocent”-looking apps.

But here’s the rub: Most employees won’t want you monitoring and policing their personal devices; nor will they like that you’ll wipe their device of all files if it’s lost or stolen. But that’s exactly what you’ll need to do to protect your company. Our suggestion is that you only allow employees to access work-related files, cloud applications and e-mail via company-owned and monitored devices, and never allow employees to access these items on personal devices or public WiFi.

6. Don’t Scrimp On A Good Firewall. A firewall acts as the frontline defense against hackers blocking everything you haven’t specifically allowed to enter (or leave) your computer network. But all firewalls need monitoring and maintenance, just like all devices on your network or they are completely useless. This too should be done by your IT person or company as part of their regular, routine maintenance.

7. Protect Your Bank Account. Did you know your COMPANY’S bank account doesn’t enjoy the same protections as a personal bank account? For example, if a hacker takes money from your business account, the bank is NOT responsible for getting your money back. (Don’t believe me? Go ask your bank what their policy is on refunding you money stolen from your account!) Many people think FDIC protects you from fraud; it doesn’t. It protects you from bank insolvency, NOT fraud.

So here are 3 things you can do to protect your bank account. First, set up e-mail alerts on your account so you are notified any time money is withdrawn. The FASTER you catch fraudulent activity, the better your chances are of keeping your money. In most cases, fraudulent activity caught the DAY it happens can be stopped. If you discover even 24 hours after it’s happened, you may be out of luck. That’s why it’s critical that you monitor your account daily and contact the bank IMMEDIATELY if you see any suspicious activity.

Second, if you do online banking, dedicate ONE computer to that activity and never access social media sites, free e-mail accounts (like Hotmail) and other online games, news sites, etc. with that PC. Remove all bloatware (free programs like QuickTime, Adobe, etc.) and make sure that machine is monitored and maintained behind a strong firewall with up-to-date anti-virus software. And finally, contact your bank about removing the ability for wire transfers out of your account and shut down any debit cards associated with that account. All of these things will greatly improve the security of your accounts.

I hope you will find this post informative and useful. I am looking forward to hearing your comments. That’s all I have for today, until next time make it a great day!

Posted in Uncategorized | Tagged , , , , , , , | Comments Off

“Your Computer Network Is Being Haunted!”

Your Computer Network Is Being Haunted!
(And It’s Worse Than Ghosts And Goblins)

Your small business is under attack. Right now, extremely dangerous and well-funded cybercrime rings are suing sophisticated techniques to hack into thousands of small businesses to steal credit cards, blackmail you to recover data and swindle money directly out of your bank account.

82,000 NEW malware threats are being released every single day and HALF of the cyber-attacks occurring are aimed at small businesses just like yours. You just don’t hear about it because it’s kept quiet for fear of bad PR, lawsuits and sheer embarrassment.

The National Cyber Security Alliance reports that 1 in 5 small businesses have been victims of cybercrime in the last year and this number is growing rapidly as businesses continue to move to cloud computing, mobile devices and store more information online.

Here are 7 critical security measures your business must have in place to have any chance of fending off these criminals:

1. Train Employees On Security Best Practices. The #1 vulnerability for business networks are the employees using them. If they don’t know how to spot infected e-mails or online scams, they could infect your entire network.

2. Create An Acceptable Use Policy (AUP) And Enforce It! An AUP outlines how employees are permitted to use company-owned PCs, devices, software, Internet access and e-mail. Having this type of policy is critical if your employees are using their own devices to access company email and data.

3. Require STRONG passwords throughout your company. Passwords should be at least 8 characters and contain lowercase and uppercase letters, symbols and at least one number.

4. Keep Your Network Up To Date. New vulnerabilities are found almost daily on common software programs you use all the time; therefore it’s critical you patch and update systems frequently.

5. Have An Excellent Backup. A quality backup can foil even the most aggressive ransomware attacks, where a hacker locks up your files and holds them ransom until you pay up. If your files are backed up, you don’t have to pay to get your data back.

6. Don’t Allow Employees To Download Unauthorized Software. One of the fastest ways to access your network is by embedding malicious code in seemingly harmless apps.

7. Don’t Scrimp On A Good Firewall. Your firewall is the frontline defense against hackers, so you need a really good one with monitoring and maintenance done regularly.

I hope you will find this post informative and useful. I am looking forward to hearing your comments. That’s all I have for today, until next time make it a great day!

Posted in Uncategorized | Tagged , , , , , , | Comments Off

“Could The Dog Days Of Summer Be A Threat To Your Business?”

Could The Dog Days Of Summer Be A Threat To Your Business?


How To Ensure The Heat Doesn’t Fry Your Server
(And Your Profits!)

With the “dog days” of summer upon us, most business owners are looking for ways to keep their company’s sales and profits HOT, while keeping their IT expenses COOL. But if proper attention is not given to your server and network equipment during the summer, all that heat outside can actually bring your company’s growth to a grinding halt and increase your IT expenses significantly.

Excess heat can be a big problem for small to mid-sized business servers, since a server that becomes overheated usually costs more in energy, fails more often and is more likely to crash. For most companies, a server crash can mean hours or days of downtime, unproductive employees, HUGE amounts of stress and thousands of dollars in lost opportunity.

7 Steps Every Business Owner Must Take To
Prevent a Heat-Induced Server Crash

Here are a few simple things you can do to prevent your server and network equipment from overheating and crashing this summer:

1. Tidy up the server room; a neater room will increase airflow.
2. Keep the doors to the server room closed and seal off the space.
3. Make sure cold air reaches all the equipment.
4. Have a redundant A/C unit that is specifically designed for computers.
5. Buy a rack enclosure where the cooling is built into the bottom of the rack.
6. Keep the temperature at no more than 77 degrees Fahrenheit.
7. Consider virtualization or cloud computing so that you are generating a lower amount of heat in the first place.

Don’t let the summer heat get you down.

I hope you will find this post informative and useful. I am looking forward to hearing your comments. That’s all I have for today, until next time make it a great day!

Posted in Uncategorized | Tagged , , , , , , | Comments Off

“SIMPLE NUMBERS, STRAIGHT TALK, BIG PROFITS!”

“SIMPLE NUMBERS, STRAIGHT TALK, BIG PROFITS!”

Take the mystery out of small business finance with this no-frills guide to understanding the numbers that will guide your business out of any financial black hole. Author Greg Crabtree, a successful accountant, small business advisor, and popular presenter, shows you how to use your firm’s key financial indicators as a basis for smart business decisions as you grow your firm from start-up to $5 million (and more!) in annual revenue.

Jargon-free, and presented in an easy-to-follow, step-by-step format, with plenty of real-world examples, Crabtree’s down-to-earth discussion highlights the most common financial errors committed by small businesses, and how to avoid them.

You’ll learn:
-Why your numbers are lying to you (and why you are the cause!)
-How labor productivity is the key to profitability and simplifying human resource decisions
-Why the amount of tax you pay is your number-one key performance indicator
-Take advantage of Crabtree’s years of experience teaching clients how to build successful businesses by “seeing beyond numbers” with this practical guide to increasing your business’s profitability.

Our Gazelles coach, Kenyon Blunt, recommended this book to me and it has changed the way I look at the numbers. It is an easy read and I have jumped in and started implementing Greg’s suggestions.

I hope you will find this post informative and useful. I am looking forward to hearing your comments. That’s all I have for today, until next time make it a great day!

Posted in Uncategorized | Tagged , , , , , , | Comments Off

The Single Most Dangerous Assumption Businesses Make About Bank Security That Can Cause Them To Lose ALL Their Money

The Single Most Dangerous Assumption Businesses Make About Bank Security That Can Cause Them To Lose ALL Their Money

Here’s a shocker to most business owners: Your bank often can NOT reclaim money stolen from your bank account due to fraud or cyber-crime. That means if money gets drafted from your business bank account from a hacker, phishing attack, identity theft or by any other means, you have little to no chance of getting it back.

This often comes as a surprise to businesses who think the FDIC will “save” them from getting their accounts wiped out, and can get the money back once taken. The reality is that the FDIC insurance is to protect you from bank failure, NOT fraud. So if your debit card or account information gets accessed by a hacker and you don’t notice it within the same day, you can pretty much kiss that money goodbye.

Recent studies have shown that 83% of small businesses take no formal measures against cyberthreats even though almost half of all attacks are aimed at them.

Here are 5 essential steps you can take right now to protect your business:

1. Enforce A Strict Company Password Policy. This is a simple step, but it is still violated by many companies every day. Make sure that you and your employees change passwords regularly, don’t use the same password for all accounts and require complex passwords.

2. Set Up A Firewall. Small business owners tend to think that because they are “just a small business”, no one would waste time trying to hack into their network. The fact is that hackers will target the weakest link. Without a firewall, that “weak link” is YOUR company.

3. Designate A Banking-Only Computer. Banking fraud is one of the biggest threats to small business. The 2011 Business Banking Study showed that 56% of businesses experienced payment fraud (or an attempt at fraud) and 75% experienced account takeover and fraud online. By using a single computer solely dedicated to online financial transactions (no e-mail, web-surfing, Facebook, YouTube, etc.) it’s much harder for outsiders to gain access to your information.

4. Back Up Your Files Daily. It just amazes me how many businesses never back up their computer network. You can lose data as well as money in a cyber attack. Thanks to many new cloud based technologies, you can even schedule offsite backups to occur automatically. If the data in your business is important to you, make sure that you have more than one copy of it.

5. Educate Employees. You staff is the first line of defense AND your biggest security hole at the same time. Uneducated employees are one of the most common causes of data breaches. Make sure that they are aware of the do’s and don’ts for your company with regards to data security.

I hope you will find this post informative and useful. I am looking forward to hearing your comments. That’s all I have for today, until next time make it a great day!

Posted in Uncategorized | Tagged , , , , , , | Comments Off

5 Smart Tips To Know Before Moving Your Data To A Cloud-Based Application

5 Smart Tips To Know Before Moving Your Data To A Cloud-Based Application

Cloud computing is all the rage these days, and while some companies are moving their whole IT infrastructure to the cloud, many others are choosing to streamline their businesses by moving individual business applications.

If you are considering moving any of your company’s software applications “to the cloud,” make sure to consider these 5 tips BEFORE pulling the trigger:

1. Back It Up!
Migrating data to any new location is a mess, and anything can (and usually does) go wrong. Therefore, make sure you have good, recent backup copies of everything before you make the move.

2. Maintain An On-site Copy
At first, moving to the cloud can be a bit scary. What can help mitigate the risk (and the fear) is keeping a local, on-site copy of your data and network image on an NAS (network-attached storage) device. That way you have a local on-site copy in addition to the working cloud copy.

3. Have A “Plan B” To Access The Internet
One of the biggest questions about moving IT to the cloud is “What if the Internet goes down?” To mitigate that fail point, have a business-class Internet connection as your initial and main way to connect, and then also have a second Internet connection service as a backup. If Charter/Cox is your main connection, you might consider keeping a Verizon wireless account as a backup.

4. Use It As An Opportunity To Do Some Housekeeping
You could just copy and paste your files from your local machines into the cloud, but why not take this as an opportunity to reevaluate the structure and organization of that data? Here are some ideas:
• Reevaluate and/or update your file-naming conventions and file organization. A good file-naming policy will make it much easier to find files and information. Also, consider reorganizing all the folders into smarter, more efficient categories.
• Consider who will be using what and what levels of permissions are required to access files. Revisiting your permission levels will help keep sensitive data from falling into the wrong hands.
• Look at old files and consider deleting them or archiving them so they aren’t cluttering up your server and costing you money for storing and backing them up.

5. Phase The Move
Don’t try to migrate everything all at once. Create a transition plan and implement it. Make sure you move your files in bite-size pieces so the changes are easy to digest for your clients, employees, partners and everyone else involved. This also gives you the opportunity to test the water before taking the plunge, and it allows you to put out one fire at a time instead of having all systems down or broken.

I hope you will find this post informative and useful. I am looking forward to hearing your comments. That’s all I have for today, until next time make it a great day!

Posted in Uncategorized | Tagged , , , , , , , , , | Comments Off

What is your Advantage?

What is your Advantage?

The Advantage
by Patrick Lencioni

In Pat’s latest best-seller, The Advantage: Why Organizational Health Trumps Everything Else in Business, he makes an overwhelming case that organizational health will surpass all other disciplines in business as the greatest opportunity for improvement and competitive advantage. Drawing on his extensive consulting experience and reaffirming many of the themes cultivated in his other best-selling books, Pat reveals the four actionable steps to achieving long-term, sustainable success.
(From tablegroup.com/oh)

Our team is going through The Advantage and we are loving it. It is a great summarization of Pat’s books.

I hope you will find this post informative and useful. I am looking forward to hearing your comments. That’s all I have for today, until next time make it a great day!

Posted in Uncategorized | Tagged , , , , , , | Comments Off

7 Secrets To Finding Relevant Information Online

7 Secrets To Finding Relevant
Information Online

Have you ever run into a virtual wall when searching for information on the Internet? With billions of websites online, finding good, relevant information online can sometimes be akin to finding a needle in a haystack.

But take heart! Here are 7 little-known secrets that will help you find what you are looking for in no time at all.

1. Use the “Advanced Search” tool
Almost all search engines have an “advanced search” tool that will provide you with more options for filtering information and websites. This will help you narrow down your search and eliminate irrelevant, off-topic websites.

2. Search with a phrase in quotations
Putting quotations around a phrase will tell the search engine to look for that exact phrase or name instead of each individual word. For example, if you were looking for a chocolate cake recipe, type “chocolate cake recipe” in the search window with the quotes around it. If you left the quotations off, you might get recipes for other cakes or chocolate candy in general because the search engine will look up the words separately: chocolate cake recipe

3. Use synonyms
If your search does not produce the results you want, try synonyms. For example, a dog is also a pet, canine, mutt, pooch, and man’s best friend. Use your Microsoft Word thesaurus tool or Merriam-Webster OnLine to find synonyms for your search term.

4. Use a plus or minus sign
This trick will allow you to narrow down a larger category. If you were looking for a roadside café in Atlanta, you would type in “roadside café + Atlanta”. This will allow you to search on a specific set of keywords that might not be strung together in one phrase as mentioned in tip #2.
This also works in reverse with a minus sign (-). If you wanted to find all roadside cafes that were NOT in Atlanta, you would type in “roadside café – Atlanta”.

5. Just search the domain name
If you know the website you want but can’t seem to find the information you are looking for, you can tell the search engine to search for a specific keyword or phrase within that site. Simply enter the search term you are looking for followed by the word “site” and a colon, and then by the domain name.
For example, if you wanted to find information on spam filter updates for Microsoft Outlook, enter this: spam filter update site:www.microsoft.com

6. Eliminate inappropriate content
To eliminate adult sites clogging your search results, simply activate your favorite web browser’s adult filter setting. MSN has a SafeSearch option on its settings page and Google’s can be found in their advanced search option. It’s not 100% accurate but it will eliminate the most obvious sexually explicit websites from your search.

7. Use your search engine’s categories
Many search engines offer specialized areas such as news, video, audio, pictures, local, and shopping related categories. If you know you are looking for a picture, choose the appropriate category and your chances of finding what you want increase significantly.

I hope you will find this post informative and useful. I am looking forward to hearing your comments. That’s all I have for today, until next time make it a great day!

Posted in Uncategorized | Tagged , , , , , , | Comments Off

An IMPORTANT Security Warning For Businesses Running Windows Server 2003

An IMPORTANT Security Warning For Businesses Running Windows Server 2003

If your organization is currently running Microsoft Server 2003 on one or more servers in your office, you need to know about a dangerous security threat to your organization that must be addressed very soon. Please take a moment to read this important announcement.

As your local Microsoft Registered Partner, we are aggressively reaching out to all businesses within the Greater New Orleans Area that use Microsoft Windows Server 2003 to alert you to this serious security risk to your organization and inform you about what you need to do now to protect your company.

Server 2003 Changes Must Be Made Between Now And The Middle Of 2015

Microsoft has officially announced that it will retire support on the Server 2003 operating system on July 14, 2015. Once support ends on this 11-year-old product, there will be no further patches or security updates, exposing any company running this software to major security and compliance risks. Any server with this software installed will be completely exposed to serious hacker attacks aimed at taking control of your network, stealing data, crashing your system and inflicting a host of other business-crippling problems you do NOT want to have to deal with.

Unless you don’t care about cybercriminals running rampant in your company’s server, you MUST upgrade any servers running this operating system.

Important: The average server upgrade project takes nearly 200 days to complete. Don’t wait until July when everyone is begging for urgent help.

I hope you will find this post informative and useful. I am looking forward to hearing your comments. That’s all I have for today, until next time make it a great day!

Posted in Uncategorized | Tagged , , , , , | Comments Off

5 Easy Things You Should Do To Protect Your Business Now

5 Easy Things You Should Do To Protect Your Business Now

Let’s face it: no one likes to think about bad things happening to them, much less plan for them. But since September is National Disaster Preparedness Month, we want to give you a quick “brush-up” on some simple things you can (and should!) be doing to protect your business.

1. Review Your Business Insurance Carefully. Most businesses carry some type of general liability insurance that would pay them if their building and the things in it were damaged. However, many businesses do not have enough coverage to replace all the computer equipment and devices, desks, art, supplies and other things they’ve accumulated over the years that are housed in their office. Make sure you review your policy every year and keep in mind new additions and assets you’ve accumulated during that year.


2.
Consider Cloud Computing. One of the biggest advantages of cloud computing is that your data and assets are stored off-site in a highly secure, high-availability data center, with failover and redundancy built in. That means that if your building were destroyed and you had to evacuate, or if your server melted down due to an unexpected hardware failure, everything you’ve worked so hard to create over the years is safe and not a sitting duck in your unsecured closet or server room.

3. Secure Your Data. Making sure that your data is protected from theft is a never-ending battle you don’t want to lose. Companies that get hacked and expose sensitive client and employee data can face severe penalties, lawsuits and massive loss of credibility in the marketplace. Make sure you never have to send an e-mail to your customers explaining the bad news that a hacker accessed their info through you. Further, if you keep any sensitive information (even passwords to portals containing sensitive information) on portable laptops, phones and other devices, make sure you have a way of controlling and safeguarding that information.

4. Write A Simple Disaster Recovery Plan. The key word here is “simple.” If your plan gets too complicated or difficult, you won’t do it. But at a minimum, think of the disaster that is most likely to happen and that would have a severe and negative impact on your company’s survival.

5. Review Your Employee Internet Policy. With so many people “addicted” to Facebook and Twitter, it’s important that your employees know where the line is in what they can and can’t post online. We also recommend content-filtering software to block content and web sites you don’t want employees visiting during work hours.

I hope you will find this post informative and useful. I am looking forward to hearing your comments. That’s all I have for today, until next time make it a great day!

Posted in Uncategorized | Tagged , , , , , , , | Comments Off