Reimagining Business Collaboration
When all your employees are under the same roof, getting the group together to brainstorm ideas and solve big problems is an issue of packing all the people into the same conference room. But when your employees are spread across a city, country, or even the entire globe, how do you pull everyone together to collaborate? Technology has made the physical location of employees irrelevant to their productivity level—we can now access all corporate tools outside the office. But in the process of making it easier to recruit the best talent regardless of their proximity to the physical building that the company is housed in, we lost something that is inherent to the productivity of the entire workforce: the ability to work together as a single unit. ZAC, the newest member of the Zultys family of product, is a tool designed to help employees connect. By bringing all the functionality necessary to work together into a single application, you can put all your best brains into the same conference room—it just won’t be a physical room anymore. The possibilities are endless and the integration between the various methods of communication is infinite. A powerful team chat functionality hosts all the employees working on the same project in the same virtual conference room, and when conveying the ideas across with written correspondence becomes too difficult, getting all the employees together on a conference call doesn’t require trying to remember different phone numbers or emails to send the meeting invite to. All the contact info employees need is right there at their convenience, so that they can put their minds to use doing their job without wasting precious time on figuring out how to get in touch with their coworkers. Set up smaller collaboration hubs for more private conversation, accessible to only the people invited to this discussion, while more expansive projects can be discussed by huge groups. And on top of that, you still have access to all the call handling and call management functionality that have made Zultys Unified Communication Platform indispensable at corporations across the globe. ZAC specializes in enhancing productivity, by combining all methods of communication into a single application, one that is both intuitive and versatile and able to support the communication needs of any business. Technology is supposed to be making our lives easier, so make your business communication technology work for you! And ZAC is here to connect you and your employees together, to make tackling your hardest projects as easy as it would be if you were all sitting around that old conference room table. Contact us to learn more about how we can help you reimagine collaboration in your office! Source: Zultys Blog, Lina
Helpful Tips About Disaster Recovery
The Truth About Disasters They can happen to any business at any time and the downtime they cause is truly catastrophic, many of which never recover. The strength to avert disasters and effectively handle the ones that occur starts with knowledge. Downtime is Common 90% of companies experience some form of downtime, which may result in loss of data, security, productivity, and revenue. (Down) Time is Money An hour of downtime costs $8,000 for a small company, $74,000 for a medium company, and $700,000 for a large enterprise. Planning Ahead The most powerful and flexible disaster recovery plan is local virtualization for SMBs and enterprises with physical or virtual servers. Disastrous Situations Disasters that cause downtime may be a result of hardware failure, human error, software failure, or natural disaster. Recovery is Painful The average time it takes a business to recover from disaster is 18.5 hours, but 43% of companies never totally recover. What could happen? Disasters of all kinds cause downtime that is damaging to a business. Disaster planning must encompass disasters of all types and sizes: fires, floods, fraud, ransomware, cyber-attacks, power or IT system failure, human error, acts of terror, and other unthinkable scenarios. While the type of disaster varies, the impact is typical: data and operational downtime that is truly disastrous. The devastating effect of downtime caused by disaster include irreparable damage to data, reputation, customer relationships, income, and business vitality. The best offense is a good defense; you must protect your business by understanding your vulnerabilities, safeguarding against the risks, and preparing for the worst possible business disruption with a plan for business continuity and disaster recovery that will shield your data, protect your business, and keep your systems available and reliable no matter what happens. Solutions They can happen to any business at any time and the downtime they cause is truly catastrophic, many of which never recover. The strength to avert disasters and effectively handle the ones that occur starts with knowledge. Datto SIRIS Disaster Recovery as a Service (DRaaS) for local, virtual and cloud environments, within a single platform. SIRIS is the leading BCDR platform for businesses. Datto ALTO Datto ALTO is the only continuity solution designed specifically for small business. Using image-based backup and a hybrid cloud model, ALTO delivers enterprise-grade functionality at a small business price. Datto NAS Data backup, recovery and business continuity for local, virtual, and Cloud environments, within a single platform. Keep every file safe and accessible with Datto NAS. How can I protect my business? Your disaster recovery plan must ensure that your entire business infrastructure can be recovered within seconds. You need a holistic, integrated disaster recovery plan that is reliable, simple, and quick. DRaaS offers a disaster recovery plan that is visible, scalable, and affordable. Business-critical data, systems, desktops, servers, and the entire infrastructure must be protected and recoverable. With secure local virtualization solutions, if disaster strikes, your entire infrastructure (physical or virtual) is virtualized instantly, empowering you to continue your business operations without losing any data, incurring any damage, or experiencing any downtime. Get DRaaS With Datto Datto SIRIS Disaster Recovery as a Service (DRaaS) for local, virtual and cloud environments, within a single platform. SIRIS is the leading BCDR platform for businesses. Explore Datto SIRIS Datto ALTO Datto ALTO is the only continuity solution designed specifically for small business. Using image-based backup and a hybrid cloud model, ALTO delivers enterprise-grade functionality at a small business price. Explore Datto ALTO Datto NAS Disaster Recovery as a Service (DRaaS) for local, virtual and cloud environments, within a single platform. SIRIS is the leading BCDR platform for businesses. Explore Datto NAS Need help learning about preparing for a disaster? Give us a call and we’ll examine your existing systems and see what will work best for you. Lakeland office: (863) 686-3167 | Tampa office: (813) 289-8805 Source: Datto.com
Five Things Your Company Needs To Do Now To Prepare For A Hurricane
June 1 marks the official beginning of the Atlantic hurricane season. Most people do some prepping on a personal level but is your business ready? Here is a list of five things your company needs to do in June before the first storm heads our way. Establish a plan. If you have not already created a disaster plan, now is the time to get it done. This plan needs to include the various scenarios you might encounter should you be at ground zero. Some of the items you need on this plan include: Will you need to close and evacuate? How do you notify your staff and customers? Do you have an alternate location to operate your business should your building be without utilities or be inhabitable? How will you access company data such as customer or patient records? Check your backups. It is so easy to get complacent with backups. Whether you are backing up to media or backing up to the cloud, now is the time to evaluate it. Not only do you need to ensure you are getting proper backups, you also need to ensure you are backing up everything critical. More than once, we have helped a company recover a backup only to learn a critical directory or database was left out. If you are still backing up to media, you need to do a test restore to be sure the backup is valid. Develop a communications plan. If there are power outages, landline phones, and cell phones may not work. If your business is mission-critical, you need to ensure you have an alternative means of communication such as satellite phones. Texting is also a great means of communication after storms. When bandwidth is scarce, you might not be able to make a phone call, but you will likely be able to send texts. Create an emergency response team (ERT). It is good to define a skeleton crew that can carry out your disaster plan. You must develop clear roles and responsibilities for each team member. You must also ensure the team has contact information and instructions on how to proceed should they be unable to reach someone on the ERT. Once the storm passes, you should have the ERT contact your entire staff to ensure they are safe and do not have any immediate needs. Be sure to not only train this team but consider doing some role-play exercises to be sure everyone is on the same page. Secure your building(s). Before leaving for the storm, it is smart to walk through your building and unplug any mechanical or computer equipment to protect it from surges. You may also want to consider covering key equipment with plastic tarps or bags in case of moisture intrusion. Also, if you have confidential paper files or portable media, be sure these are stored in a locked cabinet or safe. Should your building become insecure, you want to know your data is safe. Depending on your location, you may also want to install hurricane shutters. If you have a generator, be sure you test that early in the season and insure you have fuel ready. This is by no means an exhaustive list but should give most small businesses a good start. If you would like help developing a comprehensive list, we’d love to help. Contact us for a free consultation.
What is Business Continuity & Disaster Recovery?
What Is Business Continuity? Business continuity is the process, policies, and procedures related to preparing for recovery or continuation of business infrastructure critical to an organization after a natural or human-induced disaster. Whether the business is small or a global enterprise you need to know how you can keep going under any circumstances. Business Continuity Vs Disaster Recovery Disaster recovery is a subset of business continuity. While business continuity involves planning for keeping all aspects of a business functioning in the midst of disruptive events, disaster recovery focuses on the IT or technology systems that support business functions. A Complete Disaster Recovery Solution A proper business continuity solution should proactively protect clients’ systems and data against disasters of all type. An MSP should offer a business continuity solution that can rescue businesses and get them back online within minutes of any of these disasters: Hardware and software failures Natural disasters Unintentional human error or malicious actions Ransomware and other cybersecurity threats What to Look for in a Business Continuity a Solution? Here are some more key things to consider when looking for a solution: Hybrid cloud backup: A hybrid approach fixes the vulnerabilities that a cloud-only or local-only possess. Superior RTO and RPO: Think in terms of business continuity rather than simply backup, and calculate how much downtime your business can endure and still survive (RTO) as well as how much data you can afford to lose (RPO). Image-based backup: Make sure that the backup solution takes images of all data and systems rather than simply copying the files. Interested in learning more about our Business Continuity & Disaster Recovery Solutions? Give us a call or shoot us a message here: https://boring.com/contact-us/ Source: Datto Blog
How to handle compromised credentials
You’ve just discovered there are compromised employee credentials or other sensitive data of your company exposed and available on the Dark Web. The reality is, once exposed on the Dark Web, your information cannot ever be completely removed or hidden. You cannot file a complaint or contact a support line to demand your data be removed. Your company should immediately start taking appropriate steps and measures to correct or minimize the risks and potential damages associated with this exposed data. Identify, understand and learn from past mistakes or failures, and adopt a more proactive and preventative approach to your business’ cybersecurity strategies moving forward. Sound the Alarms Important Business Alert Alert all employees, top to bottom, of the compromised data and explain or educate them about the Dark Web. Review individual compromises with critical users. Explain specific threats and risks – both to the business and potentially, the user Establish/update strict password policies and review and share with users. Retire old and exposed passwords Define what a strong password is and implement a password construction policy Make different passwords for each business account mandatory and keep personal ones separate Determine a schedule for routine password changes Change passwords Change passwords for exposed logins – all accounts using the compromised passwords Replace with unique passwords for each account Change/refresh any passwords older than six months Cybersecurity Best Practices to Proactively Protect Your Business Implement Multi-Factor Authentication Even the strongest and most complex passwords won’t protect you if they have been compromised and exposed on the Dark Web. Requiring users to verify who they say they are via two or more unique security factors will virtually eliminate more than half the threats and risks associated with exposed user credentials. Consider Single Sign On (SSO) and Password Management Solution The combined benefits of a Secure SSO and Password Management platform will enable your entire workforce to adapt and thrive in a security-first environment while reducing password frustration and fatigue for users and empowering increased productivity. Ongoing Security Awareness Training for Users Users continue to be the weakest link in security for businesses worldwide. This is often due to genuine ignorance regarding security best practices and a lack of knowledge or awareness of common threats and risks. Establish ongoing security awareness training for all users and turn your weakest link into your strongest security defense. Perform Regular Risk Assessments A comprehensive audit of your business infrastructure and systems will inevitably reveal vulnerabilities and security gaps within your network, applications or on your devices. Performing regular assessments will allow you to stay in the know and enable you to achieve and maintain a more preventative approach to security, often eliminating issues or problems before they arise. Proactively Monitor for Breaches and Cyber Threats Cyber threats continue to increase and evolve, and hardware and software vulnerabilities are discovered regularly, exposing your business to a steady barrage of security risks. To adopt a proactive and preventative approach to cybersecurity, your business must have visibility and insight into both internal and external activities, trends and threats to the network and data. Back Up Everything It is imperative that you ensure your business and customer data is protected and secured against any incident or disaster such as system failure, human error, hackers, ransomware and everything in between. In addition, make sure you explore the importance of accessibility and consider investing in business continuity as part of your backup strategies. Invest in Cyber Insurance Sometimes things do not work out no matter how much effort you put into them. As a business, you must do everything right. However, a hacker only needs a single gap or weak point in your security systems to slip past your defenses like a trojan horse. Every business in operation today needs cyber liability insurance to protect their business when all else fails. Don’t wait until you are the next news headline or statistic. Contact us today to start implementing the comprehensive security solutions your business deserves.
Are your credentials in the Dark Web?
Digital credentials are at risk 39% of adults in the U.S. use the same or very similar passwords for multiple online services, which increases to 47% for adults ages 18-29. Passwords are a twentieth-century solution to a twenty-first century problem. Unfortunately, usernames and passwords are all that stands between your employees and vital online services. A good security practice is to use a completely different password for every service. How are credentials compromised? Phishing – Send emails disguised as legitimate messages. Malvertising – Inject malware into legitimate online advertising networks. Watering Holes – Target a popular social media, corporate intranet. Web Attacks – Scan Internet-facing company assets for vulnerabilities. How does a hacker use credentials? Send spam from compromised email accounts. Deface web properties and host malicious content. Install malware on compromised systems. Compromise other accounts using the same credentials. Exfiltrate sensitive data (data breach) Identity theft Data is sold at auction For those who make credentials available on the Dark Web, the financial rewards can be significant. A criminal dealing in stolen credentials can make tens of thousands of dollars from buyers interested in purchasing them. And by selling those credentials to multiple buyers, organizations that experience a breach of credentials can easily be under digital assault from dozens or even hundreds of attackers. The numbers are staggering The average number of data records per company, including credentials, compromised during a data breach is 28,500! Protecting against compromise While there is always a risk that attackers will compromise a company’s systems through advanced attacks, the fact is that most data breaches exploit common vectors such as known vulnerabilities, unpatched systems and unaware employees. Only through defense in depth – implementing a suite of tools such as security monitoring, data leak prevention, multifactor authentication, improved security awareness and others – can organizations protect their credentials and other digital assets from seeping onto the Dark Web. We keep you out of the Dark Web Small businesses need Dark Web Monitoring for today’s cybersecurity risk. Protect your business and secure your assets. We make Dark Web Monitoring affordable enough for small businesses to take advantage of enterprise-level actionable intelligence. Contact us to learn more about our Dark Web Monitoring services.
5 Common Social Engineering Scams
Social engineering scams have been going on for years and yet, we continue to fall for them every single day. This is due to the overwhelming lack of cybersecurity training available to the employees of organizations big and small. In an effort to spread awareness of this tactic and fight back, here is a quick overview of common social engineering scams. Managed service providers (MSPs) have an opportunity to educate their small and medium business clients to learn to identify these attacks, making avoiding threats like ransomware much easier. Phishing Phishing is a leading form of social engineering attack that is typically delivered in the form of an email, chat, web ad or website that has been designed to impersonate a real system, person, or organization. Phishing messages are crafted to deliver a sense of urgency or fear with the end goal of capturing an end user’s sensitive data. A phishing message might come from a bank, the government or a major corporation. The call to actions vary. Some ask the end user to “verify” their login information of an account and include a mocked-up login page complete with logos and branding to look legitimate. Some claim the end user is the “winner” of a grand prize or lottery and request access to a bank account in which to deliver the winnings. Some ask for charitable donations (and provide wiring instructions) after a natural disaster or tragedy. A successful attack often culminates in access to systems and lost data. Organizations of all sizes should consider backing up business-critical data with a business continuity and disaster recovery solution to recover from such situations. Baiting Baiting, similar to phishing, involves offering something enticing to an end user, in exchange for login information or private data. The “bait” comes in many forms, both digital, such as a music or movie download on a peer-to-peer site, and physical, such as a corporate branded flash drive labeled “Executive Salary Summary Q3” that is left out on a desk for an end user to find. Once the bait is downloaded or used, malicious software is delivered directly into the end users system and the hacker is able to get to work. Quid Pro Quo Similar to baiting, quid pro quo involves a hacker requesting the exchange of critical data or login credentials in exchange for a service. For example, an end user might receive a phone call from the hacker who, posed as a technology expert, offers free IT assistance or technology improvements in exchange for login credentials. Another common example is a hacker, posing as a researcher, asks for access to the company’s network as part of an experiment in exchange for $100. If an offer sounds too good to be true, it probably is quid pro quo. Piggybacking Piggybacking, also called tailgating, is when an unauthorized person physically follows an authorized person into a restricted corporate area or system. One tried-and-true method of piggybacking is when a hacker calls out to an employee to hold a door open for them as they’ve forgotten their ID card. Another method involves a person asking an employee to “borrow” his or her laptop for a few minutes, during which the criminal is able to quickly install malicious software. Pretexting Pretexting, the human equivalent of phishing, is when a hacker creates a false sense of trust between themselves and the end user by impersonating a co-worker or a figure of authority well known to an end user in order to gain access to login information. An example of this type of scam is an email to an employee from what appears to be the head of IT support or a chat message from an investigator who claims to be performing a corporate audit. Pretexting is highly effective as it reduces human defenses to phishing by creating the expectation that something is legitimate and safe to interact with. Pretexting emails are particularly successful in gaining access to passwords and business data as impersonators can seem legitimate, so it’s important to have a third-party backup provider. For all employees to be aware of the various forms of social engineering is essential for ensuring corporate cybersecurity. If users know the main characteristics of these attacks, it’s much more likely they can avoid falling for them. Aside from education and awareness, there are other ways to reduce the risk of being hacked. Employees should be instructed not to open emails or click links from unknown sources. Computers should never be shared with anyone, even for a moment. By default, all company desktops, laptops, and mobile devices should automatically lock when left idle for longer than five minutes (or less). Lastly, ensure your business is prepared to quickly recover from this kind of attack in case an employee does fall victim to one of these schemes. Humans are humans after all. By leveraging a solid backup and recovery solution, everyone can rest easy. Source: Datto.com, Courtney Heinbach
