premiere pc circle logo

Yes and no, it really depends on the type of gear and if its mission critical or not. Let’s review a few types of hardware and answer with more specifics.

Servers:

Absolutely. Obtain NBD service directly from the manufacturer when purchasing., opt for the longest term they have available., 5 years is the average lifespan of mid to high end servers. For entry level servers, a 3 year term is more reasonable.

Network gear:

Most routers and switches will come with a 1-year warranty. Meraki for example will offer hardware replacement as long as you maintain your security services. For small business gear, the cost of warranty exceeds the risk. For higher end switches in the thousands, this makes more sense.

Workstations / Laptops:

We advise that all new systems be ordered with the 3 year NBD depot warranty option for any business user. Having techs come to you vs you having to shop your unit off waiting weeks is always smarter. The average laptop or desktop will last about 3 years when choosing mid to high end gear.

Monitors and Accessories:

We skip these options as we have seen very few monitor failures due to manufacture defects over the last decade. If there is a problem, it will usually manifest in the first year. Stay away from the cheap brands and pay a little more for quality to avoid any issues.

Within the IT support industry there are no real standards in terms of what or how a company provides IT services. There are differing models such as break-fix, contracts, or hybrid offerings.

With 20+ years in the IT support space, we feel that the Managed Services approach works best for both client and provider alike.

Managed Service Providers (MSPs) exist to collect and manage an array of services and solutions for their clients. Within that designation, there can be a focus on vertical or niche industries.

A true managed service provider is one that exists to service a client in many parts of their business, whereas a break-fix firm is available on demand as needs arise.

What we have observed over the last two decades is that clients with an MSP are much better prepared for changes, have a higher security posture, and have better performing networks. To this end, that is our approach. Think of an MSP as your IT controller.

Questions you should ask a potential IT provider should include:

  • How many employees do you directly hire? (Stay away from franchise firms that use back office techs to supplement the owner.)
  • Do you carry full professional liability insurance?
  • Do you focus on proactive work and what can be expected?
  • What is the average wait time to talk to a technician?
  • Can you advise and consult on security and compliance? Is this part of the contract?
  • Do you have a long-term commitment? (Stick with firms that offer you month-to-month pricing as they will scale with you and offer more flexible options.)
  • Can you support all of our business functions? [For example, our MSP will handle just about everything for a client (domain, dns, email, av, help desk, hosted phones, file sharing, etc) Try to get a single source to tie all of your critical business IT needs together.]
  • Get client references, ask for more if needed. Call them, get honest feedback.

Most of all, find a provider you can trust, one that will act on your company’s best interests. As an example, our firm does not add margin to hardware or software sales. We are not here to upsell gear, instead we focus on our service relationship.

Schedule regular meetings with your new IT team and fill them in on your thinking and plans. A good IT provider can be a critical part of your overall leadership team and help you save time and money with smart solutions.

PremierePC - Managed IT

Matthew addresses : What is the dark web? Why should I monitor the dark web? What happens if my company’s information is already present on the dark web? How can PremierePC help my business?

View our Dark Web Video on Youtube

Click here, fill out the form, and access your free report today!

phishing

what is phishing? how do i avoid phishing attacks?

Phishing emails, texts and phone calls try to trick you into visiting a malicious website, handing over a password, or downloading a file. This works in email attacks because people often spend the whole day at work clicking on links and downloading files as part of their jobs. Hackers know this and try to take advantage of your habit to click without thinking.

Number one defense: PAUSE BEFORE CLICKING

  • Look at the “from” field. Is the person or business’s name spelled correctly, and does the email address actually match the name of the sender? Or are there a bunch of random characters in the email address instead?
  • While we’re at it, does the email address seem close, but a little off? E.g. Microsft.net, or Microsoft.co.
  • Hover your mouse over any links in the email to see the true URLs they will send you to. Do they look legitimate? Remember, do not click!
  • Check the greeting. Does the sender address you by name? “Customer” or “Sir” would be red flags.
  • Read the email closely. Is it generally free from spelling errors or odd grammar?
  • Think about the tone of the message. Is it overly urgent or trying to get you to do something you normally wouldn’t?

Even if an email passes the initial test outlined above, it could still be a trap. A spear-phishing email might include your name, use more polished language and seem specific to you. It’s just plain harder to notice. Then there are targeted phone calls, in which someone calls you and tries to manipulate you into handing over information or visiting a malicious website.

Beat phishing by calling the sender and locking down your personal and business information. Deploy MFA to your user base to help protect data, even if they do click.

Employee oversight due to lack of training is the number one way hackers gain access to your company’s data. Regular security training is imperative to mitigate these threats. Learn more…

Download our phishing handout here.

Are you only relying on your email platform’s baked in spam filtering? You could be leaving yourself open to a range of threats.

What is email filtering?

Most major email providers use built in settings to move emails to “junk” or “spam.” These settings work great for unwanted advertising. However, they are not as effective in blocking incoming phishing emails that are designed to steal your personal information. These settings also do not prevent users from visiting websites known to contain malware.

Additional email security and compliance services can be layered on to block phishing emails and prevent users from visiting problematic sites.

How does it work?

Email filtering analyzes incoming emails for common trigger words, problematic content or design of the email, previously flagged IP addresses or senders, etc. Emails from unknown senders containing links or attached documents may also set off these phishing filters.

Phishing filters will typically move flagged emails to an additional inbox and place them “on hold” until you release, block, or allow it.

Releasing an email sends it to your normal inbox to be opened. In the future you will have to continue approving emails from the sender. If an email is blocked, then the email is rejected and the sender will be now be blocked from sending you future emails.

What are other ways to protect my network?

  • Implement Two-Factor (2FA) / Multi-Factor (MFA) solutions: These solutions add an additional layer of protection to your users.
  • Recognize signs of a scam: Engage your team in regular security training and phishing simulations.
  • Strengthen password security: Use a password manager and limit repeating passwords across different accounts
  • Maintain up to date hardware and software: Work with your IT firm to ensure you are using the most up to date and secure platforms

Remember that email filtering is only a portion of a whole cybersecurity plan used to keep your company safe.

How can PremierePC help?

PremeirePC is partnered with MailProtector (here in Greenville) to offer a range of email security and compliance services.


Elevate your email security to the cloud and stop spam and viruses for good. Let our team of email security experts protect your users around the clock.
Filter outbound email traffic with the policies you define. Prevent spam proliferation and keep damaging or sensitive data from being leaked via email.
Email encryption via Bracket offers an added layer of security to your email platform ensuring compliance in difficult industries like Health Care and Financial Services.

 

Learn more about our email security and compliance offerings and overarching cybersecurity support.

All services sold by the user by the month, no long-term commitments or up-front fees. Services are limited to managed service plan clients.

premiere pc circle logo

If you suspected your business was compromised by a cyber attacker, what would you do first to find help? If your first thought is to search online, what would your keywords be in the search?

We encounter this all the time and would like to offer some concrete suggestions.

First, contact a local IT firm that either specializes in cybersecurity instead of a local break-fix shop. Usually, you will be searching for Managed Service Providers. MSP’s are better suited to both understand and have the tools readily available to best assist you.

With any compromise, there are two immediate goals. Identify the ingress point and sever access. This process includes looking at your network equipment, servers, and computing endpoints.

Once the entry point has been determined and blocked, it’s time to complete a network forensics review. During this time, each machine is run through several virus and malware scans. In addition, we utilize a threat hunting service that can detect current and past malware footholds.

An often-overlooked part of the process is reviewing the firewall and server configuration to ensure no external access is permitted to internal systems. Eight out of ten times the main ingress point is a firewall rule allowing access to an internal server or other computing resource.

A common error is getting a compromised server cleaned, then putting it back into service too soon. Checking the network level rules before placing servers back in operation is a best practice to avoid more downtime or re-infection.

Ensure that all of your computing devices have next generation anti-virus solutions. Have an enterprise class router with active security services. Always use a VPN to access internal systems from outside instead of Remote Desktop Connections or other similar software, especially when dealing with PII or your own financial data.

Double check your backup policy and data retention rules. Test your backup with a fire drill at least quarterly. Use a company, like us, that offers fully managed backup with human monitors.

With a few simple steps, you can improve your security posture, mitigate your risks, and recover faster from an attack.

 

premiere pc circle logo

egnyte_file_sharing

We have been using Egnyte for over nine years, before wide-spread cloud adoption was a thing. Egnyte has continued to invest in their platform and in our opinion, it is the strongest cloud sharing service available. When compared to SharePoint, OneDrive, Google Drive, and others, there is no real comparison. A few of our reasons are below.

User adoption:

Egnyte is so easy to learn and pick up that almost anyone in the organization can do it with minimal training. Where training is needed, helpful guides and resources are available and take just minutes, not hours or days, to learn.

Flexibility of access methods:

We can deploy Egnyte in just about any configuration that makes sense – cloud only, hybrid, or local. You can have the benefits of a cloud solution with the speed and security benefits of local storage. No other solution, SharePoint included, can boast this with as much simplicity and value as Egnyte can.

No cumbersome VPN services, no compromise on security. No problem.

Platform:

You get more than just file sharing. You also get backup, revisioning, and collaboration tools; as well as multi-point integrations with industry leading products such as Microsoft 365.

Secure sharing:

Egnyte allows you to securely share both inside and outside your organization, ensuring compliance and PII remains protected while offering an intuitive way to share and engage your team, clients, and vendors.

Search:

Gain contextual search for all things stored in Egnyte allowing you to quickly and deeply understand your data. The engine is turnkey and ready to go from day one. No training data sets, integration work, or complex scripting required to get started. With simple reports, alerts, and triggered workflows, you don’t need a team of engineers to operate it either.

Compliance:

Help drive good compliance practices by limiting and being able to report on who has access to your data, both inside and outside the organization. With full audit logs, access trails, and deep user permissions, layer on Egnyte Protect for the most automated and comprehensive experience.

 

Egnyte is a power tool, delivering value day after day with an intuitive method of working. As a partner, PremierePC can offer you full support, direct billing, and ongoing assistance with management. Learn More…

DID YOU KNOW…

60% of SMBs will go out of business within 6 months of a cyber incident

73.18% of the US population has at least one compromised credential on the dark web

$46,000 – average cost of downtime due to a ransomware attack

dark web monitor

Reusing passwords, or a similar version of the same password, means if one of these accounts is hacked, all of them are hacked. This will happen in a matter of seconds.

Now what?

PremierePC offers a wide variety of cybersecurity solutions to help mitigate and plan for attacks. They will happen. Will you be ready?

Dark Web Monitoring (DWM)

  • Delivers the same advanced credential monitoring capabilities used by Fortune 500 companies.
  • Connects to multiple Dark Web services, including Tor, I2P and Freenet, to search for compromised credentials, without requiring you to connect any of your software or hardware to these high-risk services directly.
  • Provides awareness of compromised credentials before identity theft or data breaches occur.

A Zero-Touch Solution. No need to share access to your server, domain, or DNS settings.

How can we protect against human error?

Regular security training and awareness allows employees to know what to look for, and how to stop phishing attacks from successfully gaining entry into your network. This is a very effective defense against cybercrime.

This solution is INCLUDED with our Dark Web ID solution. No additional costs to layer on a proactive security awareness program.

 

Ready to know what the bad guys know?

Access your free scan now

**Submitting your contact information in this form does not put your information at risk. We will simply use your provided information to compare to information we find on the dark web by searching typical hacker sites, over 500 distinct Internet relay chatroom channels, 600,000 private websites, and 600 twitter feeds. We will then set up a brief meeting with you to review your results.

premiere pc circle logo

What are you guys doing to protect important information on your networks (site, backend files, customer information etc)?

As with any intelligent Backup and Disaster Recovery (BDR) planning, a layered approach is always best.

The first step is to identify what is important. You nay have an idea, but test this out be simulating a loss. Turn off your server or shared resources and see what you truly can’t live without.

Once you have a firm idea of what you need, we can focus on how to secure it.

We utilize several tools.

Utilizing cloud services is a great start, but they are not immune to data loss. A common misconception about Google and Office 365 is that your data is backed up. It’s not. It is far less likely to be lost due to hardware failures like local data, not to mention human error. Do you backup your cloud email service?

Where possible, use intelligent file sharing solutions. We offer such a service that acts as your file share, revision platform, and can help drive compliance.

We also provide our clients with access to a human managed backup platform where we can store server images, system states, and file level backups. When something does go wrong, we are quickly able to get them back up and running.

premiere pc circle logo

How would you deal with a website developer who is holding your website information hostage and can’t update information?

We think it’s regrettable that certain firms or professionals would behave like this, but we have seen it occur far too often.

Since 2006, our team has been actively helping clients manage their domains as part of the IT stack for this very reason. Your domain is a critical part of your identity and overall IT infrastructure as it directly relates not only to your website, but your email.

A web host should never NEED to own your domain or even register it for you. Having a central IT controller like PremierePC in the mix can help as we manage the domain, and then any vendors who need access to records or changes.

With this in mind, let’s focus on the problem listed. First, attempt to gain access to the website control panel or hosting account. This is the root level of access and will be your best bet to re-gain control. If that is not possible, then a local admin account to the CMS or FTP account could be used.

If the provider is unwilling to provide access to services that you pay for then legal action may be needed. While this process is going on, if possible, securing your domain before brining any legal challenges will be a wise move.

In closing, keep your domains registered yourself and where possible purchase your own hosting and have your web team build your site there. Use a trusted third party like PremierePC to help manage and control these items and act as your trusted advisor and consultant to ensure no changes are being made that will have adverse consequences. Most importantly, your domain never NEED to move to your web host for them to host a website, we firmly believe that whoever provides and manages your email platform should be in charge of the domain and DNS.

You can learn more about our domain and managed DNS program using the links below.

https://www.premierepc.net/business-hosting/domains/

https://www.premierepc.net/business-hosting/managed-dns/