premiere pc circle logo

If you suspected your business was compromised by a cyber attacker, what would you do first to find help? If your first thought is to search online, what would your keywords be in the search?

We encounter this all the time and would like to offer some concrete suggestions.

First, contact a local IT firm that either specializes in cybersecurity instead of a local break-fix shop. Usually, you will be searching for Managed Service Providers. MSP’s are better suited to both understand and have the tools readily available to best assist you.

With any compromise, there are two immediate goals. Identify the ingress point and sever access. This process includes looking at your network equipment, servers, and computing endpoints.

Once the entry point has been determined and blocked, it’s time to complete a network forensics review. During this time, each machine is run through several virus and malware scans. In addition, we utilize a threat hunting service that can detect current and past malware footholds.

An often-overlooked part of the process is reviewing the firewall and server configuration to ensure no external access is permitted to internal systems. Eight out of ten times the main ingress point is a firewall rule allowing access to an internal server or other computing resource.

A common error is getting a compromised server cleaned, then putting it back into service too soon. Checking the network level rules before placing servers back in operation is a best practice to avoid more downtime or re-infection.

Ensure that all of your computing devices have next generation anti-virus solutions. Have an enterprise class router with active security services. Always use a VPN to access internal systems from outside instead of Remote Desktop Connections or other similar software, especially when dealing with PII or your own financial data.

Double check your backup policy and data retention rules. Test your backup with a fire drill at least quarterly. Use a company, like us, that offers fully managed backup with human monitors.

With a few simple steps, you can improve your security posture, mitigate your risks, and recover faster from an attack.

 

premiere pc circle logo

What are you guys doing to protect important information on your networks (site, backend files, customer information etc)?

As with any intelligent Backup and Disaster Recovery (BDR) planning, a layered approach is always best.

The first step is to identify what is important. You nay have an idea, but test this out be simulating a loss. Turn off your server or shared resources and see what you truly can’t live without.

Once you have a firm idea of what you need, we can focus on how to secure it.

We utilize several tools.

Utilizing cloud services is a great start, but they are not immune to data loss. A common misconception about Google and Office 365 is that your data is backed up. It’s not. It is far less likely to be lost due to hardware failures like local data, not to mention human error. Do you backup your cloud email service?

Where possible, use intelligent file sharing solutions. We offer such a service that acts as your file share, revision platform, and can help drive compliance.

We also provide our clients with access to a human managed backup platform where we can store server images, system states, and file level backups. When something does go wrong, we are quickly able to get them back up and running.

premiere pc circle logo

How would you deal with a website developer who is holding your website information hostage and can’t update information?

We think it’s regrettable that certain firms or professionals would behave like this, but we have seen it occur far too often.

Since 2006, our team has been actively helping clients manage their domains as part of the IT stack for this very reason. Your domain is a critical part of your identity and overall IT infrastructure as it directly relates not only to your website, but your email.

A web host should never NEED to own your domain or even register it for you. Having a central IT controller like PremierePC in the mix can help as we manage the domain, and then any vendors who need access to records or changes.

With this in mind, let’s focus on the problem listed. First, attempt to gain access to the website control panel or hosting account. This is the root level of access and will be your best bet to re-gain control. If that is not possible, then a local admin account to the CMS or FTP account could be used.

If the provider is unwilling to provide access to services that you pay for then legal action may be needed. While this process is going on, if possible, securing your domain before brining any legal challenges will be a wise move.

In closing, keep your domains registered yourself and where possible purchase your own hosting and have your web team build your site there. Use a trusted third party like PremierePC to help manage and control these items and act as your trusted advisor and consultant to ensure no changes are being made that will have adverse consequences. Most importantly, your domain never NEED to move to your web host for them to host a website, we firmly believe that whoever provides and manages your email platform should be in charge of the domain and DNS.

You can learn more about our domain and managed DNS program using the links below.

https://www.premierepc.net/business-hosting/domains/

https://www.premierepc.net/business-hosting/managed-dns/

premiere pc circle logo

I have been struggling to get my website up and running. Do you think it’s actually necessary to have a website? Do you judge people off their websites?

Short answer, YES!

Longer answer. A web presence is critical to being found online and having a site this is mobile responsive or optimized is even better for SEO.

With that said, you do not need to invest a fortune. For many small business sites, a few pages with a list of services, contact info, as well as some history and context if all that people are looking for. You can easily use web page builders to help get the basics. We advise clients to stay away from proprietary platforms like Squarespace, Weebly, and the GoDaddy website builder as these builders will not allow you to easily port your site. Instead, opt for managed WordPress sites which are more difficult to get into, but will allow you to port and move your site as you grow and add new features.

PremierePC offers a full array of business hosting solutions to our service plan clients. We can handle the domain, dns, hosting, and WordPress build and ongoing management.

If you need help crafting a way forward, give us a ring and we can help guide you on the journey.  

How are you protecting the PII (Personally Identifiable Information) of your clients, customers or members?

As others are stating, sharing the specifics of these plans can open you up to risk, so it is best to share generally about this topic.

PII is a big deal and you can be responsible for it even though you didn’t initially send it.

Let’s cover the basics of what PII is and isn’t.

Personally Identifying Information (PII) is defined as any information about an individual maintained by an agency, including:
(1) any information that can be used to distinguish or trace an individual’s identity, such as: Name, Social Security Number, Date and place of birth, Mother’s maiden name, Biometric records

2) any other information that is linked or linkable to an individual, such as: Medical, Educational, Financial, Employment information.

PII can be sensitive or non-sensitive.
*Non-sensitive PII information:
– Can be transmitted in an unencrypted form without resulting in harm to the individual.
– Can be easily gathered from public records, phone books, corporate directories and websites.

Sensitive PII information:
– When disclosed, could result in harm to the individual whose privacy has been breached.
– Should be encrypted in transit and when data is at rest.
Personally identifiable financial information (PIFI) is any information that a consumer provides to a financial institution that would not be available publicly.
PIFI may include information such as:
– An individual’s name
– Personal contact details
– Bank account number
– Credit Card number
– Social Security number
– And more
PIFI generally contains private and confidential data visible only to authorized personnel.
The term is mainly applied in an operating environment where security, privacy and authenticity of financial information is the primary objective. The data stored within PIFI is used for a set of different applications and/or business services.
For example, an online e-commerce site may contact a consumer’s bank and use PIFI from the bank’s server to identify and validate a buyer’s credit card.
Under the Gramm-Leach-Bliley Act, financial institutions must alert their customers to privacy policies and practices and avoid the disclosure of nonpublic personal information about consumers to third parties without consumers’ consent.
Financial institutions must also establish appropriate standards for protect PIFI.

OK, you still there? I know that was a lot of text, but it’s a great guideline to helping you understand WHAT you need to protect.

So, HOW do we protect PII? A few best practices include:

Identify where you are storing PII. Many file management services will offer this, you can also purchase software audits or have a professional consultant come in.

Determine the sensitivity of the PII you store.

Remove any legacy PII that is no longer needed for active work. Use a retention policy and retire data as quickly as you can.

Encrypt PII in transit and at rest.

We strongly suggest that you NEVER EVER EVER email PII. Consider scans to encrypted network folders or secure cloud services like Egnyte with proper roles and permissions.

Email compromise is the number one method for bad actors to gain access and steal PII. Having strong inbound and outbound email compliance solution can help prevent attacks and mitigate leaks.

PERMISSIONS. Not everyone in your organization needs access to PII, properly storing this data by user role and access permissions will help mitigate many risks.

Educate your team on the critical nature of PII. We suggest at least an annual security awareness training session or PII refresher.

Have a standard onboarding and offboarding process for your team. Do not COPY permissions from users.

If you can, have a dedicate compliance officer who can check and audit your internal process at least quarterly.

There is a lot to understanding and protecting PII. Having a trusted partner like PremierePC can help you avoid many pitfalls, implement complicated solutions, and assist your team in driving compliance.

What are the biggest challenges when working remotely or from home?

How Has Your Business Overcome Spear Phishing under these new circumstances?

Remote work, deemed the “next normal,” increases productivity and employee retention while reducing environmental impact.

The COVID-19 pandemic has increased remote work dramatically; one source finds 88% of organizations have encouraged or required employees to work from home.

Enter hackers.

Remote work + distracted employees + new scam opportunities = a hacker’s dreams come true.

Coronavirus-related spear-phishing attacks have increased by 667% since February.

So, what can you do to protect your business?

Email security, encryption, archiving, and backup
We offer a full compliance platform and can also custom craft a plan based on your needs. Inbound filtering can be enabled in a matter of days, outbound encryption for the users that need it, archiving for compliance or even layering on backup for your cloud email to protect against data loss.

Awareness around dark web compromises.
Monitor your entire domain for users and credentials which have already been compromised. Get alerts on new activity. Priced per domain, setup same day with no changes needed to your technology setup.

Scheduled end-user security awareness training
At no additional cost to our dark web monitor, we offer automated awareness training and testing. We help you detect staff weakness and provide training to build them up.

Pair this with a 90 minute virtual training session with our team to give yourself a jump start.

Remote monitoring and management for managing and protecting networks and devices
Having a Managed IT provider on call to help with problems large and small can give your team  the confidence they need to work smart and safe.

What antivirus do you use for protection, and why do you trust it?

The field of anti-virus has expanded significantly in the past few years. Most business owners and consumers alike are aware they need something. The legacy solutions use database signatures to protect endpoints (devices). This older technology relies on updates from the vendor to keep you safe.

Owing to this fact, very few compromises are made with file-based virus intrusions or trojan programs these days. Instead, the majority of bad actors are focusing on social engineering and what is now known as fileless malware and script-based attacks to compromise endpoints.

In fact, the Majority of Successful Attacks are Fileless

54 % of companies experience successful attacks that compromise data and/or IT infrastructure

77 % of those attacks utilized exploits or fileless techniques

*The 2017 State of Endpoint Security Risk Report

So, what should you be doing to protect your business?

Most experts agree that no single solution is 100% effective against all threats, so a layered security approach is the best defense.

At PremierePC, we think that means 4 layers of protection.

  1. An enterprise grade security appliance or firewall with active security services.
  2. Managed endpoint protection which utilizes next generation threat intelligence.
  3. Threat hunting services which seek out and report on any footholds or malware remnants.
  4. Security Awareness training for your team, humans are still the best defense.

Using the model above, a business can mitigate most compromises. No solution or combination of solutions is 100% effective, humans still are your best defense. Hosting regular security awareness sessions with your team can go a long way to preventing a compromise.

Whatever you choose, make an informed decision and be sure to understand the real-world risks.

Honestly? Not enough. The rumor is that “My business is too small for anyone to try to compromise us.”

Consider this:

“Small businesses are especially vulnerable to threats since they often don’t have the resources for extensive security products or teams like larger enterprises. It’s arguably more important for small businesses to protect themselves, since, unfortunately, when these organizations get hit with malware, it can cripple or end their business entirely.

In fact, 43% of data breaches are from small businesses, according to the 2019 Verizon Data Breach Investigations Report. This means SMBs have to be scrappy and do more with less.”

https://www.business.com/articles/malware-small-business-prevention/

More than one-third of small businesses (37%) currently outsource a business process. Outsourcing can not only cut costs and increase available skills but also can present challenges related to information confidentiality, communication, and differing expectations.

Businesses most commonly outsource more technical tasks, including their accounting (37%), IT services (37%), and digital marketing (34%) responsibilities.

https://clutch.co/bpo/virtual-assistants/resources/small-business-outsourcing-statistics

That leaves a large portion of the SMB community to fend for themselves. Most smaller firms are doing their best to maximize each dollar towards growth, but often when we assume a new client, we find many services were purchased that are not performing as expected, were over-sold, or worse, are actually harming productivity.

Having a trusted resource like PremierePC to call when you have questions about your business technology or want to learn what is available in the marketplace can be invaluable. Our service plans were purpose built for the SMB community. As an SMB ourselves, we understand the day to day challenges and work to find solutions that bring real value from day one.

What Is the Best Cloud Email Solution?

PremierePC has been selling and supporting both the Microsoft Office 365 and Google G Suite platform for years.

Both have their place based on the business need and feature set demanded. Over the last few years, Microsoft has done a very good job of building a platform that offers a much more comprehensive feature-set without the privacy invasions of Google which as led us to steer more clients in that direction.

Recently, Microsoft has also brought more value to the non-profit space allowing us to help those firms with the latest software and communication tools at a fraction of the cost.

With the introduction of teams, Microsoft has really become focused not only on Applications, Email, but all forms of communication and productivity.

We find the flexibility of the platform as well as include features in the base plan to fit in-line with out cybersecurity stance.

True, the 365 platform is large and complicated, but working with a partner like us, you get the benefit of a powerful platform as well as a local dedicated resource to call to help implement and support it.

We help with migrations, day to day support, and advanced implementations and integrations with other solutions.

What is the most common, easily fixable lapse in cybersecurity that you see in your clients’ businesses?

Hands down, Two Factor Authentication (2FA) or Multi-Factor Authentication (MFA).

Multi-Factor Authentication (MFA for short) is one of the single best ways to help keep you and your associated accounts safe, yet it is often the one of the most hated methods.

What is MFA? 
Simply stated, MFA uses a second (or third) device to allow you to authenticate your account. This is most common with Email and Banking applications. When you go sign-in, your MFA device is sent an activation code. This process attempts to ensure that you are the one who is requesting a login.  The logic goes that it is more difficult for a hacker to compromise both your password and your MFA devices.

MFA is one of the most effective tactics used to combat phishing scams.  Let’s say that a user at your firm is targeted and they disclose their password during a scam. While that is a problem, the bad guys would still need the MFA device in order to actually login. During this time, the user can report the disclosure to IT and we can make changes before anything happens.

Why don’t more people use it?
The simple reason is its perceived as a hassle. Having to have your phone nearby to login to email may add an additional few moments to the sign-in process, but in the end it can make your life much more secure.

Complexity weighs in too.  Not knowing how to properly setup MFA and integrate with your applications is a huge obstacle.

Another reason seems to be about awareness.

What are the costs?
Depends on your environment.  Microsoft and Google both offer free MFA as part of their core email offering. Several 3rd party solutions like Duo exist as well.

Can you help?
If you are a managed IT client then yes we can! We are actively advising all our managed clients of the importance of MFA and reviewing the methods we can use.

Our goal is to integrate your on-premise environment and your cloud infrastructure.