The lines between work and home devices are being blurred, remote work is on the rise, and businesses are turning to social media more each day to promote, market, and engage with clients and prospects.

We know this is an effective means of marketing and engagement, but at what price?

There’s a risk?

Huge amounts of data have been gathered and leaked on the Dark Web about social media users, this is a problem.

In one breach earlier this year, a social media data broker exposed the public-facing profiles of 235 million users, 92 million profiles were scraped from Instagram, 42 million from TikTok and four million from YouTube via a misconfigured online database. That data almost inevitably ends up on the Dark Web, powering cybercrime like password cracking, credential stuffing, and phishing.

Attackers are getting smarter; they are facilitating phishing attacks not only with email, also with messaging apps like LinkedIn and WhatsApp. Cybercriminals build trust through these apps and then lead victims to visit a phishing page.

Password theft is on the rise through impersonation, shown in this recent Twitter hack. Attackers may trick employees into believing they are a contractor who lost their password. Data breach from brands and influencers empower targeted spear phishing against fans; these may look legitimate because they can include personalized details.

As it becomes increasingly more common for social media to be used for business, it will become increasingly more common for cybercriminals to use social media in their attacks.

Oh jeez. This is serious. Now what?

Taking action now to combat potential risks can prevent social media from being a source of trouble for your business.

PremierePC is a fully integrated IT provider, we eliminate the need for multiple vendors, and create a relationship where we are responsible and accountable to you. Our focus is, and always has been, local and regional small to medium-sized businesses.

We stay up-to-date on cybercriminal trends and the latest and greatest solutions to mitigate these attacks. PremierePC learns each client’s unique environment and looks for potential risks for cybersecurity breaches. We offer data backup in the event that a breach happens, we can access your data and get you back up and running as quickly as possible.

We are passionate about your security. We would be happy to review our baseline security questionnaire with you to analyze your current environment and security strength. If you see you need help, we also have a new client offer.

Contact us today for your free baseline security audit.

Email encryption via Bracket offers an added layer of security to your email platform ensuring compliance in difficult industries like Health Care and Financial Services.

User-friendly encrypted email with no plugins or apps. Simply wrap brackets around the subject in any email client and Bracket handles the rest.

New with Bracket 3

Secure file transfer

Included with Bracket is our encrypted file transfer service, Bracket Share. This gives every Bracket user their own personalized file transfer page with an easy URL (Share link) they can give to anyone. Shared files and messages show up in the Bracket inbox just like a regular message.

  • Customizable link

    Bracket Share links are customizable, so users can make them easy to remember and share.

  • Personalized invites

    You can have Bracket email people an invitation to share. These can display your personalized profile, so your contacts feel more confident about sharing their sensitive data.

  • Anyone can share… anytime

    Anyone with your Share link can share encrypted files and messages when it’s convenient for them. No account required.

  • Sender validation

    Senders who share through the Share link are securely validated via inbox authentication to prevent abuse.

  • Send large files with easeDon’t worry about bounced emails with large attachments. Bracket can handle files up to 1GB in size with up to 25 files allowed per message. Large files are good to go when sending from Bracket’s webmail interface or Bracket Share.

Want to take the solution for a spin? We are able to offer Bracket 3 for free until end of 2020 to all net new Bracket users (new users only, no existing domains).

Call us today to try it out!

864.335.9223

iot devices

 

iot devices

What is an IoT device? IoT stands for Internet of Things; these devices are pieces of hardware with a sensor that transmit data from one place to another over the internet. IoT devices include, but are not limited to, smart refrigerators, smart watches, smart fire alarm, smart door lock, fitness trackers, smart lights, echos, google home, etc.

These devices may be smart, but they are leaving security holes in home and business networks. If an attacker gains access to any of these devices and they are on the same network as your primary device (laptop, desktop, smartphone), this attacker now has a direct route to your sensitive and private data on your primary device.

What many do not consider is the nature of these “always on” devices. The convenience of being able to turn your lights on with voice comes at a cost. Devices placed near intimate or private spaces can reveal more than you want. At work, they can listen to passwords and critical business details. Placement is just as important is the network they live on.

How can you prevent this?

Glad you asked! The first major way to mitigate this security risk is to isolate your IoT devices on a separate WiFi network or LAN by using micro-segmentation.

Micro-segmentation is where the WiFi router admin creates VLANs, or virtual networks. These virtual networks act as completely different networks even though they are operating off the same router.

Neat, huh?

This may sound overwhelming for a non techy. Thank goodness PremierePC is here to help! 

A few more tips for IoT devices: change the default password to something unique and secure, know the permissions on all apps you are using, and keep devices updated regularly.

Consider muting devices when not in use to prevent always listening devices. Teach children and staff to be aware of devices and what is said near them.

Contact us today to maximize your business through technology.

Within the IT support industry there are no real standards in terms of what or how a company provides IT services. There are differing models such as break-fix, contracts, or hybrid offerings.

With 20+ years in the IT support space, we feel that the Managed Services approach works best for both client and provider alike.

Managed Service Providers (MSPs) exist to collect and manage an array of services and solutions for their clients. Within that designation, there can be a focus on vertical or niche industries.

A true managed service provider is one that exists to service a client in many parts of their business, whereas a break-fix firm is available on demand as needs arise.

What we have observed over the last two decades is that clients with an MSP are much better prepared for changes, have a higher security posture, and have better performing networks. To this end, that is our approach. Think of an MSP as your IT controller.

Questions you should ask a potential IT provider should include:

  • How many employees do you directly hire? (Stay away from franchise firms that use back office techs to supplement the owner.)
  • Do you carry full professional liability insurance?
  • Do you focus on proactive work and what can be expected?
  • What is the average wait time to talk to a technician?
  • Can you advise and consult on security and compliance? Is this part of the contract?
  • Do you have a long-term commitment? (Stick with firms that offer you month-to-month pricing as they will scale with you and offer more flexible options.)
  • Can you support all of our business functions? [For example, our MSP will handle just about everything for a client (domain, dns, email, av, help desk, hosted phones, file sharing, etc) Try to get a single source to tie all of your critical business IT needs together.]
  • Get client references, ask for more if needed. Call them, get honest feedback.

Most of all, find a provider you can trust, one that will act on your company’s best interests. As an example, our firm does not add margin to hardware or software sales. We are not here to upsell gear, instead we focus on our service relationship.

Schedule regular meetings with your new IT team and fill them in on your thinking and plans. A good IT provider can be a critical part of your overall leadership team and help you save time and money with smart solutions.

PremierePC - Managed IT

Matthew addresses : What is the dark web? Why should I monitor the dark web? What happens if my company’s information is already present on the dark web? How can PremierePC help my business?

View our Dark Web Video on Youtube

Click here, fill out the form, and access your free report today!

phishing

what is phishing? how do i avoid phishing attacks?

Phishing emails, texts and phone calls try to trick you into visiting a malicious website, handing over a password, or downloading a file. This works in email attacks because people often spend the whole day at work clicking on links and downloading files as part of their jobs. Hackers know this and try to take advantage of your habit to click without thinking.

Number one defense: PAUSE BEFORE CLICKING

  • Look at the “from” field. Is the person or business’s name spelled correctly, and does the email address actually match the name of the sender? Or are there a bunch of random characters in the email address instead?
  • While we’re at it, does the email address seem close, but a little off? E.g. Microsft.net, or Microsoft.co.
  • Hover your mouse over any links in the email to see the true URLs they will send you to. Do they look legitimate? Remember, do not click!
  • Check the greeting. Does the sender address you by name? “Customer” or “Sir” would be red flags.
  • Read the email closely. Is it generally free from spelling errors or odd grammar?
  • Think about the tone of the message. Is it overly urgent or trying to get you to do something you normally wouldn’t?

Even if an email passes the initial test outlined above, it could still be a trap. A spear-phishing email might include your name, use more polished language and seem specific to you. It’s just plain harder to notice. Then there are targeted phone calls, in which someone calls you and tries to manipulate you into handing over information or visiting a malicious website.

Beat phishing by calling the sender and locking down your personal and business information. Deploy MFA to your user base to help protect data, even if they do click.

Employee oversight due to lack of training is the number one way hackers gain access to your company’s data. Regular security training is imperative to mitigate these threats. Learn more…

Download our phishing handout here.

premiere pc circle logo

egnyte_file_sharing

We have been using Egnyte for over nine years, before wide-spread cloud adoption was a thing. Egnyte has continued to invest in their platform and in our opinion, it is the strongest cloud sharing service available. When compared to SharePoint, OneDrive, Google Drive, and others, there is no real comparison. A few of our reasons are below.

User adoption:

Egnyte is so easy to learn and pick up that almost anyone in the organization can do it with minimal training. Where training is needed, helpful guides and resources are available and take just minutes, not hours or days, to learn.

Flexibility of access methods:

We can deploy Egnyte in just about any configuration that makes sense – cloud only, hybrid, or local. You can have the benefits of a cloud solution with the speed and security benefits of local storage. No other solution, SharePoint included, can boast this with as much simplicity and value as Egnyte can.

No cumbersome VPN services, no compromise on security. No problem.

Platform:

You get more than just file sharing. You also get backup, revisioning, and collaboration tools; as well as multi-point integrations with industry leading products such as Microsoft 365.

Secure sharing:

Egnyte allows you to securely share both inside and outside your organization, ensuring compliance and PII remains protected while offering an intuitive way to share and engage your team, clients, and vendors.

Search:

Gain contextual search for all things stored in Egnyte allowing you to quickly and deeply understand your data. The engine is turnkey and ready to go from day one. No training data sets, integration work, or complex scripting required to get started. With simple reports, alerts, and triggered workflows, you don’t need a team of engineers to operate it either.

Compliance:

Help drive good compliance practices by limiting and being able to report on who has access to your data, both inside and outside the organization. With full audit logs, access trails, and deep user permissions, layer on Egnyte Protect for the most automated and comprehensive experience.

 

Egnyte is a power tool, delivering value day after day with an intuitive method of working. As a partner, PremierePC can offer you full support, direct billing, and ongoing assistance with management. Learn More…

DID YOU KNOW…

60% of SMBs will go out of business within 6 months of a cyber incident

73.18% of the US population has at least one compromised credential on the dark web

$46,000 – average cost of downtime due to a ransomware attack

dark web monitor

Reusing passwords, or a similar version of the same password, means if one of these accounts is hacked, all of them are hacked. This will happen in a matter of seconds.

Now what?

PremierePC offers a wide variety of cybersecurity solutions to help mitigate and plan for attacks. They will happen. Will you be ready?

Dark Web Monitoring (DWM)

  • Delivers the same advanced credential monitoring capabilities used by Fortune 500 companies.
  • Connects to multiple Dark Web services, including Tor, I2P and Freenet, to search for compromised credentials, without requiring you to connect any of your software or hardware to these high-risk services directly.
  • Provides awareness of compromised credentials before identity theft or data breaches occur.

A Zero-Touch Solution. No need to share access to your server, domain, or DNS settings.

How can we protect against human error?

Regular security training and awareness allows employees to know what to look for, and how to stop phishing attacks from successfully gaining entry into your network. This is a very effective defense against cybercrime.

This solution is INCLUDED with our Dark Web ID solution. No additional costs to layer on a proactive security awareness program.

 

Ready to know what the bad guys know?

Access your free scan now

**Submitting your contact information in this form does not put your information at risk. We will simply use your provided information to compare to information we find on the dark web by searching typical hacker sites, over 500 distinct Internet relay chatroom channels, 600,000 private websites, and 600 twitter feeds. We will then set up a brief meeting with you to review your results.

What are the biggest challenges when working remotely or from home?

How Has Your Business Overcome Spear Phishing under these new circumstances?

Remote work, deemed the “next normal,” increases productivity and employee retention while reducing environmental impact.

The COVID-19 pandemic has increased remote work dramatically; one source finds 88% of organizations have encouraged or required employees to work from home.

Enter hackers.

Remote work + distracted employees + new scam opportunities = a hacker’s dreams come true.

Coronavirus-related spear-phishing attacks have increased by 667% since February.

So, what can you do to protect your business?

Email security, encryption, archiving, and backup
We offer a full compliance platform and can also custom craft a plan based on your needs. Inbound filtering can be enabled in a matter of days, outbound encryption for the users that need it, archiving for compliance or even layering on backup for your cloud email to protect against data loss.

Awareness around dark web compromises.
Monitor your entire domain for users and credentials which have already been compromised. Get alerts on new activity. Priced per domain, setup same day with no changes needed to your technology setup.

Scheduled end-user security awareness training
At no additional cost to our dark web monitor, we offer automated awareness training and testing. We help you detect staff weakness and provide training to build them up.

Pair this with a 90 minute virtual training session with our team to give yourself a jump start.

Remote monitoring and management for managing and protecting networks and devices
Having a Managed IT provider on call to help with problems large and small can give your team  the confidence they need to work smart and safe.

how can i reopen my business safely?

how should i reopen my business?

Everything is different. How do I safely and intelligently bring my employees back to work during this new normal?

There are so many spinning plates, what am I not thinking of?

Here are four comprehensive checklists detailing plans concerning your people, office space, technology, and clients.

While some of the guidelines seem like no-brainers, several points highlight easy, actionable items to improve employee satisfaction, client retention, and overall success of your business.

People

Preparing properly can alleviate employee concerns, allowing them to focus on the work not the global health crisis.

Office Space

Practicing social distancing will maintain employee safety and allow for some employees to return to in-office work, returning your employees in waves, or allowing for part-time remote work.

Technology

Your technology goal is to ensure employees have what they need to do their jobs effectively.

Clients

If you are a business serving other businesses, you play an important role in helping your clients get back to the office as well.

 

Click here to view the full checklists created by one of our valued vendors.