Archive for category: Security

Many SMB owners think IT downtime only costs them a few productive hours, but there’s a lot more at stake when your systems go down. Customer satisfaction and loss of brand integrity are just two of the key losses apart from the more evident costs such as lost productivity and a temporary dip in sales.

Here’s a few other ways downtime can hurt your business:

1. Customer Loss – Today’s buyer lacks patience !important; They are used to getting everything at the click of a mouse, at the tap of a finger. Suppose they are looking for the kind of products/services that you offer and your site doesn’t load or is unavailable—even if temporarily– you are likely to lose them to a competitor—permanently.

2. Damage to Brand Reputation – Customers are now using Social media platforms like Facebook and Twitter and blogs to vent their bad brand experiences. Imagine an irate customer who doesn’t know if their card was charged on your site, or not, due to a server error. If it’s your bad day, they could probably be using Facebook or Twitter to share their bad experience, and it could be viewed by hundreds of people, causing irreparable harm to your brand image.

3. Loss of Productivity – When your systems don’t work, this can have a direct impact on your employees’ productivity. Consider a research firm of 200 employees where they primarily rely on internet connectivity to access the knowledge base. If the server hosting the knowledge base is down, there’s a total loss of at least 1600 work hours for one day.

4. Overtime, Repair and Recovery, Compensatory costs – In the above case, imagine the overtime wages the business would have to incur if they were to make up for the work loss they faced owing to downtime. In addition, there’s always the cost of repair—the money the business would have to shell out to fix the issue that caused the downtime and get the server up and running again.

In some cases, businesses would have to incur additional costs to make customers happy. These could include giving away the product for free or at a discount, or using priority shipping to make up for a delayed order.

5. Possible Lawsuits – Businesses could also be at the receiving end of lawsuits. For example, a downtime that has an impact on production, delivery or finances of the customer could invite litigation.

6. Marketing Efforts Rendered Useless – Consider a pay-per-click advertisement that shows up for the right keywords on Google, or an extensive e-mail campaign that your business engages in. However, when the prospect clicks on the link, all they see is an error message – Isn’t that a waste of your marketing budget?

The bottom line—one natural disaster, one technical snag or just one power outage has the power to put you out of business – both virtually and in reality. It’s probably time to think about how you can mitigate the threat of a possible downtime and whether your MSP can act as an effective and efficient ally in this battle for you.

Website cloning: Don’t fall for that trap!

Have you watched one of those horror movies where the something impersonates the protagonist only to wreak havoc later? Well, website cloning does the same thing–to your business–in real life. Website cloning is one of the most popular methods among scammers to fleece you of your money.

As the name suggests, the cybercriminal first creates a ‘clone’ site of the original one. There can be a clone of any website, though retail shopping sites, travel booking sites and banks are the favorites of cybercriminals. The clone site looks exactly like the original one, barring a very miniscule change in the url.

Next, they will create a trap intended to get unsuspecting victims to visit the clone site. This is usually done via links shared through emails, SMS messages or social media posts asking them to click on a link to the clone site. The message urges the recipient to take an action. For example, a message that presents itself as though it is from the IRS, asking the recipient to pay pending taxes by clicking on a specific link to avoid a fine or business shutdown, or an SMS about a time-bound discount on iPads. Sometimes, they go straight for the target and masquerade as a message from your bank asking you to authenticate your credentials by logging into your banking portal–the only glitch, the banking portal will be a clone.

Staying safe

So, how do you identify a clone website and a dubious message?

• Does the email sound too good to be true? Well, then it probably is. Nike giving away free shoes? Emirates Airlines giving you free tickets to Europe? Apple iPhone X for just $20? All of these scream SCAM!
• Even if the message sounds genuine, such as an email from your bank asking you to authenticate your login credentials, check the email header to see if the sender’s email domain matches your bank’s. For example, if your bank is Bank of America, the sender’s email ID should have that in the domain. Something like customercare@bankofamerica.com could be genuine, whereas, customercare@bankofamerica.net is suspicious.
• Check the final URL before you enter any information to make sure it is the actual one. Most shopping/banking websites, where payments are made and other personal details are shared are secure (HTTPS)and will have a lock symbol at the beginning of the URL. Also, check the domain. For example, something like- www.customerauthentication.com/bankofamerica is not

Identifying a cloned website is tricky, but it is not something you can afford to ignore.Giving away your personal and financial information to a fraudster can cause a lot of harm to you and your business.

Get smart about smartphones

With flexible working schedules, remote teams and Bring Your Own Device (BYOD) policies in force, it is has become commonplace for employees and business owners alike to use smartphones for work purposes. A quick reply to an email, sharing that sales presentation, glancing over that vendor proposal–all on a smartphone–is something we all do on a daily basis. But with this convenience comes great security risks.

This blog discusses what they are and how you can avoid them.

Mobile devices are lost/stolen more easily

Unlike desktop computers, your smartphones and tablets are easier to steal. O, you may even forget yours at the restroom in the mall or in the subway, and along with it, goes all confidential data.

Phishing: Avoid biting the bait

A smartphone user is more likely to fall for a phishing scam on two accounts–one, with messaging apps like whatsapp, facebook messenger, etc., chances of getting phishing links are higher. The smaller screen size can make it difficult to clearly verify the authenticity of the site being visited.

Free Wi-Fi = free malware

Free wifi makes everyone happy. The smartphone user, the shopkeepers and also malware distributors! Your smartphone literally travels everywhere with you. The mall, the coffee shop, the movies and then to work as well. Just like how humans can catch the flu and make everyone at work sick, your mobile device can get infected with a malware and spread it across your network in the office.

What you can do?

You have antivirus for your computers, why not for your smartphones and tablets? We all know how disastrous a malware attack can be to your data, devices and your brand, in general. Consider installing antivirus software in your mobile devices to safeguard them from such attacks.

How do you prevent misuse of your debit card? With a PIN number, right? You can do the same to your phone by protecting it with a passcode so the miscreant will not be able to use it to access your data. Also, there are apps that let you wipe out all the data from your smartphone remotely in case you lose your device.

Be careful when downloading data and even 3rd party apps on your phone. Double check URLs when browsing online using your phone and don’t click on messages with links that seems malicious. In such cases, remember, if something seems too good to be true, it almost always is. Chances are, you may have not won that million dollar lottery or that all-expenses-paid trip to Europe.

And, spread the word amongst your employees. Their phone has the power to damage your brand! Take care.

Don’t sign up with that MSP just yet!

The decision to sign up with a MSP is a big one–you are essentially trusting someone with the backbone of your business–your technology infrastructure, so you need to make sure you pick someone with whom you can have a mutually beneficial, long-term relationship. This blog discusses what you need to know before you sign up with a MSP.

Values: Your MSP is your technology partner and for your partnership to be smooth, make sure you pick a MSP whose core value system matches yours as a business.

Knowledge, skill set and experience: Does your MSP have the skillset and the resources to cover all your IT needs? Are they experienced in working with SMBs? How long have they been in the business? Make sure you have satisfactory answers to these questions before you bring your MSP on board.

Flexibility: Does your MSP let you pick and choose whatever services you want, or do they sell it as a fixed package? Having the option to choose what you want lets you invest your money where you really need to.

Service and support: You are opting for a MSP so you can get solid IT support–the kind you can’t get with an in-house IT team owing to resource constraints. So, make sure your MSP will actually provide you that. Talking to their existing clients can help you figure out how good they are in terms of service and support.

To have a MSP manage your IT needs successfully, you need to create a strong partnership with them, where they help you grow and are agile enough to scale up or down to suit your business demands. There are plenty of MSPs in the market, but not everyone will fit well with your needs.

Our recent whitepaper explores this in detail as it discusses the 8 things you need to know before you partner with a MSP for your IT services. Please click here to download the whitepaper.

3 things your Managed Services Provider wants you know

Are you considering bringing a Managed Services Provider (MSP) on board? Or perhaps you already have one. Either way, for you to truly benefit from your relationship with a MSP, you need to build a solid bond with them. As a MSP who has been in this business for long, I can tell you the 3 important steps that will help you get there.

Share, share, share

Your MSP is your IT doctor. Just as you would share everything about your health with your doctor, you need to share everything related to your business that impacts your IT, with your MSP. Give us an overview of your business and answer questions such as

• What you do exactly as a business
• Who are your key clients
• Which industry verticals do you serve
• What are your peak and lull seasons, if you have them
• What are the core regulatory codes that apply to you based on the industries you work for
• What are your business expansion plans for the near future and in the long run

Sometimes clients shy away from discussing all these things because they don’t trust the MSP enough. There is a fear of the MSP sharing business plans and other confidential information with their competitors. As a Managed Service Provider, I can tell you that we work best with clients who trust us. When you are trusting us with the lifeblood of your business–your IT infrastructure, you should be able to trust us with your plans for your business.

Let’s talk often

While it’s great that you outsource your IT completely to us, it is still important that we meet and talk. Your business needs may change over time and we don’t want to be caught off-guard. We know you are busy, but set some time aside every month or even every quarter to catch up with us and discuss your IT challenges and needs.

Take your MSP seriously

Your IT is our business, and we take our business very seriously. So, when we tell you something, such as–to implement strong password policies, limit data access, upgrade antivirus, etc., please take notice!

Teamwork forms the core of any successful relationship. Same holds true for your relationship with your Managed Service Provider. Trust us, pay attention to us and hear us out. We’d love that…and we’d love to work with you!

Please visit our MSP website here: Acumen Managed Services.

Or if you need IT Support, visit Acumen IT Support.

IT Red Flags to Watch Out For

As someone running a SMB, you probably have a lot on your plate. You are the core decision maker, responsible for growing your business, keeping your clients happy and getting all the working done. Often, when you have so much going on, one area that gets overlooked is IT. When you are so busy looking into other things, the start of IT issues may slip your watchful eyes. In this blog, we discuss the IT red flags that you need to watch out for.

Adware ambush

This happens generally when your internet browser has been hijacked and an adware has been sneaked into your system. When you try to surf the net using a hijacked browser, you will find online ads popping up everywhere. And by that we don’t mean the few sponsored search results or a couple of ads that show up when you browse a site. We are talking about ads showing up just about everywhere on your browser. Even a simple link click will take you to an unintended page. It is so evident, you just cannot miss identifying an adware ambush!

Strange pop-ups

Much like the Adware ambush, strange pop-ups show up when you least expect them. For example, you may be trying to open a presentation or a document and a series of pop-up windows will appear before you are allowed access to the file. Watch out for these, as they indicate the presence of a malware in your system.

Spam/Fake emails

If, all of a sudden, you see a lot of spam emails being sent from your/your staff’s official email IDs, there may be a worm at work. Often email worms enter the IT system through the download of one infected file and then replicate themselves across the network via email. Worms do this by penetrating the victim’s email security and spread itself across all of the victim’s email contact list through automated emails that look as if they were actually sent by the victim. So, is Sam from Accounting sending you a lot of junk emails? Probably time to get his PC checked.

A lot of what used to work before is now broken

We all have minor software and hardware issues here and there. But, if all of a sudden, a lot of stuff that used to be up and running seems to be broken, it screams “Red alert”! It could mean that the malware is slowly taking over your IT system, one program at a time.

Bottomline–Surprises are good, but not so much in IT. If you find anything amiss, anything different, like a machine that suddenly slowed down, or a program that just doesn’t work anymore or a new plug-in added to your browser or a new homepage, it’s better to take a deeper look and arrest the problem before it spreads elsewhere wreaking havoc through your IT network.

Hiring seasonal staff? Here are a few things to consider from the IT perspective

In many industries, there are seasonal spikes in business around specific times. For example, CPAs/Accounting firms, though busy all year, generally see a spike in business around the time of tax planning, IRS return filing, etc., the retail industry sees a boom around the Holiday Season, and so on. During such peak times, it is common practice in the industry to employ part-time staff to meet the immediate resource needs. While this works well in terms of costs and for handling additional work/client inflow, this poses a few challenges from the IT perspective. In this blog, we explore those challenges so you know what to watch out for before bringing part-time staff on board.

Security

When you are hiring someone part-time, security could be a concern. You or your HR person may have done a background check, but their risk score nevertheless remains much higher than permanent employees who are on your payroll. Trusting a temp worker with customer and business data is a risky choice.

Infrastructure

Having seasonal employees is a good solution to temporary spike in workload. But, there is still a need to provide your temps with the resources they need to perform their tasks efficiently. Computers, server space, internet and phone connectivity, all need to be made available to your temp workforce as well.

Lack of training

Your permanent employees will most likely have been trained in IT Security best practices, but what about your temps? When hiring short-term staff, SMBs and even bigger organizations rarely invest any time or resources in general training and induction. Usually brought in during the peak seasons, temps are expected to get going at the earliest. Often IT drills and security trainings have no place in such hurried schedules.

Collaboration needs

Often businesses hire seasonal staff from across the country or even the globe because it may offer cost savings. In such cases when the seasonal staff is working remotely, there is a need to ensure the work environment is seamless. High quality collaboration tools for file sharing and access and communication needs to be in place.
Having part-time or seasonal staff is an excellent solution to time-specific resource needs. However, for it to work as intended–smoothly and in-tandem with the work happening at your office, and without any untoward happenings–such as a security breach, businesses need to consider the aspects discussed above. A MSP will be able to help by managing them for you, in which case hiring temps will be all you need to think of.