SpireTech Blog - Category: Managed Services
Blog posts for SpireTech Managed Services Provider (MSP) and business IT support services in Portland, OR.
used with permission from Norton by Symantec, by Steve Symanovich
You’re probably no stranger to those little pop-up windows. They tell you software updates are available for your computer, laptop, tablet, or mobile device.
You might be tempted to click on that “Remind me later” button. Don’t do it. Or, at least don’t put off updating your software for long.
Software updates are important to your digital safety and cyber security. The sooner you update, the sooner you’ll feel confident your device is more secure — until the next update reminder.
Why are software updates so important? There are a lot of reasons. Here are 5 that show why it’s important to update software regularly.
1. Software updates do a lot of things
Software updates offer plenty of benefits. It’s all about revisions. These might include repairing security holes that have been discovered and fixing or removing computer bugs. Updates can add new features to your devices and remove outdated ones. Read more...
Did you know your organization could be subject to data breach notification laws and possible fines for data breaches and losing sensitive client data? The exact laws and regulations do vary by state and industry, among other factors. But the fact remains that poor cybersecurity can lead to grave consequences, either financial or for your reputation.
Common sense advice is that any organization should establish and maintain a plan for managing cybersecurity risks. This security plans should be informed by applicable laws and regulations.
Are you concerned about the state of your security and your ability to protect your organization’s sensitive information? Managed IT services can help. Managed IT services are the constant remote monitoring of your IT network and technology services, such as:
- Automatic software updates and security patches for your computers and servers
- Up-to-date anti-virus, anti-malware, and anti-spam solutions for your devices and email
- Secure, tested offsite backup and storage solutions for your data
- Monitoring of your network to detect security threats in your network traffic and devices
- Next-generation firewall management, updating, and reporting
Data breaches, cyberattacks, and the nasty consequences of these security threats have dominated the news recently. Read more...
Ask a business person where their office is located and the likely answer is “everywhere.” They’re working from home, staying in the loop while traveling, and catching up on email between sales calls. For productivity’s sake, many companies give their employees – and perhaps clients or service providers – remote access to their networks. Are you taking steps to ensure those outside entryways into your systems are sensibly defended?
If your business wants to start with security, it’s important to secure remote access to your network. Here are some examples based on FTC investigations, law enforcement actions, and questions that businesses have asked us.
Ensure Endpoint Security.
Your network is only as secure as the least safe device that connects to it – and there’s no guarantee that an employee’s home computer, a client’s laptop, or a service provider’s smartphone meets your standards for security. Before allowing them to access your network remotely, set security ground rules, communicate them clearly, and verify that the employee, client, or service provider is in compliance. Read more...
Managed IT services, or outsourced remote network management, can help your business in many ways. It’s a cost effective way of having your IT infrastructure monitored and maintained by experts instead of hiring an IT director. Or, it can free up your IT director and IT staff to work on more important projects than daily maintenance. But other than productivity and peace of mind, what are the security benefits of managed IT services?
Here are three security advantages you get with remote network management.
#1 You Stay Updated
Basic managed IT services include running software updates, patches, and upgrades for your servers and/or desktops. Any machines covered by your contract will automatically have updates run on schedule, so you never have to worry about the time it takes to check your update status and apply patches. Instead, updating happens automatically – heading off any cybersecurity attacks that target vulnerabilities between the times when a patch is released and then actually applied. Read more...
used with permission from FTC.gov., by Thomas B. Pahl, Acting Director, FTC Bureau of Consumer Protection
Who’s coming in and what’s going out? Businesses that want to stick with security build commonsense monitoring into their brick-and-mortar operations. Whether it’s a key card reader at the door or a burglar alarm activated at night, careful companies keep an eye on entrances and exits.
Your computer systems deserve the same kind of watchful attention, which is why Start with Security advises you to segment your network and monitor who’s trying to get in and out. Based on FTC cases, closed investigations, and questions posed by businesses, here are examples illustrating the benefits of segmenting your network and monitoring the size and frequency of data transfers.
Segment Your Network.
Network technology gives companies the option to link every computer, laptop, smartphone, and other device together on the same network. Of course, there may be legitimate business reasons why you need some of your data transfers to be seamless. Read more...
If you’ve been paying attention to the news, you’ll know that massive global ransomware attacks are only growing in scale and frequency. These attacks and other threats and accidents that cripple, ransom, or destroy organizations’ data are a convincing argument for a solid backup solution. Restoring from a data backup is often the only reliable way to recover from these events. Even smaller organizations and businesses know that they need some sort of backup solution now. But when do you need more than a regular data backup?
Types of Data Backup
Roughly speaking, you can think of backup solutions in two flavors. The first type backs up your data (offsite, onsite, and/or in the cloud) and lets you restore it.
The second type does this too, but also provides hardware and software to recover and run your servers or infrastructure in the case of much more catastrophic events. Read more...
When was the last time you thought about software updates and hardware upgraes? For many, updating software and hardware is not a priority because “If it ain’t broke, don’t fix it”. However, it’s clear that today’s cyber attacks prey on vulnerabilities present in old software and hardware. (This holds especially true for operating systems such as Microsoft Windows.)
It may not be “broke”, but it’s still old. “Working” does not mean “secure”. Old software and hardware simply do not have the latest defenses like security patches and advances in firmware to keep you safe from new and ever-evolving threats.
Update your software
It’s not uncommon to see people working on outdated, unpatched Windows operating systems or other software that is sometimes 6 or more years old. You’ve probably heard this before, but it always bears repeating: Keep your software updated and patched regularly and automatically, and upgrade to newer software versions as frequently as you can. Read more...
used with permission from Microsoft US Small and Midsize Business Blog
Not long ago, I blogged here about a new type of cybercrime called ransomware. But when it comes to cyber crooks, apparently they’re also using some old-fashioned methods to breach businesses’ systems. The 2017 Annual Cybersecurity Report from Cisco shows cybercrime is growing. Here’s what could be at risk for your business.
How are cyber crooks getting in?
While highly complex cyber attacks are increasing, the Cisco report notes that “classic” attacks are on the rise as well. For example, adware that gathers information about a user’s computer without telling them and malicious spam emails are common attack methods. In fact, spam is flying at levels not seen since 2010. According to the report, almost two-thirds (65 percent) of all email is spam, and 8 percent to 10 percent of spam is malicious.
Another risk for businesses is when employees select and use their own third-party cloud apps on company computers. Read more...
At SpireTech, we’ve noticed an increase in certain types of “Brute Force” attacks on Microsoft Windows operating systems, particularly those allowing Remote Desktop. A ‘brute force’ attack is a repeated automated attempt to gain unauthorized access by guessing at username/password combinations.
What does this mean to our clients? Here are a few key takeaways:
- Obscurity is not security. Using an uncommon port, redirected from a firewall, to a machine inside your network, is not going to prevent your system from being probed by bots and hackers. Instead, use an SSL VPN to add a second layer of security to your network.
- Use truly complex, random, and lengthy passwords. We see lots of passwords that people think are secure, but they really aren’t that great. Also, because your network password is often used for your company email password or Office 365, it opens up yet another vector people can use to try and guess your password.
Given the critical importance of your business’s IT infrastructure and operations, we believe it is becoming increasingly important to effectively vet all prospective new IT service vendors. This is certainly applicable to Managed Service Providers (MSP). Given SpireTech’s twenty-three years of experience in providing IT Business Services, we wanted to address some of the important differences that can exist in the ways MSP’s operate.
- Helpdesk: Do they run their own helpdesk? Or do they outsource this key function? What are the helpdesk hours? If it is not local, where is it located? A local helpdesk is more likely to appreciate your business environment and the community in which you operate. How many people are staffed on the helpdesk? What is turnover like on their helpdesk? When you call, will you be speaking with a new person every time, or people that know your company?
- Insurance: Do they have errors and omissions insurance?