Is There A Hidden Intruder Lurking In Your Business?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

If you’re like us, you believe you have the best, most trustworthy people working for you.

But have you ever considered the possibility you may have someone unknown hidden within your business, trying to cause a lot of damage and make a lot of money at the same time?

This might sound a little far-fetched. Perhaps something that’s more likely to happen in a film than in your business.

But actually, you’d be surprised. Cyber criminals are targeting businesses exactly like yours all the time.

Because often, small and medium sized businesses don’t spend big bucks on their cyber security. Hackers know this. And will put a lot of effort in to try to exploit that. [Read more…]

Say Goodbye To Owning Microsoft Office

Jason Cooley is Support Services Manager for Tech Experts.

In the workplace, some would say there is nothing as important as ensuring your productivity. Working with computers is likely a part of your job to some degree. If you are working in an office setting, you likely spend a large amount of time on computers.

There is no doubt a difference in daily tasks between different fields, but there are also many similarities. No matter your industry, you are likely familiar with Microsoft Office programs. Excel, Word, and Outlook are the most commonly used software from the Microsoft Office suite.

Microsoft Office is not cheap. Many businesses will use their current version until it is no longer supported. If 30 users need a new version of Office or a subscription, it has been more cost effective in the past to purchase a copy of the program to use for years until the software becomes unsupported.

This is all going to change. Recently, Microsoft made the announcement regarding the newest version of Exchange Server, their mail server platform.

“This is going to be a version of Exchange that will only be available with the purchase of a subscription,” said Greg Taylor, director of product marketing for Exchange.

This applies to Exchange server, but also applies to Office as they try to move to a month-to-month, pay-as-you-go service. Email hosting and all of your apps are now something you can’t own.

This can result in one of two things, depending on your business. It could be the perfect time to start moving your employees over to the month-to-month model if they aren’t already subscribed.

Alternatively, it can be a burden on someone who will need to switch many users to the pay-by-month model. Microsoft wants the recurring revenue generated in a subscription service, and they don’t mind forcing you into it.

While the announcement came originally involving Exchange server, the end result is the same: Microsoft will make you switch, and it won’t be a choice anymore. For Exchange, 2019 Exchange server will be the last in the line that you can purchase and own.

Once that is out of the support window, you would need to move your licensing to the new subscription model.

As this applies to Office as well, many people may worry about when the changes will need to occur. The changes will not need to be made any time soon if you just purchased, say, Office 2019. You will have a few more years (likely three to four, based on past end of support dates) before you have to pull the trigger.

However, users holding out with Office 2013 will have to make a decision a lot sooner as the security updates end.

The switch to a subscription model is for Microsoft’s benefit. Assuming you used your Office software for five years, you will end up paying more for the new subscription service over those five years.

On the other side of things, you will always have the newest version of Office available to you as every major update and every new version is included.

While it is not an immediate concern, you should start to consider what your Office needs are as time moves forward. Like the rest of the world, Microsoft is always changing.

Targeted Attacks On Small Businesses Are On The Rise

Many of us have heard of ransomware. This is an attack where someone gains access to a system and encrypts all of the data until a ransom is paid. Once they get their money, they either unencrypt the data… or not. There is no guarantee that paying the ransom will actually work.

Most attacks in the past, both viruses and ransomware, were the “spray and pray” variety. Basically, the attackers would send out thousands (or hundreds of thousands) of emails and hope that a small percentage of them were successful. This procedure worked, but the success rate was low and the attackers had to have a large volume to make it successful.

The more profitable attacks that are on the rise are targeted attacks. These attacks rely on quality rather than quantity. Research goes into the attacks that then target a single or very few companies. These attackers will even go as far to check a company or institution’s financial information to see how much of a ransom they can expect to get.

In addition to demanding a ransom for the data to be decrypted, there is often a threat that the data will be released if the ransom is not paid. The threat of data being released can lead to the ransom being paid even if the target has a way to recover from the attack.

While many home users would hate to have their data released, it would not be completely devastating in most cases. If you are a financial, medical, or education institution, it could end your business or severely harm it. These institutions all contain sensitive information of their employees and clients.

For this reason, a recent spike has been seen in the UK involving their schools. Attackers are seeing schools as an easier target in today’s environment with the increase in remote learning. Banks and hospitals have been targeted numerous times before, and their main goal is to be as secure as possible, spending large amounts of money on it.

Schools and universities, on the other hand, are concerned with security, but they’re in a position today with COVID where they need to have fairly open access.

As colleges are pivoting to a distance learning model on a scale never envisioned, they have to allow more and more access in. This means more and more devices the schools have no direct control over, creating potential entry points into the network.

Although most of you reading this are not educational institutions, there is no industry or business (regardless of size) that is safe from a potential attack. Having a good network security system in place with effective backups is critical.

Don’t rely only on a day or a few days’ worth of backups either; some attacks will infect a system, then remain dormant for a while, hoping to outlive the backups you have available.

Having a technology partner who understands the dangers and how to recover is essential. You cannot just plug in a firewall and use an antivirus software and consider yourself protected.

Your business should have an incident response plan that includes backups and restore procedures, as well as testing. You also need to make sure you have a procedure to keep all of your systems up-to-date with the most current patches. Making sure any remote sessions are secure and using 2FA whenever possible is another area often overlooked too.

The list of vulnerabilities is endless, but we are here to assist. Let us provide you the security and comfort that your business is protecting not only your data, but your users from a potential breach.

What Exactly Is “The Cloud?”

You may have come across people talking about ‘cloud’ storage and software that runs in ‘the cloud.’

But what exactly is ‘the cloud,’ and why should you care about it?

A place for networking
The cloud is a bunch of servers that are connected to each other over the internet.

Tech firms like Google, Microsoft, Apple, Facebook, and Amazon run huge networks of servers that let their customers (us) log in using different devices.

Can you imagine a situation where all your photos from the last 10 years were only held on your phone and not stored safely elsewhere? How many memories would you lose if your phone went missing?

The high freedom, convenience, and security offered by the cloud has seen a huge shift to cloud computing over the last few years.

It’s powerful stuff
Cloud infrastructure allows you to run apps and access data across multiple devices without needing to have everything installed on your devices.

This opens opportunities for businesses to offload computing and storage resources to cloud service providers, gaining the flexibility to easily boost or reduce resources as their needs change.

A real perk of running software in the cloud is that it means highly sophisticated applications can run from your computer or phone, with the cloud doing all the heavy lifting.

This can significantly reduce the amount you need to spend on your devices and how often they need to be replaced.

The cloud is also a collaborative place to be. Tools like Microsoft 365 and Google Workspace make it super easy to share documents and work as a team. You can even work together in real-time and give each other instant feedback as you go.

Ignore its fluffy reputation: The cloud’s a tough cookie
When set up and managed correctly, the cloud is the safest place to keep your data.

Let’s be honest, which is more likely: Colin leaving his laptop in a bar again? Or the might of an Amazon or a Google getting hacked?

If Colin loses that laptop, he’ll get a slap on the wrist. If Google get hacked, it would cost them millions and millions of dollars and cause irreparable damage to their reputation.

Different types of cloud

There are three main types of cloud.

Private cloud
The private cloud is a network of servers that are dedicated to supporting a single business.

The hardware is solely dedicated to this business, and they allow organizations like the CIA and banks to have full control over every aspect of their cloud environment.

Public cloud
The public cloud refers to networks of servers that are wholly controlled by cloud service providers. Clients share resources with other people.

The public cloud costs less than setting up a private cloud, and there is far less maintenance and an extremely high level of reliability.

Hybrid cloud
Some firms like to mix and match private and public clouds for different needs. Hybrid cloud setups let businesses quickly move between the two as their needs change.

We’ll help you to make sense of it all.

When embracing the cloud, it’s best to have an experienced hand guide you to the right solutions.

Working with the right IT support partner early will help make sure that you head in the right direction. And make the most of the opportunities that cloud computing offers. Give us a call at (734) 457-5000 if you’d like more information.

Could One Well-intended Click Take Down Your Business… From The Inside?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Not many owners and managers realize this… but the biggest data security risk to your business is actually your team.

We’re not talking malicious damage. But rather, them being caught out by cyber criminals.

It only takes one click on one bad website, and your business can be compromised. It really can be that simple.

Hackers target staff to try to install malware on your devices. Then they can try to extort money, corrupt files, or steal your sensitive business data.

In some cases, this can cause such extreme damage to your business that it makes genuine recovery very hard. Trust us when we say you want to avoid it at all costs.

Fortunately, there are a few things you can do to help protect your business from this kind of attack. And you’re probably already doing some of them. [Read more…]

Zoom In: A Look At The Increase Of Virtual Meetings

Jason Cooley is Support Services Manager for Tech Experts.

Quarantine as a whole was (and still is) a strange thing to see happen in the United States. With state-by-state protocols varying and dates in which states began to open back up done on a per-state basis, months were lost.

Schools shut down and businesses closed, some permanently. The businesses deemed “essential” stayed open with new restrictions in place.

Travel was restricted domestically and halted internationally. Anyone that could work remotely was reassigned to work from home.

With travel bans and remote work orders in place, Zoom saw huge increases in usage.

Zoom is meeting software, allowing users to do video or audio conferences as a group. There is a very good free tier for users to join unlimited calls, to host calls with up to 100 participants for up to 40 minutes, and unlimited one-to-one calls.

Among other similar solutions, Zoom has seen skyrocketing numbers since the pandemic started.

In December 2019, Zoom reported 10 million daily meetings taking place. Fast forward to March 2020, and Zoom hosted 200 million daily meeting. By the end of April 2020, Zoom reached 300 million daily meetings.

Zoom users vary from friends chatting, students collaborating, businesses meeting, conferences, and even the British members of Parliament.

Video conferencing has been used to keep gatherings to a minimum, teach students, conduct business meetings, and more.

While there may be a time that the number of video conferences may drop down, I believe the way we do business and operate as people has changed in some ways that will continue the prevalence of video conferencing.

Many schools across the US closed early late last year due to the pandemic. In Michigan, students in K-12 have a few different options when it comes to how they proceed with their learning now. Students can work remote or virtually.

Remote learning has two options itself, in-person learning with remote or just remote. The in-person learning involves a limited school day and less days in attendance per week. Or a class will be entirely remote.

Virtual school will remain that way all year. This is an existing system in place, and students will remain home doing virtual learning even when restrictions ease. Students may have already been using this system prior to the pandemic.

In both cases, students are typically using Google Classroom and Zoom. Remote learning with Zoom sees students join a conference with an instructor. They may have a lecture or another type of lesson that is done over the video conferencing. Virtual school’s lectures can vary based on the program itself.

When restrictions are lifted in Michigan for schools, those who are doing remote learning with attendance will attend school on a more regular schedule, but will still see some use of Zoom as a way to reduce traffic and students in different classrooms. Those doing just remote learning will stay home after restrictions are lifted and continue to attend video conferences as classes.

There have been many changes this year, and some are for the better. There will probably be a decrease in travel, even as bans are lifted. Some things that had previously been done in-person will now be done through video conferencing. Students will continue to be able to attend school from home. Work-from-home positions may offered by more companies.

Things will continue to return to how they were before the pandemic, but video conferences will continue to thrive.

It’s Time To Move On From Internet Explorer

For those of us who have been online a long time, we remember the original browser war: Internet Explorer vs Netscape Navigator. In recent years, Internet Explorer has fallen off in security and usefulness. Meanwhile, Chrome, Firefox, and Edge (specifically Chromium-based Edge) have increased in usage and also do a much better job of updating frequently to mitigate security issues.

In 2019, Chris Jackson – who is a Principal Program Manager in the Experiences and Devices Group of Microsoft – wrote https://techcommunity.microsoft.com/t5/windows-it-pro-blog/the-perils-of-using-internet-explorer-as-your-default-browser.

In the blog post, he writes that Internet Explorer is a compatibility solution. This means that IE exists now just in case it is needed, such as for a banking site that has not been updated to support modern browsers and does not function otherwise.

To further demonstrate that Microsoft does not want you to use IE, they are ending Internet Explorer’s support for MS Teams on November 30th 2020. Next year on August 17th 2021, MS will end IE support for Office 365, Outlook, and OneDrive, among other services.

In this time of remote working, ending support for their own remote collaboration software is a big deal, and to follow that up the following year with products so widely used like Office and Outlook shows that the end of IE is finally upon us.

There are a few challenges as some software (especially financial and medical fields) has been slow to change and still only work with Internet Explorer. Another issue is users who have been using a computer for a long time have grown accustomed to using Internet Explorer and do not want to change what they know.

Also, many users have accumulated a lot of favorites and passwords in Internet Explorer and do not want to give those up.

Many people with saved passwords may not know what some of their logins are because they have had their credentials saved for so long.

Fortunately, these issues can be handled by importing your information into another browser. To handle it manually would be a pain, but your information from Internet Explorer can all be easily transferred into the main modern browsers (Chrome, Firefox, and Edge). Aside from a few clicks from you confirming what you want transferred, it’s nearly automatic.

That aside, many browsers follow the same general design, making it easy to recognize icons and fields like your address bar or home page button. They are also customizable, much like adding toolbars on IE, so you can adjust a new one to your liking to match your old familiar layout.

What about those legacy web pages? All three modern browsers also have the ability to use a plugin to emulate Internet Explorer on specific pages. Or, if absolutely necessary, you can keep and use IE only as needed.

Another benefit to the three modern browsers is update frequency. Chrome will update within days, if not hours, of an issue being discovered. Firefox is also on a similar schedule.

Edge had three security updates in August of 2020, so it also updates more frequently than Internet Explorer ever did.

Change is hard, especially for some people when it comes to their computers and software. There was outrage when Microsoft Office introduced the ribbon bar and when Windows updated the start menu.

For some, the change was seamless; for others, it took some time. Either way, these have become the norm and most people are now comfortable with them.

The same is true of browsers. They are all used in generally the same way, and while using Chrome may be a little different in the long run, you are safer and your experience is more secure.

If the company who develops a product feels it is not useful for everyday use, it’s time to move on.

Why IT Professional Are Terrified Of Ransomware

If you want to scare someone who works in IT, start talking to them about ransomware.

There are few things as scary for IT professionals as the prospect of their systems locking up with hackers demanding money to return things back to normal.

When discussing it, you may notice them breaking into a sweat and starting fidgeting as they contemplate one of the most terrifying cybersecurity threats computers face.

How does ransomware spread?
There are several ways that ransomware can get into computers.

Email is one of the most common ways in. Hackers will send bad files that can trigger a ransomware infection when opened and quickly spread across your network.

Another favorite way to spread ransomware is to send bad URL links that download ransomware when they’re clicked. This ‘drive-by downloading’ can happen without anybody noticing that anything has happened until it’s too late.

These bad files and links are not always easy to spot. Cybercriminals are getting increasingly sophisticated in the ways they try to persuade people to do what they want them to do.

A growing trend is for cybercriminals to pose as trusted people, like a client, a colleague, or a friend. And ask you to do something urgently before you have the time to think things through.

This isn’t a modern crime. Ransomware’s been around for years
Ransomware dates to the late 1980s when payment was often sent by check through the mail!

Now, modern hackers normally demand payment in cryptocurrencies that make them much more difficult to track.

Here is some information on two of the more infamous ransomware attacks.

WannaCry
The WannaCry ransomware attack took over the news when it spread widely in 2017.

More than 200,000 computers in over 100 countries were left useless. The ransomware exposed weaknesses in critical IT systems, like those in hospitals and factories.

One of the worst-hit victims was the National Health Service (NHS) in the UK. Operating theatre equipment, MRI scanners, and other computers essential for hospitals were left useless and patients suffered.

NotPetya
NotPetya is less well-known than WannaCry but the financial costs are estimated to have been far higher.

Mainly spread among businesses due to the early infection of a major financial software vendor, the cost of this ransomware to small businesses and governments is estimated to have been around $10 billion.

This attack impacted computers around the world. But around 80% of the cases are estimated to have been in Ukraine.

The Eleven Types Of Phishing Attacks You Need To Know To Stay Safe

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Like Darwin’s finches, phishing has evolved from a single technique into many specialized tactics, each adapted to specific targets and technology. First described in 1987, phishing is now carried out via text, phone, advertising and, of course, email.

Boiled down, all of these tactics exist for the same purpose – to steal confidential information from an unsuspecting target in order to extract something of value.

Knowing about the hugely diverse set of today’s phishing tactics can help you be more prepared for the inevitable instance when you become the target.

Standard phishing – casting a wide net
At its most basic, standard phishing is the attempt to steal confidential information by pretending to be an authorized person or organization. It is not a targeted attack and can be conducted en mas. [Read more…]

Is Your Network Stealing Your Staff’s Time?

Jason Cooley is Support Services Manager for Tech Experts.

At some point in the last six months, maybe you’ve been on a Zoom call or chatting away in Microsoft Teams and wondered what would have happened if Covid had come along in the 1980s or even 1990s.

Let’s be honest… the world would have totally shut down. Business would have completely ground to a halt. We couldn’t have done the last six months without the amazing technology that we now totally take for granted.

Depending how old you are, what we can do easily today was literally the stuff of dreams just 20 years ago.

But as much as great IT has made working from home easier and enabled many businesses to keep going, we also must remember that bad IT can still be a massive time thief.

We’ve all become so reliant on computers that we’ve forgotten how to perform simple tasks ourselves. And we go into panic mode when they stop doing what we expect of them.

Most businesses find that even the most committed staff in the world will jump at the chance for a little bit of office down time. So, when computers aren’t doing their job that’s a great opportunity to down tools and do very little.

If they’re in the office, people sit around chatting or go home early, while every second your business is losing money.

That’s not to say that all employees want to take the easy way out. There will be others who like a challenge and want to try their best to make things better, using their own limited IT knowledge or good old Google to guide them.

Unfortunately, IT set ups are complex. And if you don’t really know what you’re doing you could end up digging a far bigger hole for you and your entire organization.

Well-meaning staff, no matter how lovely and helpful they might be, can cause more problems than you could ever imagine.

Just like you wouldn’t want someone who did a biology class 20 years ago to perform open heart surgery on you, you really don’t want someone who’s just watched a couple of YouTube tutorials fixing your business’s computer system.

This is what we do, day in, day out. And we’re the local experts.

If you want to ensure that your workforce doesn’t grind to a halt when things stop running smoothly, it pays to invest in experts who can:

a) Stop most things from going wrong in the first place, and
b) When they do go wrong, get you back on track quickly and reliably

That means minimal downtime, less chatting and more getting things done.