Monitoring

Five Keys For Small Business Preventive Security Measures

November 1, 2017

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

We continually mention the importance of network and password security for small businesses for good reason. The increasing security threats and cases of security breaches in both large and small enterprises show that we are more at risk than ever before of suffering a security violation.

Regulated entities such as medical offices (HIPAA) and financial institutions (FINRA) are especially susceptible to breachs and security incidents.

Prevention is always better than cure. To this end, here are five security measures you should start putting in place today.

Limit lateral data transfers
One of the biggest contributors to internal data breaches is a lack of employee knowledge of security issues. It’s important to protect strategically important information and data by limiting who has access to it.

Furthermore, you can employ network segmentation to reduce any unnecessary communication between internal and external networks.

Ensure machines and devices are updated
Internal breaches can result from the use of unprotected machines. Without being aware, employees may download malware or ransomware.

However, this may not be a problem if the software and operating systems on the machines are up to date.

Keeping all devices and the accompanying software and security structures up to date will make a significant contribution to protecting your systems.

Monitor activity to identify suspicious activity
Sometimes, a security breach may not involve any employees. Network administrators should ensure the latest monitoring software is in use to monitor behaviors and immediately detect anything that looks amiss.

Cyber criminals are aware of these types of activities and often conceal themselves deep in the network to exploit the system over a prolonged period of time.

Even if you miss the threat the first time, the monitoring system will provide meaningful insights that will help you recognize foul play.

Ensure robust passwords are in place
When it comes to system passwords and login procedures, you can always improve. In addition to the more traditional text-based password access, you should also ensure you have more up-to-date security mechanisms in place such as fingerprint access and smartcards. These are much more challenging for cyber criminals to replicate.

Embrace cyber insurance policies
No system can be completely safe from a cyber attack. Criminals are getting smarter and smarter, and what appears to be an impenetrable system one day can be infiltrated the next.

For this reason, you may wish to take out cyber insurance to cover any costs you incur if things do go seriously wrong.

Improve Your Staff’s Productivity Using These Five Tips

March 8, 2016

Increasing employee productivity is a positive approach for companies, regardless of the industry; however, the concept can be rather vague.

Productivity means more than just working to meet a given quality standard, therefore, it isn’t always immediately clear how to achieve optimum outcomes while maintaining standards and keeping your employees happy.

Here are a few concrete methods that can help your staff be more productive:

Block certain Internet sites
With the rise of social media, online gaming, video sites, gaming and contest portals, and entertainment websites, there are many potential distractions on the web. Even if an employee is well-intentioned, there are plenty of well-designed trappings to keep them there, wasting your company’s time and, ultimately, money. [Read more…] about Improve Your Staff’s Productivity Using These Five Tips

The Three Scariest Threats To Small Business Networks

October 27, 2015

While spam, pop-ups, and hackers are a real threat to any small business network, there are three security measures that you should be focusing on first before you do anything else.

Worry About E-mail Attachments, Not Spam
Sure, spam is annoying and wastes your time, but the real danger with spam is in the attachments.

Viruses and worms are malicious programs that are spread primarily through cleverly disguised attachments to messages that trick you (or your employees) into opening them.

Another huge threat is phishing e-mails that trick the user by appearing to be legitimate e-mails from your bank, eBay, or other financial accounts.

Here are three things you must have in place to avoid this nightmare: [Read more…] about The Three Scariest Threats To Small Business Networks

The Benefits Of Managed IT

October 27, 2015

Michael Menor is Vice President of Support Services for Tech Experts.

It can’t be denied that cost drives business. When the technology your business relies on fails, you have to get it repaired or replaced quickly in order to keep the resulting downtime from damaging your business.

The traditional method of computer repair is much like when your car is in disrepair: when your technology isn’t working properly, your organization reacts to the problem by calling your friendly, neighborhood computer repair guy.

The technician will come to your office and try to fix the technology that is broken. When they figure out they can’t fix the problem on the spot, they will give you a quote.

The time and materials of summoning these technicians to the office will cost you money, so will the replacement technology, and most notably, the downtime you accrue.

Add that to the variable cost of fixing the malfunctioning technology… and your business has a real problem.

At Tech Experts, we offer a proactive IT support platform that utilizes remote monitoring and management software to ensure that the technology that’s attached to your network – and your network itself – is up and working properly. Additionally, our whole IT services platform is billed in one monthly payment.

If you add it up, you are saving money in every aspect of your business.

You not only remove the variable costs of keeping your IT running smoothly, but you also get proactive support that, in many cases, gives you the time to replace hardware before it fails, saving you from the doldrums of companywide downtime.

The fact is that small and medium-sized businesses (SMB) need to cut their technology support costs if they want to compete with larger organizations.

There are a myriad of benefits that come from a managed services provider like Tech Experts handling the administration and support of your technology. Besides the obvious cost savings, four other huge benefits include:

Comprehensive Support
A major speedbump SMBs have when shopping for any service that claims to help their business is the quality of that service.

For those that worry that our managed services are too good to be true, we employ certified and trustworthy technicians that are proficient in finding solutions for today’s most challenging business technology problems.

Single Point of Contact
As an alternative from having to manage several vendors, our IT service provides you with a single point of contact for all of your technology needs. Since we understand the intricacies of your network, we can get issues resolved faster.

Faster Support
Through the use of remote support that we offer to all managed clients, we can more quickly address issues you might be having.

Many problems can be solved without an on-site visit. Additionally, annoying obstacles like forgotten passwords and account lock-outs can be resolved in a few minutes when we already have account configurations on file.

HIPAA Compliance
While it may not apply to all businesses, doctors’ offices and other related medical facilities can maintain HIPAA compliance when using our services. By collaborating with us on your organization’s policies, you can avoid costly government fines in the event of a medical breach or network inspection.

Managed IT services can provide you with many other benefits. For more information about how our managed IT services can benefit your organization, call us at (734) 457-5000 today.

Most Employees Use Work Computers For Outside Activities

December 12, 2014

GFI Software, a leading software tool provider for companies like Tech Experts, recently released a report that found the personal use of company computers and other devices is leading to major downtime and loss of confidential data in many businesses.

The study of about 1,000 small business employees who used a company-provided desktop or laptop computer found that 39 percent of them said their businesses have suffered a major IT disruption caused by staff members visiting non-work related websites with work-issued hardware, resulting in malware infections and other related issues.

Even more alarming, the study showed nearly 36 percent of staff members said they would not hesitate to take company property, including email archives, confidential documents and other valuable intellectual materials, from their work-owned computer before they returned the device if they were to leave their company.

The Human Factor In Network Security

December 12, 2014

Scott Blake is a Senior Network Engineer with Tech Experts.

As you’re aware, disaster can manifest in many forms. In the past, we have included articles about weather-related events and how to best prepare your business against disasters.

However, there is another type of disaster that’s unlike flooding or fires that can also have devastating effects on your business.

The Human Factor
When it comes to safeguarding your business both physically and virtually, you have the power and controls available to give the edge against company espionage, cyber-attacks, or absent-minded employees.

It comes down to three basic areas: Software, Hardware and People. Once you have a firm grasp and control over these areas, you will have reduced your risk level considerably.

Software
Make sure all of your company’s electronic devices – from company-owned smart phones, tablets, laptops, workstations and servers – are running anti-virus and have a firewall in place.

While some devices are easier to secure and manage than others, this is a critical area, so be sure to make the best attempt to cover all your devices.

Be certain that your data storage devices are running backups and the backups are indeed good. As an added form of protection, encrypt your data being stored, making sure you save the key offsite as well.

That way, if your data is comprised either through internal access or external, it will become very difficult to use the data that was stolen.

The size of your company and the amount of sensitive data you have will dictate the frequency of your backup schedule. Remember, it never hurts to be overprotective when it comes to your data.

Hardware
Have security/firewall devices in place. Make sure they are fully configured for your business and that the firmware is up to date.

A lot of security devices add increased measures through the firmware updates.

They often have the ability to fully lock down your internal network as well. Restrict Internet access to only websites necessary for your business operations.

If your business offers Wi-Fi access for either internal use or guest use, make sure that controls are in place to limit access to your company’s internal network. The best precaution is to place the guest Wi-Fi on a completely separate network.

While Exchange mail servers can increase overhead, they will also add a level of increased security to combat against viral infections being delivered via email and attachments.

I’m sure everyone is well aware of Crypto-Locker and its variants. The majority of Crypto-Locker infections were delivered through infected PDF files sent as attachments.

People
By nature, humans are (and will always be) the most random aspect to safeguard your business from. It is vital that you run full background checks on any employee that will be given access to sensitive data or hardware.

Restrict the use of portable media such as flash drives and external hard drives while employees are working on or in the server room. Some companies may go as far as banning all portable media devices entirely.

Be proactive in actively monitoring your employees and watch for any changes in behavior, appearance, attitude and tone of speech. These can all be signs something is wrong.

If you have questions or you’re looking for suggestions, call Tech Experts at 734-457-5000, or email us at info@mytechexperts.com.

(Image Source: iCLIPART)

Network Security And The “People Problem”

November 30, 2014

Security teams that focus on what is already happening and the layers of defense being breached are constantly in reactive mode.

Reviewing reams of data produced by technology – firewalls, network devices or servers – is not making organizations more secure. With this approach, the team fails to prevent breaches or respond in a sufficiently timely way.

Instead, the addition of more data and more complexity perversely prevents achieving the end result: protecting sensitive information.

The significant breaches of today are executed by people infiltrating the organization and attackers are doing this by assuming identities or abusing insider privileges.

There is a gap between the initial line of defense (the firewall) and the company’s last line of defense (the alerts received by the security team and their following analysis.)

Tracking user activity, especially connections between suspicious behaviors and privileged users, would allow organizations to close this gap.

True understanding of identity has the ability to cut through the overwhelming explosion of data that can render security organizations blind and unable to respond to real threats or even detect if they are under attack.
It is time to incorporate identity into the organization’s breach prevention strategy and overall security. We have to stop accepting a gap approach to security, which is usually focused on data and devices rather than people. In light of the budding perimeterless world, identity will increasingly be the primary factor that matters to the security team.

Identity data is pervasive, yet typically absent from the security world view. For security organizations, our corporate identity (the personal identity elements we bring to our corporate environment) and our behavior are aggregate details essential in building a picture of what is happening within – and beyond – the corporate perimeter.

Together, they offer deep context to inform the security team of the appropriate response to potential threats and real attacks.

The critical piece in this approach is the security organization’s ability and capacity to understand the full scope of identity: who the person really is behind any given device and whether they are behaving abnormally.

This is particularly helpful when identifying attackers that have managed to acquire privileged user credentials.

Identifying Normal Behavior
One way to reduce the scope is to focus on the highest risk identities first. If you accept that the greatest risk comes from people inside your organization that can access sensitive information – known as “privileged users”, which can also include non-human accounts that may have access – then the correct steps are as follows:

1) Reduce the number of privileged users/identities and accounts.

2) Limit the privileges any one user has to systems and applications necessary to do their job.

3) Integrate the identities of privileged users into security and risk monitoring to spot behavior that may indicate a breach.

Closing the Gap
As more and more of the computing environment breaks outside of the control of central IT organizations, spearheaded by the move towards BYOD (or Bring Your Own Device), the ability to recognize who a user actually is and what is normal for them becomes a foundational part of effective security monitoring.

Without such identity-powered security, security teams will continue to struggle to differentiate whether the events they are monitoring are worth a reaction and that hesitation allows attackers to execute more and more damaging data breaches.

Furthermore, security teams will continue to operate in reactive mode and fail to prevent breaches or respond in a sufficiently timely way.

If identity is a central component to security management, then security teams will be in a better position to understand the behavior of users and will spend far less time trying to identify the meaning behind the events they are seeing.

People will continue to be our biggest point of exposure and with a keen focus on user behavior and activity, we will be in a much better position to limit the impact of breaches.

(Image Source: iCLIPART)

Why Third-Party Monitoring And Managed Services?

August 28, 2013

As technology advance and organizations face increasing demands for efficiency in their business, their IT infrastructures have become increasingly complex. Applications are far more interdependent than ever before, and their business tools, whether hardware or software, are making up a diverse web of systems from a wide range of vendors.

The challenges of dealing with this complexity are something that businesses have to deal with on a daily basis. In a recent study, nearly 50% of global business leaders have called “increased reliance on technology” the No. 1 risk to their organizations. Another 37% said the “business complexity of the organization” is their top risk.

All the same, businesses need to deliver high performance and high availability, typically without accompanying increase in budgets
to accomplish these goals.

So how can companies cope with the dual challenges of managing an increasingly complex infrastructure, while remaining focused on achieving business goals and delivering high quality products and services to their clients?

Organizations are increasingly turning to third party providers that delivers advanced monitoring and resolution services for your IT assets.

If you work with a knowledgeable vendor —one that is familiar with your infrastructure — there are big advantages to taking this approach, including:

Lower total cost of ownership
Higher availability of applications
Reduced downtime, (planned or unplanned)
Reduced workload on your own people to deal with IT issues
Improved application performance
Ability to proactively monitor and thereby mitigating issues as they arise, as opposed to after it’s too late

An advanced monitoring and resolution service should consist of 24/7 secure remote monitoring and resolution delivered by skilled engineers using proven practices.

The service should offer rigorous security certifications to ensure remote experts safely deliver proactive monitoring and administration of internal applications and hardware systems.

Don’t think of it simply as an outsourcing solution. Rather, think of it as a team of experts supplementing your own team, providing a number of products and solutions that it would be next to impossible to maintain in-house.

Because of the complexity of today’s systems, it is often difficult to identify exactly where and why systems fail. This can result in dissatisfied customers and less productive workers.

These problems can be severe enough to put the organization at risk. With proactive monitoring and advanced support, however, the organization will be made aware when (and why) vulnerabilities occur.

An advanced monitoring service means looking after performance or availability of all your critical systems and applications. This monitoring can extend through your entire infrastructure — applications, databases, servers, storage, networks and backup. Problems, can be addressed using best practices for incident, change and problem management.

As a client, you can choose to deploy the services according to your own needs, from full remote services to full onsite solutions or some combination.

The process of monitoring and remediating problems within your IT, you will learn a lot about your risks and vulnerabilities. Are there peak usage times that are impacting application slowing down the performance of mission-critical applications? The key is to continuously improve performance and availability.

You should meet regularly with your professional services team to review processes and set strategies for continual performance improvement. You should also have a plan that includes regular hardware and software health checks.

Your company gets the revenue as well as interacts with your customers through your applications. When performance slows down, the entire business suffers and is put at risk for lost revenues, lost profits, lost customers and general damage to your brand.

Advanced monitoring and resolution services lets you keep track of application performance at all times. Monitoring agents create alerts when systems or applications are under-performing, so you can fix issues before they impact the company further.

End-user monitoring takes the service a step further, whereby you can collect, process and present details — even going so far as to track user requests and follow them through to resolutions.

You can collect information on the length of time it takes to complete a business transaction and the length of time it takes to search, select and pay for a specific product. You can easily see how you can improve revenue and profits.

Predictive incident management diagnostics lets your vendor partner identify issues with configurations and performance before they become full-scale problems.

For example, advanced monitoring lets a service provider leverage complex algorithmic models and thereby identify potential issues with individual transactions within the database.

Advanced monitoring and resolution delivers significant improvements in IT support. You can measure the performance in meeting service requests, including trends on how long it takes for repairs to be performed, response by incident type, and reporting and measure performance against standards on all systems, including backup, emergency storage and system uptime.

A third-party supplier will have access to tools, methodologies and best practices your organization may not even be aware of.

Advanced monitoring and resolution is what they do every day, so your organization is always taking advantage of the experience the vendor has gained from working with other businesses, as well as the latest in diagnostic and recovery tools.

They often employ thorough diagnostic tool sets that cover all your systems. By using these tools, they are able to identify and qualify new incidents, automatically compare new incidents with a knowledge base of past incidents, and use the past experiences as the basis to quickly and effectively resolve issues.

Clearly you will want advanced monitoring and resolution to deliver 24/7 support for all your systems, databases and mission-critical applications. But some vendors can also offer more specialized services, such as end-user monitoring; firewall and VPN management; continuous risk assessment application management; and intrusion detection systems to mention but a few.

Because IT has grown in complexity, it is difficult and costly to hire and retain all the in-house expertise required to manage everything.

The other problem comes with internal politics, often resulting in finger-pointing than actual problem solving. An outside vendor gives you not only access to a team of service professionals with deep expertise. They are focused on fixing your problems, and not assigning blame.

Internet Security: What Are They Surfing At Work?

September 28, 2011

tlfheadshot_web — Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

A recent survey of business owners and IT managers found that employees are using company computers, Internet access, e-mail, and other resources to conduct hours of non-work related activities. And the problem is on the rise.

Some of these activities simply waste time, like day trading and monitoring eBay bids. However, some of the activities are malicious and can cause serious issues with a company’s server and network.

Here are a few incidents that were reported by the IT managers that were surveyed:

• One employee was caught running a gambling website and acting as a bookie for his co-workers.

• To bypass the company’s web filter, one employee was caught using his desktop computer as an FTP server for the other employees. He had downloaded and saved over 300GB of material, all on his work computer, using his company’s Internet connection and undoubtedly slowing down their systems.

• One employee was caught giving away confidential information such as price lists, contracts, and software code for application development.

• Another employee had a pretty lucrative side business stealing and selling company inventory on eBay.

• One woman was caught running an online “outcall” service from her desk.

• One employee was caught renting the corporate IP address to hacker friends to attack other company’s computers and networks.

While these scenarios seem outrageous, they are not uncommon. Of the 300 companies surveyed, almost one-third have fired an employee in the last 12 months for violating e-mail policies, and 52 percent of companies said they have disciplined an employee for violating e-mail rules in the past year.

Educating your employees through an acceptable use policy is simply not enough. If the requirements are not enforced, employees will accidentally or intentionally violate your rules.

That’s why every company needs to invest in good e-mail and web filtering software. Just having it in place will act as a deterrent for such activities. If something really is going on – like an employee leaking confidential information to a competitor or sending racial or sexist jokes through your company’s e-mail – you’ll be able to catch it and resolve the issue proactively, instead of reacting to it after the fact.

Additionally, a good web filter will prevent employees from accessing inappropriate material online, wasting time on non-work activities, downloading viruses and spyware, and using up company bandwidth to download photos and music.

Internet Monitoring Software Can Boost Office Productivity

November 24, 2009

It goes without saying the Internet is a very useful tool that most of us use on a daily basis at work. I have a number of clients who have software applications that are web based and require all employees to have web browsers open and active all day long.

The Internet can be a very useful place. It gives you the ability to find just about anything you could ask for. It can also lead to distractions and temptations. Say you want to check the final score of the game you were watching last night.

One click of the mouse and you can have all the latest sports scores and stories. Worse yet, the IM chatting (instant messaging) and Facebook browsing can fill your day as opposed to the work you are getting paid to do.

As a result, there are software packages available that can monitor and report what someone has been looking at, or looking for, on the Internet.

More and more companies are concerned about what their employees use the Internet for, and more importantly, what they are doing while they are “on the clock”.

These software packages, such as Spectorsoft, can be loaded onall computers on a network, and gives business owners the ability to record emails, chats, IMs, websites, web searches, programs run, keystrokes typed, files transferred, screen snapshots.

Literally everything that is done on that computer can be reviewed at a moment’s notice at anytime.

Some may think that this is an invasion of privacy, but please keep in mind: Private things are best left at home.

Websites such as Facebook and MySpace can be wrought with viruses and can cause a problem on a company’s network.

I’ve used these types of monitoring programs to review screenshots once a problem has occurred to determine the cause of the problem, and see exactly what the user was doing when the infection occurred. Beyond reporting, these software packages retain the user-level investigative tools that a lot of clients have grown to rely on.

If you detect a problem or suspect a specific employee is the main culprit of abuse, you can dig deeper and review every detail of the computer and Internet activity to gather the evidence you need.

The level of detail is so precise that you can see what an employee does each and every second, and even include screen shots of the activity whenever the employee is on a certain website, or logged into a certain chat program.

Not only can you record and monitor Internet activity, record instant message chats, and websites visited, but you can also block porn, other adult content or other web sites that aren’t work related.

Legally speaking, to install monitoring software on a computer, you have to meet one of two requirements: You have to own the computer, or you have to notify all users that they’re being monitored.

If you feel you need to deploy such a tool on your network, do not hesitate to call Tech Experts, and we can recommend the right software package for you.