Is there still room to improve your remote team’s productivity? 

Databranch has helped many businesses add remote work capabilities to their technology environment over the past year, always keeping security top-of-mind throughout.

However, we also offer a productivity monitoring software solution that can monitor web and desktop application use across all your company’s computers – whether in-office or remote.

It offers a balance of providing your management team with insights without extensive policy documentation. Meaning it is a smart fit if you want visibility without heavy-handed intrusion.

This includes:

• Monitoring: You will be able to monitor all employee desktop apps and web use whether in-office or remote
• Visibility: Provides an overview of workforce productivity without the hassle of looking over each employee’s shoulder
• Timelines: In the instance of malware detection, you can track back to specific events to view the history
• Reporting: View robust reports to identify productivity trends and optimize workflow. This helps determine which web-based applications provide the most business value.

This software will allow you to monitor active tabs, desktop apps, and idle time. You can then store up to 6 months of your data for instances such as legal compliances or auditing purposes. 

The program makes filtering through these logged events easy and fast. Simply type into a search box and the event filter will automatically scan your data, compiling records from specific endpoints. 

This means you’ll have visibility into which endpoint was browsing certain websites or using a specific application.

Reach out to Databranch today at 716-373-4467 x115 or [email protected] if you’d like to learn more.

Read More

Databranch has been named as one of the world’s premier managed service providers in the prestigious 2023 Channel Futures MSP 501 rankings.

For the past 17 years, managed service providers around the globe have submitted applications for inclusion on this prestigious and definitive listing. The Channel Futures MSP 501 survey examines organizational performance based on annual sales, recurring revenue, profit margins, revenue mix, growth, innovation and supported technologies.

MSPs that qualify for the list must pass a rigorous review conducted by the research team and editors of Channel Futures. It ranks applicants using a unique methodology that weighs financial performance according to long-term health and viability, commitment to recurring revenue and operational efficiency.

Channel Futures is Pleased to Name Databranch to the 2023 MSP 501

“We are honored and delighted to be recognized as a top Managed Service Provider in the 2023 Channel Futures MSP 501 Awards!” said Mike Wilson, President of Databranch. “This accolade is a reflection of our unwavering commitment to not just serve, but truly partner with our clients to meet their unique technology needs. We believe in a collaborative approach, working side by side with our clients to deliver innovative solutions and deliver an exceptional support experience.”

This year’s list is one of the most competitive in the survey’s history. Winners will be recognized on the Channel Futures website and honored during a special ceremony at the Channel Futures Leadership Summit, Oct. 30-Nov. 2, in Miami, Florida.

Since its inception, the MSP 501 has evolved from a competitive ranking into a vibrant group of innovators focused on high levels of customer satisfaction at small, medium and large organizations in public and private sectors. Many of their services and technology offerings focus on customer needs in the areas of cloud, security, collaboration and hybrid work forces.

“The 2023 Channel Futures MSP 501 winners persevered through challenging times to become the highest-performing and most innovative IT providers in the industry today,” said Jeff O’Heir, Channel Futures senior news editor and MSP 501 project manager. “The MSP 501 ranking doesn’t award MSPs solely on their size and revenue. It acknowledges the business acumen, best practices and trusted advice they deliver to customers every day. They deserve the honor.”

“We extend our heartfelt congratulations to the 2023 winners, and gratitude to the thousands of MSPs that have contributed to the continuing growth and success of the managed services sector,” said Kelly Danziger, general manager of Informa Tech Channels. “These providers are most certainly driving a new wave of innovation in the industry and are demonstrating a commitment to moving the MSP and entire channel forward.”

The data collected by the annual NextGen 101 and MSP 501 drive Channel Futures’ market intelligence insights, creating robust data sets and data-based trend reports that support our editorial coverage, event programming, community and networking strategies and educational offerings.

Background

The 2023 MSP 501 list is based on confidential data collected and analyzed by the Channel Futures research and editorial teams. Data was collected online from February to May, 2023. The MSP 501 list recognizes top managed service providers based on metrics including recurring revenue, profit margin and other factors.

About Databranch

Databranch, Inc., is an IT consulting and outsourcing provider serving local, national and international businesses in Western New York and Northwestern Pennsylvania since 1985. We help our clients use information technology to cut costs, increase efficiencies and enhance customer service across three main areas: managed services, networking and security.

The Databranch staff is made up of highly skilled, experienced, and certified professionals. Our clients look to us to provide technology solutions that work. We offer consulting services that provide organizations with the best possible solutions for the most affordable price that are executed with a personal touch. Contact us today to see what we can do for you.

About Channel Futures

Channel Futures is a media and events destination for the information and communication technologies (ICT) channel community. We provide information, perspective and connection for the entire channel ecosystem, including solution providers (SPs), managed service providers (MSPs), managed security service providers (MSSPs), cloud service providers (CSPs), value-added resellers (VARs) and distributors, technology solutions brokerages, subagents and agents, as well as leading technology vendor partners and communication providers.

Our properties include many awards programs such as the Channel Futures MSP 501, a list of the most influential and fastest-growing providers of managed services in the technology industry; Channel Partners events, which delivers unparalleled in-person events including Channel Partners Conference & Expo, Channel Futures Leadership Summit, Women’s Leadership Summit, the MSP Summit and Channel Partners Europe; and a DEI Community Group, our initiative to educate, support and promote diversity, equity and inclusion (DE&I) in the ICT channel industry. Channel Futures is where the world meets the channel; we are leading Channel Partners forward. More information is available at channelfutures.com.

Channel Futures is part of Informa Tech, a market-leading B2B information provider with depth and specialization in ICT sector. Every year, we welcome 14,000+ subscribers to our research, more than 4 million unique monthly visitors to our digital communities, 18,200+ students to our training programs and 225,000 delegates to our events.

What’s the Value of Managed IT Services?

Here at Databranch, our Managed Network Services provides your company with the security of knowing that your network is being monitored and maintained on a 24/7 basis. 

It’s designed to keep your network functioning seamlessly by utilizing a suite of cost-effective computer managed services that proactively monitor and support your network and Technology infrastructure.

See how much better your business can operate when a professional is handling your tech.

Questions about costs and services? Contact Databranch today at 716-373-4467 x 115, [email protected], or visit us here to learn more.

Read More

What is Ransomware?

Ransomware is a type of malware that encrypts data on a computer or network into an unreadable format until a sum of money, or ransom, is paid.

How does Ransomware Work?

When run, ransomware will scan the file storage disk for files to encrypt – typically documents, spreadsheets, etc. The files are encrypted with a key that only the attackers know, thus preventing your access to the files. Then, threat actors hold you files hostage, demanding a ransom to be paid for you to get your access back.

How do Hackers Sneak into an Environment?

Hackers are stealthy and can sneak in using many different approaches. Here are a few of the most popular ways that hackers gain access:

• Phishing: This is when a threat actor tricks someone into handling over their sensitive, personal information, such as a credit card or Social Security number. The victim believe they’re handing over their information to a trustworthy resource when in reality, they’re giving their information to threat actors.
• Public-Facing Vulnerabilities: Threat actors scour the internet looking for systems with known vulnerabilities. Then, they exploit them to gain access to the environment.
• Drive-By Downloads: This is when someone navigated to a malicious webpage and unknowingly downloads malicious code to their computer – all by visiting the webpage.
• Purchased Access: There’s a marketplace for everything these days, and cyberattacks are no exception. The dark web is a treasure trove of hackers for hire and deployable ransomware for download.

Ransomware Prevention

1. Keep your computer updated and patched.
2. Verify, then trust.
3. Make sure your connection to a site is secure before submitting any personal information.
4. Stay up-to-date on the latest cybersecurity education.

Ransomware Detection

Prevention is only part of the puzzle. Some attacks are virtually impossible to prevent. It all comes down to fast detection and response times, which help you combat tomorrow’s threats that may not be detectable today.

The most efficient way to detect ransomware is to leverage the tools in your security stay. 

Secure your business with a cybersecurity platform that secure your business and detects hackers. To protect our managed clients, we deploy a suite of cybersecurity tools that are backed by a 24/7 Threat Operations Center that worked to protect your assets and evict malicious actors.

Reach out to Databranch today at 716-373-4467 x115 or [email protected] to learn more.

Read More

Cloud account takeover has become a major problem for organizations. Think about how much work your company does that requires a username and password.

Employees end up having to log into many different systems or cloud apps.

Hackers use various methods to get those login credentials. The goal is to gain access to business data as a user as well as launch sophisticated attacks, and send insider phishing emails. 

How bad has the problem of account breaches become? Between 2019 and 2021, account takeover (ATO) rose by 307%.

Doesn’t Multi-Factor Authentication Stop Credential Breaches?

Many organizations and individuals use multi-factor authentication (MFA). It’s a way to stop attackers that have gained access to their usernames and passwords. MFA is very effective at protecting cloud accounts and has been for many years.

But it’s that effectiveness that has spurred workarounds by hackers. One of these nefarious ways to get around MFA is push-bombing.

How Does Push-Bombing Work?

When a user enables MFA on an account, they typically receive a code or authorization prompt of some type. The user enters their login credentials. Then the system sends an authorization request to the user to complete their login.

The MFA code or approval request will usually come through some type of “push” message. Users can receive it in a few ways:

• SMS/text
• A device popup
• An app notification

Receiving that notification is a normal part of the multi-factor authentication login. It’s something the user would be familiar with.

With push-bombing, hackers start with the user’s credentials. They may get them through phishing or from a large data breach password dump.

They take advantage of that push notification process. Hackers attempt to log in many times. This sends the legitimate user several push notifications, one after the other.

Many people question the receipt of an unexpected code that they didn’t request. But when someone is bombarded with these, it can be easy to mistakenly click to approve access.

Push-bombing is a form of social engineering attack designed to:

• Confuse the user
• Wear the user down
• Trick the user into approving the MFA request to give the hacker access

Ways to Combat Push-Bombing at Your Organization

Educate Employees

Knowledge is power. When a user experiences a push-bombing attack it can be disruptive and confusing. If employees have education beforehand, they’ll be better prepared to defend themselves.

Let employees know what push-bombing is and how it works. Provide them with training on what to do if they receive MFA notifications they didn’t request.

You should also give your staff a way to report these attacks. This enables your IT security team to alert other users. They can then also take steps to secure everyone’s login credentials.

Need help enhancing your employee training? Contact Databranch today or visit us here to learn more about our Breach Prevention Platform and Security Awareness Training with simulated phishing tests.

Reduce Business App “Sprawl”

On average, employees use 36 different cloud-based services per day. That’s a lot of logins to keep up with. The more logins someone has to use, the greater the risk of a stolen password.

Take a look at how many applications your company uses. Look for ways to reduce app “sprawl” by consolidating. Platforms like Microsoft 365 and Google Workspace offer many tools behind one login. Streamlining your cloud environment improves security and productivity.

Adopt Phishing-Resistant MFA Solutions

You can thwart push-bombing attacks altogether by moving to a different form of MFA.

Phishing-resistant MFA uses a device passkey or physical security key for authentication. 

There is no push notification to approve with this type of authentication. This solution is more complex to set up, but it’s also more secure than text or app-based MFA.

Visit our website here to learn more about passkeys along with the other 2 main forms of MFA.

Enforce Strong Password Policies

For hackers to send several push-notifications, they need to have the user’s login.

Enforcing strong password policies reduces the chance that a password will get breached.

Standard practices for strong password policies include:

• Using at least one upper and one lower-case letter
• Using a combination of letters, numbers, and symbols
• Not using personal information to create a password
• Storing passwords securely
• Not reusing passwords across several accounts

Put in Place an Advanced Identity Management Solution

Advanced identity management solutions can also help you prevent push-bombing attacks. They will typically combine all logins through a single sign-on solution. Users, then have just one login and MFA prompt to manage, rather than several.

Additionally, businesses can use identity management solutions to install contextual login policies. These enable a higher level of security by adding access enforcement flexibility.

The system could automatically block login attempts outside a desired geographic area. It could also block logins during certain times or when other contextual factors aren’t met.

Do You Need Help Improving Your Identity & Access Security?

Multi-factor authentication alone isn’t enough. Companies need several layers of protection to reduce their risk of a cloud breach.

Are you looking for some help to reinforce your cybersecurity? To learn more about how we can help take this off your IT plate, call 716-373-4467 x 115 or email [email protected].

Article used with permission from The Technology Press.

Read More

You wouldn’t think a child’s toy could lead to a breach of your personal data. But this happens all the time. What about your trash can sitting outside? Is it a treasure trove for an identity thief trolling the neighborhood at night?

Many everyday objects can lead to identity theft. They often get overlooked because people focus on their computers and cloud accounts. It’s important to have strong passwords and use antivirus on your PC. But you also need to be wary of other ways that hackers and thieves can get to your personal data.

Here are six common things that criminals can use to steal your information.

Old Smart Phones

People replace their smartphones about every two and a half years. That’s a lot of old phones laying around containing personal data.

Just think of all the information our mobile phones hold. We have synced connections with cloud services. Phones also hold banking apps, business apps, and personal health apps. These are all nicely stored on one small device.

As chip technology has advanced, smartphones have been able to hold more “stuff.” This means documents and spreadsheets can now be easily stored on them. Along with reams of photos and videos.

A cybercriminal could easily strike data theft gold by finding an old smartphone. Make sure that your company is properly cleaning any old work phones by erasing all data. You should also dispose of them properly. You shouldn’t just throw electronics away like normal garbage.

Wireless Printers

Most printers are wireless these days, this means they are part of your home or work network. Printing from another room is convenient, but the fact that your printer connects to the internet can leave your data at risk.

Printers can store sensitive documents, such as tax paperwork or contracts. Most people don’t think about printers when putting data security protections in place. This leaves them open to a hack. When this happens, a hacker can get data from the printer and they could also leverage it to breach other devices on the same network.

Protect printers by ensuring you keep their firmware updated. Always install updates as soon as possible and you should also turn it off when you don’t need it. When it’s off it’s not accessible by a hacker. 

How does your company handle patching their devices? If you don’t know, chances are it’s performed nearly enough. All Databranch Comprehensive Care and Foundation Security clients have scheduled automatic patching and Windows updates on their devices. Visit us here to learn more about how we can help take this off your IT plate.

USB Sticks

Did you ever run across a USB stick laying around? Perhaps you thought you scored a free removable storage device. Or you are a good Samaritan and want to try to return it to the rightful owner. But first, you need to see what’s on it to find them.

You should never plug a USB device of unknown origin into your computer. This is an old trick in the hacker’s book. They plant malware on these sticks and then leave them around as bait. As soon as you plug it into your device, it can infect it.

Old Hard Drives

When you are disposing of an old computer or old removable drive, make sure it’s clean. Just deleting your files isn’t enough. Computer hard drives can have other personal data stored in system and program files.

Plus, if you’re still logged into a browser, a lot of your personal data could be at risk. Browsers store passwords, credit cards, visit history, and more.

Need help disposing of your old office devices? Reach out to Databranch today for assistance, we can help clean your computer to make it safe for disposal, donation, or reuse.

Trash Can

Identity theft criminals aren’t only online. Thieves are known to sort through trash in search of documents containing personal information. Be careful what your employees throw out in the trash.

It’s not unusual for garbage to enable identity theft. It can include voided checks, old bank statements, and insurance paperwork. Any of these items could have the information thieves need to commit fraud or pose as you.

A shredder can be your best friend in this case. Your company should shred any documents that contain personal information, for yourself and your clients. Do this before you throw them out. This extra step could save you from a costly incident.

IoT Devices

Smart lightbulb, thermostats, and security cameras… all toys that hackers love. Even Mattel’s Hello Barbie was found to enable the theft of personal information and a hacker could also use its microphone to spy on families.

These futuristic gadgets make life easier and can be found in many offices. Owners might think they’re cool, but they might also forget to consider their data security. After all, it’s just a smart printer. But that often means they can be easier to hack, so cybercriminals will zero in on these IoT devices knowing they aren’t going to be as hard to breach.

You should be wary of any new internet-connected devices you bring into your office. Install all firmware updates and do your homework to see if a data breach has involved the toy. 

Schedule an IT Security Audit

Don’t let the thought of identity theft keep you up at night. Contact us today at 716-373-4467 x115 or [email protected] to schedule a chat about IT security audit. Databranch also offers Dark Web Monitoring where we scan the dark web based on your domain and find all accounts that have been involved in a breach. Request a free Dark Web scan below to get started.

Article used with permission from The Technology Press.

Read More