Call (716) 373-4467

What Happened?

WinRAR, a Windows data compression tool that focuses on the RAR and ZIP data compression formats for all Windows users (win-rar.com), recently announced that it had patched a 19-year-old security vulnerability that allowed cyber attackers to install malicious files on users’ hard drives. The problem many users will face is that the software does not auto-update so they will need to go through the manual update process to ensure their computer is no longer exposed to the security vulnerability.

What Should I Do?

Databranch recommends users uninstall WinRAR from their systems. WinRAR is a program that used to be needed to create zip folders and unzip folders but now this function is built into the Windows Operating System.

How Do I Uninstall WinRAR?

  1. Find the Control Panel in your Windows Explorer.
  2. Click on Programs & Features
  3. Select WinRAR and Press Uninstall Program

How Do I Find Out About Vulnerabilities Like This Sooner and Protect My Business From Being Affected By Cybercrime?

Databranch offers managed service plans to proactively monitor, detect, and remediate identified security vulnerabilities like this. We were able to remove this program from our managed client’s machines as soon as it became a known issue and our clients were able to continue working without interruption.

To learn more about becoming a Databranch Managed Services client, call 716-373-4467, email info@databranch.com, or fill out the form below to get started!

Get Started

Source: https://www.theverge.com/2019/2/21/18234448/winrar-winace-19-year-old-vulnerability-patched-version-5-70-beta-1

Phishing continues to be a top exploit for small business breaches, and companies should take notice. Of the 360,000 spear phishing email attacks examined over a three-month period, the most common types were brand impersonation (83%) and business email compromise (11%). Such breaches can be leveraged to steal payment and personal information.

Here are some best practices for protecting your business:

1) Take advantage of AI

2) Don’t rely solely on traditional security

3) Deploy account-takeover protection

4) Use multi-factor authentication

5) Conduct proactive investigations

6) Train staffers to recognize and report cyber-attacks

7) Conduct proactive investigations

8) Maximize data-loss prevention

Call 716-373-4467 x 15 to review with a Databranch Security Expert!

https://www.techrepublic.com/article/how-to-prevent-spear-phishing-attacks-8-tips-for-your-business/

31Oct

There was an article that came out this week written by the previous CIO of the New York City Law Department (which is also the world’s largest public sector law firm, fun fact), discussing the best ways to avoid ransomware. In the article he discussed 3 key points:

  1. Cyber Hygiene: This is an obvious one but cannot be underrated! Passwords must be changed regularly, and everyone must remain diligent while browsing their inbox.
  2. Best practices: Best practices in this context covers updating existing tech, using preventative technologies, and communication. To have the best practice for updating existing tech, put a priority on pushing out patches, use cloud web application firewalls and credential monitoring to stay a step ahead with preventative tech, and communicate with your security team and employees about what they should be doing as individuals and as a team.
  3. Testing disaster recovery plans: This point is self-explanatory, you need a test to see if your backup plans work. You wouldn’t leave the fire alarms untested!

With ransomware being seen all over the world from Atlanta to Moscow to Sydney, it is something every business should take into account.

Request your free security risk assessment and consultation with a Databranch Security Expert here:

https://www.darkreading.com/cloud/3-keys-to-reducing-the-threat-of-ransomware/a/d-id/1333113

1) In 2013, 37 critical updates were released for Windows 2003.  As of July 14, 2015, no new updates will be released for Windows Server 2003 and Windows Small Business Server 2003.

2) Unsupported products are more likely to be attacked by malicious parties, which may increase the cyber security risk to your business. 

3) Payment processors may not do business with you if your payments are going through an unsupported server.  Your business may not pass a business audit if you do not transition from unsupported software

4) An average security breach costs an SMB $50,000.  Running unsupported software and old hardware can be more expensive than upgrading to a modern technology platform

5) Improved performance, simplified management, and more affordable storage choices.

Click here to learn more about why your organization needs to transition from Microsoft Server 2003 before July!

Ready to discuss? You can reach Databranch at 716-373-4467, sales@databranch.com, or click here to get started.

Courtesy of Microsoft Community Connections

Our July Client of the Month is Jackie Gregg, Controller at Control Chief, a manufacturer of industrial crane remote control and locomotive remote control solutions. We have had the pleasure of working with Jackie since the early days of Databranch and have enjoyed partnering with Control Chief for their IT needs since 2009. Our mission is to help our clients succeed through effective planning, implementation and management of their technology and as Jackie says in the video below, “What do I have? I have peace of mind. I can go on vacation for a week and know that my servers are going to run and my people are going to keep working. If there’s a problem all I have to do is pick up the phone and I’m going to have someone here onsite with the problem fixed and that’s well worth the price we pay you every month. Would I recommend Databranch? Highly.” 

 

 

 
 

Recently, a few of our Office 365 Exchange Online clients have been receiving correspondence from Microsoft concerning the version of Outlook they are using. The message is Outlook 2007 and 2010 are out of mainstream support and their users might start experiencing reduced functionality. In this post, I’ll answer the two biggest questions we have been receiving from our clients, “What does this mean for me? and What do you recommend I do?”

What does the end of mainstream support for Outlook 2010 mean for my organization?

In general, there are two levels of end of support Microsoft products move into: End of Mainstream Support and End of Extended Support. When a product enters into the end of mainstream support it means Microsoft will no longer be releasing any non-security updates or new software design changes. The program will still function and is not a security risk to your network since Microsoft keeps releasing security fixes until the End of Extended Support date but because new features will not be added the software may not be as compatible with newer programs like Office 365 Exchange Online which is constantly being updated and improved to provide the highest level of service to subscription customers. This is why Microsoft is urging clients using their hosted email platform to upgrade their Outlook clients. Even though you will still be able to use Office 365 and connect to the platform for email, your experience will diminish over time and Microsoft won’t provide code fixes to resolve non-security related problems.

What does Databranch recommend our clients to do?

We recommend that organizations start upgrading their Outlook to a client that is still in Mainstream Support like Outlook 2013 or 2016 or start budgeting for Office upgrades. Like Windows 7, Outlook 2010 will be in Extended Support until 2020 and all users will want to be upgraded prior to the end of support date in October of that year.

Is your organization looking to migrate your email platform to Office 365? Databranch is a Microsoft Certified Silver Small and Midmarket Cloud Solutions Provider and is ready to assist with your migration. A Databranch Cloud Solutions specialist can be reached at 716-373-4467 ext. 15, info@databranch.com, or click here to get started.

Sitting Duck

Small businesses are under attack. Right now, extremely dangerous and well-funded cybercrime rings in China, Russia and the Ukraine are using sophisticated software systems to hack into thousands of small businesses to steal credit cards, client information, and swindle money directly out of your bank account. Some are even being funded by their own government to attack small, virtually defenseless businesses. 

Don’t think you’re in danger because you’re “small” and not a big target like a Target or Home Depot? Think again. 82,000 NEW malware threats are being released every single day and HALF of the cyber-attacks occurring are aimed at small businesses; you just don’t hear about it because it’s kept quiet for fear of attracting bad PR, lawsuits, data-breach fines and out of sheer embarrassment.

In fact, the National Cyber Security Alliance reports that one in five small businesses have been victims of cybercrime in the last year – and that number is growing rapidly as more businesses utilized cloud computing, mobile devices and store more information online. Quite simply, most small businesses are low-hanging fruit to hackers due to their lack of adequate security systems.

As a local IT support company, we work day and night to protect our clients from these attacks – and unfortunately we see, on a regular basis, hardworking entrepreneurs being financially devastated by these lawless scumbags – We are determined to WARN as many businesses as possible of the VERY REAL threats facing their organization so they have a chance to protect themselves and everything they’ve worked so hard to achieve.

Free Report Reveals The Critical Protections Small Businesses Need Today

We want to do everything that we can to stop cybercrime, so we have put together a FREE Executive Report titled “7 Urgent Security Protections Every Business Should Have In Place Now” that we have made available at no charge here on our website at www.databranch.com/sittingduck.

Download your free Report today at www.databranch.com/sittingduck or by calling our office at 716-373-4467 ext. 15.

Today we’re launching a new monthly series on the blog called “Ask a Databranch Engineer”. During these posts we’ll compile frequently asked questions from our clients and answer your top questions about information technology in the workplace. 

Anyone who watches the news has become all too familiar with this headline, “Data Breach at Company X”. From Target to the FBI, personal identifying information is being exposed at a rapid rate and a top question from our clients is, “What is one thing I can do as a small business to protect my organization’s valuable company data?” Here’s what our team had to say:

Aaron Duell (Systems Engineer): “If you’re not expecting an email and you don’t know the sender, don’t open the email!”

Jason Aderman (Systems Engineer): “Set-up a password protected screen saver. Users should never step away from their computer without locking their desktop and if you do happen to leave your computer unattended an automated screen saver with a password will ensure your computer is protected.”

Matt Hillman (Senior Systems Engineer): “I would rate the need for a complex password as a high security priority. Too many times we find the password is “password”, or the name of the person’s pet, or worse yet, written down right at their desk! A password should be at least 8 characters long, include a combination of upper case, lower case, and numbers, should not be a word easily identified in the dictionary, and is not a variation of the user’s name. Best practice now is to also include spaces and create a phrase, rather than use a single word. Recent operating systems require more complex passwords, but applying these basic rules will make it even more difficult for someone with malicious intent to guess a user’s password. And, it seems to be common sense, but a password should never be shared!”

David Prince (President): “If you get an email with an attachment (doc., PDF., etc.) be very careful and suspicious. If it appears to come from someone you know, I recommend contacting the sender to confirm they sent you an email with an attachment.”

Have a technology question you’ve always wanted answered? Reach out to Amanda Lasky at 716-373-4467 ext. 15 or alasky@databranch.com.

Next month our engineers will be answering the following questions, “Should I turn my computer off when I leave the office at night?” and “How can I be sure my data is protected in the cloud?”,as well as any other questions we receive in February.

Take this quiz to find out!
 

How can you tell if you are receiving poor or substandard service? 

 
How do you know if your computer guy is doing everything possible to secure your network from downtime, cyber-criminals, data loss, or other frustrating and expensive disasters? 
 
Could your current computer guy actually be jeopardizing your network?

 
If your computer support company does not score a “YES” on every point, you could be paying for substandard support. 
 
  • Do they respond to emergencies in 30 minutes or less?
  • Are they easy to reach when you need them for non-emergencies?
  • Do they offer ongoing maintenance to keep your systems running smooth?
  • Do they proactively offer new ways to improve your network’s performance?
  • Do they provide detailed invoices that clearly explain what you are paying for?
  • Do they complete projects on time and on budget?
  • Do they follow up on your support requests quickly?
  • Do they offer a guarantee on their services?
  • Do they arrive on time and dress professionally?
  • Do they have other technicians on staff who are familiar with your network in case your regular technician goes on vacation or gets sick?
  • Do their technicians maintain current vendor certifications and participate in ongoing training?
  • Are you confident they aren’t learning on your time?
  • Do they give you their full attention rather than seeming constantly rushed?
  • Are they adamant about backing up your network and having a disaster recovery plan in place?
  • Do they offer to meet with you regularly to review your business plans, your network status and their own performance in supporting your company?
  • Do they provide frequent updates, status reports and follow-up calls and e-mails so you don’t have to manage their progress on projects?
  • Do they offer flat-rate or fixed-fee project quotes, rather than giving themselves a wide-open playing field with “time and materials”?

 


You Already Take Security Seriously… Why Not Take Security to the Next Level with Strong, Easy-to-Manage Passwords?

 

Introducing

Password Management as a Service


Your business has always taken security seriously and been mindful of protecting your data. You’ve invested in firewalls, anti-virus programs, spam filtering, and backup/disaster recovery tools. But when is the last time you considered the first line of defense beyond all these security measures? Passwords are used to protect your systems, data, and online accounts; however, the difficulty of remembering strong passwords often puts people off creating them. Interested in learning more about Databranch’s new password management service? Reach out to a Databranch Account Manager at 716-373-4467, info@databranch.com, or click here to get started.


Our Password Management as a Service offering makes it simple for you to use strong passwords while delivering the following benefits:

 
 
 
Ease of Use
Your staff members can easily reset their own Windows login passwords without needing to call the help-desk and wait for a response.
 
 
 
Enhanced Productivity
Your staff members will no longer waste time hunting for or trying to remember passwords, and through one-click login tools…
 
 
 
Improved Operational Efficiency
Your staff members will be able to consolidate website favorites/ bookmarks across all computers using one click login tools…
 
 
 
Unsurpassed Security
Your staff members will use more complex passwords as opposed to easily remembered passwords – and each password will be unique.