Some of us attack and engage in our holiday shopping with a plan that rivals the most well thought out strategies. We scour weekly fliers, online ads, and research who will have the best price and coupon code for us to use. In order to shop smart, yes, keeping track of prices is important, but being a genius means that you include cybersecurity and personal limits in your plans.
Here are a few tips that you should include on your shopping list.
Shopsecure. Look for websites that have the https in their address. While this isn’t a surefire bet that you’re on a secure and safe site, it’s a good first step in ensuring you’re at the right Especially if you’re providing your credit card.
Deals, not steals. Rebates, coupons, and in-store specials are a great way to save money. Make sure that if you are offering up any information it’s to reputable stores, and don’t give out personal information in return for a ‘future offer’. Read the fine print on all deals. Especially if they sound too good to be true.
Review and research. Don’t assume because a product is on a review website that it is legitimate. Many of these sites are called affiliate sites and merely put up content that redirects you to a page where they receive compensation for the sale, like a referral program. Look at more than one site, read multiple reviews, and if possible, go to the actual store to see the quality of a product.
Stay on the NICE list. Make a budget and stick with it. You don’t need to overspend to impress. It’s only a good deal if you need it.
Get started on next year’s list. After holiday sales are a great time to stock up for next year’s gift-giving, but again, only if it is something that you can actually gift and not just an item that you will store away because it is a great price.
WinRAR, a Windows data compression tool that focuses on the RAR and ZIP data compression formats for all Windows users (win-rar.com), recently announced that it had patched a 19-year-old security vulnerability that allowed cyber attackers to install malicious files on users’ hard drives. The problem many users will face is that the software does not auto-update so they will need to go through the manual update process to ensure their computer is no longer exposed to the security vulnerability.
What Should I Do?
Databranch recommends users uninstall WinRAR from their systems. WinRAR is a program that used to be needed to create zip folders and unzip folders but now this function is built into the Windows Operating System.
How Do I Uninstall WinRAR?
Find the Control Panel in your Windows Explorer.
Click on Programs & Features
Select WinRAR and Press Uninstall Program
How Do I Find Out About Vulnerabilities Like This Sooner and Protect My Business From Being Affected By Cybercrime?
Databranch offers managed service plans to proactively monitor, detect, and remediate identified security vulnerabilities like this. We were able to remove this program from our managed client’s machines as soon as it became a known issue and our clients were able to continue working without interruption.
To learn more about becoming a Databranch Managed Services client, call 716-373-4467, email email@example.com, or fill out the form below to get started!
Phishing continues to be a top exploit for small business breaches, and companies should take notice. Of the 360,000 spear phishing email attacks examined over a three-month period, the most common types were brand impersonation (83%) and business email compromise (11%). Such breaches can be leveraged to steal payment and personal information.
Here are some best practices for protecting your business:
1) Take advantage of AI
2) Don’t rely solely on traditional security
3) Deploy account-takeover protection
4) Use multi-factor authentication
5) Conduct proactive investigations
6) Train staffers to recognize and report cyber-attacks
7) Conduct proactive investigations
8) Maximize data-loss prevention
Call 716-373-4467 x 15 to review with a Databranch Security Expert!
There was an article that came out this week written by the previous CIO of the New York City Law Department (which is also the world’s largest public sector law firm, fun fact), discussing the best ways to avoid ransomware. In the article he discussed 3 key points:
Cyber Hygiene: This is an obvious one but cannot be underrated! Passwords must be changed regularly, and everyone must remain diligent while browsing their inbox.
Best practices: Best practices in this context covers updating existing tech, using preventative technologies, and communication. To have the best practice for updating existing tech, put a priority on pushing out patches, use cloud web application firewalls and credential monitoring to stay a step ahead with preventative tech, and communicate with your security team and employees about what they should be doing as individuals and as a team.
Testing disaster recovery plans: This point is self-explanatory, you need a test to see if your backup plans work. You wouldn’t leave the fire alarms untested!
With ransomware being seen all over the world from Atlanta to Moscow to Sydney, it is something every business should take into account.
Request your free security risk assessment and consultation with a Databranch Security Expert here:
1) In 2013, 37 critical updates were released for Windows 2003. As of July 14, 2015, no new updates will be released for Windows Server 2003 and Windows Small Business Server 2003.
2) Unsupported products are more likely to be attacked by malicious parties, which may increase the cyber security risk to your business.
3) Payment processors may not do business with you if your payments are going through an unsupported server. Your business may not pass a business audit if you do not transition from unsupported software
4) An average security breach costs an SMB $50,000. Running unsupported software and old hardware can be more expensive than upgrading to a modern technology platform
5) Improved performance, simplified management, and more affordable storage choices.
Our July Client of the Month is Jackie Gregg, Controller at Control Chief, a manufacturer of industrial crane remote control and locomotive remote control solutions. We have had the pleasure of working with Jackie since the early days of Databranch and have enjoyed partnering with Control Chief for their IT needs since 2009. Our mission is to help our clients succeed through effective planning, implementation and management of their technology and as Jackie says in the video below, “What do I have? I have peace of mind. I can go on vacation for a week and know that my servers are going to run and my people are going to keep working. If there’s a problem all I have to do is pick up the phone and I’m going to have someone here onsite with the problem fixed and that’s well worth the price we pay you every month. Would I recommend Databranch? Highly.”
Recently, a few of our Office 365 Exchange Online clients have been receiving correspondence from Microsoft concerning the version of Outlook they are using. The message is Outlook 2007 and 2010 are out of mainstream support and their users might start experiencing reduced functionality. In this post, I’ll answer the two biggest questions we have been receiving from our clients, “What does this mean for me? and What do you recommend I do?”
What does the end of mainstream support for Outlook 2010 mean for my organization?
In general, there are two levels of end of support Microsoft products move into: End of Mainstream Support and End of Extended Support. When a product enters into the end of mainstream support it means Microsoft will no longer be releasing any non-security updates or new software design changes. The program will still function and is not a security risk to your network since Microsoft keeps releasing security fixes until the End of Extended Support date but because new features will not be added the software may not be as compatible with newer programs like Office 365 Exchange Online which is constantly being updated and improved to provide the highest level of service to subscription customers. This is why Microsoft is urging clients using their hosted email platform to upgrade their Outlook clients. Even though you will still be able to use Office 365 and connect to the platform for email, your experience will diminish over time and Microsoft won’t provide code fixes to resolve non-security related problems.
What does Databranch recommend our clients to do?
We recommend that organizations start upgrading their Outlook to a client that is still in Mainstream Support like Outlook 2013 or 2016 or start budgeting for Office upgrades. Like Windows 7, Outlook 2010 will be in Extended Support until 2020 and all users will want to be upgraded prior to the end of support date in October of that year.
Is your organization looking to migrate your email platform to Office 365? Databranch is a Microsoft Certified Silver Small and Midmarket Cloud Solutions Provider and is ready to assist with your migration. A Databranch Cloud Solutions specialist can be reached at 716-373-4467 ext. 15, firstname.lastname@example.org, or click here to get started.
Small businesses are under attack. Right now, extremely dangerous and well-funded cybercrime rings in China, Russia and the Ukraine are using sophisticated software systems to hack into thousands of small businesses to steal credit cards, client information, and swindle money directly out of your bank account. Some are even being funded by their own government to attack small, virtually defenseless businesses.
Don’t think you’re in danger because you’re “small” and not a big target like a Target or Home Depot? Think again. 82,000 NEW malware threats are being released every single day and HALF of the cyber-attacks occurring are aimed at small businesses; you just don’t hear about it because it’s kept quiet for fear of attracting bad PR, lawsuits, data-breach fines and out of sheer embarrassment.
In fact, the National Cyber Security Alliance reports that one in five small businesses have been victims of cybercrime in the last year – and that number is growing rapidly as more businesses utilized cloud computing, mobile devices and store more information online. Quite simply, most small businesses are low-hanging fruit to hackers due to their lack of adequate security systems.
As a local IT support company, we work day and night to protect our clients from these attacks – and unfortunately we see, on a regular basis, hardworking entrepreneurs being financially devastated by these lawless scumbags – We are determined to WARN as many businesses as possible of the VERY REAL threats facing their organization so they have a chance to protect themselves and everything they’ve worked so hard to achieve.
Free Report Reveals The Critical Protections Small Businesses Need Today
We want to do everything that we can to stop cybercrime, so we have put together a FREE Executive Report titled “7 Urgent Security Protections Every Business Should Have In Place Now” that we have made available at no charge here on our website at www.databranch.com/sittingduck.
Today we’re launching a new monthly series on the blog called “Ask a Databranch Engineer”. During these posts we’ll compile frequently asked questions from our clients and answer your top questions about information technology in the workplace.
Anyone who watches the news has become all too familiar with this headline, “Data Breach at Company X”. From Target to the FBI, personal identifying information is being exposed at a rapid rate and a top question from our clients is, “What is one thing I can do as a small business to protect my organization’s valuable company data?” Here’s what our team had to say:
Aaron Duell (Systems Engineer): “If you’re not expecting an email and you don’t know the sender, don’t open the email!”
Jason Aderman (Systems Engineer): “Set-up a password protected screen saver. Users should never step away from their computer without locking their desktop and if you do happen to leave your computer unattended an automated screen saver with a password will ensure your computer is protected.”
Matt Hillman (Senior Systems Engineer): “I would rate the need for a complex password as a high security priority. Too many times we find the password is “password”, or the name of the person’s pet, or worse yet, written down right at their desk! A password should be at least 8 characters long, include a combination of upper case, lower case, and numbers, should not be a word easily identified in the dictionary, and is not a variation of the user’s name. Best practice now is to also include spaces and create a phrase, rather than use a single word. Recent operating systems require more complex passwords, but applying these basic rules will make it even more difficult for someone with malicious intent to guess a user’s password. And, it seems to be common sense, but a password should never be shared!”
David Prince (President): “If you get an email with an attachment (doc., PDF., etc.) be very careful and suspicious. If it appears to come from someone you know, I recommend contacting the sender to confirm they sent you an email with an attachment.”
Have a technology question you’ve always wanted answered? Reach out to Amanda Lasky at 716-373-4467 ext. 15 or email@example.com.
Next month our engineers will be answering the following questions, “Should I turn my computer off when I leave the office at night?” and “How can I be sure my data is protected in the cloud?”,as well as any other questions we receive in February.
By submitting this form, you'll be subscribed to Databranch's monthly newsletter and will be alerted when we share new technology content and offerings with our clients. You may unsubscribe from these communications at any time.