A Word on Social Engineering and Gift Cards...

I walked into my local supermarket yesterday and saw a curious poster. It had a police officer blowing his whistle, which is basically crime stoppers 101. That isn’t the interesting part. That would be that this poster existed to warn consumers that if someone is asking them for hundreds of dollars in Google, Apple, or Amazon gift cards, that they are probably getting scammed. With the rise in cyber-attacks ranging from government, to corporations, to private citizens, it is becoming increasingly important that you know the signs that someone is trying to trick you. This is what is known as social engineering.

Social engineering is a sophisticated form of manipulation. This is because the goal isn’t to use your technology against you, like malware and spyware attack, but to use you against yourself. These malicious actors seek to convince you to act against the best interest of yourself and at times your business or employer, using things such as email, SMS text messages, and phone calls. I’m sure you have gotten these messages at an increasing rate recently. Text messages telling you that you have been approved for a loan you didn’t apply for or won a contest you never entered. Emails telling you that you must act now because your account has been compromised, your job is in jeopardy or you owe the government money. Who can forget, the phone calls. Most of us at this point get about four calls a day about our cars extended warranty or that our social security number has been compromised. These all share one very common trait, they are coming from a new wave of hackers and scammers who want to get your login information, credit card numbers or your money directly.

How do these attacks occur? What should you be looking for? The most common form of social engineering attacks are text based. The latest batch come from what seems to be trusted sources. This could by anything from an “HR rep” who needs you to click a link and reenter your login credentials, to an email from your “boss” who is stranded in a foreign country with no money and can only get home with Itunes gift cards. It is first important to read these messages carefully and look for the signs of malicious activity. Do these messages come with a forceful sense of urgency? Phishing attacks are often set up to scare the recipient into making a mistake, be it downloading a malicious file or logging

in important information into a scam form. They will say things like “CLICKHERE TO AVOID INTERUPPTION” or “URGENT ACTION NEEDED”. This is because when we

are afraid, it oftentimes overrides our due diligence. We are working so hard to avoid the consequence, that it is easier to overlook the fact that something is off with the email or text.

One of these things that may be off is grammar and punctuation. The English language is incredibly complex with it’s grammar rules and punctuations. Many of the people carrying out these attacks are foreign actors who while they have a grasp on the English language, they don’t know the intricate rules that dictate it. This is important. Run on sentences, improper or complete lack of punctuation, or rudimentary grammar mistakes are all signs that this email or text isn’t coming from who they say it is and is in fact a phishing attack. Take your HR rep for example. Usually, the emails they send you are professionally written. However, if you receive one asking you to login to an unknown site or to send them your information, look closely. Does it start with Dear, or To Whom it May Concern or some other unusual greeting from someone who usually goes straight into the message? See that string of thoughts without the usual commas and proper tenses? That is a surefire sign that you are being phished. As a rule, if you receive something that appears out of the

ordinary, call the person or send them an email. If Mike from IT supposedly sent you the email, call him and double check that it’s from him. Chances are, it isn’t.

Another important thing to check is the email addresses, the links attached and domain names. If something seems off, a good trick is to check other emails from the “sender”. Is the email address the same, or is this a variation of their usual email address? Even an email from someone you know can be malicious if there are other red flags as compromised accounts are something that can happen. What about the attachment thaht’s there? Is there a hyperlinked piece of text? Hover your cursor over these things. Chances are they are links to a place you don’t want to end up such as a mirror site that goes to the hackers . Even if it looks good, take a closer look, as one letter or a hyphen can make all the difference in the destination. Cross reference that with the email address. If it says it’s from paypal.com but that link reads Pay-Pal.com, well dear reader, that’s a trap.

You can avoid these social engineering attacks ramifications, and it’s surprisingly simple to protect yourself. It comes down to awareness and discernment. If something seems out of the ordinary, chances are it is. Never answer a text message or click on a link from a sender who you are unaware of. If you receive something with an extreme sense of urgency seemingly at random, leave it be. If you get an email from a boss or colleague at a random hour, say 4:30 am, it’s probable they didn’t send it. Cross reference sender

information with old emails and keep an eye out for grammar issues. Never click on links or download attachments without due diligence, hovering for hyperlinks, and checking with the sender to see if they actually sent it. When in doubt, double check. Finally, always report these attacks to your IT team, be it in house or your friendly neighborhood managed service provider like your friends at Delval Technology Solutions.


Stay Clean: A Word on Digital Hygeine

We all have our daily routines we do in the name of hygiene. Showers, shaving, brushing our teeth, washing our hair, we do these so we not only look our best, but to avoid issues that come from not doing these things. We want our teeth to be clean, so they don’t fall out and we can smile without reservation. We want our hair at it’s best. Our skin and our clothes, well these are more than just first impression things, they also will help keep people around us, no one wants to be the smelly one. Hygiene is important, and that isn’t just for our bodies, also for our network.

Digital hygiene is a term that has become prominent in the past few years. It’s applying the same principals we use to our physical hygiene, a combination of routines, cleanliness and upkeep, to make sure our network is running at an optimal rate. Digital Hygiene also ensures that we are running a safe network for our business, our customers, and ourselves. But what should be on this checklist?

Many companies use various SaaS (software as a service) products. However, this can leave holes in your system without proper maintenance. Updates and patches for these products occur for a few reasons. One of which is adding new features to your software, as SaaS allows for quick and constant product evolution. The other reason is more about security. When hackers attack these software’s, or holes are reported to the developer, new patches are usually put out as quickly as possible. A great example of this is the Zero Day

attack on Microsoft Exchange servers. Once reported to Microsoft, their team worked quickly to patch these holes that allowed for the intrusions. Make sure you are checking your notifications from these developers frequently and updating your software as soon as they become available to ensure you are running smoothly and safely.

Your backups are also important. We here at Delval Technology Solutions recommend the method of 321. This means each important file and folder should be backed up three different times. You want to make sure they are backed up in at least two different places, be it cloud networks, external hard drives or flash drives. Finally, one of these copies should be kept offsite in case of emergency or not being able to get access to your internal network. From there, you want to ensure that these backups are properly encrypted and can only be accessed with a properly corresponding key. This way, if any unauthorized party does get through, the information is useless to them as they cannot read it.

Finally, it is of the utmost importance that you regularly test these backups. Many people think all you have to do is backup your data and leave it at that. In reality you need to check these backups to ensure that they are legible, accessible, and can be used in case of an emergency. Speaking of emergency’s, have a proper disaster plan in place is important to your digital hygiene. We have touched on this before in other blogs, but it bears repeating. There is no such thing as a 100% foolproof system. Human error can occur, a hacker could sneak in, or a natural disaster can take down your office or your network. How you handle these situations can be the difference between a minor headache and a catastrophe. You should be properly training your staff to protect against social engineering attacks, doing walk throughs of you office space to ensure that your hardware is placed in safe and secure areas. Testing is another important area of digital hygiene.  This extends past your backups. You should be testing your hardware, your software and most importantly, your security.

Having a proper MSP by your side, such as Delval Technology Solutions, will ensure that you have a team of experts with trained eyes running these tests. They can look for flaws in your firewalls, backdoors for hackers to access, and test your endpoints. On top of this, if anyone did get in your system, these tests can allow you to find them at a much quicker rate and get them to where they belong, away from your network.

The final part of this is about access, who has access to what in regard to your network. Not everyone in your organization needs access to every file, which makes it important to segment your data accordingly. Certain information should be kept on a need-to-know basis, in order not only ensure a proper workflow, but also proper security. Another important part of access is your passwords. We recommend using random password generators, as it will keep the urge to use basic passwords that while easy to remember are also

easily cracked. Update these passwords every few months, so if you make any organizational changes or do have intrusions, you can at least ensure that they

won’t be able to get back in if they are unauthorized.

Think of your digital hygiene in the same way you do your regular hygiene. It is more than just about keeping up appearances. It can also dictate how people interact with you, as well as give you piece of mind when interacting with the outside world. Things such as testing your systems and your backups, changing your passwords, running proper updates, and having a disaster recovery plan are your maintenance routine. These are  the teeth, hair and skin of your network, and as with many other things, a clean workplace is a happy, productive workplace.


Set It and Forget It Is Not Security

The term “set it and forget it” is one that was popularized by Ron Popeil when he took to the airwaves to push his at home Rotisserie. You could put your chicken in, set the timer, and go on with your day. Now, for those of use who like a good rotisserie chicken, this was the perfect device. However, the “set it and forget it” mindset began to take hold in many things

that it shouldn’t. Personal investments, business devices such as contact centers, these are things that cannot just be set and forgotten. Another one of these things, cyber-security. Unfortunately, many businesses across the country use the “set it and forget it” model when implementing their cyber security, and don’t realize they made a mistake until it’s to late.

When you think cyber-security, what comes to mind? For most of us over a certain age, our minds harken back to the days of anti-virus software, where you would install your program of choice, and hope it covered the rest. Just like basically everything else in terms of technology, your cyber security needs evolve, sometimes at a rapid rate. Hackers today are more sophisticated than ever, and even sell their services to novice hackers. This means that the threat of an attack is always on the horizon.  This is a huge part of the reasoning against a set it and forget it model to cyber-security. If the hackers are taking steps every day to refine their tactics, and finding new ways to access your network, shouldn’t you have a cyber-security plan that tries to stay ahead of them?

Let’s face it, advertising works. We buy products, ask our doctors for prescriptions, and make choices partly due to the marketing surrounding a product. You may see ads for cyber security programs, new malware, spyware, and anti-virus software telling you that it’s all you need. Don’t fall for it. What you need is expertise. A proper MSSP or Managed Security Services Provider, such as Delval Technology Solutions, will begin with what’s referred to as a risk assessment. This is when a set of trained eyes look at your system for all

the holes that can leave open doors to cyber criminals trying to steal your precious data. This isn’t limited to your pc’s, your cloud systems, software, and basically any other piece of infrastructure that can be accessed by your staff as well as hackers and disgruntled former employees. This can cover everything from your endpoints to unpatched software that you have installed, and your company workstations.

From there, these experts can tell you what they see that the untrained eye most likely would have missed. They will work with you to both upgrade and streamline your systems. Any pieces of software and hardware that no longer serve a purpose will be eliminated, saving you space and money. They will work with you to ensure that all updates and patches are installed, to further help plug up the holes that may be plaguing your network. New, up to date security software, as well as things such as 2 factor authentication will be implemented to make sure that your team is able to access your network safely and securely from anywhere.

A proper MSP, such as Delval Technology Solutions, who is security minded will also aid you in training your staff on proper security measures. This is not a one time thing, but a monthly process, as the methods of cyber attackers are ever changing. This gives you a vigilant front line who is ready to spot and report malicious activity before it can destroy your

network. It will also give you an indication of areas you need to focus on further to ensure that your team is able to handle any situation that may be thrown at them.

The job of a good MSSP isn’t just to make sure you are secure, it’s also to ensure that you are compliant to any regulations that may affect your industry. In the past two years alone, more privacy regulations have been passed than the preceding 100 years. Staying on top of these is a full time job in and of itself, but one that can cause pain to your customers,

employees and bottom line if they aren’t properly adhered to. A great partner will stay on top of these new regulations and not only keep you aware, but help you stay compliant.

Finally, a good partner will monitor your network in real time. After all, these are experts who know what to look at. Just as you would hire a mechanic to fix your fleet of trucks, a proper security team can spot red flags that you may have missed and implement real time solutions to stop hackers in their tracks, before they can take down your network.

Set it and forget it is a fantastic way to make delicious juicy chicken. However, by implementing a set it and forget it model to your cyber security does nothing but make you a delicious, juicy target to cyber-criminals and other malicious actors. Staying on top of security is a full time job. The best way to do so is partner with an MSP that handles your security in real time. Cyber criminals are always growing and evolving their methods of attack, so find a partner who is always growing and evolving their methods of defense.


HELP...desk: I Need Somebody

Look, we all need a little help sometime. This can come in the form of a loan from the bank, calling AAA if your car breaks down on the side of the road, or a help desk to reach out to in case of emergency with your network. The question we have though, “Are all help desks created equal? What should we look for in a help desk?” There are many factors involved in having a help desk that helps you with what you need, when you need it. Today we are going to look at a few things that let you know if your help desk is helpful, or just

another thing that needs to be fixed.

PERSONNEL

It may seem obvious, but this one is a big part of having a successful help desk. Who is manning it? The purpose of a help desk is for your in-house team to have someone to go to in case something goes awry. Having an unqualified person behind the desk is akin to asking a waiter what type of stove the cook is using. Yes, you may get an answer, but it’s probably not going to be the correct one, or something that is a general piece of information, like “a gas one” instead of the relevant information needed to answer your question. A proper help desk doesn’t just rely on one person. There is the customer service advisor who is manning the helm, they know a little bit of everything and can help with basic to moderate level issues. From there, a great help desk, such as the team at Delval Technology Solutions, will have a team of experts ranging in coding to security, ready and able to handle any

situation that may escalate.

RESPONSE

The stereotypical IT guy that we have seen in TV and movies for decades is usually some brash nerd who is going to make you feel downright infantile for asking a question. This is 100% not what you want in a helpdesk. A proper help desk usually not only can answer your question in a courteous manner, but should also be able to inform you on how to take matters in your own hands if the problem is a basic enough one or a commonly occurring one.

Another thing you want to keep track of is response time. When you reach out to your help desk you want to make sure that your wait time is as little as possible. Some problems can be fixed quickly, and few things are more frustrating that waiting hours to fix something that can take a couple of minutes. Also, not all problems are small ones. Some IT issues can go from bad to worse relatively quickly if you don’t get the help or advisement that’s needed. Having an avoidable issue become a catastrophe is the last thing anyone wants, and having a help desk that responds in a timely manner can make all the difference in how your business handles a potentially dangerous issue.

The other component in a great help desk response is how many channels you have to get in touch with them. Some only offer support via email, which we all have but at times can cause things to get lost in the shuffle. The other problem with email only is that while you may receive an answer in a prompt manner, it does become harder to step by step troubleshoot a problem. For that step-by-step troubleshooting, oftentimes having a live chat component can be incredibly useful. Find out if the live chat is automated, which may cut down on response time, but also may only work for basic issues. Some problems are not so simple as one answer, many are multi-faceted and having a real time answer to your question can make all the difference.

What if you aren’t by a computer, or the problem has completely shut your terminal down? Well , that’s why many providers, such as the good folks at Delval Technology Solutions, offer SMS help desk support. This way if you have a critical error on a machine, you can still get an answer to help you and your team get back to work with minimal headaches and anxiety.

SCALABILTY

For the most part, the goal for business owners is to grow their enterprises. It’s the American success story as old as time, a company goes from a small operation to a worldwide giant. For that to take place, you need to keep scalability in your mind when making your choices and a help desk is no different. As your volume grows, be it number of computers, to your hours, to even your locations, can you help desk handle it? If so, at what point does it cost you more money? These are all relevant questions to keep in mind when making your help desk choice. An ideal help desk is one that minimizes bottlenecking. As we spoke about before, some problems can go from small to large in a short amount of time. When your company grows, you want to ensure that your help desk of choice can give you the same response time and functionality that you had received when you signed on.

A helping hand can make the difference between climbing back up a mountain or falling of a cliff. Your help desk is no different. When making this decision, ask questions. See if the company is willing to let you test out their help desk. Ask them about their average response time. If you are looking to grow, see if they have pricing that is consistent, or if you

have to allocate additional funds if you need to scale up. Some companies that focus on customer service may even introduce you personally to their help desk staff so you can put a face to a name as to who you are going to be dealing with. Make sure you check how many lines of communication they have, to ensure that no matter what happens, you get the help your business needs.


Network Essentials: What Is No Longer Optional

Cyber-Necessities for your business

When we look at our enterprise expenses, oftentimes we tend to separate them between wants, needs, and luxuries. For example, we may want to have a brand-new trucking fleet, however we need to have our existing fleet maintain, and that pool table in the break room, well, that’s a luxury. What about when it comes to our networks? We know the networks themselves are necessities, but what about incidentals. Do we need an in-house IT guy? Must we have a help desk? Should we have a VCIO? While those are all logical questions, there are two main things that your business absolutely needs, proper security, and proper data backup, that not all MSP’s and IT personnel can properly provide.

It can not be stated enough that your data is the lifeblood of your business. It’s how you track your revenue, your employees, and your growth. It contains all of your important filings, from employee and customer records to your tax records. Therefore, it makes sense that you want to make sure that this important data is backed up on more than one device, just like in the paper days you would have multiple copies of all your important documents squirreled away in filing cabinets. Your managed services partner or IT personnel should be

aiding you in being on top of this.

Cloud technology is a necessity in this day and age as it not only allows your business to stay connected wherever you are, but it also allows you to keep your data offsite, and away from catastrophe. Onsite, you should be implementing backups as well. Utilizing external hard drives and other hardware, you want to maintain a proper backup protocol for

your data. There are reason these methods are what can be referred to as failsafe. Having a proper partner such as Delval Technology Solutions can help you avoid confusion and the hurdles that pop up to doing a proper failsafe data backup. They can not only advise you, but also implement proper systems, be it onsite hardware, or software-based solutions such as the cloud. This helps you avoid having excess downtime and anxiety over what happens if you lose your data. On top of implementing the system, they can also run maintenance and tests to ensure that if you ever do need to employ these backups, they are ready to go.

Ransomware, malware and other cyber attacks of all shapes and sizes are on the rise. You and your employees are most likely inundated with phishing emails, be it on your personal or business accounts. Hackers are fighting to turn company data into commodities on the dark web. Nowdays, cyber security can’t just be handled by basic firewalls and antivirus software. You need to be vigilant and treat security like you do HR, payroll, and everything else you need to succeed in business.

Consumer and employee trust is a vital component to a successful business. Breaches in your network can cause irreparable damage to your enterprise as well as your reputation. Cyber-crime has evolved. What used to be limited to highly skilled operators has morphed into an as-a-service network where everyone from computer experts to novices can partake in attacks on your network. For these reasons, you need to have someone in your corner that takes your cyber security as their full time job.

If you have IT personel in your company, take the time to ask yourself “What is this person’s expertise?” While some may be well versed in data backup, or fantastic at troubleshooting, they may not be experts in cyber security. This is why partnering with an MSP who focuses on cyber-security may be a crucial move for your business. These MSP’s, such as the good people of Delval Technology Solutions, don’t merely just check your network periodically. They can also train your staff on how to be security minded,

often with varied monthly training courses to keep them on the lookout for intruders. Also, they can test your system to see what holes can be accessed by cyber criminals.

Real time monitoring is also offered by security minded MSP’s. This means that not only are they maintaining your firewalls and anti-virus and anti-malware software but monitoring your network minute by minute to ensure that you are protected, and if there is a breach, it can be stopped before it wreaks havoc on your network. Finally, it’s important to realize that you must be on the right side of the law in order to properly run your business.

Compliance is a sector that can not be overlooked. Violating acts such as SOX, HIPAA and the like can cost you not only thousands if not millions of dollars, but also can

destroy consumer confidence. It’s not always an easy task. Compliance is an ever-changing thing. Each year, new laws and acts are passed, some federal and others on the

state level. Having someone watching out for you to keep your company compliant isn’t something that you can go without.

As a business owner, your eyes are always on the bottom line. However, you must not only look short term. Every decision you make in regard to what is necessary and what is optional can cause a ripple effect, be it positive or negative. Stay on top of your bottom line and on top of your game. Don’t cut corners on things that can be the difference maker between being a flash in the pan, or a long-term player in your industry.


What's Up With Downtime?

When we think about the things that can stop a business dead in it’s tracks, our minds go to different things. Some may think of a lack of inventory. Recently we have seen problems due to a lack of employees. Others worry about being obsolete in the marketplace, like the milk men and shoe shiners of yesteryear. What about things that can cost a company lots of money? Issues such as not following ever changing laws, not keeping up to date with new technology, or the rising costs of everything from labor to materials. These are all real concerns, however one of the biggest issues a business can face is downtime.

What is downtime? You may think of it as a lack of productivity, which is partially correct. Simply put downtime is the amount of time between a systems outage and getting back up and running. Ask yourself the following question, “How long can my network be down for until I have to close my doors”. For many business owners, 90% in fact, the answer is three days. That is the same amount of time a human being can go without water. We are in the digital age, where everything our businesses do, from bookkeeping, to communications, to billing and the like are done via our network. A system outage for a business dependent on the network could be catastrophic and cost thousands if not millions of dollars in lost business depending on the length of the outage.

There is an old phrase, “Proper Preparation Prevents Poor Performance”. Proper preparation also ensures that you can bounce back from an outage and minimize your downtime. In the past year we have seen massive ransomware attacks that have crippled the supply chain, as well as made key agencies from medical facilities to police departments grind to a halt. However, what about the thousands of ransomware attacks that were unsuccessful? They are usually that way because the company or institution was proactive in being prepared in case of emergency. Take the attack on the Houston Rockets. In April, hacker group Babuk, the same group that successfully perpetrated a ransomware attack on the DC Police department, unleashed a ransomware attack on the NBA organization. However, the Rockets had something that the DC police did not. They had a disaster recovery plan. This allowed them to quickly shut down the attack without having to shut down operations, saving their data and cutting down their downtime.

Reducing downtime is not merely about your cyber-security needs. Think about this, you own a call center that handles logistical issues for trucking companies around the country. You have a disaster recovery plan in place in case of a cyber-attack. One day, a huge storm rolls in, lightening, thunder, and heavy winds. How prepared are you then? If your network goes down, then how do you continue to help navigate these fleets. Do you have a generator to keep the power going? Is your team able to work remotely from their homes or

vehicles on their mobile devices or laptops in case they have to leave the office or can’t come in? It’s called disaster recovery for a reason. You cannot just focus on what happens if there is an internal issue in your system, but also how you deal with external situations that can disrupt your day-to-day operations and cause heavy downtime.

These are just a few of the issues that you can run into that can cause business disrupting if not destroying downtime. What else can you do to ensure you are able to keep going no matter what the circumstances? To start, test your systems, constantly. Check on your backup servers, this way you can make sure that if you do need them, they actually do what you need them to; backup and restore your data. You should also be checking and assessing your facilities. This could be everything from checking for leaks near electronic equipment, making sure walkways are clear so no one is going to trip over a cable that could unplug key parts of your system, making sure your climate control is working to

keep your machines in tip top condition. Also don’t forget about our furry woodland friends who may wander in, racoons and squirrels love chewing through cables.

Give your space a once or twice over every week so you can be on top of any issues that may occur.

Pay attention to your machines. Oftentimes we get notifications that we minimize without reading that are warning us the same way your car’s check engine light lets you know you have a problem. These alerts are there for a reason and can help you stay on top of issues that may be about to occur. You want to maintain your servers with the same diligence that you would maintain your vehicle or your home.

Make sure you update your devices and software when new updates become available. Yes, this can be a chore as usually you have to restart after an update, but it can save you time and money. These updates aren’t just about new features and layouts, but oftentimes they contain patches. These patches allow the hardware and software to deal with reported vulnerabilities, helping keep you and your network safe from unwanted intrusion.

Finally, find yourself a great partner. An MSP, such as the folks at Delval Technology Solutions, can help you create and maintain a proactive plan that will keep your downtime low and increase your uptime. You would never go on a trip without turning your GPS on, so it makes sense that you would have a roadmap to follow in case of an emergency. With a great MSP by your side, you can count on not only expert advisement, but also having a team that can aid in implementing a top-class disaster recovery plan.

It has been said “It’s not about how you fall down, but how you get back up.” No company is impervious to disasters, be it an internal issue such as being hacked, or an external issue like a hurricane. How you deal with these issues is what makes the difference between a company that keeps moving full speed ahead and a train running off the tracks.


Your Guide to Safe Social Media Practices

We don’t have private lives anymore. While to many of us, including this writer, it’s unfortunate, it’s the truth of the modern times we live in. Social media has been with us since the early 2000’s with Myspace, but it has become increasingly prevalent in our lives and society with Facebook, Twitter and Instagram being a part of the average American’s everyday lives. You can reach old friends, let loose with your opinions on the latest music, TV and movies, and show pictures of everything from your pets to your kids to your food. However, just because it’s “ours” doesn’t mean it’s private, or that it cannot wreak havoc in real life, or as the youth says “IRL”. As a business owner, employee, partner, etc, your social media could be a great tool to expand your business or professional life, but it can also tank you before you know it.

Let’s start with the most obvious. The saying goes “The internet is forever”. As children we are taught never put anything in writing you wouldn’t want read or you wouldn’t say in public. People get to comfortable on social media, and it tends to bite back, hard. Take for instance, you have a rough day at work. In the past, you would go home, vent your frustration to a friend or significant other, and that is the end of that. Now days, people go and post their various gripes and groans on their social media. They oftentimes

to this without realizing these posts are visible to the world, including their employers and customers. People have lost business, lost jobs, and even lost their entire businesses by airing out the dirty internal laundry for the world to see.

People also forget that these pages are representations of them to the world, including people they engage in enterprise with. It was always commonplace to never talk religion and politics at the table to avoid offending or alienating people at best, or at worst, starting a massive argument. Take these manners to social media. If you own a business, understand that people viewing your page may hire you or buy from you. Why would you allow your opinion online to cost you money, when you would never do such a thing in real life.

Now that that’s out of the way, lets talk the safety issues. You must always make sure your pages on these apps, your personal ones, are set to private. This ensures that only people you accept can see your posts. This has nothing to do with your opinions, but with your safety, both online and in life. While many people use things like random password generators at work, in their personal life, it’s usually life events, pets, maiden names and the like that make up your passwords. Chances are, your social media is littered with this information. Yes, the picture of your daughter Mya on her birthday may seem completely innocuous. However, if your password is your daughters name and her birthday, you just gave hackers the keys to the kingdom.

Remember in movies like the Home Alone franchise when burglars are roaming the streets to see who they could rob while the homeowners took a vacation? They don’t even need to do drivebys in the days of social media. All it takes is perusing through someone’s page as they tell the world “We’re going to Florida for a week!” or posting pictures while on the go in some exotic locale. Now these criminals have just been given an invitation “Hey steal from us, we aren’t even home right now!”

For your business, be aware of the pictures you post. Showing off that new office? Well, be sure to check that you aren’t taking pictures of proprietary secrets, such as that new tech you have or that white board filled with equations. Showing off the new shipment is great, however, showing pictures of your back door or alerting the world as to what shipping or

maintenance company you use can be costly. This is how social engineers do their jobs, which is to steal from you. They crash an account with brute force, using passwords groomed from your social media. They see that you use FedEx, so they go online, buy a Fedex uniform (which is far easier than you think), then head to the backdoor and get let in by some unsuspecting individual. These methods can be used to get anything from access to emails, to access to bank accounts. In fact, most malware and ransomware attacks come from information gleaned from either data dumps or social media accounts.

They can gain names, like knowing that someone named (for the sake of argument) Linda Hamilton works in accounts receivable giving them a name to use as a referral. While your security may not be willing to abide “the account lady’s friend”, they may be more keen to give access to “Linda Hamilton’s nephew”, and next thing you know, they are in that secure area instead of bringing aunt Linda a cake.

How do you protect yourself? It’s nowhere near as hard as you may think. This is as simple as impulse control in some cases. Angry at your boss or coworker, keep it to yourself, or tell a friend offline. Make sure you set your pages to private. Keep any sensitive information that you use for password off of your page. Yes, you are proud that you got to go to that

vacation in Tahiti, just please wait till you get home to show off those pictures. Stage your photo ops at work, don’t just take pictures of whatever you please and post them. Use the 2FA provided by many of these apps so if someone is trying to breach your account, you know and can keep them out. Change your passwords regularly.

It's ok to be active on social media, it’s ok to have a private life. It’s also important to be vigilant about your online presence, for your own security as well as your piece of mind.


Why VOIP?

Take a second and look around your house. I am sure you see appliances abound, but do you see a phone? Not a cellphone or a tablet, but an actual hardwired landline. Chances are probably not. Now, think about your office. There it is there’s phones everywhere! In fact, businesses are perhaps the last place where we use classic landline phones. Stores, office spaces, garages, warehouses, all full of phones. You already knew that. What you may not have known is this, you do not need a traditional copper wire PSTN or Public Switched

Telephone Network phone line to run your phone system. In fact, you can use your high-speed internet connection and save yourself some money in the process. It is called VOIP or Voice Over Internet Protocol, and it can be a great tool for your business.

First hitting the market in 1995, VOIP was created to cut down on long distance bills for enterprises doing international business. Originally brought on the market by VocalTech, the first internet phone used existing internet connections to convert voice packets from analog to digital. Originally these systems were only able to execute phone calls, and at the time, high speed internet was only available to major institutions such as government agencies and universities, and to big business. Though voicemail capabilities and computer to phone and phone to phone calling was available, it was only adopted by about 1% of businesses since you had to listen to commercials to make and end a phone call. In the early 2000’s however, the true shift began. Broadband internet became more available to small and medium sized businesses and became commonplace in households around the country. In fact, by 2003, almost 25% of all business phone calls occurred using VOIP. When Skype first launched in 2004, companies began to realize the true benefits of VOIP, and the growth boomed.

WHAT BENEFITS DOES VOIP HAVE

VOIP is a more cost effective, feature rich version of traditional phone systems. Using SIP (Session Initiated Protocol) trunking systems, VOIP allows for multiple lines to be set up on the same connection, for oftentimes $30 less per line. The number of extensions far exceeds that of a traditional phone system. SIP trunking also allows for feature rich apps to be created and integrated into a calling platform. What is more, it allows for you to keep your existing phone hardware intact, as the sip trunk handles the digital to analog routing of the calls.

You may have called a local office and heard an auto attendant. This attendant directs you to any number of extensions in the directory and can even answer questions for you and give you information on the business. Other features that are usually additional costs, such as call waiting, conference calling and direct video calling, are available far cheaper

if not free with your voip service. This is all done through what is known as a PBX. PBX technology has been a commonplace in business for decades now, however, in its traditional form, it is costly. VOIP has done away with much of the costs, hundreds or thousands per assigned user, as all of the call routing is done through broadband, eliminating the need for costly PBX hardware.

Many companies have switched over to a remote work force over the past year. Keeping a uniform system, where customers and clients can’t tell if you are working remotely or from an office can be hard in these cases. However, with VOIP technology, you can integrate remote workers and their devices of choice into your telephone network. Due to the PBX technology and the broadband capabilities, VOIP can offer a seamless transition for companies wherever their employees may be. Many times, business are concerned with porting over their phone numbers if they have to change locations, service providers, or add and subtract phone lines. However, VOIP offers complete portability, allowing businesses to keep and transfer their phone numbers to any device via login, regardless of the device type or network. This helps cut down on confusion in case of internal changes.

VOIP and auto attendant technology can save your company time and manpower. Think of your secretary. They do so much for your business, data inputting, schedule maintenance, file and record keeping. By making sure they don’t need to answer a phone every five seconds, you are enabling them to focus on the important tasks at hand for your business, allowing automation to do the tedious work of routing and rerouting calls to your office.

When it comes to running your business in our modern times, both accessibility and scalability have become more than buzzwords, but part of the process we all need to follow. VOIP allows for your team to be reachable as long as they have a data connection, even in places that they are lacking in traditional phone connections. In previous eras if you were trying to grow your business, you had to get someone in to physically add a phone line and purchase new hardware for each additional line you were adding. With VOIP, these upgrades can be made with the click of a button, without having to acquire new hardware.

VOIP allows for integration not seen in traditional phone technology. You can send files to be looked over, documents to be signed, and even collaborate on projects, right through your phone. You can make calls on any device that has a microphone and a speaker as long as it is connected to a broadband connection. This is done utilizing softphone technology. Softphones are basically apps that use a devices internet connection to make calls, bypassing the traditional phone system attached to the device, or allowing calls if there is no traditional system at all. All you need is your network working on the same app, and your business is off to the races.

VOIP even helps with security measures. Have you ever received a phone call and seen a spam warning? This is because softphone technology allows for similar security protocols to your computer network, such as IP traces and encryption. This allows your end user to spot malicious calls and social engineering attacks before they hit your network.

If you want a safer, clearer, more flexible way to reach the people you need to daily, then VOIP may be for you. Talk to your local internet service provider, or your MSP partner, like the good folks at Delval Technology Solutions, and see if a VOIP system is right for your business.


The Dark Web: Where Your Stolen Data is a Commodity

Your Data and The Dark Web At this point daily, you and your team are most likely getting emails, texts and direct messages from people claiming everything from needing a verification on a bank account, that you won a million dollars in a contest you didn’t enter, or HR needs your login credentials, from accounts that aren’t what they seem. These social engineering attacks serve one purpose, to get access to your network and grab your and your client’s information. This could be anything from logins to bank accounts, to social security numbers. While at times these are being used directly by the hackers themselves, for the most part, they serve another purpose. These are sold as goods and services on

the dark web.

WHAT IS THE DARK WEB

Think of the web like the earth. What we deal with every day, is akin to the part of the planet we live on and walk on. This is called the clear web, as it is the part that is the most visual to us. Beneath that,the crust into the core, is known as the deep web. In there are things that require access to enter, from files for corporations, data, and media to

streaming services, and everything in between. Inside the Deep Web, is the Dark Web. The Dark Web is a cloaked subsection that requires a special browser and a

VPN to access and is full of marketplaces where the illicit is traded, as well as housing sites for federal organizations, news, and social media accessible to

those in countries with blocked access to the internet. It is for better or worse, the unregulated version of the world wide web.

One of the main things for sale on the dark web is data. This data comes in the form of consumer records such as credit card information, bank information, passwords from everything to business networks to Netflix logins. These are often sold by hackers in the form of dumps. Dumps are when large troves of information are sold, oftentimes for under 100 dollars, to be perused through by malicious actors to gain access to useable accounts. While a dump may contain over 10000 credit card names and numbers, not all of

them will work. From there, hackers and scammers go through these to find the ones that will work and exploit these opportunities. Some of these scammers can even clone cards, creating usable physical cards that can be disposed of as needed.

The other thing that is sold is access to accounts. This goes past just providing the logins and letting the criminals figure it out for themselves. This is taking compromised accounts, be it Western Union, PayPal, Venmo or bank accounts, and making transfers directly from said accounts and into the hands of the would-be thieves. These are also sold on the dark web for pennies on the dollar, making the attractive for criminals looking to make a quick buck.

RaaS and The Rise of Cyber Attacks Cyber attacks have become lucrative business for this reason. Not only can they offer direct payment in the form of ransom, but also

a secondary source of income in the form of selling access and data to whoever can pay for it. For this reason, hackers are selling their malware, spyware, and ransomware in the same way Microsoft offers it’s Office365 service. Malicious actors from disgruntled former employees to amateur hackers can purchase this software ready made and ready to be unleashed on unsuspecting people and organizations. While these methods are highly illegal and can land someone years in jail for getting caught, unfortunately they are to prevalent to stop, and are a worldwide problem, many times originating from countries without extradition and without the want to prosecute these crimes themselves.

Therefore it is imperative that you be vigilant in protecting your data and your customers data, as well as checking your network for flaws that will allow malicious actors to access your network. Encryption within your network is key. You should have your files encrypted to anyone who isn’t supposed to have access to your network. This way if there is a breach, they won’t be able to discern anything important from the illegally gained information.

Passwords should be changed regularly. Use a random password generator in order to ensure that your team doesn’t use the easily hackable passwords such as pets names, birthdays, and other personal information. How your team carries themselves on social media is also very important. Oftentimes we feel the need to overshare on social media, which leaves us vulnerable to cyber attackers. Make sure they set their pages to private, so that only the people they want to access their pages can. Avoid posting things that are to personal, making it harder for malicious viewers to wean passwords based off of the photos given. Also keep in mind that access to social media accounts is also available on the dark web, often for under $40, so things that you think are only accessible to you, may not be.

The best thing you can do is have a great partner on your side. An MSP like Delval Technology Solutions has many approaches they can take. They can scour the dark web for your data, which would save you time, money and even save your security as even surfing the dark web can leave you open to malware and ransomware attacks. From there, they can fortify your network through testing to find the vulnerabilities, and patches to shore them up. Your endpoints, which is tech for entrances and exits, will be monitored, and

protected, ensuring that only the people you want to get in, can get in. Finally, they will monitor your network in real time to keep it as airtight as possible.

For more information, be sure to check out our whitepaper The Dark Web and Your Small Business, available at www2.dtsolutions.com. It is free and filled with facts, infographics, pictures and everything else you need to understand the dangers of the dark web. From there, contact us for your free Dark Web report, so you can see firsthand if you have been compromised.


Why The Broke/Fix Method is Broken

We have all heard the phrase “If it ain’t broke, don’t fix it”. While that is sound advice on certain things that we do in our lives, it also points to a problem many face when it comes to the modern business world. Many of us work on the thought process that the only time you need to concern yourself with issues is when something is broken, but that is an antiquated thought process in many aspects of enterprise. Your business IT, computer system and network fall into this category. You need to be proactive when dealing with

your tech, but unfortunately, many companies still rely on the old “broke/fix” method of waiting for something to go wrong before addressing it. This approach can lose many businesses productivity, and money.

WHY BROKE FIX DOESN’T WORK

The broke fix model makes sense for so many things that we use in our day-to-day life. Something in your house breaks, well, call someone to fix it. Your car breaks down, then head to a mechanic. Even some medical issues are better treated with broke/fix, after all you are not going to treat a leg that isn’t already broken.

Your network, however, is none of these things. The broke fix method worked fine thirty plus years ago, when your network was only interconnected within your office, and your computers were not always online. Back then, you had a problem, you needed a technician, but you really did not have to have one in house or on contract. Your phone lines were traditional copper wire phone lines. Most of your files and bookkeeping was done with massive piles of papers, filing cabinets, and ink. Your PC’s were mainly used for emails, word processing, and web surfing purposes, and were all attached to an in house server.

Just as with everything else in our world, your network, and therefore your network needs have evolved. High speed internet isn’t merely for giant corporations and institutions and are now part of daily life for most people and businesses. Those old, clunky servers have been left in the past in favor of the cloud. Filing cabinets are basically relics of the past, as basically everything is done on computers at this point. In addition, the notion of team members and employees only having access to the network and the data on it while at the office is an obsolete way to work at this point. Fluid workforces with multiple devices, working from everywhere has become the new norm, and for good reason.

However, it is not all a bed of roses so to speak. These new techniques and solutions come with new problems all their own. Think of your network as your office. In the past, there was only one door, which made it harder for people to come and go as they please, and easier to track who is there and who isn’t. As your office space grew, you added more doors. Now, while it’s far easier for your employees to get in, for your deliveries to be dropped off, it’s also easier for unwanted, unauthorized people to come in. It’s harder to track who is in the office, who just left, and where people are coming from. It’s necessary, but you should probably throw some cameras and keypads up to keep the office secure, right?

When you add new pathways for access into your network, and new software that requires access, you need more protection. When everything is online, and interconnected, you need more monitoring, and more expertise. Technology changes by the day, and business technology is ever evolving with new updates, new products, and new innovations that can propel your business even further. With all that comes new threats, new ways in, and requires you as a business owner to adjust your course. You can go broke by hanging on to the

broke fix model, or worse.

PROACTIVE IS THE WAY TO GO

The importance of having experts watching your network and therefore watching your back is one that cannot be overstated. In your business, each department is headed and staffed by people who specialize in their field, be it accounting, human resources, logistics, etc. Your IT needs are no different than your needs of these departments. These are full time departments, gears in the machine that is your business that need to constantly be in motion. This allows for proactive management of these functions. Having a

proactive approach to technology will keep your business better protected and more productive as it is far easier to be at the cutting edge with expert guidance.

What’s the best method to employ to find these experts? That can be dependent on a few things. Employing a full time IT professional can be costly, often times in the six-figure range. However, this does give you some piece of mind when it comes to having someone who is familiar with the ins and outs of your business, whose sole job it is to stay on top of your network. However, unless you are employing multiple IT professionals there are some drawbacks to this approach. One person can only house and execute so much information. This can mean gaps that need to be filled. Say Lyle is your IT guy, and Lyle is great when it comes to troubleshooting, but not as strong when it comes to

security. Then you need to hire a security expert as well. Well lets say both of them are lacking when it comes to advisement on trends, well then you need what is known as a CIO, or Chief Information Officer, whose job it is to specialize in what’s on the horizon and what is best for the company. This is all necessary, however I just named about 300 to 400 thousand dollars’ worth of personnel.

For most small to mid-size businesses the best approach they can take is partnering with an MSP such as Delval Technology Solutions. With an MSP you get all of the expertise, guidance, and technology that comes with employing a full time IT staff at a fraction of the cost. An MSP can serve as a guide through things such as what is the right tech for the right situation, cyber security, cloud migration and everything in between. You get a whole team of experts in different facets of the IT world, watching your back and helping you

move forward. Once more, many company such as Delval Technology Solutions offer Co-Managed IT. This means if you have an in-house tech, you are now giving them

crucial backing and bolstering their confidence and their performance, which at the end of the day helps your business and your bottom line.

Don’t wait for something to break that can possibly break you or your bank. Get proactive, have a plan, and most importantly have the tools needed to execute this plan.