A Cyber-Security Glossary

Cyber-security is a big issue for many companies. The feeling that you may not be protected can be a scary one, and it’s something that many enterprises grapple with. They want to stay safe, informed, and ahead of the curve. However, the more one looks into these things, the harder they

can be to understand. This is why we are going to take some time today to go over some of the terminology and buzzwords that one might encounter, what they mean, and why they are important to your journey into a secure network.

Zero Trust- Zero Trust is a way to operate a network, with the assumption that no trust can be given. This is not to say not to trust your employees, but that when it comes to who gets into your network, do not trust that the person is who they say they are without proof. This goes beyond passwords, but encapsulates things such as multi-factor authentication (see next section) and other verification methods to ensure that the person trying to get in is in fact the person that should be there.

Multi-Factor Authentication (MFA)- MFA is a system in which a secondary or tertiary method is required before someone can access the network. This verification can be in the form of entering a code from an email or text, using a push method, or answering a verification phone call in order

to access after putting in ones password.

Endpoint- An endpoint is a remote device that is connected to your network. These range from smart phones, to laptops to tablets. It also

includes your servers and even the smart refrigerator you bought for the break room. These endpoints all access your network, which is why endpoint security is important.

Social Engineering- Social engineering is a form of treachery in which a person is convinced to act against their best interests. This includes phishing emails, usb ports full of viruses left around, and many other means. The key is the human element involved. This is why social engineering attacks are the most dangerous, the criminals use your team against you.

Ransomware- Ransomware is a malicious attack that takes your network and data hostage. The goal is to get the person or enterprise to pay a

ransom, usually Bitcoin, to the attackers in order to get their data back. This past year, major ransomware attacks were carried out against infrastructure and business, with no signs of slowing down.

Malware- Malicious software. The intent of malware is to steal data, be it financial information, login credentials, and other information that can either be sold or used to access your network. These attacks come in many forms. They include spyware, viruses, Trojans, spyware and ransomware.

Patch- A patch is an update put out by a software company to close holes in the software that may allow for intrusions.

Dark Web- The dark web is the third area of the internet, which requires a hidden browser and a VPN to access. The dark web serves as a marketplace for hackers to sell data, plan and carry out attacks, as well as being the home of many illicit businesses. Oftentimes bank account details,

credit card information and login credentials are sold for pennies on the dollar.

Breach- A breach is when a network has been compromised. Usually this is in reference to when secure sections of a network are accessed

and data has been leaked to the dark web.

Compliance- Compliance refers to the laws and procedures that must be followed to stay within the confines of the law. An example of

this would be the HIPAA act, where medical practitioners are required to follow certain protocols in order to keep people’s medical information confidential. Not maintaining proper compliance can lead to steep fines and lost of consumer trust.

Risk Management- A form of proactive management in which an expert, such as Delval Technology Solutions analyzes your current technology.

This allows them to spot any risks that may be currently occurring, as well as to help identify future risks so that they can be avoided.

Phishing- A phishing attack is when a person or group of people are breached via misleading communications. This can come in the form of an

email, usually with an extreme sense of urgency that appears to be from a trusted source, a similar text message or a phone call. These texts and emails

usually have an attachment or a forum that appears to be from a trusted individual but in fact is from a malicious actor. The calls are usually telling you that there is an extreme emergency and you need to give your information immediately.

Firewall- A network security system that controls who enters and exits the network based on preset conditions.

When you speak to a managed service provider or network service provider, keep these phrases in mind. For your cyber-security needs, having an MSP that covers all of these bases is crucial. Cyber-security is a living breathing thing, the old ways of spam blockers and firewalls don’t hold water anymore. You need comprehensive security to keep your business safe.


Southeast Pennsylvania Flooding and Disaster Recovery

This past week, the Southeastern Pennsylvania region was hit with an unprecedented storm system. Hit with flooding that rivals Hurricane Sandy, and seven tornadoes touching down in Bucks and Montgomery Counties, the losses experienced were catastrophic for many. Families lost their homes or had their belongings flooded out. Businesses lost offices, assets, and many lost valuable time as their networks were shut down.Hence why disaster recovery protocols are so important.

It has been stated in the past that a company can survive three days of downtime before beginning to approach it’s demise. In fact, 70% of businesses who go under for more than three days, go under for good. A proper game plan and proper implementation can minimize downtime and help your

business survive the wrath of a natural disaster. The best way to do this is by teaming with a Managed Service Provider such as Delval Technology Solutions to help you protect your business and act in your best interest.

The first thing to do is seemingly the most obvious, being proactive and making a plan. Take stock of all of your inventory, be it virtual or physical. This isn’t limited to things you are selling or shipping. How many work stations do you have? How many phone lines do you operate? Are there ways

to better secure your facility? What disasters are you attempting to get ahead of or protect against? Where is your data going? Is there a secondary site you can move to? These are all important questions to ask yourself so you know the destination.

Proper data backup is an important part of a good recovery plan. However, just backing up your data is only one step. It has to be accessible to your team and yourself no matter the situation or location. It is imperative to test your network. This will ensure that everything is being backed up properly and is legible when you need it to be. Also, it is important to make sure that this data is accessible from anywhere, if your office is underwater and you have to work from home, you still have it. With an MSP such as Delval Technology Solutions, we handle bringing your data safely and securely to the cloud.

From there, it is able to be accessed remotely by your team. This isn’t merely limited to your data either, your software from the 365 suite even down to your phone systems can be accessible from the cloud.

It isn’t only a matter of your virtual data. The human and hardware factors are important as well. There is a story that gets told around the office here at Delval Technology Solutions. There was a major storm a few years back that knocked out power to a client that ran a logistics company. They were tasked with guiding and tracking trucks that were still on the road, and downtime was not something they could afford to have. They had a full backup

plan, employees on site, but were not prepared for an outage of this magnitiude. The DTS team worked all day and night to bring out generators to them and rewire the premises to get them back up and running so all their data and network capabilities were accessible to keep the trucks running. Working hand in hand with the company’s team, DTS was able to ensure that the disaster, while inconvenient was not a catastrophe.

Keeping communications up is also a key factor for companies. Clients and vendors call you daily. Your team needs to be able to continue their day to day operations, be it simple communications, collaborating on projects, or sending invoices. This all requires a network that can stay up and running regardless of where you are. The best way to achieve this is the cloud. A proper cloud service provider such as Delval Technology Solutions, is

proactive in their cloud approach, preparing you for any catastrophe before it hits.

All of this may not prevent a disaster. However, it will allow your business to bounce back instead of crash and burn. Make your plan. Get your Disaster team picked, making sure you have all the experts you need. If you don’t have them on hand, contact an MSP such as Delval Technology Solutions. Back your data up and test it, as well as test your cloud technology. Take an inventory of what you have, and finally make sure you don’t lose communication. This will help you ensure that your business isn’t a statistic in anything other than successful disaster recovery.


What to Know About the T-Mobile Hack

Hackers are back in the news this week. This time, cellular carrier T-Mobile, which is used by 104 million people on a daily basis, was hit with a massive breach. This breach exposed the data of almost 50 million T-mobile users. This attack was not limited to current users, with former and prospective user data being compromised as well. Reported on August 15th, this breach was one of the largest attacks on a cellular carrier in recent memory. T-Mobile, the second largest cellular carrier in the country, apparently was lax when it came to

securing their network.

A 21 year old named John Binns, an American citizen living in Turkey, claimed responsibility for the attack and was able to provide proof to the Wall Street Journal and top cyber security professionals. Binns was able to access the network via an unsecured router at a T-mobile facility in Washington. This allowed for him to navigate through over one hundred T-mobile servers to find the information that he was looking for. Like many hackers, Binns was looking for any way he could to gain access into the network. While it took a bit of time, within a week Binns had access to millions of pieces of valuable customer data.

This data consisted of full names, birthdates, credit card numbers, social security numbers, drivers license numbers and bank account information. "I was panicking because I had

access to something big. Their security is awful," Binns recounted to the Wall Street Journal. "Generating noise was one goal." Unlike many hackers who wish to hide behind anonymity, Brinns was more brazen, speaking to reports from both Motherboard and Bleeping Computer, two of the countries top tech publications. He explained that he had routed around the servers and found the treasure trove, an Oracle database server full of customer information. He even shared screenshots showing his connection to the server to prove he was the man behind the attack.

T-Mobile eventually recognized they were breached and forced Binns out of the server. This isn’t before he made copies of what he claims is 106 GB of customer data. In fact, he did drop a trove of data onto the dark web, which is where most stolen data ends up, which he sold for six Bitcoin, which as of this writing has a value of three hundred thousand dollars. Binns reasoning for the attack is as follows. He claims that he was accused of being part of a botnet gang by the FBI and the CIA. From there he further alleges that the agencies removed him from Turkey and brought him to Germany where he was tortured for days. In fact, he went as far as to file suit against the agencies that alleges he was subject to illegal break-ins and wire-tapping by the agencies and accused of being a member of ISIS, which he fervently denies. In a message relating to the attack shared via Twitter Binns said "The breach was done to retaliate against the US for the kidnapping and torture of John Erin Binns (CIA Raven-1) in Germany by CIA and Turkish intelligence agents in 2019. We did it to harm US infrastructure.” While he has neither confirmed or denied being tied to a hacking group, he did acknowledge that he needed help getting into the servers.

Unit221B LLC, a cyber-security company, made T-mobile aware of the attacks after finding the data on the dark web. T-Mobile officials have stated that they are currently cooperating with law enforcement in an ongoing investigation. Due to this attack T-Mobile has partnered with cyber-security agency Mandiant to conduct a full scale investigation of the attack. They have also claimed to have notified most if not all current and past customers as well as prospectives that were affected by the hack. The carrier has stepped

up security features offered to their customers, including two free years of identity theft protection, a scam sweeper app, and are now offering what they refer to as “Account Takeover Protection”. They have urged all their customers to reset their passwords on all platforms.

While this is the biggest attack to be carried out on T-Mobile it isn’t the first. In fact the company has been breached four times since 2018, the largest previously being a breach of 200,000 users data. Another attack saw the logins of company employees being released to the dark web. Attacks such as these have seen nearly a 500% increase since 2019. The methods of these hackers are becoming more evolved and more invasive by the day. This is why proper cyber-security for your enterprise is invaluable. While there are many steps that you can take on your own, such as proper password maintenance and running firewalls and anti-malware software, it is no longer enough to stop there. Partnering with a security minded MSP, such as Delval Technology Solutions, can make the difference between having a minor hiccup or losing thousands if not millions of dollars in data, as well as the trust of your employees and clients. For more information, a system assessment, and a free dark web report, where the dark web is scoured to see if any of your data has been compromised, reach out to Delval Technology Solutions today.


The Bottom Line on MSP's

With the end of fiscal year 2021 rapidly approaching, now is the time that many companies are setting next years budget, evaluating current positions in the market, and looking for ways to decrease headaches and increase their bottom line. Some companies are looking to hire new, talented employees, from salespeople to truck drivers and warehouse workers. Others are looking to find areas in which they can maximize existing assets to drive revenue and growth for their enterprise, and some are trying to right the ship to avoid a seemingly inevitable crash.

One of the focus points for many companies is their IT division if they have one or filling a gap in their network management in the most effective way possible. This is where a managed service provider comes in. A managed service provider gives you all of the expertise of an in-house IT department at a fraction of the cost. In the United States, the

average cost of employing an IT professional can range anywhere from $60,000 a year to over $100,000 a year depending on the level of experience and expertise of the employee. IT being the multi-faceted department that it is, if you were to try to fill all these necessary roles, such as help desk, security, network professionals, and CIO’s, you are looking at spending anywhere from hundreds of thousands to millions of dollars a year depending on the size of your enterprise. An MSP, such as DelVal Technology Solutions, gives you

unfettered access to these professionals on a contractual basis, often for less than it costs to employ a single IT person per year. For this lower cost, you have access to an entire team that can be on hand when needed, monitoring and securing your network, watching out for your blind spots, and advising you on important technological decisions.

Take a look around your office space, if you haven’t done proper technological house keeping in a while, there is a good chance you have a lot of unneeded hardware. When you bring on an MSP, one of the first things they will give you is a tech assessment and roadmap. Chances are you don’t need a lot of the extra hardware you are running or planning to buy. A proper MSP like DTS will help you take your business to the cloud. This move will free up a lot of space as well as help you cut down on your energy costs by eliminating

redundant hardware.

This also works with software too. Many MSP’s are partnered with top SaaS (software as a service) providers, allowing you to pay monthly for things like Microsoft Exchange, 365, and your Adobe suites. By subscribing to these licenses, it allows for easier, more affordable scalability and the ability to add users without an extra associated cost. Another benefit of an MSP is the amount of downtime you can eliminate on a consistent basis. Downtime can plague businesses, in fact, it has been said that 72 hours of downtime can lead to a destruction of a company almost 70% of the time. Having a great MSP on your side, such as Delval Technology Solutions, gives you access to technicians, a help desk, and a

security team all wrapped into one monthly payment. If you have a problem, be it an outage, employee confusion, or a catastrophe, your MSP is there to make sure

you are up and running again as quickly as possible.

Not having to worry about employing an entire in-house IT team also allows you to reallocate funds to other departments, as opposed to allocating new funds to these departments. This can open many doors for your business. That extra available revenue can be used to market your company, invest in new products or services, hire new employees, or incentivize your current team. Whatever you do with those funds is up to you, but partnering with an MSP can help you turn your savings into profit, not only helping your bottom line, but growing it as well.

Many companies look at cyber-security as insurance, but it can be so much more than that. Attacks and breaches can cost companies thousands if not millions in losses and regulatory fees, on top of the downtime it can cause. A security minded MSP partner, such as Delval Technology Solutions, can not only help you recover from these pitfalls, but also avoid catastrophe before it happens. They can aid in training your staff, monitoring your network, testing for holes that intruders can get into, and protecting your endpoints. On top of this they can help you ensure that you are compliant, which can be confusing as new regulations or changes to existing regulations seem to change on a near daily basis. Staying ahead of cyber-criminals and regulatory issues can be the difference between smooth sailing and lost revenue and market trust.

While partnering with an MSP may seem like a bill to pay, it is in fact a way to save money. You can cut down on existing overhead, be it personnel or technology. It allows you piece of mind that you will be able to enjoy reduced downtime and increased productivity, making for a healthier company ecosystem. The headaches and anxiety of cyber-security and compliance can be replaced with piece of mind knowing your business is protected, allowing you to focus on your bottom line.


cybersecurity training pennsylvania

Arm Your Employees with Cybersecurity Training in Pennsylvania

At Delval Technology Solutions, we know cybersecurity training is an excellent way to teach your employees how to spot a scam. But that doesn’t quite capture the urgency of making sure your team knows how to defend your business.

Hackers attack every 39 seconds, according to the University of Maryland. With cybercrimes increasing in frequency and criminals growing increasingly sophisticated with their techniques, training your team is no longer an option; it’s a necessity.

With a data breach that is all but certain to cause expensive downtime, compliance fines and reputational damage, it’s time you armed your team with a comprehensive array of cybersecurity solutions. From identifying spam and malware to social engineering and phishing, it’s not as complicated as you might think to get each team member on board with protecting your data — and your company.

A Solid Way to Defend Your Business

Professional cybersecurity training teaches the basics, such as how multi-authentication passwords are the first line of defense to protect your sensitive data from hackers. Your employees can be trained to never use the same password for their accounts. They can be taught to use strong passwords that use a mix of symbols, letters and numbers, so no one will come close to guessing it.

Your employees can’t be expected to walk in the door on their first day and know how to identify cybersecurity threats. But one of the downfalls with security awareness is that some employers only employ training as an onboarding event. Unfortunately, your team will be faced with threats continually — not just on their first day or week on the job.

When confronted with cyberthreats, most people can’t tell the difference between a legitimate link and a malicious one. This is probably why 95% of cybersecurity breaches are caused by human error, according to IBM.

Cybersecurity training mimics the latest threats and teaches employees how to separate legitimate and questionable emails.

As a business owner, you can institute policies that ingrain bulletproof cyber hygiene habits, such as instructions for emails, the internet and social media platforms. But be sure to make the training consistent and a regular calendar event.

How We Help

The team at Delval Technology Solutions gives you pertinent guidelines that keep your data safe with regularly scheduled training on how to avert the most up-to-date scams. It’s important that your employees stay fresh in their knowledge and on guard against cyberthreats. Once they’re in the throes of their roles, it might not be top of mind to safeguard your data. But frequent and continual training throughout the lifetime of their roles ensures that the skills they develop remain relevant and applicable to the most modern threats.

With more companies succumbing to cyberattacks, it’s crucial that 100% of your team is on deck to stave off lurking threats with cybersecurity solutions. If your long-term goal is to grow your business and succeed — we know it is! — training your employees to recognize malware and phishing or any of the other lurking dangers is a necessity.

If given a chance, your employees want to help you dodge cybersecurity threats. Give them the shared responsibility of acting as your defender, and they’ll gladly comply — they want your business to thrive, too. They just need the tools and knowledge on how to do it.

Cybercrimes are becoming more sophisticated, and data breaches are rapidly increasing. Arm your employees with the knowledge they need to improve their cybersecurity procedures, policies and best practices. Help them help you.


A Word on Social Engineering and Gift Cards...

I walked into my local supermarket yesterday and saw a curious poster. It had a police officer blowing his whistle, which is basically crime stoppers 101. That isn’t the interesting part. That would be that this poster existed to warn consumers that if someone is asking them for hundreds of dollars in Google, Apple, or Amazon gift cards, that they are probably getting scammed. With the rise in cyber-attacks ranging from government, to corporations, to private citizens, it is becoming increasingly important that you know the signs that someone is trying to trick you. This is what is known as social engineering.

Social engineering is a sophisticated form of manipulation. This is because the goal isn’t to use your technology against you, like malware and spyware attack, but to use you against yourself. These malicious actors seek to convince you to act against the best interest of yourself and at times your business or employer, using things such as email, SMS text messages, and phone calls. I’m sure you have gotten these messages at an increasing rate recently. Text messages telling you that you have been approved for a loan you didn’t apply for or won a contest you never entered. Emails telling you that you must act now because your account has been compromised, your job is in jeopardy or you owe the government money. Who can forget, the phone calls. Most of us at this point get about four calls a day about our cars extended warranty or that our social security number has been compromised. These all share one very common trait, they are coming from a new wave of hackers and scammers who want to get your login information, credit card numbers or your money directly.

How do these attacks occur? What should you be looking for? The most common form of social engineering attacks are text based. The latest batch come from what seems to be trusted sources. This could by anything from an “HR rep” who needs you to click a link and reenter your login credentials, to an email from your “boss” who is stranded in a foreign country with no money and can only get home with Itunes gift cards. It is first important to read these messages carefully and look for the signs of malicious activity. Do these messages come with a forceful sense of urgency? Phishing attacks are often set up to scare the recipient into making a mistake, be it downloading a malicious file or logging

in important information into a scam form. They will say things like “CLICKHERE TO AVOID INTERUPPTION” or “URGENT ACTION NEEDED”. This is because when we

are afraid, it oftentimes overrides our due diligence. We are working so hard to avoid the consequence, that it is easier to overlook the fact that something is off with the email or text.

One of these things that may be off is grammar and punctuation. The English language is incredibly complex with it’s grammar rules and punctuations. Many of the people carrying out these attacks are foreign actors who while they have a grasp on the English language, they don’t know the intricate rules that dictate it. This is important. Run on sentences, improper or complete lack of punctuation, or rudimentary grammar mistakes are all signs that this email or text isn’t coming from who they say it is and is in fact a phishing attack. Take your HR rep for example. Usually, the emails they send you are professionally written. However, if you receive one asking you to login to an unknown site or to send them your information, look closely. Does it start with Dear, or To Whom it May Concern or some other unusual greeting from someone who usually goes straight into the message? See that string of thoughts without the usual commas and proper tenses? That is a surefire sign that you are being phished. As a rule, if you receive something that appears out of the

ordinary, call the person or send them an email. If Mike from IT supposedly sent you the email, call him and double check that it’s from him. Chances are, it isn’t.

Another important thing to check is the email addresses, the links attached and domain names. If something seems off, a good trick is to check other emails from the “sender”. Is the email address the same, or is this a variation of their usual email address? Even an email from someone you know can be malicious if there are other red flags as compromised accounts are something that can happen. What about the attachment thaht’s there? Is there a hyperlinked piece of text? Hover your cursor over these things. Chances are they are links to a place you don’t want to end up such as a mirror site that goes to the hackers . Even if it looks good, take a closer look, as one letter or a hyphen can make all the difference in the destination. Cross reference that with the email address. If it says it’s from paypal.com but that link reads Pay-Pal.com, well dear reader, that’s a trap.

You can avoid these social engineering attacks ramifications, and it’s surprisingly simple to protect yourself. It comes down to awareness and discernment. If something seems out of the ordinary, chances are it is. Never answer a text message or click on a link from a sender who you are unaware of. If you receive something with an extreme sense of urgency seemingly at random, leave it be. If you get an email from a boss or colleague at a random hour, say 4:30 am, it’s probable they didn’t send it. Cross reference sender

information with old emails and keep an eye out for grammar issues. Never click on links or download attachments without due diligence, hovering for hyperlinks, and checking with the sender to see if they actually sent it. When in doubt, double check. Finally, always report these attacks to your IT team, be it in house or your friendly neighborhood managed service provider like your friends at Delval Technology Solutions.


Stay Clean: A Word on Digital Hygeine

We all have our daily routines we do in the name of hygiene. Showers, shaving, brushing our teeth, washing our hair, we do these so we not only look our best, but to avoid issues that come from not doing these things. We want our teeth to be clean, so they don’t fall out and we can smile without reservation. We want our hair at it’s best. Our skin and our clothes, well these are more than just first impression things, they also will help keep people around us, no one wants to be the smelly one. Hygiene is important, and that isn’t just for our bodies, also for our network.

Digital hygiene is a term that has become prominent in the past few years. It’s applying the same principals we use to our physical hygiene, a combination of routines, cleanliness and upkeep, to make sure our network is running at an optimal rate. Digital Hygiene also ensures that we are running a safe network for our business, our customers, and ourselves. But what should be on this checklist?

Many companies use various SaaS (software as a service) products. However, this can leave holes in your system without proper maintenance. Updates and patches for these products occur for a few reasons. One of which is adding new features to your software, as SaaS allows for quick and constant product evolution. The other reason is more about security. When hackers attack these software’s, or holes are reported to the developer, new patches are usually put out as quickly as possible. A great example of this is the Zero Day

attack on Microsoft Exchange servers. Once reported to Microsoft, their team worked quickly to patch these holes that allowed for the intrusions. Make sure you are checking your notifications from these developers frequently and updating your software as soon as they become available to ensure you are running smoothly and safely.

Your backups are also important. We here at Delval Technology Solutions recommend the method of 321. This means each important file and folder should be backed up three different times. You want to make sure they are backed up in at least two different places, be it cloud networks, external hard drives or flash drives. Finally, one of these copies should be kept offsite in case of emergency or not being able to get access to your internal network. From there, you want to ensure that these backups are properly encrypted and can only be accessed with a properly corresponding key. This way, if any unauthorized party does get through, the information is useless to them as they cannot read it.

Finally, it is of the utmost importance that you regularly test these backups. Many people think all you have to do is backup your data and leave it at that. In reality you need to check these backups to ensure that they are legible, accessible, and can be used in case of an emergency. Speaking of emergency’s, have a proper disaster plan in place is important to your digital hygiene. We have touched on this before in other blogs, but it bears repeating. There is no such thing as a 100% foolproof system. Human error can occur, a hacker could sneak in, or a natural disaster can take down your office or your network. How you handle these situations can be the difference between a minor headache and a catastrophe. You should be properly training your staff to protect against social engineering attacks, doing walk throughs of you office space to ensure that your hardware is placed in safe and secure areas. Testing is another important area of digital hygiene.  This extends past your backups. You should be testing your hardware, your software and most importantly, your security.

Having a proper MSP by your side, such as Delval Technology Solutions, will ensure that you have a team of experts with trained eyes running these tests. They can look for flaws in your firewalls, backdoors for hackers to access, and test your endpoints. On top of this, if anyone did get in your system, these tests can allow you to find them at a much quicker rate and get them to where they belong, away from your network.

The final part of this is about access, who has access to what in regard to your network. Not everyone in your organization needs access to every file, which makes it important to segment your data accordingly. Certain information should be kept on a need-to-know basis, in order not only ensure a proper workflow, but also proper security. Another important part of access is your passwords. We recommend using random password generators, as it will keep the urge to use basic passwords that while easy to remember are also

easily cracked. Update these passwords every few months, so if you make any organizational changes or do have intrusions, you can at least ensure that they

won’t be able to get back in if they are unauthorized.

Think of your digital hygiene in the same way you do your regular hygiene. It is more than just about keeping up appearances. It can also dictate how people interact with you, as well as give you piece of mind when interacting with the outside world. Things such as testing your systems and your backups, changing your passwords, running proper updates, and having a disaster recovery plan are your maintenance routine. These are  the teeth, hair and skin of your network, and as with many other things, a clean workplace is a happy, productive workplace.


Set It and Forget It Is Not Security

The term “set it and forget it” is one that was popularized by Ron Popeil when he took to the airwaves to push his at home Rotisserie. You could put your chicken in, set the timer, and go on with your day. Now, for those of use who like a good rotisserie chicken, this was the perfect device. However, the “set it and forget it” mindset began to take hold in many things

that it shouldn’t. Personal investments, business devices such as contact centers, these are things that cannot just be set and forgotten. Another one of these things, cyber-security. Unfortunately, many businesses across the country use the “set it and forget it” model when implementing their cyber security, and don’t realize they made a mistake until it’s to late.

When you think cyber-security, what comes to mind? For most of us over a certain age, our minds harken back to the days of anti-virus software, where you would install your program of choice, and hope it covered the rest. Just like basically everything else in terms of technology, your cyber security needs evolve, sometimes at a rapid rate. Hackers today are more sophisticated than ever, and even sell their services to novice hackers. This means that the threat of an attack is always on the horizon.  This is a huge part of the reasoning against a set it and forget it model to cyber-security. If the hackers are taking steps every day to refine their tactics, and finding new ways to access your network, shouldn’t you have a cyber-security plan that tries to stay ahead of them?

Let’s face it, advertising works. We buy products, ask our doctors for prescriptions, and make choices partly due to the marketing surrounding a product. You may see ads for cyber security programs, new malware, spyware, and anti-virus software telling you that it’s all you need. Don’t fall for it. What you need is expertise. A proper MSSP or Managed Security Services Provider, such as Delval Technology Solutions, will begin with what’s referred to as a risk assessment. This is when a set of trained eyes look at your system for all

the holes that can leave open doors to cyber criminals trying to steal your precious data. This isn’t limited to your pc’s, your cloud systems, software, and basically any other piece of infrastructure that can be accessed by your staff as well as hackers and disgruntled former employees. This can cover everything from your endpoints to unpatched software that you have installed, and your company workstations.

From there, these experts can tell you what they see that the untrained eye most likely would have missed. They will work with you to both upgrade and streamline your systems. Any pieces of software and hardware that no longer serve a purpose will be eliminated, saving you space and money. They will work with you to ensure that all updates and patches are installed, to further help plug up the holes that may be plaguing your network. New, up to date security software, as well as things such as 2 factor authentication will be implemented to make sure that your team is able to access your network safely and securely from anywhere.

A proper MSP, such as Delval Technology Solutions, who is security minded will also aid you in training your staff on proper security measures. This is not a one time thing, but a monthly process, as the methods of cyber attackers are ever changing. This gives you a vigilant front line who is ready to spot and report malicious activity before it can destroy your

network. It will also give you an indication of areas you need to focus on further to ensure that your team is able to handle any situation that may be thrown at them.

The job of a good MSSP isn’t just to make sure you are secure, it’s also to ensure that you are compliant to any regulations that may affect your industry. In the past two years alone, more privacy regulations have been passed than the preceding 100 years. Staying on top of these is a full time job in and of itself, but one that can cause pain to your customers,

employees and bottom line if they aren’t properly adhered to. A great partner will stay on top of these new regulations and not only keep you aware, but help you stay compliant.

Finally, a good partner will monitor your network in real time. After all, these are experts who know what to look at. Just as you would hire a mechanic to fix your fleet of trucks, a proper security team can spot red flags that you may have missed and implement real time solutions to stop hackers in their tracks, before they can take down your network.

Set it and forget it is a fantastic way to make delicious juicy chicken. However, by implementing a set it and forget it model to your cyber security does nothing but make you a delicious, juicy target to cyber-criminals and other malicious actors. Staying on top of security is a full time job. The best way to do so is partner with an MSP that handles your security in real time. Cyber criminals are always growing and evolving their methods of attack, so find a partner who is always growing and evolving their methods of defense.


dark web protection pennsylvania

Dark Web Protection in Pennsylvania – Four Strategies to Shield Your Business

Delval Technology Solutions has years of experience countering attacks in the Pennsylvania area that stem from the dark web, and it can create quite the mess for your business. Cybersecurity and dark web protection go hand in hand, with many forms of ransomware, malware and phishing originating from this anonymous online underground. And once you’ve been targeted, it can be hard to recover.

Data breaches result in downtime, which can cost a company on average $5,600 per minute. And if you don’t have a professional business continuity solution with 24/7 support, productivity can completely collapse during the recovery stage. In the worst-case scenario, your business could end up closing like sixty percent of small businesses that experience a data breach.

But cybersecurity and dark web risks don’t have to be inevitable for your business. Here are four ways you can reinforce your cybersecurity and dark web protection starting today.

1. Install Dark Web Scanning

Dark web protection and scanning can defend your data by continually monitoring your systems for suspicious activity, attempted breaches and security weaknesses. Automated software can then send alerts to let you know what data is potentially compromised, allowing you to act faster and stay secure.

2. Take a Proactive Approach

Don’t wait until you’re the victim of a cyberattack to react. The number one thing cybercriminals want you to do is not notice what happened until afterward. By then, they’ve likely already started sharing and selling your data on the dark web. With cybercrime on the rise, it’s smart to incorporate technology to monitor your network before — not after — you experience an attack on your business.

3. Employ Training and Security

Cybercriminals won’t discriminate. They want your personal and business data, educational information, medical records and everything in between. Once it hits the dark web, odds are, it will sell. Protect your assets from the frontlines by training your employees to spot a phishing attempt and teach them what to do in the event of a possible security breach. Simulations are another aspect of cybersecurity training that tests your staff’s security knowledge and can be incorporated into a fun and educational team bonding challenge.

4. Partner with a Professional

Managed service providers monitor your data for security breaches, install and patch software to defend against ongoing threats and train your employees to keep your business data safe and secure. Not only will you feel safer, but your team will regain the capacity to focus on your business objectives with ongoing IT support and consulting services available when you need them.

When you partner with Delval Technology Solutions for any and all of your technology and cybersecurity needs, we outfit your business with affordable technology that leaves you feeling protected, supported and empowered. To find out if your business is at risk or to learn more about our services, contact us today for your custom assessment.


HELP...desk: I Need Somebody

Look, we all need a little help sometime. This can come in the form of a loan from the bank, calling AAA if your car breaks down on the side of the road, or a help desk to reach out to in case of emergency with your network. The question we have though, “Are all help desks created equal? What should we look for in a help desk?” There are many factors involved in having a help desk that helps you with what you need, when you need it. Today we are going to look at a few things that let you know if your help desk is helpful, or just

another thing that needs to be fixed.

PERSONNEL

It may seem obvious, but this one is a big part of having a successful help desk. Who is manning it? The purpose of a help desk is for your in-house team to have someone to go to in case something goes awry. Having an unqualified person behind the desk is akin to asking a waiter what type of stove the cook is using. Yes, you may get an answer, but it’s probably not going to be the correct one, or something that is a general piece of information, like “a gas one” instead of the relevant information needed to answer your question. A proper help desk doesn’t just rely on one person. There is the customer service advisor who is manning the helm, they know a little bit of everything and can help with basic to moderate level issues. From there, a great help desk, such as the team at Delval Technology Solutions, will have a team of experts ranging in coding to security, ready and able to handle any

situation that may escalate.

RESPONSE

The stereotypical IT guy that we have seen in TV and movies for decades is usually some brash nerd who is going to make you feel downright infantile for asking a question. This is 100% not what you want in a helpdesk. A proper help desk usually not only can answer your question in a courteous manner, but should also be able to inform you on how to take matters in your own hands if the problem is a basic enough one or a commonly occurring one.

Another thing you want to keep track of is response time. When you reach out to your help desk you want to make sure that your wait time is as little as possible. Some problems can be fixed quickly, and few things are more frustrating that waiting hours to fix something that can take a couple of minutes. Also, not all problems are small ones. Some IT issues can go from bad to worse relatively quickly if you don’t get the help or advisement that’s needed. Having an avoidable issue become a catastrophe is the last thing anyone wants, and having a help desk that responds in a timely manner can make all the difference in how your business handles a potentially dangerous issue.

The other component in a great help desk response is how many channels you have to get in touch with them. Some only offer support via email, which we all have but at times can cause things to get lost in the shuffle. The other problem with email only is that while you may receive an answer in a prompt manner, it does become harder to step by step troubleshoot a problem. For that step-by-step troubleshooting, oftentimes having a live chat component can be incredibly useful. Find out if the live chat is automated, which may cut down on response time, but also may only work for basic issues. Some problems are not so simple as one answer, many are multi-faceted and having a real time answer to your question can make all the difference.

What if you aren’t by a computer, or the problem has completely shut your terminal down? Well , that’s why many providers, such as the good folks at Delval Technology Solutions, offer SMS help desk support. This way if you have a critical error on a machine, you can still get an answer to help you and your team get back to work with minimal headaches and anxiety.

SCALABILTY

For the most part, the goal for business owners is to grow their enterprises. It’s the American success story as old as time, a company goes from a small operation to a worldwide giant. For that to take place, you need to keep scalability in your mind when making your choices and a help desk is no different. As your volume grows, be it number of computers, to your hours, to even your locations, can you help desk handle it? If so, at what point does it cost you more money? These are all relevant questions to keep in mind when making your help desk choice. An ideal help desk is one that minimizes bottlenecking. As we spoke about before, some problems can go from small to large in a short amount of time. When your company grows, you want to ensure that your help desk of choice can give you the same response time and functionality that you had received when you signed on.

A helping hand can make the difference between climbing back up a mountain or falling of a cliff. Your help desk is no different. When making this decision, ask questions. See if the company is willing to let you test out their help desk. Ask them about their average response time. If you are looking to grow, see if they have pricing that is consistent, or if you

have to allocate additional funds if you need to scale up. Some companies that focus on customer service may even introduce you personally to their help desk staff so you can put a face to a name as to who you are going to be dealing with. Make sure you check how many lines of communication they have, to ensure that no matter what happens, you get the help your business needs.