10 Reasons Why SMBs Are Vulnerable to Security Attacks

They say recognizing a problem is the first step in solving it. But when it comes to cybersecurity, many SMBs don’t believe they have a real problem on their hands. Many simply believe that hackers will focus their attention exclusively on large and well-heeled organizations, and aren’t interested in smaller businesses. Unfortunately, this couldn’t be further from the truth, and it’s this mentality that leaves businesses highly susceptible to attacks.

1) Not If, but When
Many small businesses don’t invest sufficiently in IT security resources and protection. This may be due in part to the fact that they may not know they’re being targeted. According to the Ponemon Institute 2016 State of SMB Cybersecurity Report, hackers have breached 50% of the 28 million small businesses in the United States have no clue they’re being targeted.

2) Evolving Threat Landscape
Trying to keep pace with the changing nature of cyber threats is a full time. Many cannot afford the cost of internal IT security staff, which is why it’s imperative that their MSP keep them protected from zero-day threats.

3) Users Don’t Always Know Security Best-practices
In the last year, phishing was involved in 90% of breaches, which makes end users both the weakest link and the first line of defense. The best way to counter this threat is to train and educate end-users on the impact of their online behaviors. A well-trained user can help prevent threats like ransomware, drive-by downloads, keyloggers, and many more.

4) Lack of Effective Security Policies and Protocols
Companies should have documented policies in place to ensure all passwords are strong and regularly changed. Although these actions are “status-quo,” two-factor authentication is many. Access rights to network files, folders, and file shares need to be tightly controlled to avoid malware wreaking havoc on networks.

5) Exposure to Multiple Vector
All the ways that users’ can interact with the internet must be considered, from emails, attachments, links, to web browsing and network activity. Effective endpoint security starts with protecting each of these vectors from cyber attacks. Featuring multi-layered protection to defend you from threats that use different exploits to gain access to your network.

6) Complex Security Creates Admin Challenges
Consider not only the costs of buying cybersecurity software but also the operational expenses of the latest in security technology. Systems that use best-in-class solutions paired with minor automation can make security both more affordable and more effective. Using these solutions allows internal teams tasked with administration’s job easier.

7) Out-of-Date Systems
By following a rigorous patching regime, you can avoid many of the application vulnerabilities used to comprise networks. At times, patching can feel unimportant, but with the help of our staff, and a little automation, patching management has become smoother, and more cost-effective. WannaCry, 2018’s biggest cyber-scare could have been avoided completely by simply patching systems to best practices.

8) Murky Network Visibility
Having accurate information about your network technology, and what’s connected to it, is vital in protecting users from both internal and external threats. Network monitoring tools can identify network anomalies and counter threats before they do harm to your systems. Knowing can be half the battle, and being able to pinpoint affected systems and the potential path of destruction.

9) Poor Backup Practices
Faced with attacks like ransomware, SMBs must have an effective back-up and retention policy. 60% of companies that suffer from a cyber attack are out-of-business within 6 months due to the sheer amount of data loss. There are many on and off-premise cloud-based backup systems that will help avoid such fate. Unfortunately, for companies willing to pay the ransom these days, it will not guarantee you will get your data back.

10) Compliance
Regulations affect several of the largest industries, and securing endpoints are a routine compliance requirement for most. It has become vital to understanding your compliance obligations and ensuring sufficient security is in place, to protect your business.

Clare Computer Solutions has the tools and experience to handle any aspect of your IT security. With tools to assess and remediate vulnerabilities. Clare Computer Solutions handles multiple networks, so we can apply this broad experience to expertly advise on your company’s technology strategiesContact us today to begin the conversation on securing your business.

Your Security Policies Protect More Than a Multi-Generational Workforce

Every generation approaches technology differently. A 55-year-old, manager is going to think about data-security differently, then a 22-year-old just starting their career. Recent studies have shown that different generations have dynamic attitudes and behaviors regarding digital security, requiring businesses to move from a one-size, “fits-all mentality,” to a more tailored approach. Could this new-age workforce be your next vulnerability?

Viewing Security Policies Differently

Recent studies conducted by our partners, “Webroot Security” have shown, younger generations, think about online security less than their older counterparts. Younger generations can/will make the assumption, inherent levels of security, exist in the workforce. This is even more of a reason for layering security and to establish a plan via company-wide, security policies.

A 2016 Webroot survey found, despite a reputation for being less “tech-savvy,” 49% of baby boomers reported having anti-virus solutions installed on their devices; only 10% more than millennials. The survey found, that 49% of millennials were concerned about someone gaining access to their social media accounts, versus 33% concerned with someone gaining access to their email accounts.

82% of millennials re-use passwords for websites and applications, compared to 70% of baby boomers. It was also reported, that 86% of baby boomers hardly download free applications or software to work devices without consulting your company designated IT support.

Our partners, at Citrix, surveyed workers to find which generation posed the greatest risk to sensitive information in the workplace, and millennials received 55% of the vote. It should be noted – baby boomers as being the most susceptible to phishing and social engineering attacks. (33%)

Tailor Your IT Security Approach

  1. Identify and build contextual access controls so users have access to apps and data; nothing more.
  2. Automatically prevent employees from running unauthorized apps on corporate hardware or worse, networks.
  3. Extend protection to mobile platforms, but give users the freedom to access data securely on the go.
  4. Embrace virtualization and containerization for critical apps and data.
  5. Gain visibility via analytics, so you can be proactive about security.
  6. Increase Cyber-Awareness Training for users.

These steps won’t solve every security problem, but they will go a long way in helping to better secure your workforce; regardless of age.  With the cyber-landscape evolving faster than ever, applying education, training, and remediation with the assistance of your staff has become paramount. Like many, knowing where to start is half the battle, and if you need a kickstart – Contact Us – to schedule your free Cyber-Awareness Training today.

 

Your Advantages When Outsourcing IT Through an MSP

More security threats emerge every year, leaving many businesses to begin the search for outsourcing their IT tasks to a Managed Service Provider (MSP). An MSP allows businesses to focus on core-objectives, instead of resolving IT issues. Without the necessary experience, trying to fix IT problems on your own can lead to higher costs, when compared to letting a professional service provider take care of issues as they arise.

When trusting your private-business data to a third party, you want to work with a company focused on maintaining the lowest level of risk. In addition, when deciding on an MSP, do thorough research and make sure all your requirements are met.

Here Are 5 MSP Benefits Your Business Can Reap When Building a Partnership

#1. Reducing Cost

Reducing cost is a major benefit for most businesses using an MSP. Working with a wide variety of clients, expired IT Companies know what services can help bring your costs to a minimum. As an MSP, we make costs more convenient, charging monthly – making it no surprises for our clients. Keeping your needs covered, so your free to concentrate on your business.

#2. Infrastructure Updates & Procurement

As you know, setting up IT infrastructure isn’t only about purchasing the hardware, installing software, and configuring it to your network. Regular updating and upgrading are critical to the security of your business. MSPs help business owners keep IT infrastructure, up-to-date and able to take-on such business tasks.

#3. Scalability

As you grow and expand, the ability to scale IT environments are needed for a company’s survival. Scaling is one more task companies can outsource, and another benefit your MSP can provide. MSPs help leverage current infrastructure investments, paring with innovative thinking to provide users a robust solution.

Many business owners fear falling behind the technology curve because the costs to recover can become far too great. MSPs can assist in implementing only business-critical changes to IT environments as business needs change. As a technology partner, your MSP should assist in achieving a better ROI.

#4. Use your staff more effectively

An MSP helps your internal IT team by freeing them from the day-to-day operations of your network. If you’re without an internal team, you’ve probably the been forced to rely on a “technically-gifted” staff member to handle user inquiries or on-site issues. With outside assistance from an IT expert, your team can do what it was hired to do, increase their productivity, and move the company ahead

#5. Security

Regardless of your employee count, IT security will protect your most critical business data. Outsourcing your security to an MSP that is aware of the latest trends, will bring the appropriate essential for network defense. An MSP provides peace-of-mind in term of security, for your cloud, and on-premises infrastructure.

 

Three Most Common Network Security Failure Points for Businesses

Network security continues to be at the forefront of Bay Area businesses. The threats posed to an Information Technology (IT) network are well known – there’s a new story daily of malware or hackers tampering with or destroying data. Most companies make an effort to prevent such attacks on their IT infrastructure, but many, if not most, don’t do enough.

Here are some common mistakes companies make when it comes to network security:

Failure to Plug All the Holes

Most companies with a network connection to the internet have some sort of firewall regardless of hardware, software, cloud or on-premises. But how carefully was that device chosen and how was it configured? Your choice of the firewall should be more than a call to your internet service provider. With so many choices, it can become difficult to wade through the separate vendors. There are thousands of logical ports through which a hacker could gain access to the network, are they all protected? These are the questions you will need to ask yourself as a tech-savvy individual.

The network edge is not the only attack vector. Malware can breach the network via email, a USB port or through an infected website. A firewall alone cannot prevent all threats from entering your network.

Failure to Build Security into the Corporate Culture

The old saying is, a chain is only as strong as its weakest link. Similarly, network security is only as strong as its weakest point. Systems and devices can help, but unwitting employees can expose the network to attack, and in many cases, accidentally launch the malware. Having a good Security Policy is important. Enforcing it, and making sure everyone from the boardroom to the mailroom follows it is even more important. Employees should be trained in how to recognize common email scams.

Keys to Network Security

IT network security is critical and requires an IT consultant with up-to-date experience in all the ways business networks can be attacked from outside sources. Malware, hackers and other cyber attackers present serious risks to your system. Network security demands a robust plan for prevention of attacks and what to do when attacks occur. Corporate culture can be part of the problem or part of the solution.

Failure to Assess and Update Security Measures

Technology changes occur at an accelerated rate. How can the firewall that was installed three years ago be effective against the latest methods and technologies used by cybercriminals? The technology within the company changes, as does the personnel. These create a lack of continuity which isn’t scalable in any fashion

Regular assessments of the network’s security, along with reviews of the corporate Security Policy, and continued education for the staff, is necessary to stay as far ahead of the “bad guys” as possible. They’re not standing still, so you can’t afford to, either.

It’s wise to have a third party conduct security assessments (some industries even require it), and an IT consultant can help you create a workable plan to bolster your network’s protection against attack and keep it up to date.

Data Backup and recovery ebooks for Bay Area business

Why YOU need a Strong Network Foundation to Support Emerging Tech

To take advantage of any opportunities in “Internet of Things (IoT)” and “Artificial Intelligence, (AI)” you must invest in robust wireless networks and with fast connections to any cloud applications. If you were building a house, you wouldn’t start with the windows. You would start by building a strong foundation. By laying the groundwork for future innovation, many businesses have capitalized on the competitive advantage, over there rival’s uptime.

Such is the case with small businesses and emerging technologies.

Where it makes business sense, your competition is investing in the Internet of Things, Artificial Intelligence, and other emerging IT solutions.  In order to make those deployments successful, you must first ensure you have strong and well-designed wired and wireless networks with fast connections to cloud services where possible, to power IoT and AI platforms. Many of the leading security applications use AI to create a security landscape, to familiarize it’s applications, with threats beyond our borders.

Without a strong network foundation, your business lacks the ability to effectively compete for new customers. You will begin to lack the customer service, and quality your customer’s were once assured. While it might seem obvious, companies shouldn’t rush head-first into adopting leading-edge technologies without assessing and ensuring the network can handle such workloads. Once that scalable and secure network infrastructure has been deployed, you can layer your advanced technologies on top.

How You Can Build a Strong Network Foundation

The first thing a business should do is assess its current network technology and refresh any strategies to determine: What is the state of your network now and what do we want it to be? Companies that do this on their own, won’t catch everything, and technology partners can use automated tools for a deeper dive. This assessment involves the checking of network health and any underlying infrastructure. A trusted partner should always be consulted when developing a new strategy for what the company.

After that, partners design the architecture of the network. Often, this involves taking systems and combining them into a core IP-based network. Whether your network spans across several locations or just one. Knowing what you already invested in, is half the battle. With a network assessment; businesses received increased perimeter security, alongside reports disclosing the age, and workload on current server environments. Throughout all of this, network security should be top of mind. The process can also be streamlined and orchestrated via a managed service provider.

Low-latency connections deliver the response you need and to the customers you want. Without this foundation, your business sits on a house of sand – It’s time to build the foundation.

Contact Us – To get started on your journey in assessing your infrastructure, with our arsenal of deep-diving tools to discover, the depths of your network.

The Benefits of Using Assessments like Azure HealthCheck

Assess physical and virtual infrastructure, provide in-depth reporting, make informed decisions on costs, and plan smooth cloud migrations. Expand your efficiency and effectiveness around the fastest-growing cloud platform, Microsoft Azure. It can be hard to know where to begin the conversation— especially if your organization doesn’t have deep experience in infrastructure.

Thorough Reporting

Our pre-migration assessment, also known as “Azure HealthCheck,” provides the data needed, to illustrate the true ROI of the cloud, building a migration plan with the corresponding workloads, and consumption. Explore the immediate advantages of Azure with consumption-based models, flat-rate billing, and regional data centers, allowing businesses a better cloud experience than ever before.

Collecting workload and usage data over the course of 14 days, to identify trends and patterns that allow for the accurate sizing of your network including, drives, computing power, processing speeds, and storage. Identifying virtual and physical server dependencies, workloads, architecture and shadow IT.

Detailed Cost-Analysis

Tracking maximum, minimum, and average workloads to accurately project the total cost of ownership in the cloud. Adjust data center regions, and capacity planning tools to make sure, your business-line applications have everything it needs before taking off to the cloud.

Planning Tools

Optimize configurations based on performance needs, NOT matching them to existing hardware, to show best and worst-case scenarios. Explore multiple configuration mappings for migration strategy plans, choosing optimal migration settings and firewall rules to prepare for a smooth transition.

How It Works

Step #1: Scan
We deploy BitTitan agents for Azure in the provided environment, scanning and collecting detailed information about each physical and virtual machine, and any additional nodes on your network.

Step #2: Report 
See live costs for moving to Azure by measuring Infrastructure-as-a-Service(IaaS) or active workloads. Providing businesses with access to detailed reports about individual nodes, processing time, memory/app usage, disk mapping, network usage, ingress/egress speeds and active ports.

Step #3: Plan
Find dependencies between nodes and applications, learning the cloud readiness of each node, optimal migration settings, and network recommendations -planning your move to the cloud has never been easier.

 

Get started with our Azure HealthCheck Assessment for on-premise and virtualized networks

Learn more at www.clarecomputer.com/azure-healthcheck

 

What Does a Messy Desk and IT Security Flaws Have in Common?

Click Here to See a Larger Version of the Image

Many businesses today don’t enforce digital, let alone, physical information security. As their Managed Service Provider (MSP), our job is to educate clients on the industry’s best practices.It’s time to put your knowledge to the test, can you find the six security flaws hidden in this picture?

What Does a Messy Desk and IT Security Flaws Have in Common?

This question might sound like the set-up of a bad joke, but these are real scenarios our engineering staff encounter every day, including repairing the damage done when cybercriminals are entering your network. Employees with cluttered desks tend to leave USB drives and cell phones out in the open, forgetting to physically secure these, along with vacant desktops, or laptops.

1. No Password Protection

From the start, we can see that this computer and monitor were left without any password protection, or logging out. Anyone passing by can easily gain access to the information your system possesses, making it critical to lock down security flaws in computers, including minimizing email clients.

2. Usernames and Passwords Left Out in the Open

Usernames and passwords should NEVER be written down on post-it notes and visible to all, this includes viewable from outside your windows!  If a non-employee were to see this information, they could easily use it to log into the corporate network or gain access to the company’s confidential information. In today’s digital age, security flaws like this can make or break a company’s reputation.

3. Un-Stowed Documents

Notes and documents should be filed away from the view of prying eyes. These documents might not contain YOUR private information, but rather company secrets, updates or ideas. File or organize your documents, regardless of digital or physical copies to keep them away from prying eyes.

4. Keys to the Castle

Often, those tiny keys that you find at the bottom of your desk, aren’t to the supply closet! Keep your cabinet, desk, drawer, or bookshelf, locked with the key on your keyring. Without it being somewhere secure, it becomes extremely easy for anyone to steal, or view confidential files.

5. Where’s My Wallet?

For most employees, mistake #5 is the most common. Likely to impact the employee, is leaving wallets, or worse, credit cards out on the desk, many executives do this, all the time. More commonly with wallets, corporate credit cards and security badges give intruders access to the office or company finances.

6. USB Sticks, Cell Phones, Tablets

Last but certainly not least, is setting important personal devices out in the open. Dangerous, because these items can be easily picked up without being caught in the act. Typically, these mobile devices such as cell phones, tablets, USB drives, all contain some level of sensitive business or personal information. Mobile security has grown at an alarming rate, with many business owners, neglecting a to adopt Bring Your Own Device (BYOD) environments. In some cases where businesses don’t offer BYOD, employees often log onto business networks on their own. Swiping a mobile device from the desk could allow access to sensitive information from such companies as Microsoft, Google, AT&T, Verizon, etc.

Conclusion

While some of these may seem like obvious and redundant fixes, it’s critical for employees to understand where company/personal data can be stolen. Maybe it’s just an office-visitor, who glances over and sees confidential information out in the open. Regardless, someone to conduct cybersecurity training as well as physical security training to educate employees on the security best practices for your industry.

How Hybrid Cloud Computing Has Taken the Market by Storm

If you’re still viewing the hybrid cloud as something outside of your IT strategy, or adoption plan, it’s time to change your thinking. In a recent study conducted by Cisco, and several other partners. The report uncovered, of the IT departments surveyed, 65% hope to prioritize the cloud as we begin 2018. This was a shocking number to most, as hybrid clouds have been around for some time.

Hybrid Cloud Wants vs Needs

The hybrid cloud has become a critical component of companies’ efforts in moving towards a “digital transformation.” Regardless of business size, technology leaders in your business need to begin weighing their options when it comes to on-premise infrastructure and cloud platforms.

For most, cloud platforms were enterprise-class in all respects and should encompass Software-as-a-Service (SaaS), Platform (PaaS) and Infrastructure (IaaS), with a high level of integration between them all. Many believe hybrid cloud solutions using public and private platforms offer the greatest benefits and commonality with on-premises infrastructure. Enabling your business to move workloads once stuck on-premise between private and public clouds.

That’s a serious list of requirements – thankfully, cloud providers are already moving in this direction. With Microsoft offering Azure, Microsoft 365, and a hybrid-stack for those with AWS. It’s no wonder they have taken off as the cloud leader. With Azure recently boasting several SQL Server enhancements, including in-memory support and the ability to move SQL Server applications to the cloud for seamless hybrid cloud use.

What Does It Mean for Business Owners?

With a growing list of cloud vendors in the market, we have already begun seeing solutions that over-promise, and under-deliver. Many are still skeptical of the cloud, having given Azure’s Active Directory a try. Using the security management of Azure and Microsoft, businesses can secure the identity of employees, their access, and some minor support. Encouraging the adoption of the hybrid cloud and safer computing networks.

With these innovations in cloud computing, you get vast transformative capabilities. With scalable platforms that enables you to deploy new applications, augment resources, and move apps between clouds. It’s these tools we see as the first steps in workload and process automation. It’s time your information technology began working for you – if poised correctly, the hybrid cloud can be the answer to the technology innovation your business has been lacking.

Clare Computer Solutions has provided the SF Bay Area with IT support and consulting services for over three decades. Realize the power of your technology today – Contact us to begin using the cloud to answer some of your largest technology questions.

File Sharing: 4 Reasons You Don’t Use Consumer Grade

As the digital transformation begins to gain traction in the market for business technology. File sharing continues to lead many to a more efficient work path. Starting with file sharing through iCloud, and Google cloud. Followed by the Dropbox adoption, and now into Slack’s interface, using drag and drop mechanics, with little permissions around sharing or asset management.

File sharing services are very common these days, and it’s easy to see why. These online services provide an easy way to store files in the cloud, where you can readily access, and share them, from a variety of devices. Many of these services are free of charge, too – up to a point.

For personal files, these solutions do a great job, since they are free! If you’re only sharing personal files – vacation pictures or non-sensitive personal communications – security is NOT a paramount concern. But beware of using consumer-grade solutions for your business.

These personal file sharing services are a prime target for hackers, and you owe it to your business, and all your business contacts to protect data you’re storing and sharing.

For businesses that want to use the convenience of file sharing apps, it is wise to make sure the solution you choose has business-level capabilities such as:

  1. Encrypted data – keeping data safe, during editing, in-transit, and at rest.
  2. Controls – not every user’s needs are the same, and not every user’s privileges should be the same.
  3. Customization – it should appear to the people with whom you’re sharing information that the program you’re using is a part of your company – not a “freebie.”
  4. No Such Thing as Free – at some point, your organization will reach a scale where these solutions can no longer be viable.
    1. (Dropbox & G-Suite are capped capacity, unlike similar O365 variants)

Clare Computer Solutions can help your company get set up for a business-grade file sharing solution, tailored to fit your business needs – Contact us today to get started.

managed service provider in the east bay and sf bay area

Use Managed Services to Expand IT Support for Your Company

If your business is doing well, then it’s growing. Growth is desirable, but it presents some challenges that must be addressed for your company to fully realize the benefits of that growth. One challenge is increasing the IT support to serve the needs of an expanded infrastructure and workforce. That is where a Managed Services Provider comes in.

If you have an internal IT staff, you can add more people, of course. But hiring staff is time-consuming and expensive. When costing out new assets it’s best to consult a local salary guide, so you know the total cost including any benefits offered by your company. There is a better way: Engage the services of a Managed Services Provider (MSP) for added IT support. Always

Here are the benefits of IT support from an MSP (whether as sole-source or as a supplement to existing IT staff):

  1. Overall cost is less than a full-time employee
  2. Managed Services augments an entire IT staff, not just one person. (Creating no gaps in coverage for vacations or illness)
  3. An MSP can provide vCIO services to aid in:
    1. Strategic planning
    2. IT budgeting
    3. IT projects (Planning, Execution, & Management)

An MSP will have procedures and tools to work with an in-house IT staff to supplement their knowledge and skills, plus add expanded monitoring, maintenance, and management for your entire IT infrastructure.  When you need to add new equipment due to technical refreshes or growth, a Managed Services Provider will have relationships with vendors, and buying power to receive highly competitive pricing.

Adding Managed Services to your IT support will make your business more nimble and efficient.  Clare Computer Solutions has helped hundreds of companies realize the true power of technology, and how to leverage technology in a more strategic way. It starts with a conversation – contact us to get started.