Business Email Compromise: How-To Avoid Joining Those Already Impacted

Business Email Compromise (BEC) now encompasses the largest threat to business. Designed to evade traditional email security, Business including gateways and spam filters, spear-phishing attacks are often sent from high-reputation domains or compromised email accounts. Attacks typically use spoofing techniques and include “zero-day” links, unlikely to be blocked by URL-protection technologies.

Better enforcing your ability to curve attacks and avoid these scams. A lot of the time, attackers impersonate the HR, IT or Finance Teams, instead of an individual. Often, requests appear from a senior executive or trusted colleague. Read more

Clare Computer Solutions Windows 7 Extended Support Update

Stop Dreading the Update: Windows 7 Extended Support Update Relief

On January 14th, 2020 Windows 7 will be reaching its end of supportable life. This means any business using Windows 7 on employee PCs, or Windows Server 2008 will no longer receive the security and bug patching needed when computing in today’s connected age. Rejoice in knowing Microsoft, and Clare Computer Solutions have implemented what is known as Windows 7 Extended Support Update (ESU) for several systems.

Read more

cloud computing

A Look Back in Time: The Cloud in Review

For years you’ve heard how the cloud is coming to save you, and how the landscape is demanding hybrid & private clouds more than ever. It’s time we take another look at cloud computing for businesses, and where the landscape is in comparison to when I originally published this article in 2017. See how private […]

IT Consulting made easy with Clare Computer Solutions leader in Bay Area IT Consulting

3 New Year’s Resolutions for Technology Minded Business in 2020

There is something special about flipping the calendar over to the peak of a new year. For many personally this means new years resolutions, for businesses it means fresh opportunity – a change to complete the things you missed in 2018! Like many, we’ve found businesses have a hard time considering what information technology goals they should have for the new year. Take this kick-starter for 3 New Year’s resolutions for your business to consider in the coming year. Read more

Lessons in Network Lock-down: Focusing on Business Backups First

When you’re considering the prevention of modern attacks, it’s become pretty obvious that all businesses need a strong lineup of cyber-defense tools, not just a bare bones firewall and old-fashion anti-virus. You need to protect the business first, to do this you need a solution that can withstand the continued onslaught of modern malware.

For many businesses, it’s grown crucial to remember as technology needs begin shifting, so should your cyber security around  how to lessen the risk involved in your day-to-day operations. By following the recommendations of an experienced and trusted provider, you can effectively protect your business, ensuring you stay secure.

Embrace Automated Threat Detection & Response

While being around for nearly a decade, the term ‘anti-virus’ really belongs in the consumer space. When we talk business-grade protection we utilize solutions that stop threats immediately, with automated remediation systems, so you don’t have to spend time and resources cleaning viruses or restoring data.

You need a solution that doesn’t just stop threats, but works to put time back in your day.

Read more

10 Scary Tech Support Lessons Sure to Spook This Year

We take pride in continuing to educate our clients on the trials and tribulations seen in business technology today. The following images aren’t from our clients, but they are real-world examples of the tech support challenges many businesses face today, some completely unknowingly. No matter the issue, we always go to bat for our clients, focusing on correcting any technical support issues we uncover, and sometimes that includes educating businesses and solving their problems

Sometimes, there are problems so bad, you wouldn’t want to deal with them. So, instead of filling your inboxes with ghosts, ghouls, or pumpkins, we’ve rounded up 10 examples from the r/techsupportgore subreddit that is sure to send a painful wince or a shiver down your spine:

1. Enjoy this ‘updated’ network diagram!

Read more

Cybersecurity: 99% of Email Attacks Rely on Victims Clicking Links

While a tiny fraction of attacks relies on exploit kits and known software vulnerabilities to compromise systems, the vast majority of campaigns, 99%, require some level of human input to execute. These interactions can also enable macros, so malicious code can be run.

Sometimes it seems easy to blame users for falling victim to phishing attacks, but campaigns are becoming increasingly sophisticated. It’s often difficult to distinguish a malicious email from a regular one because attackers will tailor attacks to look as if they come from a trusted source, such as cloud service providers like Microsoft or Google, colleagues, or even the boss.

Social engineering is the key element in mimicking your routines as a business and ensuring their best-chances of success. If a user might be suspicious of ANY email, claiming to be from a colleague arriving at 10:00 PM your time, instead your working hours are when these campaigns hit, creating spoofs of legitimate emails, from well-known brands with the hopes of you interacting with it, and set off an attack.

No Geek Speak

Let’s get real for a moment here – phishing is one of the cheapest, easiest cyberattacks for criminals to learn, buy, and deploy. Just a few weeks ago, the FBI noted that Business Email Compromises are the leading attack vectors. The reason it continues to remain at the height of its potential is due to the large volume of interaction they receive. Put simply, phishing works and it can be difficult for many to implore the proper expertise when securing email systems and policies.

Although many attacks are designed to look legit, there are still ways to identify what could be a malware attack, just under your nose. If in doubt, contact the “supposed” sender of the sender to test its legitimacy. It’s worth noting that cloud providers like Microsoft, Amazon, and Google won’t ask you to click through weird looking links/URLs that ask for credentials. If one of your colleagues or yourself find something that appears suspicious, just close the email and go directly to a browser. Make sure you go directly to their website and login to check any alerts or notifications in online portals, not through email links.

Phishing by the Numbers

  • 74% of respondents say email attacks are having a major impact on their businesses. The most common effects cited were loss of employee productivity, downtime and business disruption, and damage to the reputation of the IT team.
  • 78% of organizations say the cost of email breaches is increasing.
  • Spear phishing is becoming more widespread: 43% of organizations have been the victim of a spear-phishing attack in the past 12 months.
  • More than three-quarters of organizations say their employees aren’t good at spotting suspicious emails.
  • 66% claimed that cyber-attacks have had a direct monetary cost on their organization in the past year. Nearly a quarter of respondents advised that attacks have cost their organization $100,000 or more.
  • 92% of Office 365 users have security concerns.
  • 79% of IT professionals said they are worried about attacks and breaches stemming from inside the organization.
  • 94% of organizations say employees are reporting suspicious emails to IT on a daily basis, but 58% say most emails reported to IT aren’t fraudulent.

It’s our responsibility, as the Bay Area’s #1 Managed Service Provider, that we ensure software updates, and security patches are applied regularly, in the case of someone clicking a link, malware can’t rely on any known vulnerabilities. Cybersecurity and technology are going to continue leading the changes, found in today’s business climate. Talk to a Clare Computer Solutions, expert today for a no-obligation meeting, to find out where you stand in today’s cyber-climate.

 

 

4 Proactive Steps to Prepare Networks for Ultimate Agility

Growing in rapid popularity, networking professionals identified improving network agility as a top business goal for the year. Considered the future of networking and business computing, “Network Agility” itself has become a popular buzzword. With everyone talking about it, no one seems to agree on one definition or the next.

So what does network agility actually mean? We reached out to some of the most well-known brands in information technology, to gather and break down a jargon-free explanation. Hopefully, this will provide you some insight on network agility and answer any questions you may have.
Network Agility, So what is it?

To build agility in someone’s network, you need the ability to respond to network changes in real-time, while keeping pace with the evolving needs of your business. Agile Networking adapts to changes – like a rise in traffic, or newly-deployed devices as they happen, remaining flexible, secure, and easier to manage.

For a network looking to become more “agile,” it will need these three characteristics:

    • Scale Quickly: In standard network designs, the rules and configurations demanded to expand a network are coded by hand. In agile networking, scaling becomes a more hands-off process with network templates being deployed to address the reconfiguration of existing devices, with a more logical layout.
    • Total Visibility into the Network: In your current network, data is everything to you. All data from an endpoint, network devices, including performance data, alerts and more; must be collected and stored somewhere. This data is analyzed by machine learning and artificial intelligence in the background to work out maintenance and troubleshooting.
    • No Strings Attached: Using data collected, an agile network will discover root-causes behind specific alerts and notifications, with emphasis on the appropriate steps to troubleshoot issues. Trying each step until successful, agile networks further refine and focus their abilities in fixing problems. Eventually, leaving the entire network to find and fix issues on its own, without any interruption from the added workloads or constant human intervention.

Unless your 100% certain your network was built using modern architectures and technology, then there is likely a mismatch of different devices, spanning across many vendors.

If this sounds familiar, then achieving network agility, let alone a stable network will require modification. That doesn’t have to be done in one go, in fact, we break this process into 4 proactive steps to prepare networks:

    1. Standardization sounds scary, but limiting a network with fewer than 5 vendors is easier to monitor, and more simple to manage as a network grows diverse over time. The challenge for most businesses is the cost and time, but with a strong focus on expertise, a plan is key to avoid tossing more money at drowning technology.
    2. Become strategic when growing your network, with any modifications it’s important to make sure this is a logical extension of your network, not a cobbled-together hack. The question we always ask our clients is, “Does this position the network for success in the future?” You should be moving forward with resounding decisions, for further improving the automation and less in the difficulty in managing technology every day.
    3. Document Everything: Networks change, and having the ability to review items like topology maps, device inventory, alerts, troubleshooting efforts trending becomes easier, and a managed service provider like Clare Computer Solutions documents these changes progressively, giving access to internal teams or leadership to assist in decision making analytics. These are key when proactively, managing your network infrastructure.
    4. Tight-knit Processes are based on the documentation gained and held to create your helpful process for your internal employees, while we do the heavy lifting. When our alerts trigger, your internal teams will know exactly what is going on and know that it’s being fixed.

The fact is many businesses have already begun taking steps we’ve outlined to prepare their networks for the future. If you don’t start now, then you’ll be scrambling to modify your networks, which is a big task that requires a lot of your internal manpower, where using Clare Computer Solutions we can focus your resources, for next-level efficiency. What are you waiting forTalk to the network experts today!

Phishing: Even Without a Click, Your Employees Can Assist the Bad Guys

Employees can still assist the bad guys in compromising the overall safety of your organization. Over the years, we’ve reinforced these security ideas in our blogs and social media with the idea that clicking or interacting with these criminals only continues to broaden your vulnerability, making your risk of attack that much greater. These criminals are constantly adapting with every failed attempt. The criminals appear to have wised up again, as they have begun focusing more on getting employees to reply.

By drawing people into some form of back and forth email exchanges, employees begin unwittingly training these criminals, through what warrants a potential reply. One of the ways they learn to phish companies is by learning how your employees work. Read more

MFA multifactor authentication for SMB business bay area SFIllistraition_Final

Back 2 Basics: Prevent Data Breaches with Stronger Authentication

Identity security is one of the most significant challenges that IT organizations face. An identity compromise can ruin an organization, and it is the number one attack vector for hackers. Your traditional, not so secure way to log in, consists of entering your username, and that familiar password. You know, the one you probably use […]