NetTec NSI
Frequently Asked Questions - FAQ
Is the cloud (Azure) too expensive for a small business?
Many large organizations and enterprises have been utilizing the cloud for many years. Small businesses are just recently learning about the reasons why this works for enterprises - the costs are actually lower to run your infrastructure in Azure if you build it correctly.
If you look at only the Azure pricing calculator, you might find that the costs look extreme at first glance. With our Microsoft Partner expertise and decades of cloud experience, we can lower those costs by as much as 90% from the base prices found in the Azure calculator and keep the performance high. By making the needed design and infrastructure changes in Azure, we are able to make Azure very affordable and even more affordable than on premise infrastructures and we have already done this many times for small and medium businesses.
If your organization has more than 10 users and you want to securely access your resources (files, applications, databases, etc.) from anywhere, you are a perfect candidate for an Azure infrastructure. Please contact us now for a free, zero obligation estimate.
Does Microsoft backup my data in Office 365?
From their SLA:
Microsoft will retain Customer Data that remains stored in Online Services in a limited function account for 30 days after expiration or termination of Customer’s subscription so that Customer may extract the data. After the 30-day retention period ends, Microsoft will disable Customer’s account and delete the Customer Data and Personal Data within an additional 30 days, unless Microsoft is permitted or required by applicable law to retain such data or authorized in this agreement.
Microsoft has no liability for the deletion of Customer Data or Personal Data as described in this section.
In other words, you better have a third party backup solution to make sure your data is protected.
Microsoft or Google can’t determine when a document is deleted whether it was done so intentionally, or if it was accidental or a malicious deletion. When an item is deleted - and that can be anything from a Word doc or a Google sheet or even an entire folder - it’s kept in the trash or recycle bin for a period of time, and then purged from the system.
People may think that this “deleted item retention” policy can solve their data recovery problems, but we know oftentimes you don’t realize that a file’s been deleted until its too late.
A perfect example: when employees leave the company and their license is deactivated, that data is also purged from the system.
Essentially, if you put data in their cloud, it’s your problem if something goes wrong that’s not environmental. This is where most organizations start to feel the pain of not having a backup. Nothing is stopping users from deleting data, changing data or doing stupid things like clicking on Ransomware. And Microsoft has no responsibility to provide protection from these occurrences or help you with recovering.
Please contact us for a no obligation estimate of your Office 365 or Google Cloud backup.
How much does it cost to manage and secure a business network?
Business networks are made up of many different devices and components, all of which are designed to perform a specific function on the network. Simple networks with few devices and few manufacturers and few users and few configurations are less expensive and easier to manage and secure. When networks have many devices and many different manufacturers, the costs of managing and securing such networks get more expensive. So the real answer is it depends on these factors.
When we provide an estimate to help manage your network, we’re first learning everything we can about your business and your systems so that we can make the absolute best recommendations. Usually this is done with a Network Assessment. Our initial network assessment is free to qualified businesses and by qualified, we mean are you a business and do you seriously value your data and technology in that business. After our initial assessment is complete, we can make recommendations about what you need going forward and where there may be some issues that can be addressed without much pain or effort. If we recommend new hardware or software or subscriptions, we’re going to find you the best pricing on the best available technology and recommend what we know has worked in the past and what will provide you with the best value in terms of meeting your business needs. We may not be the cheapest IT services company, but do you want the cheapest? Our solutions aren’t cheap. They’re proven and trusted solutions that we’ve used for many businesses just like yours. They’re reasonably priced, but possibly not the cheapest.
You may be able to have your network managed and what some people would call “secured” for less money, but it won’t be the absolute best for your business and it won’t be from a company that’s been doing this as a trusted provider since 1995. We’ve actually been asked by some of our clients to come in behind another IT services company that was the cheapest and we’ve had to clean up the mess of malware, run away software installations, mismatched software versions, broken and unreliable hardware, undocumented equipment and network connections and poorly implemented security. That’s not how you want to run your business and believe it or not, your data is probably the single most important part of your business. In fact, studies have shown that 60% of businesses that have a data compromise are out of business within one year and 90% of businesses that have a catastrophic data loss are out of business within one year. You don’t want to be that company. You want to be able to focus on running your business and sleep well at night knowing that someone is watching out for your data. That’s what we do. We know it and care for it and protect and manage it for you. If you still want the cheapest, thanks for looking here, but we’re probably not for you and you’re not for us either. In the end if you do decide to choose us as your trusted IT services provider, you may find that you did get the cheapest solution in the long run because it saved you time and money and hassle and downtime and kept your network up and running with little or no complications and we protected your critical business data from malware and hacking that’s going on today. We like to call that the most profitable solution, but if you want to call it the cheapest, that’s ok too.
Before the introduction of the internet, computer networks were somewhat easy to secure. If the network was contained and not connected to any other networks, controlling access and knowing what was running on the network was easy. Now that almost every network is connected to the internet, the complexity in providing security is greater by many magnitudes. Some businesses connect their networks to the internet and think they’re safe because they have a firewall, but a firewall simply isn’t enough. The firewalls that you can buy at office supply stores or big-name electronics stores aren’t doing much of anything to protect your network. They might keep intruders out but once they’re in, there’s almost nothing on those kinds of firewalls to prevent everything from leaving your network. Our firewalls are designed to allow ONLY what you want going in and coming out of your network. Our firewalls are also designed to alert us if anything out of the ordinary is noticed in any traffic going across that firewall. If you want this level of security protecting your network, it will be more expensive than the system you can buy from your office supplies store, but it’s worth every penny of it. We’re not talking thousands of dollars more, but possibly a thousand dollars more up front and a few hundred per month to manage it and by managing it, we mean securing it too.
Securing a network is just one aspect of managing a network. At NetTec NSI, we offer managed services and with our managed services offerings, we many options of levels of security. For Desktop Care+ we have basic security with Webroot Endpoint Protection. This is a nice way to help prevent known malware and viruses from doing damage to a network. With our Help Desk services, we offer unlimited malware and virus removals so that if your systems become infected, we will help remove them and restore them to a clean state whenever an infection occurs and at no extra cost to you. We have solutions for managing systems that start at $25 per device per month and go up to $175 per server per month.
For businesses that want to have the ultimate in protecting their systems from zero-day attacks (malware that is not known by anti-malware and anti-virus systems) we offer additional protections with our Profile & Protect, Detect & Respond and additional Endpoint Protections. These services are available on a predictable monthly fee per device or user per month. The truth is that the cost of managing your network will depend on the numbers of systems and users you have, the complexity of your network and your security requirements. Some companies require a higher level of security for compliance. We’ve helped many companies meet their compliance requirements in HIPAA, NIST, PCI and other government and industry standards. Our security subscriptions start at $5 per user per month and go up to hundreds of dollars per month in highly secure and sensitive systems. What is right for your business is what’s important to us. We will find a solution that will secure everything you need to have secured and do it for a reasonable price. We don’t want you to have to pay a dime more for something you don’t need.
How to write a Cybersecurity incident response plan
There are 10 main steps to an effective incident response plan:
1. Determine key stakeholders
Properly planning for a potential incident is not the sole responsibility of your security team. In fact, an incident will likely impact almost every department in your organization, especially if the incident turns into a full-scale breach. To properly coordinate a response, you must first determine who should be involved. This often includes representation from senior management, security, IT, legal, and public relations.
Knowing who should be at the table and involved in your organization’s planning exercises is something that should be determined in advance. Additionally, a method of communication needs to be established to ensure a quick response. This should take into account the possibility that your normal channels of communication (i.e. corporate email) may be impacted by an incident.
2. Identify critical assets
To determine the scope and impact of an attack, your organization first needs to identify its highest priority assets. Mapping out your highest priority assets will not only help you determine your protection strategy but will make it much easier to determine the scope and impact of an attack. Additionally, by identifying these in advance, your incident response team will be able to focus on the most critical assets during an attack, minimizing disruption to the business.
3. Run table-top exercises
Incident response is like many other disciplines – practice makes perfect. While it is difficult to fully replicate the intense pressure your team will experience during a potential breach, practice exercises ensure a more tightly coordinated and effective response when a real situation occurs. It is important to not only run technical tabletop exercises (often as part of a red team drill), but also broader exercises that include the various business stakeholders previously identified.
Tabletop exercises should test your organizational responses to a variety of potential incident response scenarios. Each of these scenarios might also include stakeholders beyond the immediate technical team. Your organization should determine in advance who needs to be informed when an attack is detected, even if was successfully defended.
Common incident response scenarios include:
Active adversary detected within your network: In these scenarios, it is critical that the response team determines how an attacker was able to infiltrate your environment, what tools and techniques they used, what was targeted, and if they have established persistence. This information will help determine the proper course of action to neutralize the attack. While it might seem obvious that you would immediately eject the adversary from the environment, some security teams choose to wait and observe the attacker to gain important intelligence in order to determine what they are trying to achieve and what methods they are using to achieve them.
Successful data breach: If a successful data breach is detected, your team should be able to determine what was exfiltrated and how. This will then inform the proper response, including the potential need to consider the impact on compliance and regulatory policies, if customers need to be contacted, and potential legal or law enforcement involvement.
Successful ransomware attack: If critical data and systems are encrypted, your team should follow a plan to recover such losses as quickly as possible. This should include a process to restore systems from backups. To ensure the attack won’t be repeated as soon as you’re back online, the team should investigate if the adversary’s access has been cut off. Additionally, your broader organization should determine if it would be willing to pay a ransom in extreme situations and, if so, how much it would be willing to spend.
High-priority system compromised: When a high-priority system is compromised, your organization may not be able to conduct business normally. In addition to all the steps needed as part of an incident response plan, your organization also needs to consider establishing a business recovery plan to ensure minimal disruption in a scenario such as this.
4. Deploy protection tools
The best way to deal with an incident is to protect against it in the first place. Ensure your organization has the appropriate endpoint, network, server, cloud, mobile, and email protection available.
5. Ensure maximum visibility
Without the proper visibility into what is happening during an attack, your organization will struggle to respond appropriately. Before an attack occurs, IT and security teams should ensure they have the ability to understand the scope and impact of an attack, including determining adversary entry points and points of persistence. Proper visibility includes collecting log data, with a focus on endpoint and network data. Since many attacks take days or weeks to discover, it is important that you have historical data going back for days or weeks (even months) to investigate. Additionally, ensure such data is backed up so it can be accessed during an active incident.
6. Implement access control
Attackers can leverage weak access control to infiltrate your organization’s defenses and escalate privileges. Regularly ensure that you have the proper controls in place to establish access control. This includes, but is not limited to, deploying multi-factor authentication, limiting admin privileges to as few accounts as possible (following the Principle of Least Privilege), changing default passwords, and reducing the amount of access points you need to monitor.
7. Invest in investigation tools
In addition to ensuring you have the necessary visibility, your organization should invest in tools that provide necessary context during an investigation. Some of the most common tools used for incident response include endpoint detection and response (EDR) or extended detection and response (XDR), which allow you to hunt across your environment to detect indicators of compromise (IOCs) and indicators of attack (IOA). EDR tools help analysts pinpoint which assets have been compromised, which in turn helps determine the impact and scope of an attack. The more data that is collected – from the endpoints and beyond – the more context is available during investigation. Having broader visibility will allow your team to not only determine what the attackers targeted but how they gained entry into the environment and if they still have the ability to access it again. In addition to EDR tools, advanced security teams might also deploy a security orchestration, automation, and response (SOAR) solution that aids in response workflows.
8. Establish response actions
Detecting an attack is only part of the process. In order to properly respond to an attack, your IT and security teams need to ensure they have the ability to conduct a wide range of remedial actions to disrupt and neutralize an attacker. Response actions include, but are not limited to:
Isolating affected hosts
Blocking malicious files, processes, and programs
Blocking command and control (C2) and malicious website activity
Freezing compromised accounts and cutting off access to attackers
Cleaning up adversary artifacts and tools
Closing entry points and areas of persistence leveraged by attackers (internal and third-party)
Adjusting configurations (threat policies, enabling endpoint security and EDR on unprotected devices, adjusting exclusions, etc.)
Restoring impacted assets via offline backups
9. Conduct awareness training
While no training program will ever be 100% effective against a determined adversary, education programs (i.e. phishing awareness) help reduce your risk level and limit the number of alerts your team needs to respond to. Using tools to simulate phishing attacks provides a safe way for your staff to experience (and potentially fall victim to) a phish, enrolling those that fail into training, as well as identifying risky user groups who may require additional training.
10. Hire a managed security service
Many organizations are not equipped to handle incidents on their own. Swift and effective response requires experienced security operators. To ensure you can properly respond, consider working with an outside resource such as a managed detection and response (MDR) provider.
MDR providers offer 24/7 threat hunting, investigation, and incident response delivered as a managed service. MDR services not only help your organization respond to incidents before they become breaches but also work to reduce the likelihood of an incident in the first place. MDR services are becoming very popular: according to Gartner* , by 2025, 50% of organizations will be using MDR services (this is up from less than 5% in 2019).
Data forensic incident response (DFIR) services are occasionally also retained after an incident to collect evidence to support a legal or insurance claim.
What should every Business Owner Should Demand from their IT?
As a business owner, you need to know that your data is protected and that your systems will operate well when you need them. Here’s a checklist for most business owners:
Do I know what applications we need to run this business? Do we have the needed licenses and training in place so that we can make the most out of those applications?
Will my system support the line of business applications (it always starts with the applications) I’ve chosen to run our business?
Will my system run those applications well so that we can all be productive even and especially during the most peak and busiest times?
Does this system protect those applications and users from malware, ransomware, external attack, or intentional and inadvertent theft or destruction of the data and intellectual property?
Can I sleep well knowing that in the event of a system failure or disaster, all of our data is backed up regularly in a separate physical location and can be recovered 100% to the most recent backup?
If I have trouble, can I get friendly, patient and knowledgeable help quickly without any hassle and without excessive charges?
Can my users get secure access to the data and other IT resources from anywhere so that they can work from home during COVID or during times and events when this is required?
Will my business systems be able to comply with government and industry compliance requirements?
Do I have the right protections in place for our email systems?
Are we checking to make sure that only the right people are accessing our network remotely?
Will we know if any threat actors breach our network?
Are we using the most cost efficient technology available and getting the most value out of them?
Are we using the most effective cyber security available?
What is remote desktop?
Remote desktop services help businesses save money and secure their network by sharing processor, memory, and key parts of a computer from a central place. Most desktop computers are idle for most of the day. When they’re idle, they still use a lot of electricity just to stay powered on. In addition to the electricity that’s used unnecessarily, when the computers are decentralized they require hours of time from expensive IT people to maintain and more hardware to run; that means more dollars spent up front and more dollars spent every month.
At NetTec NSI, we’ve built our data centers so that your remote desktop is running on Fortune 500 level technology with redundancy, high availability and security in mind. That’s something that most small and medium business can’t afford to have and are sacrificing a lot for their critically important business data by not having. Because we’ve built our data center with remote desktop technology, we can share the costs of those expensive items and price the services in a subscription that is predictable and easily affordable for most businesses. Studies have proven that using remote desktop services significantly reduces the (TCO) total cost of ownership when adding the cost of managing the users, systems and data. The reasons for this may not be obvious. When looking at TCO, companies have to consider the hardware and software costs obviously. The additional areas of savings that a business may overlook include service costs if outsourced or labor if not outsourced, downtime and energy savings. The costs to manage a distributed and varied network of systems is significant in any business. If we have to manage a central set of servers where all of the hardware and software is carefully controlled, then we can do the job in less time and do it with more confidence. When we have to configure central servers to service distributed clients with different operating systems on different networks and with different configurations, things get much more complicated and our confidence drops. Remote desktops solve this because the data, the users and the servers are all on the same highly controlled network. By following this way of thinking, we can lower the complexity and lower the cost of managing almost any system. By following this way of thinking, we can also do a better job of securing data, users and systems.
When we setup remote desktop services, we have no single point of failure, so we make sure your remote desktop is never down. If you tried to build a computer that had no single point of failure and complete redundancy, it would cost more than double the cost of a single computer and would be more complicated and again cost many hours of expensive IT people to maintain. When we build redundancy and high availability into our remote desktops, those up front costs are spread out over many users and many months to keep it affordable and a great value to you.
A remote desktop looks very much like a regular Windows desktop. It has a Windows start button/menu. It has File Explorer, Internet Explorer and the same applications and apps that you’re used to using on your local desktop like Chrome and Adobe Acrobat. What you see in a remote desktop is very similar or nearly identical to what you see on your local Windows desktop too. The biggest difference is that in a remote desktop your applications, users, and data are in one place that you can access from anywhere an internet connection is available.
A remote desktop is a place where your applications, users and data are secured, monitored and backed up. A remote desktop is fully up to date with the latest security updates and operating systems and applications, so you don’t have to worry or spend money on that either. A remote desktop serves these benefits to businesses for a fixed price per user per month. Microsoft’s Windows Virtual Desktop (WVD) is a more advanced version of remote desktop, designed to run on Windows 10 multi-user and scale from a few users all the way up to thousands.
How much do your Managed Services cost?
We have several managed services to choose from and each has an easy to understand price and quantity discounts are available. The following are descriptions with list prices:
Desktop Care+: 24x7x365 monitoring, asset collecting/documentation, hardware and software audits, S.M.A.R.T disk monitoring, performance and preventive maintenance reports, automated optimization and management, automated patching with patch whitelisting service, antivirus management, desktop performance monitoring, remove/cleaning of temp files, administrative scripting, policy management, client communicator with self-help center, antivirus monitoring and discounted service rates.
$25 per device per month
Business Hours Help Desk - Everything in our Desktop Care+ plus: 8 AM - 5 PM US-based, unlimited end-user help desk support for Windows, Mac and mobile devices, administrative tasks, virus and malware removal, software installations.
$65 per device per month
24x7 Help Desk - Everything in Help Desk Business Hours plus 24x7x365 support, holiday support, weekend support, and after-hours support.
$75 per device per month
Elite Server Care - We keep tabs on your network activity around the clock, and when a system or function fails, our support teams immediately jump in to investigate. Once the problem is identified, we’ll work to fix it — in many cases before you’ve even realized there’s an issue. Our Network Operations Center (NOC) monitors all your servers, and our expert NOC technicians will call you – day or night – when critical issues arise. Remote restart minimizes down-time and reduces after-hours call volume. In addition to creating alerts and tickets, we leverage our extensive knowledgebase to provide tips and information for remediation and resolution. We ensure that AV software is up-to-date, preventing security breaches and providing peace of mind. We whitelist Microsoft security patches, so that when patches are deployed you can be confident that they won’t disrupt workflow or create extra problems. Our NOC technicians will troubleshoot and proactively address issues on monitored servers, and independently resolve alerts and tickets for you – further minimizing downtime for your business. Our AV management is expanded – we proactively update definitions and reinstall AV software as necessary, keeping you and your servers secure with the knowledge that they are always protected. The NOC team will delete unwanted logs or clean up disks as needed, so you and your servers will never miss a beat. We can create and assign issue-based tickets to our NOC technicians for full problem resolution. Time-consuming routine maintenance tasks can also be outsourced to the NOC team, freeing you to focus on growing your business. NOC will reboot any server identified as offline, regardless of alert or issue.
$195 per server per month
How much does Office 365 cost?
We’re Microsoft Cloud Solutions Partners and we help many different sizes and kinds of businesses with Office 365. Basic plans for Exchange Online and Business Premium start at $5 and $12.50 per user per month respectively. We have many additional options for Office 365 subscriptions including Advanced Threat Protection (ATP), Enterprise subscriptions E3 and E5, Academic pricing and subscriptions, Government pricing and subscriptions, and Dynamics 365. Please contact us with your needs and we’ll match the subscriptions and get you the absolute best pricing and services. Those prices cover the subscription services only. We offer migration and support services to help your business get to Office 365 and get the most out of it. Please let us know about your project and we’ll get you the absolute best service and support.
How do I protect my computer?
For many years, we’ve helped our clients understand how to keep their data and computers safe. We build systems that are safe by default. Here are some links to presentations we’ve done:
Some things you can do to protect your computers:
Only use administrator and root level accounts for administrative tasks. NEVER browse the internet or open an unknown file or link with an administrator account. Use standard or limited accounts for routine tasks, email and browsing. Separate these functions into the two different kinds of accounts if you have administrative responsibilities of any computer system.
Lock down your login: Your usernames and passwords are not enough to protect key accounts like email, banking and social media. Strengthen online accounts and use strong authentication tools like a unique, one-time code through an app on your mobile device and multi-factor authentication (MFA).
Keep a clean machine: Keep all software on internet-connected devices – including personal computers, smartphones and tablets – current to reduce risk of infection from ransomware and malware.
When in doubt, throw it out: Links in email, tweets, posts and online advertising are often how cyber criminals try to compromise your information. If it looks suspicious, even if you know the source, it’s best to delete or, if appropriate, mark as junk.
Back it up: Protect your valuable work, music, photos and other digital information by making an electronic copy and storing it safely. If you have a copy of your data and your device falls victim to ransomware or other cyber threats, you will be able to restore the data from a backup.
Personal information is like money. Value it. Protect it.: Be thoughtful about who gets that information and how it is collected.
We don’t have a big budget for Cyber Security. How can we protect our small business?
America thrives with small businesses in society. There are numerous opportunities for small businesses to fill needed niches within the industry. However, many small businesses may not have all the resources they need to have a strong cybersecurity posture. By implementing simple cybersecurity practices throughout the organizations, small business can safeguard their information and data for increased profits.
DID YOU KNOW?
44 percent of small businesses reported being the victim of a cyber attack, with an average cost of approximately $9,000 per attack. 1
Nearly 59 percent of U.S. small and medium-sized businesses do not have a contingency plan that outlines procedures for responding to and reporting data breach losses. 2
SIMPLE TIPS
Make sure all of your organization’s computers are equipped with antivirus software and antispyware. This software should be updated regularly.
Secure your Internet connection by using a firewall, encrypt information, and hide your Wi- Fi network.
Establish security practices and policies to protect sensitive information.
Educate employees about cyber threats and how to protect your organization’s data. Hold employees accountable to the Internet security policies and procedures.
Require employees to use strong passwords and to change them often.
Invest in data loss protection software, use encryption technologies to protect data in transit, and use two-factor authentication where possible.
Protect all pages on your public-facing websites, not just the checkout and sign-up pages.
1 2013 Small Business Technology Survey, National Small Business Association
2 www.staysafeonline.org/about-us/news/new-survey-shows-us-small-business-owners-not-concerned-about
Do you have any Quick Tips for How to Secure Printers?
Quick Tips for Copier/Printer/Fax Security:
Digital copiers, printers and fax machines are computers too.
Ensure devices have encryption and overwriting
Take advantage of all the security features offered
Secure/wipe the hard drive before disposing of an old device
Change the default password to a strong and unique passphrase
Do you have any quick tips on how to secure email?
Quick tips for email security: When in doubt, throw it out, be extra cautious when it comes to email.
Require strong, unique passphrases on email accounts
Turn on two-factor authentication
Do not use personal email accounts for company business
Train employees to know not to open suspicious links in email, tweets, posts, online ads, messages or attachments – even if they know the source. Train employees about your company’s spam filters and how to use them to prevent unwanted, harmful email
Learn More: https://www.ic3.gov/media/2017/170504.aspx
Do you have any quick tips for file sharing?
Quick tips for file sharing. Sharing is caring, only when done securely.
Restrict the locations to which work files containing sensitive information can be saved or copied
If possible, use application-level encryption to protect the information in your files
Use file-naming conventions that don’t disclose the types of information a file contains
Monitor networks for sensitive information, either directly or by using a third-party service provider
Free services do not provide the legal protection appropriate for securing sensitive information
Learn More: https://www.ftc.gov/tips-advice/business-center/guidance/peer-peer-file-sharing-guide-business
Do you have any quick tips for protecting my mobile phones?
Quick tips for mobile devices. Keep a clean machine for on the go devices.
Update security software regularly. Go ahead, update your mobile software now.
Delete unneeded apps and update existing apps regularly.
Always download apps from a trusted source and check reviews prior to downloading.
Secure devices with passcodes or other strong authentication, such as fingerprint recognition .
Turn off Discovery Mode.
Activate “find device” and “remote wipe”.
Configure app permissions immediately after downloading.
Do you have any quick tips for point of sale systems?
Quick Tips for Point of Sale Systems (POS). Hackers are often financially motivated. Don’t make it an easy payday.
Create unique, strong passphrases.
Separate user and administrative accounts.
Keep a clean machine: Update software regularly.
Avoid web browsing on POS terminals.
Use antivirus protection.
Learn More: https://www.pcisecuritystandards.org/merchants/
Are small and Medium businesses (SMBs) really being targeted by Cyber Criminals?
As you can see, the statistics are alarming and the threat is real:
14 Million small businesses were attacked over past 12 months
36 percent of cyber-attacks are conducted against SMBs
48 percent more SMBs experienced a breach due to employee neglect in 2017 vs. 2016
60 percent of small companies that suffer a cyber-attack go out of business within 6 months
Do you have any quick tips for routers?
Quick Tips for Routers
Your home or business network is not too small to be hacked.
Change from manufacturer's default admin password to a unique, strong passphrase
Use a network monitoring app to scan for unwanted users
Restrict remote administrative management
Log out after configuring
Keep firmware updated
Learn More: https://www.us-cert.gov/ncas/tips/ST15-002
Do you have any tips for staying secure on social networks?
Quick tips for staying secure on social networks
Socialize online with security in mind.
Limit who has administrative access to your social media accounts
Set up 2-factor authentication
Configure your privacy settings to strengthen security and limit the amount of data
shared. At the very least, review these settings annually
Avoid third-party applications that seem suspicious and modify your settings to limit the
amount of information the applications can access. Make sure you’re accessing your social
media accounts on a current, updated web browser
Learn More: https://www.us-cert.gov/ncas/tips/ST06-003
Do you have any quick tips for staying safe when using software?
Quick Tips for software
Having the latest security software, web browser and operating system are the best defense against threats.
Make sure your computer operating system, browser, and applications are set to receive automatic updates.
Ensure all software is up to date. Get rid of software you don't use.
Your company should have clear, concise rules for what employees can install and keep on their work computers.
When installing software, pay close attention to the message boxes before clicking OK, Next or I Agree.
Make sure all of your organization’s computers are equipped with antivirus software and antispyware. This software should be updated regularly.
Limit access to data or systems only to those who require it to perform the core duties of their jobs.
Do you have any tips for staying secure with third party vendors?
Quick Tips for third party vendors.
Do your due diligence; get it in writing and monitor compliance.
Spell out your privacy and security expectations in clear, user-friendly language to service providers.
Understand how their services work and to what you are giving them access .
Build in procedures to monitor what service providers are doing on your behalf.
Review your privacy promises from the perspective of a potential service provider.
Spell out expectations and scope of work in a formal agreement/contract.
Do you have any tips for using USB drives securely?
Quick Tips for USB drives.
These small devices can easily create huge security issues.
Scan USBs and other external devices for viruses and malware.
Disable auto-run, which allows USB drives to open automatically when they are inserted into a drive.
Only pre-approved USB drives should be allowed in company devices. Establish policies about the use of personal, unapproved devices being plugged into work devices.
Keep personal and business USB drives separate.
Don’t keep sensitive information on unencrypted USB drives. It is a good practice to keep sensitive information off of USB drives altogether.
Learn More: https://www.us-cert.gov/ncas/tips/ST08-001
Do you have any tips for keeping our website secure?
Quick Tips for website security.
Create a safe online shopping experience for your customers.
Keep software up-to-date.
Require users to create unique, strong passphrases to access.
Prevent direct access to upload files to your site.
Use scan tools to test your site’s security – many are available free of charge.
Register sites with similar spelling to yours.
Do you have any tips for using wifi safely?
Quick Tips for safely using wifi. Think before you connect.
Use separate Wi-Fi for guests or customers than you do for business.
Physically secure Wi-Fi equipment.
Use a virtual private network (VPN) when using public Wi-Fi.
Do not connect to unknown, generic or suspicious Wi-Fi networks. Use your mobile carrier's data plan to connect instead.
Turn off Wi-Fi and Bluetooth when not in use on your devices.
Secure your internet connection by using a firewall, encrypt information and hide your wifi network.
Learn More: https://www.consumer.ftc.gov/articles/0014-tips-using-public-wi-fi-networks
How do I protect my network?
How do I protect my email?
How do I protect my phone?
How do I protect my router?
Why does Microsoft keep updating their software?
Microsoft keeps releasing updates for their software for many reasons. First, Microsoft is a business and they’re in the business of making money. Releasing new updates can help them to stay profitable by removing the number of different configurations they have to support. By having a regular update release schedule, Microsoft can have fewer numbers of configurations that they support and that saves them money. Another reason Microsoft releases frequent updates is that their software and all software is written by humans. Humans make mistakes and that leaves holes, called vulnerabilities in the software that has to be patched to make it secure. These regular patches fix those holes. When you apply updates to your systems, you are getting the latest software available and that’s a good thing, usually. Usually running the latest software means that your systems have fewer known vulnerabilities that unpatched systems. Sometimes blindly applying the updates can cause a system to stop working. When Microsoft and other vendors release patches to their software, sometimes they haven’t fully tested the patches and unexpected things can happen on production systems. We recommend testing all updates on non-production and non-critical systems before deploying them on production and critical systems. Our managed services performs vetting of all Microsoft and third party patches before deploying them and we schedule all patches for delayed deployment to give Microsoft and extra day to re-release any bad patches.
Why does Apple keep updating their software?
Apple keeps releasing updates for their software for many reasons. First, Apple is a business and they’re in the business of making money. Releasing new updates can help them to stay profitable by removing the number of different configurations they have to support. By having a regular update release schedule, Apple can have fewer numbers of configurations that they support and that saves them money. Another reason Apple releases frequent updates is that their software and all software is written by humans. Humans make mistakes and that leaves holes, called vulnerabilities in the software that has to be patched to make it secure. These regular patches fix those holes. When you apply updates to your systems, you are getting the latest software available and that’s a good thing, usually. Usually running the latest software means that your systems have fewer known vulnerabilities that unpatched systems. Sometimes blindly applying the updates can cause a system to stop working. When Apple and other vendors release patches to their software, sometimes they haven’t fully tested the patches and unexpected things can happen on production systems. We recommend testing all updates on non-production and non-critical systems before deploying them on production and critical systems. Our managed services performs vetting of all Apple and third party patches before deploying them and we schedule all patches for delayed deployment to give Apple and extra day to re-release any bad patches.
Why does Google keep updating their software?
Google keeps releasing updates for their software for many reasons. First, Google is a business and they’re in the business of making money. Releasing new updates can help them to stay profitable by removing the number of different configurations they have to support. By having a regular update release schedule, Google can have fewer numbers of configurations that they support and that saves them money. Another reason Google releases frequent updates is that their software and all software is written by humans. Humans make mistakes and that leaves holes, called vulnerabilities in the software that has to be patched to make it secure. These regular patches fix those holes. When you apply updates to your systems, you are getting the latest software available and that’s a good thing, usually. Usually running the latest software means that your systems have fewer known vulnerabilities that unpatched systems. Sometimes blindly applying the updates can cause a system to stop working. When Google and other vendors release patches to their software, sometimes they haven’t fully tested the patches and unexpected things can happen on production systems. We recommend testing all updates on non-production and non-critical systems before deploying them on production and critical systems. Our managed services performs vetting of all Google and third party patches before deploying them and we schedule all patches for delayed deployment to give Google and extra day to re-release any bad patches.
Do you have any best practices to stay protected from ransomware?
General Best Practices to Stay Protected from Ransomware
Staying secure against ransomware isn’t just about having the latest security solutions. Good IT security practices, including regular training for employees, are essential components of every single security setup. Make sure you’re following these 10 best practices:
1. Patch early, patch often
Malware often relies on security bugs in popular applications. The earlier you patch your endpoints, servers, mobile devices, and applications, the fewer holes there are to be exploited.
2. Back up regularly and keep a recent backup copy off-line and off-site
In our survey, 56% of IT managers whose data was encrypted were able to restore it using backups. Encrypt your backup data and keep it off-line and off-site so you won’t have to worry about cloud backups or storage devices falling into the wrong hands. Furthermore, implement a disaster recovery plan that covers the restoration of data.
3. Enable file extensions
The default Windows setting is to hide file extensions, meaning you must rely on the file thumbnails to identify them. Enabling extensions makes it much easier to spot file types that wouldn’t commonly be sent to you and your users, such as JavaScript files.
4. Open JavaScript (.JS) files in Notepad
Opening a JavaScript file in Notepad blocks it from running any malicious scripts and allows you to examine the file contents.
5. Don’t enable macros in document attachments received via email
Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of infections rely on persuading you to turn macros back on, so don’t do it!
6. Be cautious about unsolicited attachments
Cybercriminals often rely an ages-old dilemma: knowing that you shouldn’t open a document until you are sure it’s legitimate, but not being able to tell if it’s malicious until you open it. If in doubt, leave it out.
7. Monitor administrator rights
Constantly review local and domain admin rights. Know who has them and remove those who don’t need them. Don’t stay logged in as an administrator any longer than necessary, and avoid browsing, opening documents, or other regular work activities while you have admin rights.
8. Stay up to date with new security features in your business applications
For example, Office 2016 now includes a control called “Block macros from running in Office files from the internet,” which helps protect against external malicious content without stopping you from using macros internally.
9. Regulate external network access
Don’t leave ports exposed to the world. Lock down your organization’s RDP access and other remote management protocols. Furthermore, use two-factor authentication and ensure remote users authenticate against a VPN.
10. Use strong passwords
It sounds trivial, but it really isn’t. A weak and predictable password can give hackers access to your entire network in a matter of seconds. We recommend making them impersonal, at least 12 characters long, using a mix of upper and lower case, and adding a sprinkle of random punctuation Ju5t.LiKETh1s!
Why isn’t the internet safe?
There’s absolutely no doubt that the Internet is and will remain a critical component of the business world. Indeed, businesses just can’t function without it anymore.
That’s why everyone also needs to remember that the Internet is anything but a safe place. For example, a new web security study conducted by Webroot recently discerned that most organizations allowing employees to freely access the Internet are experiencing high rates of malware threats, including phishing attacks, spyware, “keyloggers” and hacked passwords.
Indeed, Webroot’s study reveals that Internet-borne attacks are impacting businesses, with the majority of them reporting significant effects in the form of increased help desk time, reduced employee productivity and disruption of business activities. Here are just some of the firm’s worrisome findings:
8 in 10 companies experienced one or more kinds of web-borne attacks in 2012
88% of Web security administrators say web browsing is a serious malware risk
Phishing is the most prevalent web-borne attack, affecting 55% of companies
Webroot’s study, which surveyed Internet security decision-makers in the U.S. and United Kingdom, found an overwhelming 79% percent of companies experienced web-borne attacks in 2012 and that almost all of the web security administrators polled agreed that Web browsing is a serious malware risk to their companies.
Yet despite the obvious awareness of the risks, only 56% of participants said they had implemented Web security protection and more than half of companies without web security had web sites compromised.
"Protecting against Web-borne malware should be a high priority for all organizations since once inside a network, the propagation of malware can take down the entire company, effectively disabling an organization," argued Sara Radicati, president and CEO at Radicati Group, who participated in the survey.
The major trends that are driving businesses and information technology today—mobility, social networking, “Bring your own device” or “BYOD” policies, along with cloud computing—are also making organizations more susceptible to security attacks, added David Duncan, chief marketing officer at Webroot.
More than ever, cybercriminals are taking advantage of these web-based vulnerabilities, making the threat landscape more challenging, with “phishing” representing one of the fastest-growing causes of breaches and data loss as cybercriminals become progressively adept at luring users into divulging sensitive corporate data, he said.
"It's no surprise that the latest study shows that attacks are increasing in frequency, complexity and scale,” Duncan noted.
“Organizations need to implement layered defenses from the endpoint to the network to understand not only what is happening but where the attacks are manifesting from and when,” he stressed. “Given that instantaneous attacks are morphing constantly and are eluding traditional detection mechanisms, organizations require a cloud-based solution that is effective in this new environment, as well as easy to deploy, quick to respond and flexible to address today's sophisticated cyber-threats."
Why do criminals try to steal my identity?
Why do criminals try to steal my data?
Why do criminals try to steal my password?
Why do criminals try to steal my credentials?
Why does my computer bluescreen?
Why is my computer running slow?
Why is printing slow in my remote desktop?
Why is my remote desktop slow?
Why does my remote desktop keep disconnecting?
Why can’t I update or install software in my remote desktop?
Why are things so locked down in my remote desktop?
What is this error in Word, Excel or Microsoft Office about macros?
Why can’t I get to this website?
Why do you lock down our computers so much?
Why is video or CAD slow in my remote desktop?
What does the NetTec NSI help desk service do or cover?
Why do you charge so much per hour?
My website got hacked. What can I do?
I got ransomware on my computer. What can I do?
I have Office 365, why do I need to backup my email, OneDrive and Sharepoint with a separate backup service? Watch this video and find out why.
How often do you backup my files in my remote desktop?
We backup everything in Office 365 and remote desktop multiple times per day.
How long does Microsoft keep backups in Office 365?
Microsoft does not backup the files in 365. They disclaim responsibility for backup in their terms and conditions. We utilize a third party independent backup that gets multiple copies of your data throughout the day and retains those backups indefinitely.
How do I make my servers run with high availability?
How can I keep my computers up to date and free from malware?
What is a security audit?
What is a network assessment?
What kinds of things do you do to help protect our Office 365 accounts?
How can I protect my users from phishing?
Why do I need DNS protection?
Why do I need security awareness training?
What is malware?
What do you recommend for a new computer?
How can we train our people?
What does ransomware do?
What happens if we are hacked?
Notice about Net Tec wifi booster - we are NOT affiliated at all with the company that sells this device. If you are looking for support for that product, please reach out directly to that company. We are NOT that company and we don’t sell that device and we don’t know anything about it.
Do you have any recommendations to protect against ransomware?
Sure. Here are some recommendations to help protect against ransomware:
Assume you will be hit. Ransomware remains highly prevalent. No sector, country, or organization size is immune from the risk. It’s better to be prepared but not hit, than the other way round.
Make backups. Backups are the #1 method organizations used to get their data back after an attack. And as we’ve seen, even if you pay the ransom, you rarely get all your data back, so you’ll need to rely on backups either way.
Deploy layered protection. In the face of the considerable increase in extortion-based attacks, it is more important than ever to keep the adversaries out of your environment in the first place. Use layered protection to block attackers at as many points as possible across your environment.
Combine human experts and anti-ransomware technology. Key to stopping ransomware is defense in depth that combines dedicated anti-ransomware technology and human-led threat hunting. Technology gives you the scale and automation you need, while human experts are best able to detect the tell-tale tactics, techniques, and procedures that indicate that a skilled attacker is attempting to get into your environment. If you don’t have the skills in house, look at enlisting the support of a specialist cybersecurity company – SOCs are now realistic options for organizations of all sizes.
Don’t pay the ransom. We know this is easy to say, but far less easy to do when your organization has ground to a halt due to a ransomware attack. Independent of any ethical considerations, paying the ransom is an ineffective way to get your data back. If you do decide to pay, be sure to include in your cost/benefit analysis the expectation that the adversaries will restore, on average, only two-thirds of your files.
Have a malware recovery plan. The best way to stop a cyberattack from turning into a full breach is to prepare in advance. Organizations that fall victim to an attack often realize they could have avoided a lot of cost, pain, and disruption if they had an incident response plan in place.
If you want help implementing any of this, please Contact us now.
Cybersecurity Section
Networking Questions to Ask:
How is your network structured?
How are you managing access for remote workers?
Have you implemented Zero Trust Network Access?
How are you orchestrating and managing branch office and remote locations?
What is your SD-WAN strategy? How is it going and performing for you?
How well can your current solution keep up with the growing demands on your network?
How We can Help with Networking
Full Stack of Network Security Products – You get everything you need to securely connect your network from inside to out with Sophos Firewalls, Switches, Wireless Access Points, Zero Trust, VPN, Edge Devices.
Single Console Management – You get a single cloud management console for all your Sophos products that’s been designed for the easiest experience possible with powerful automation tools.
Synchronized Security – You get products that are designed to work together, to share information, particularly health status, and automatically take action when something is under attack. This can be a force multiplier for your team.
Simple Licensing and Support – Everything you need to secure your network is included in our Xstream Protection value bundle–making it super simple and transparent–with no hidden costs. And you get it all from a single vendor simplifying support.
The Best Integrated SD-WAN in any Firewall – With Sophos Firewall you get the best integrated SD-WAN solution available in any firewall with flexible options like performance-based link selection, load balancing, and zero-impact fail over.
Unique Branch Office Connectivity – Sophos is unique in offering SD-RED edge devices that are affordable extensions to your secure network for remote locations or devices. They offer zero-touch deployment and a robust VPN tunnel connection. We also offer small firewall devices for locations that need to secure a direct connection to the internet.
Easy SD-WAN and VPN Orchestration – Setting up a complex SD-WAN VPN overlay network can be a tedious and time-consuming task, but with Sophos Central and our SD-WAN orchestration tool, it automates this task so it becomes a point-and-click exercise that can be completed in a few minutes.
Synchronized Security and SD-WAN – When you combine our firewall and endpoint, you get Synchronized Security which can identify unknown or custom applications that you can then use in routing strategies to optimize and accelerate applications you want and block applications you don’t.
Innovative Zero Trust Access – Our award-winning zero trust access solution is innovative–solving the top problems with other ZTNA solutions that add more complexity. You get a single agent, single console, single vendor solution that is unique in the industry.
Better Security – With ZTNA you get better security for your applications, network, and users that works equally well for remote users and office workers. It ensures only authorized users and healthy devices are accessing your applications and not the whole network.
Single Agent (or no agent) – We’ve integrated ZTNA with our next-gen endpoint agent to offer a single agent solution. It can work with other Endpoint products but with Intercept X takes advantage of a single click deployment and synchronized security. Alternatively, for web apps, you don’t even need an agent.
Single Console – You get a single console for managing your zero trust access along with your endpoint protection, firewall, and all your other Sophos security products, making it super easy.
Single Vendor – You get a complete solution for endpoint, firewall, and all your network security, including ZTNA from a single vendor that greatly simplifies licensing, deployment, management and support.
Security Questions to Ask:
Do you have insights into your top risks… users, threats, unwanted apps, encrypted traffic, suspicious downloads?
Are you using TLS decryption? IPS? Machine Learning? Sandboxing?
If not, what’s holding you back?
Is your firewall performance able to keep up with the volume of traffic while providing proper security?
How do you know if your network has a threat or active attack?
When there is an active threat what does your security solution do to contain it?
How We can Help with Security
Rich Dashboard and Relevant Alerting – You get all the information you need related to risks and threats at-a-glance without getting inundated with irrelevant alerts.
Encrypted Traffic Inspection – You’re no longer running blind to encrypted traffic as our firewall includes industry leading high-performance TLS encrypted traffic inspection that will eliminate that blind spot and won’t slow you down.
Extensive Reporting–For Free – Sophos is the only firewall vendor to include complete reporting for free with unlimited on-box logging and reporting with built-in storage capacity for up to a year and the option to off-load logs for longer-term archival.
Cloud Reporting for Full Network Visibility – You also get free reporting across your entire network for a month with the option to add cloud storage capacity for longer term reporting needs.
The Best Zero Day Threat Protection – You get the best zero-day threat protection to keep previously unseen threats like Ransomware off your network. You get streaming deep-packet inspection with intrusion prevention, cloud-based machine learning analysis of suspicious downloads, threat intelligence, and dynamic cloud sandboxing all backed by SophosLabs.
The Best TLS Encrypted Traffic Inspection – You also get the best encrypted traffic inspection with our Xstream Flow Processors offering high-performance TLS inspection with support for the latest standards, unmatched visibility into encrypted traffic, and powerful policy rules.
The Best Price-Performance – At every price point, you are getting better protection and performance than competing firewalls thanks to our Xstream Flow Processors, multi-core CPUs, generous ram, and on-box solid-state storage.
Easy to Manage – We make it easy to ensure your protection is setup optimally with pre-packaged policy settings including web protection for schools or offices, common unwanted application control policies, and typical IPS protection policies, and more. You can be up and running quickly with excellent protection and fine-tune it over time.
The First and Best Automated Threat Response – We were the first to introduce the concept of Synchronized Security with products sharing information and automatically responding to threats. Sophos is still the best with our Firewall, Endpoint, ZTNA, and Wireless products all communicating, sharing heartbeat health status, and automatically leaping into action to contain threats and prevent lateral movement.
Stop Lateral Movement – With Sophos Synchronized Security, you can automatically stop threats from moving laterally across the network, outside the network or to your cloud networked applications. It even works on the same internal network as the Firewall will inform all healthy endpoints of a compromised host to prevent them from communicating with it.
Upgrade to a Our Full MDR Service Anytime – If you are finding monitoring and responding to network threats is becoming too much for your team, we’ve got a 24/7 service that will monitor your network and respond to incidents for you.
Management Questions to Ask:
How are you managing your IT security today?
How many management systems and consoles do you have to deal with?
Do you have enough staff and expertise?
How many products and vendors are you working with? Do any of them integrate?
How We can Help with Security
Full Ecosystem of Integrated Products – You not only get a full suite of cybersecurity products that are easy to mange, but they are also integrated together to provide value-added features like Synchronized Security.
Single Console Management – You get a single cloud management console for all your Sophos products that’s been designed for the easiest experience possible with powerful automation tools.
Synchronized Security – You get products that are designed to work together, to share information, particularly health status, and automatically take action when something is under attack. This can be a force multiplier for your team.
Simple Licensing and Support – Everything you need to secure your network is included in our Xstream Protection value bundle–making it super simple and transparent–with no hidden costs. And you get it all from a single vendor simplifying support.
Complete Security Coverage – Enabled by extended detection and response (XDR) capabilities that provide complete security coverage wherever your data reside.
Proactive Threat Hunting –Proactive threat hunts performed by highly-trained analysts uncover more malicious behavior than security products can detect on their own.
Immediate Response – Analysts respond to threats in minutes whether you need full-scale incident response or assistance making more accurate decisions.
Root Cause Analysis – Identifies the root cause of threats and provides recommendations to prevent future incidents and reduce risk to your business.