Avoid HIPAA Violations with a Layer Approach to Security

Cyberattacks on healthcare providers have gone up 71% since 2021, according to Forbes. Recently, in Fairfield California A ransomware group known as HIVE is claiming to have stolen private data from a specific managed network. The group is claiming to have stolen data that includes about 850,000 unique records of names, social security numbers, date-of-birth, etc. This is the fourth attack that has happened this year. Not great news.

Before we dig too deep into these specific attacks, let’s take a step back and understand what ransomware is. The whole point of ransomware is to encrypt your files. Once your files are encrypted, you can’t read them anymore unless you have an encryption key. (An encryption key is a long string of characters).

A Short History on Ransomware Attacks

In the past, cyber criminals would launch an attack that was encryption only where a company couldn’t access their data without paying a ransom for a decryption key. Once the company paid, they could access the data again and all was good. The premise from an IT standpoint at this time was to prepare companies with everything they needed to block an attack, but also make sure they had very good backups. These included local backups and offsite backups. The purpose of this approach was to make sure a company could get back online as quickly as possible after an attack.

Things have changed. The hackers are now not only encrypting the files with the data, but they’re also collecting the data. And that is an important nefarious distinction because even if you have backups, or if you don’t pay the ransom, they threaten to release your data. In terms of the healthcare industry, that is a huge HIPAA violation and leads to significant fines.

HIPAA Compliant Tech

Ransomware attacks are much more efficient when they hit an old server. As data migrates to the cloud, it becomes much more difficult to replicate. If a company has all their data on a centralized server, then all a hacker needs to do is attack one user who has access to the server. Once they have access via this one user, the hacker can encrypt everything on the server and now no one can access anything on the server as the hacker spreads throughout the network.

Because of the new post-pandemic distributed workforce movement, cybercrimes have shifted to individual workstations. For healthcare, these workstations could include remote workers who work in patient homes for sessions and connect (unknowingly) to an unsecured network. This means that the protection needs to follow the device. To remain HIPAA compliant, healthcare providers need to ensure every device is fully patched, encrypted, and up-to-date on antivirus protection.

Protect Your Healthcare Company

As a healthcare provider, what can you do? Fortunately, there is newer technology called XDR that will attempt to block any communication back to a ransomware server. Guardian Computer has recently partnered with Cynet to offer this new advanced layered security protection to our clients.

This partnership will allow Guardian to offer our healthcare clients the most advanced and robust Autonomous Breach Protection with a full stack security suite for improved protection, detection, and remediation.

This full stack service was developed for businesses who are concerned with traditional virus protection and are looking for a solution to shop the increased number of threats. If you’re interested in learning more about this service, give us a call at 504-457-0005 to learn more.

/by

Proactive IT Care: Security Awareness Training

Here’s a quick reality check: even though huge swaths of global industry rely on the internet and web based products and services to operate, end user awareness of how to safely navigate those spaces remains low.

The statistics really are staggering. According to the 2020 ‘State of Privacy and Security Awareness’ Report by Osterman Research, 43% of surveyed employees were not aware that clicking suspicious links in emails was a known way to contract a virus. 48% are still getting fooled by fake attachments. 59% reported that they were not confident they’d be able to identify a social engineering attack.

There is good news though. For every report with scary statistics, there are others that show the effectiveness of security awareness training specifically, those that take a layered approach.

Proactive Care with Effective Training

To put it simply, the most devastating security incidents happen due to human error. The most effective training programs mitigate human error by teaching employees the basics of what proper security behaviors are, why information security matters, how to identify social engineering attacks, the importance of setting strong passwords, using two-factor authentication, protecting physical devices, and appropriate use of company resources.

These programs give employees practice in applying this knowledge and they revise these topics regularly. This is where Guardian comes in.

Real People. Real Support.

Our security awareness platform can help you track who has taken which trainings, and who’s due for a refresher course. You’ll be able to send fake phishing messages to see who might need to revisit certain aspects of our program. And you can also opt to enroll in our weekly refresher series of short videos and articles that makes sure security awareness is never out of sight or out of mind.

Humanizing IT Services

We’ve made it easy to deliver security training that is simple to access and distribute, engaging and up to date on all relevant topics surrounding security awareness.

Sign your employees up for security awareness training through us today and help us help you stay safe and secure.

/by

Streamline Your Security with XDR

You wouldn’t think to apply multiple band aids to fix a broken bone. So, why treat your business’s security with the same patchy response? Guardian Computer has partnered with Cynet to provide Extended Detection and Response (XDR), delivering Autonomous Breach Protection to your business with a full stack security suite for improved protection, detection, and remediation.

As your business grows, you may have found stopgap solutions to address your security problems. As the number of breaches your organization faces continues to increase, you’ll be required to find additional patches, continuing the cycle.

At some point, you should be covered enough to end all breaches. Unfortunately, increasing the number of security products does not increase your level of security. To fix the broken bone, you need a cast, not individual bandages.

Your individual security products are not solving your cyber breaches because each product only covers a portion of the threats without communicating to the other products. Additionally, knowing how to form a holistic approach with the desperate products requires skill, time, and money.

Next Generation Protection, Detection, and Remediation

The XDR Autonomous Breach Protection offers a singular solution for your security needs. With this streamlined approach, Guardian can now monitor and control all the ongoing routine activities in order to reduce the potential entry points of attack. If a breach is detected, the autonomous protection can orchestrate a response by investigating the root cause and scope while eradicating all malicious artifacts from the environment.

Focus on your business, we’ve got your tech covered.

This full stack service was developed for businesses who are concerned with traditional virus protection and are looking for a solution to stop the increased number of threats. Perhaps your business has the individual tools and processes in place but lacks the holistic approach. Maybe you’ve been hit with new compliance requirements mandating the use of continuous monitoring and threat detections.

If these scenarios describe your business’s current IT solutions, give us a call today at 504-457-0005. Guardian excels at proactive IT care while offering reactive tech support. Learn more at: https://www.gcit.net/services#security

/by
,

Reminder: Read Your Cyber Insurance Fine Print

While the new year is the time to reflect on the past, it’s also the time to make resolutions for the future. With ransomware attacks becoming an increasing trend, small businesses should consider cyber insurance to protect their company.

Cyber insurance covers your business’s liability for data breaches and attacks. The insurance provider will offer a variety of coverage including ransom attacks, network security, tech error and omissions, and so on.

It’s important to understand the type of cyber insurance coverage you are paying for in the same way you examine your car insurance policy. For example, if you get into a car accident only having limited liability insurance, your insurance provider may not cover all costs once you’ve exceeded certain limits. Costs associated with repairing your car or medical bills may fall to you because you weren’t sufficiently covered.

If this is the first time you’re hearing about cyber insurance, we’ll explain how to apply for adequate coverage. If you already have cyber insurance, you should familiarize yourself with your policy and review it from time to time as the policy may change at renewal.

Applying for Cyber Insurance

When applying for cyber insurance, you need to understand what the carrier is offering. You’ll receive a questionnaire from the carrier to assess your current set up. The questionnaire will determine the tech your company uses and the coverage you may need.

It’s imperative that you answer these questions to the best of your ability. Do not mindlessly check of all the boxes you think the carrier wants to hear. Answering the questionnaire without thinking through your systems or putting too much focus on the coverage price tag will be to your detriment.

Just like limited car insurance, a limited cyber insurance policy may leave you stuck footing the bill after a data breach. Alternatively, you may end up overpaying for coverage if you selected systems that you don’t actually use.

If you’re not sure how to answer the questions, contact your Guardian Support Specialists. We’ll be happy to help.

Insurance Claim Considerations

Data breaches and ransomware attacks happen. Don’t panic if you’re on the receiving end of an incident. But, be aware of the criteria your policy may require.

Get in the habit of reviewing your policy at the time of renewal. Insurance companies will renew the policy with updated requirements from the previous year. If you have a breach but your systems don’t comply with the new obligations, the insurance company may void your policy leaving you stuck with the clean-up costs.

If you do get hit with an attack, the carrier will require you to follow specific steps. Each policy will have explicit criteria you must follow once a breach occurs. You can bet the insurance provider will look at the fine print before paying out on a claim. Familiarize yourself with your policy before you need to make a claim.

If you need to make a claim, consider the following:

  1. Most insurances have minimum configuration settings and written internal policies. Without those, a policy may be void.
  2. Insurance companies also have a time limit for notifications after suspecting a breach. If you wait too long, your policy is void.
  3. They also require THEY do all remediation. If a business starts troubleshooting the breach, the policy can be void.

Let Guardian Be Your Guide

Guardian doesn’t offer cyber insurance, but we do review our clients’ policies to ensure they have their bases covered. Send us that questionnaire, and we’ll help you fill it out. We can also help you assess your current policy to make sure you are adequately covered and meet the policy requirements.

Our team is also developing trainings for your cyber security needs. In the meantime, check out these resources to learn more:

Let Guardian manage the behind-the-scenes tasks that keep your business running so you can manage your clients. Trade your downtime for technological peace of mind. Connect with us to learn more.  

/by

Top 10 Computer Security Threats to Business IT in 2021

No matter if you love technology, hate it, or fall somewhere in between, there’s no doubt it is becoming a bigger part of your life. Our digital world is expanding as more people work from home and more companies conduct their business online. But as our digital activity increases, so does criminals’ desire to take advantage of it, leading to new advancements in computer security threats and digital crime.

In the last few years, major companies across the globe have experienced cybercrimes ranging from data breaches, to unauthorized access of financial accounts, to digital impersonations of CEOs, and everything in between. From new online stores to established corporations, companies of all types, sizes, and industries are at risk.

Although cybercriminals are continuing to become smarter and more strategic, it’s also clear that many businesses aren’t putting up much of a fight when it comes to their cybersecurity. It’s up to you to protect your organization and make sure it’s investing in its security. It’s up to us, as IT experts, to provide you with the information, resources, and services necessary to help make that happen.

3 Major Trends for Computer Security Threats in 2021

Thinking about all the new and varied cyberthreats your company faces today can quickly feel overwhelming. Where should you begin, and how can you make sure you’re staying informed?

To get started, we’ve identified 3 major trends for computer security threats in 2021 that all businesses should be aware of, so you can watch out for them in whatever form they may take.

1. Disruption

Disrupting your business is a powerful way for cybercriminals to distract you, cost you time and money, bait you into making quick and unsecure fixes, or put you at their mercy. For instance, they can use premeditated internet outages to disrupt your organization, hampering business functions and employee productivity.

Cybercriminals can also cause disruption with ransomware attacks, which have increased in popularity over recent years. In these attacks, hackers gain access to information you need, either because it is necessary to run your business or because it is sensitive information you don’t want leaked. Either way, the hackers hold your data hostage and demand you pay a ransom to get it back.

2. Distortion

With the development of technology comes the development of bots and vehicles of misinformation. This could cause more members of the public to distrust the integrity of information they encounter. Or it could cause the opposite: people might mistakenly trust false information.

In either case, it’s often bad for business. It makes it difficult to communicate with consumers or maintain their trust, especially if cybercriminals have falsified information about you or impersonated you.

Hackers are distorting the data and technologies businesses use, too. For instance, criminals who hack into your company cloud might upload fake documents that instruct employees to move money into the hackers’ account or compromise your security even further.

3. Deterioration

The deterioration of a company’s complete control over its business practices can open it up to a variety of risks, which cybercriminals are quick to take advantage of. For example, more and more businesses are implementing AI to increase their efficiency. But if you deploy untested AI, it could lead to unexpected outcomes, including higher exposure to cybercrimes.

Rapid technological advancement can also mean new federal laws to regulate it, lessening companies’ control. Many expect that increases in surveillance laws could put corporations at risk of having their information exposed. Increased privacy regulations can prevent businesses from effectively monitoring employees, making it harder to identify any insider threats.

Top 10 Computer Security Threats to Prepare for in 2021

Strengthening your cybersecurity means being proactive and staying one step ahead of cybercriminals. This starts with identifying which threats are most likely to impact companies this year.

Browse our top 3 in the infographic below, or read on for more information about all top 10 computer security threats to prepare for in 2021.

An infographic with our top 3 computer security threats to business IT.

1. Phishing Attacks

In a phishing attack, a hacker pretends to be someone you trust, such as your boss or your bank. Most commonly, the hacker emails you from a familiar—but slightly altered—email address.

Typically, the hacker emails you a link or attachment. They ask you to go to a website, log into your account, or enter your personal information, such as your Social Security or bank account number. In 2019, phishing was responsible for 32% of confirmed data breaches and 78% of all cybercrimes.

This year, cybercriminals have managed to create phishing schemes through companies’ cloud applications. Because of the crime’s relative newness and the implicit trust that employees have in their companies, cloud-based phishing is one of the top cybercrimes that companies need to look out for in 2021.

A hacker with a fishing rod hooked onto a stranger's ID across the globe, representing phishing attacks, one of the top computer security threats to business IT in 2020.

2. Cloud Jacking

Cloud jacking is the process by which cloud computing is infiltrated by a third party. Once a hacker gets into your company cloud, they may try to reconfigure the cloud code to manipulate sensitive data, eavesdrop on employees and company communications, and expand their reach to take control of the entire cloud.

As we mentioned earlier, cybercriminals will also use this as an opportunity to create phishing schemes. In these scenarios, cybercriminals upload fake memos, instructions, or other files to the company cloud. Employees, believing these materials are approved by the company, download the malicious files or follow the fake instructions.

This can result in everything from workers granting hackers greater company access, to releasing sensitive data, to even moving company funds into fraudulent accounts.

3. Network Perimeter and Endpoint Security

From traveling salesmen to equity investors, professionals who work remotely can be at risk from inadequate network perimeter and endpoint security. As more and more workers have had to switch to remote work in 2021, these security issues become bigger targets for hackers.

Remote work environments often lack many of the security measures put in place at your company’s workplace. With network perimeter and endpoint security, we are referring to measures that secure your computer network and its connections to various computers, phones, tablets, servers, databases, and more.

Mobile devices, which professionals often use to conduct business on the road, are often more exposed to phishing schemes because of the ways we interact with these devices. Fast-paced communications and interactions can make people more prone to click on links, playing right into phishing schemes. Experts predict that many data breaches will occur through telecommuters, mobile devices, and off-premises assets.

Even after COVID-related restrictions lift, many workers will not be returning to company offices. In the U.S., 59% of employees working from home during the pandemic say they prefer to work remotely. Some companies have already announced they are switching to a permanent remote workforce, making adequate network perimeter and endpoint security critically important for years to come.

4. Mobile Malware

A smartphone with security lock icons, representing one of the top computer security threats in 2020: mobile malware.

It’s not just remote employees who use mobile devices for work. Many professionals are increasingly moving from desktops to laptops or smartphones for some or all of their work.

Mobile malware is a type of software used specifically on mobile devices for malicious purposes. As larger amounts of sensitive company data are being accessed and stored on mobile devices, mobile malware attacks are very likely to be one of the most pertinent cybersecurity threats this year.

5. 5G-to-Wi-Fi Security Vulnerabilities

As cyberattacks continue to become more and more sophisticated, attacks are likely to take place in newer digital spheres. In particular, we expect to see cybercriminals exploring ways to attack the 5G-to-Wi-Fi handover.

As 5G becomes more and more commonly used, wireless providers are handing off more calls and data to Wi-Fi networks in an attempt to save bandwidth. And because of this rapid growth in 5G, the technology used to protect this handover is not yet developed enough to fully protect the transition. This gives opportunities to cybercriminals to compromise these mobile devices.

Areas that are popular for professionals to perform mobile work—such as airports, cafes, and hotels—are hotspots for the 5G-to-Wi-Fi handover. This puts the voice and data information on these mobile devices at greater risk. And while these devices have built-in technologies that allow this transition to occur quietly and without notice, researchers have already found vulnerabilities in such technologies.

6. Internet of Things (IoT) Devices

Many everyday devices, such as fitness trackers, smart security systems, and even some in-car apps, are IoT devices. Simply put, these devices are used to communicate and exchange information over a network without requiring human involvement.

A digital concept for Internet of Things devices, one of our top computer security threats in 2020, with icons for laptop, mobile, home, email, home appliance, Bluetooth, automobile, and more.

For instance, your fitness tracker collects information about your health and exercise, such as your heart rate, steps taken, and calories burned. That data is sent to the cloud and processed. Under certain circumstances, that data might result in an action initiated by the technology. You might periodically receive graphs that show your fitness trends and progress, or you might be sent an alert if your heart rate is too high.

It’s not news that our world is increasingly reliant on these devices. In fact, predictions indicate that the market will grow another billion dollars by 2026. With such a major increase in new technologies, cybercriminals are likely to target IoT devices that experience security issues, as technologies in their infancy often do.

While many of the most common IoT devices are personal or smart home devices, more and more businesses are taking advantage of IoT. Smart locks, connected security cameras, smart thermostats, smart lights, voice assistants, and more are appearing in the workplace. As more company information passes through these devices, more hackers may begin targeting them.

The IoMT, or Internet of Medical Things, is a collection of medical devices and applications that can connect to healthcare IT systems using network technologies. Due to the valuable personal information available through IoMT, as well as IoMT’s unique security issues, it is especially likely that cybercriminals will target these devices.

7. Deepfakes

Deepfakes have been increasingly used against a variety of individuals and industries over the last several years. A deepfake is produced by artificial intelligence that takes an existing video, photo, or voice recording and manipulates someone’s image or voice to falsify their actions or speech. In fact, deepfakes have been popularly utilized in politics to make candidates appear to say or do something that damages their reputation.

As it relates to businesses, experts predict that deepfakes will be used by cybercriminals to impersonate members of a company to gain access to important information. These “synthetic identities” can be used to commit fraud, as hackers create fake versions of real companies to lure in unsuspecting consumers. Deepfakes can also contribute to more advanced forms of phishing, allowing hackers to more convincingly impersonate CEOs and give harmful instructions to employees.

8. Highly Developed Ransomware Attacks

Ransomware has plagued businesses for several years now. Successful attacks have caused companies to lose millions of dollars in ransom payments, encouraging hackers to keep using and refining these attacks.

According to a McAfee prediction report, the process by which attackers are able to purchase ransomware kits on the darkweb is becoming easier. Not to mention, the ransomware itself is becoming increasingly more sophisticated.

The report also predicts that ransomwares will consolidate into fewer—but more powerful—ransomwares that will work in conjunction with one another. By working together in this manner, attackers become even more capable and pose greater threats to businesses. If attacked by these ransomware powerhouses, companies may experience even greater costs from downtime and recovery.

9. Insider Threats

Insider threats, or threats posed by employees, affect 34% of businesses around the world. These employees may be acting intentionally to hurt the company or accidentally, out of ignorance or negligence. As more employees move to remote work, which opens them up to additional risks, organizations should take extra precautions to curb insider threats.

Fortunately, there are specialized tools available to combat insider threats. These tools can detect unauthorized logins, the installation of new apps on locked down computers, users with newly granted authorization access, and new devices on restricted networks. In addition, businesses should provide all employees with routine cybersecurity training to help prevent these mistakes before they’re ever made.

10. API Vulnerabilities and Breaches

An application programming interface (API) is an intermediary between applications. It determines how apps can interact with one another. APIs work behind the scenes in many everyday applications, from streaming services to social media, weather apps, instant messaging, and more.

The security used for APIs is typically less advanced than web app security. This is true for most organizations. As a result, APIs are often not made accessible to the public or outside developers.

Because so many companies are becoming more reliant on APIs, attacks on these systems—and the need for API security—should increase this year.

Protect Your Business IT with Guardian Computer

If this sounds like a full-time job—from staying informed about the latest computer security threats and cybersecurity trends, to identifying and prioritizing your business’ biggest risks, to addressing current threats and protecting against others before they ever reach your business—that’s because it is! And it’s a job our IT experts perform day in and day out, with over 100 years of combined experience in the tech solutions industry.

Guardian Computer is a full-service IT provider. Whether you need help with a single IT project or want us to fully manage your IT, we have a wide range of services to meet your every need. We also provide both in-office and remote assistance. Even if you’re across the country from our homebase in New Orleans, we’re ready to hop on a plane to meet your needs, whatever and wherever they are.

The IT solutions we offer are every bit as varied and sophisticated as the computer security threats facing business IT. To give you an idea of how we can help protect your organization, here is a small sample of our services:

For more information, check out our IT managed services as well as the IT solutions we offer to keep companies safe from computer security threats.

Ready to talk to someone on our team? Contact us today to learn how Guardian Computer can protect your business!

/by
,

How to Use SharePoint Effectively for Your Business

Here at Guardian Computer, we frequently use SharePoint to consolidate company data, documents, and communication for our clients. In our experience, it is one of the best technologies on the market today to store, organize, share, and access information from any device.

Despite its numerous benefits, we’ve noticed that many businesses are unfamiliar with exactly what SharePoint is and what it does. Especially with more organizations engaging in remote work and telecommunications, there has never been a better time to learn how to use SharePoint effectively for your business.

Felecia Foy, one of our IT Support Specialists, is a big proponent of SharePoint and has plenty of experience helping clients set up and manage the platform. Keep reading to learn what SharePoint is, how it can help your company, and how Felecia and our experts can help you get started.

What Is SharePoint?

Before worrying about how to use SharePoint effectively, you should know the basics about what it is and what it does. In short, SharePoint is a collaborative platform that is integrated with Microsoft Office.

As Felecia puts it, “SharePoint is the amalgamation of all Microsoft services presented in one location. It creates a single accessible hub where people can share documents, collaborate on projects, share information throughout the company or with a subset of people within the company, and integrate with all of Microsoft’s other platforms.”

SharePoint can be customized, making it useful for a range of different needs, from storing information to supporting an organization’s internal communication. Many organizations use it to store, share, organize, and access information securely from various devices and as a platform to build intranet websites.

A laptop with SharePoint open on the screen, demonstrating how to use SharePoint effectively.

SharePoint in Microsoft 365

SharePoint in Microsoft 365 is a cloud-based application that allows users to use SharePoint technologies without installing SharePoint Server. Instead, your business can subscribe to a Microsoft 365 plan. Users can share information with employees, clients, and partners through sites they can create.

SharePoint is the backend for what Microsoft refers to as SharePoint as well as OneDrive. The distinction for us is that “SharePoint” is for company documents shared with others. In our opinion, “OneDrive” should be called “Personal SharePoint.” This is where you store your documents to make them easily available, no matter what device you are using.

To make life more confusing, the application used on computers to synchronize documents from both SharePoint and OneDrive is called OneDrive. With this application installed, you can easily sync folders and files used regularly to your computers for easy access. Having multiple computers and devices accessing the same files is no longer a chore.

With so many potential integrations and capabilities, SharePoint can benefit organizations of all sizes and industries. Below are a few features your company can use right now.

Check out this infographic or keep reading to learn 3 key benefits of SharePoint and how to use SharePoint effectively for your business.

Automating Workflows and Processes

One of the most useful ways we use SharePoint at Guardian Computer is as an integration tool to help you create automated workflows between your favorite apps and services to synchronize files, get notifications, collect data, and more.

“Power Automate can create workflows that automate business processes and cut down on competitive tasks and overhead,” Felecia explains. The Power Automate platform can connect to over 500 different services and applications.

“So in that way, you can really link SharePoint to just about anything you want, and you can do really anything you want with it—as long as you have the time and expertise to do so,” says Felecia.

Onboarding New Employees

Currently, Felecia and our other SharePoint experts are helping one of our clients keep up with rapid company scaling using SharePoint. We are using SharePoint’s integration capabilities to manage the onboarding processes for the client’s large group of new employees.

This includes managing their email accounts and Azure Active Directory (AD) information, as well as creating a new site on SharePoint that assists them in the onboarding process. Felecia describes the process like this: “We have a form that they can fill out with the new employees’ information. And then in the backend, we have a script that will automatically create the accounts, assign the licenses, and assign the correct groups.”

SharePoint’s vast integration capabilities help businesses consolidate tedious tasks into a simple automated process, allowing your workforce to prioritize the tasks that need more specialized attention. Knowing how to use SharePoint effectively when onboarding new employees can drastically reduce the amount of time and effort required by your team.

SharePoint Across Industries

Given its customizability and integration capabilities, SharePoint can be used effectively for a wide range of applications across industries. Industries like healthcare and finance in particular benefit from the strong security associated with SharePoint services. This allows healthcare professionals, for example, to share information and data while maintaining HIPAA compliance.

In addition, all data stored on SharePoint is backed by Microsoft’s servers. With this information automatically backed up to the cloud, nothing will be accidentally deleted and lost forever while in the middle of work. “It can really provide peace of mind for companies that everything will remain confidential and accessible to them,” says Felecia.

Getting Help from Guardian Computer

SharePoint can take significant time and expertise to integrate into the everyday functions of a business. But don’t let that intimidate you. At Guardian, we have the knowledge, experience, and resources to onboard your company with SharePoint services.

Not only that, but we can ensure your organization is making the most of SharePoint’s capabilities in pursuit of your business objectives. “What we offer at Guardian is that expertise, the willingness to put in the time and the effort so that businesses don’t have to,” Felecia says. “Our clients can focus on doing what they do best, and we’ll make it easier for them to do that.”

When setting up SharePoint for a client, we provide a stress-free experience with our thorough, streamlined process. After an introductory meeting to understand exactly what you want from SharePoint integration, we determine how to customize the platform so it’s tailored to your specific needs.

After setup, we walk you through how to use SharePoint effectively: what its capabilities are, how to use them, how to add services, and more. From there, Guardian will monitor your information and infrastructure to maintain its security and functionality. If you ever have any questions or experience any issues, our experts are only a phone call or email away.

Contact Us to Start Your SharePoint Integration

We know you’re busy running your company and keeping your customers satisfied. Incorporating SharePoint into your operations will only make it easier. Let our professionals handle this so you don’t have to.

Guardian Computer has been serving businesses across the U.S. since 1996. With knowledgeable IT professionals like Felecia, our team can help you navigate new technologies and challenges. Contact us today to get started.

/by
,

Computer Virus Myths Busted: Why You Need More than Anti-Virus Protection

In today’s age of digital transformation, new and sophisticated cyberattacks, adoption of VPNs for public Wi-Fi usage, and more, it can be hard to keep track of all the latest technology trends, challenges, and solutions. Viruses are one issue in particular that consistently receives attention but is plagued with myths and misconceptions.

The concept of the computer virus has transformed into a catch-all term for a variety of programs that could damage your computer. In reality, when most people say “virus,” they really mean anything with malicious code.

So what do you actually need to know about viruses today, and what computer virus myths can you disregard? To be able to protect your company computers and data, you need to be aware of the popular types of malware you might see, as well as warning signs that point to an infected device.

“The most common misconception is that it is not going to happen to me or that if it does happen, it won’t be that bad,” says Charles Andrews (better known as Andy), our cybersecurity expert. We’re here to share his insights and the critical information you need to know about computer virus myths, threats, symptoms, and solutions.

Different Types of Infectious Malware

Awareness is a critical component in combating viruses and malware. One harmful computer virus myth is that certain types of devices (namely, Apple products and mobile devices) aren’t susceptible to malware.

All devices can potentially be infected by malware, and there are many different types of malware that leaders and employees need to watch out for. That’s why it is essential to train all end users on how to avoid different types of malware, popular tactics used to infect devices, and how to detect when there is a problem.

The following are some of the most common types of infectious malware that could infiltrate your devices.

A computer screen with a malware notification. One of the biggest computer virus myths is that these malicious softwares are viruses, but actually they're malware.

Viruses

The type of malware with the most name recognition is the virus. A virus is a piece of code that is capable of copying itself, typically resulting in a detrimental effect on the screen of the infected computer.

Getting a virus can be as simple as a user opening an email or clicking on a link that executes a malicious program. From there, the virus will multiply and attack varying aspects of the computer.

Viruses often come from an infected webpage or a phishing email. It is important to remember that secure websites should have “https” at the beginning of the URL. If you just see “http,” think twice before visiting the site and do not enter any of your information.

Worms

Worms are able to replicate with incredible speed. Once they are inside your network, they’ll seek out any available weak computer system that’s online and try to infect it.

Worms work autonomously, and they can transfer themselves from one computer to another without any interaction from users. This makes them one of the more dangerous types of malware and very difficult to detect. 

Trojans

A trojan’s purpose is to get itself installed onto your computer via a seemingly innocuous download, email attachment, or ad. Once installed on your computer, the hacker will have remote access to your network via your device.

Trojans are named as such because they seem harmless and work hard to remain undetected on your computer. They want to remain inconspicuous so that they can be an anchor point to attack other devices, making them especially threatening for company networks with many connected devices.

Botnets

Botnets are a group of infected computers that respond to the call of a botherder or command-and-control server. Botnets’ end goal is to attack en masse against a target in what is referred to as a distributed denial of service attack (DDoS).

A DDoS attack involves one or more attackers attempting to make it impossible for a service to be delivered. The attackers will drown a server in requests so that it will cease to function. 

Ransomware/Crypto Viruses 

This type of attack is rapidly growing in popularity. With ransomware/crypto viruses, hackers will encrypt your data and then ransom it back to you for a price. There are many different ways that hackers will attempt this: sometimes they use botnets, while other times they may use a virus. 

Warning Signs of an Infected Device 

One of the most damaging computer virus myths is that antivirus software offers a complete solution to infectious malware. While antivirus software protects against viruses, it won’t keep you safe against trojans or botnets, for instance.

This is why widespread awareness and proactive prevention are crucial. The sooner you identify a malware infection, the sooner you can remove the malicious code and limit the damage it causes. “Early detection and prevention can’t be overstated in their effectiveness,” says Andy.

No one thinks it will happen to them, but cybercriminals know to target smaller businesses whose cybersecurity may not be as robust. Andy adds, “It’s much better to catch one of these issues early than it is to try and clean it up after.”

The signs of an infected device can differ depending on the type of malware that has infected it. Here are a few common warning signs to watch out for.

Prepare yourself against computer virus myths by reading about the common warning signs of an infected device in our infographic or in the rest of our blog post.

Blue Screen of Death

The Blue Screen of Death, or BSOD, is a name that’s been given to error messages that you will typically see on a Windows computer. If you see the Blue Screen of Death, it means your computer can’t continue with what it was doing and will likely shut down and try to restart.

Typically, a BSOD does not mean you have a virus. If it only happens once, it could be a hardware issue. But if it’s happening frequently, it is possibly the result of a virus.

Increased Overheating or Fan Speed

Is your device overheating during normal activity or inactivity? Is your computer’s fan running higher than normal, even though you don’t have any programs open? If so, this may be a sign that malware is on your device.

In this case, a virus or worm may be causing your device to work harder than it needs to, though it appears not to be doing anything.

Slow Performance

If you notice that your computer or smartphone takes a long time to start running or to open programs, it may be a sign that you have a virus. Before assuming that malware has infected your device, first check to see if you have ample space on your hard drive.

If you do have space and your computer is still running slowly, the culprit could be a damaged hard drive. If the hard drive is not damaged, however, it is highly likely that some kind of malware is infecting your computer.

Other signs of malware may include: frequent pop-ups, error messages, missing or damaged files, system crashes, or unprompted computer restarts. If you notice any of these problems or anything else unusual, Guardian Computer can help.

Guardian Computer: Your Computer Virus Myth Buster and Problem Solver

Our IT experts are here to tackle your technology needs, including everything from malware detection and protection, to Helpdesk support, to fully managed IT services. We are available to answer any questions or concerns you may have, solving issues with fast, friendly customer service. We also provide proactive monitoring to spot issues quickly and prepare for your future needs, so you can have peace of mind about your IT.

Contact us to get started with Guardian today and keep your data protected.

/by
, ,

6 Easy IT Fixes for Small Businesses

Are you frustrated by your company’s technology? Looking for quick, easy IT fixes that will make a measurable difference?

When you’re running a small business, IT problems should be the least of your worries. It’s critical to keep technology issues off your plate, so you can put your time and energy into the core of your business.

With an efficient IT infrastructure and a knowledgeable IT support team behind your business, you can keep tech issues to a minimum and help your organization run smoothly. Whether your staff is transitioning back into the physical office or still working remotely, Guardian Computer’s Helpdesk Lead, Ryan Prejean, has compiled 6 easy IT fixes to get you started.

Building the Right IT Infrastructure

The transition into a distributed work environment has led many small businesses to invest in IoT devices and update their tech without knowing what’s truly necessary for their business. IoT devices can provide ease and speed to assist in data transfer and accessibility, but the issue is that small businesses are often skimping on the things that matter most when they decide to upgrade their devices. 

According to Ryan, “It’s a firewall, switch, and wireless. Those are the three main things—firewall for protection and control, wireless to get everyone on the network, and the switch, which serves as a central hub.”

Make the most of your technology with these easy, practical additions to your IT infrastructure, or contact us for help managing your IT.

When looking for easy IT fixes for small businesses, consider the 3 key IT infrastructure purchases in this infographic: a firewall, a wireless system, and a switch.

1. Professional Firewall

While it may be a good decision for businesses to accommodate the use of IoT devices, it shouldn’t come at the expense of adequate security. The alarming 20% of small businesses that “plan to invest in cybersecurity software” is strikingly low, especially considering the variety of security concerns that demand companies’ attention today.

Fortunately, a good firewall goes a long way toward addressing many of these issues. Implementing a strong, professional firewall is one of the greatest contributions you can make to your IT infrastructure because it offers critical protection against cyberattacks and data breaches.

“We recommend the Cisco Firepower,” Ryan says. “Cisco Firepower can use AI technology to detect places where you’re likely to get malicious content and block certain websites or ads. We try to put as many walls as possible between users and potential threats.”

2. Seamless Wireless 

“Everyone has to get on the network,” says Ryan. No business wants to deal with the cost of network downtime, so you need a fast, secure, reliable network to make the most of your technology and workforce productivity. 

Ryan recommends using the Cisco Meraki wireless system. As a wireless mesh network, it has the advantage of establishing multiple nodes, offering better coverage and stronger performance than traditional networks.

An office with lines connecting different devices as a representation of seamless wireless, which is one of the easy IT fixes for small businesses to make.

In addition to providing seamless wireless access throughout your building, the system can perform automatic updates and alert you when there’s an issue with your network. “When your employees bring their own devices, having a sophisticated wireless system helps boost your security,” Ryan explains. 

3. Central Switch

“Your switch is the central point, where all your expensive pieces of equipment connect,” says Ryan. “It will communicate with your firewall and it goes out to every plug.”

As such, it’s worth investing in a solid switch, setting it up to properly communicate with your tech, and protecting it with a UPS (uninterruptible power supply).

4. Surge Protector

Speaking of UPSs, here’s a bonus tip for your IT infrastructure:

“You don’t need a fancy UPS for every computer,” says Ryan. “But if you’re getting your employees good machines that are going to last 5 to 7 years, then they’re probably $1,000+ pieces of equipment and you don’t want them fried if there’s a storm. Get a $20 surge protector on Amazon to protect them.” 

Keeping Everything Up to Date 

When you’re building a strong IT infrastructure, you have to make sure your software is up to date or you could run into security and performance issues. Today, keeping devices updated is more important than having the latest model.

“It used to be the case that if you got a laptop, 3 years later it would crawl compared to anything modern-day on the market. This is changing slightly as our field matures,” Ryan explains. “For desktops and laptops, it is not critical that the hardware be new but that the OS is up to date.”

5. Microsoft 365 and Microsoft Azure

It’s no secret that Microsoft is the industry standard. With most businesses already using Microsoft products (such as Outlook, OneDrive, Word, Excel, PowerPoint, and more), an easy way to keep tech up to date, streamline operations, and potentially cut redundant costs is to fully leverage the Microsoft ecosystem with 365 and Azure.

Some of the top benefits that Microsoft 365 offers include:

  • Easy integration with Microsoft apps
  • Automatically synced email, contacts, and calendar
  • Access to apps offline
  • Seamless login and authentication
  • Built-in compliance features
  • 5GB of free storage via OneDrive
  • 1 TB of storage via SharePoint
  • Sharing and collaboration features via SharePoint

As for Microsoft Azure, it’s the only way to establish a serverless business infrastructure that seamlessly integrates with the Microsoft ecosystem. If you put a virtual server on Amazon, for instance, it won’t integrate with Microsoft 365. You would have to tie it in manually.

A few of its other advantages include:

  • Application and device management
  • Threat detection and multi-factor authentication
  • Guest user accounts and sign-ins
  • Hybrid interaction with desktop and cloud-based applications
  • Identity governance to manage identity, audit, and verify its effectiveness
  • Reporting and monitoring

Learn more about the advantages of Microsoft 365 over G Suite from our co-founder, co-owner, and CEO, John Prejean, or read about more of Microsoft Azure’s benefits from Ryan.

6. Antivirus Protection

This might seem like a no-brainer, but up-to-date antivirus software is critical. Be sure to put antivirus protection on every company computer and keep it updated. Ryan recommends the professional package from Malwarebytes for most small businesses.

“Malwarebytes automatically blocks users from accessing malicious links and blacklisted websites. This program is installed on machines all over the world, and the free version is one of the most installed antivirus software ever,” Ryan says.

Make More IT Fixes with Guardian Computer

Need support on any of these IT fixes? Looking for more advanced services and solutions? Guardian Computer is here to help. Ranked among the world’s best 501 managed service providers, our clients come to us for trustworthy, expert services and outstanding customer support.

Don’t pay an upcharge, face confusion with IT word salad on your invoices, or be forced to modernize your technology where your business doesn’t need it. With competitive prices and straightforward services, we empower you to make informed decisions about your IT. Contact us today to learn more.

/by
,

Security Assessment Challenges in a Distributed Environment

In the current economic climate, organizations need to adapt their network security to fit remote work requirements. In particular, many organizations are facing challenges when assessing their security in an increasingly distributed environment.

Employees are constantly accessing vital business information while outside of the company’s on-premise network. They’re at home or in a hotel on insecure networks accessing data from personal devices and networks.

When it comes to navigating the obstacles that arise from assessing and addressing security issues in a distributed environment, Guardian Computer’s Co-Founder and President, Jean Prejean, has some advice to keep your business safe.

The Importance of Security Assessments 

According to a recent Gartner survey, “82% of company leaders plan to allow employees to work remotely some of the time.” More than likely you have and will continue to have employees working remotely.

In a distributed environment, security assessments are critical. This is your chance to assess issues with your staff’s hardware, identify any security vulnerabilities, and evaluate the overall effectiveness of the network and infrastructure you already have in place. 

According to Jean, “In an office environment, you can monitor your network for incoming and outgoing traffic and anticipate potential threats. But once you get out of that space, monitoring becomes more challenging.” 

Once your data is accessed outside of your company’s boundaries, it becomes more susceptible to a breach. By performing a security assessment, you are taking the first step in creating and maintaining the safety of your organization’s data.

Challenges of Security Assessments in a Distributed Environment

A graphic showing people on a video conference call from a variety of devices, illustrating some of the security assessment challenges in a distributed environment.

Assessing your organization’s security can feel daunting when you have to account for employees accessing company information while traveling or working from home, using public Wi-Fi or personal devices. While it may be tempting to procrastinate on performing a security assessment, these changes make it more important to stay up to date with regular assessments.

We’ve outlined a few of the top challenges you might face and our advice on how to tackle them.

Multiple Devices, Multiple Locations

In a distributed environment, your employees are using personal devices linked to their home networks or public networks. One of the challenges businesses face is trying to assess these different endpoints and minimize the risk of a data breach in this type of environment.

“If you have 50 people working outside of your office, you could have 50 different firewalls,” says Jean. “That’s 50 different firewall passwords. There’s so much diversity in the equipment and configurations that people have.”

Here are a few things to consider when assessing your security and next steps so you can make your IT environment safer and more secure:

Establishing A Safe Perimeter

A perimeter includes all of the devices inside of a network, the security system that monitors and protects it, and the network itself. When you’re operating in a distributed environment, one way to reduce your risk of a cyberattack is to create a secure environment within your employees’ perimeter. When establishing a safe perimeter, it’s vital to:

  • Set Up 2FATwo-factor authentication is an extra layer of security you can require for most services or applications being used to access company data. Even if a password is compromised, a 2FA login requires a second form of approval to allow interaction with secured data. All systems that support 2FA should have it configured and required.
  • Set Up 2 Environments — In a distributed environment, it’s difficult to expect employees to use the best practices when accessing work data on personal devices. It’s a good idea to separate the two environments the best you can by providing company devices that are encrypted to protect your data. Employees should only be allowed to access company data from managed, company devices. If this is not possible, there are other options, such as using Cisco Umbrella on all devices that access company data.
Despite the security assessment challenges in a distributed environment, one key piece of advice is to establish a safe network perimeter using the tips in this infographic and the rest of our blog post.

Educating Your Users

Employee error is a major contributor to data breaches for businesses, especially in a distributed environment. Data from a recent Malwarebytes Labs report shows that 20% of businesses surveyed have had their security breached during the pandemic as the result of a remote worker.

All of your employees must be trained to effectively use their devices in the safest way possible and be aware of all company security policies. When a company has policies in place, employees can use them to fall back on when uncertain about how to interact with company data.

“It’s good practice to have a policy requiring phones to be encrypted; make sure you have secure logins enabled with PIN, facial recognition, or fingerprints; make sure you have the ability to wipe if it gets lost or stolen; and so on,’” says Jean. “When we tell people to set those three things up, it’s received well. Most employees are happy to protect their environment and just didn’t know that those things existed or how to do them.” 

Overcoming Misconceptions

Businesses have little to no control over personal firewalls or the other devices that may interact with company data, which is all the more reason not to wait to conduct a security assessment. Don’t let these common misconceptions get in the way of performing this essential task:

Security Assessments Are Not Penetration Testing

“Some people think of an assessment as just penetration testing, where a security company is coming in and trying to poke holes in your network,” says Jean. “That’s not the case. This is a self-assessment.”

When IT support performs an assessment, it’s for the betterment of the company. The goal is to assess the risks and determine how to implement procedures that prevent breaches. 

Consider Risk When Evaluating Cost 

One of the biggest misconceptions about security assessments is that they will cost a fortune. But a security assessment should only ever be an assessment. Its purpose is to give your organization the information it needs to decide which security measures it’s going to take, as well as which can be handled in-house and which should be outsourced. Contrary to popular belief, an assessment should give your company more insight and control over its security practices.

Imagine how much the downtime, loss of business, and data recovery of a data breach would cost your business. You have to account for the standards within your field to determine the risk you’re willing to take. Without regular security assessments, however, you lack the information necessary to properly evaluate your risk.

It’s also important to note that security assessments shouldn’t take place only when there is a breach. Perform assessments annually so you can make informed decisions about your security vulnerabilities. Once you’ve had your initial assessment, subsequent ones are like a checkup, making it even more critical to take that first step now.

Get Expert Security Assessments with Guardian

If you need help performing a security assessment, give the experts at Guardian Computer a call. With fair pricing, a foolproof assessment formula, and actionable solutions, Guardian will evaluate your IT infrastructure and empower you to make the best decisions for your organization.

By creating a detailed roadmap of your IT needs and providing solutions catered to what we find, Guardian can improve the effectiveness and security of your business’ IT. Contact us today to find out more.

/by
, ,

Top Benefits of Mobile Device Management with Microsoft Intune

Mobile device management (MDM) software, such as Microsoft Intune, allows for visibility and management of the mobile devices accessing your enterprise’s network. As mobile threats loom large over organizations of all types and sizes, MDM is quickly becoming a critical part of protecting confidential business and employee data from a variety of digital threats.

But what exactly is an MDM software and what does it offer to businesses? Should small and midsize businesses consider adopting an MDM software for their network? What makes Microsoft Intune a standout option for MDM?

Not only does Guardian Computer provide clients with a variety of MDM services through Microsoft Intune, we also use this software for our own tech network. Jeremy Wirtz, our Senior Technical Engineer and in-house Intune expert, offers his expert opinion about the top benefits of Intune, as well as the reasons why your business should consider adopting an MDM solution.

What Is MDM Software?

MDM software is a key element to the emerging field of mobile device management within the business world. MDM softwares like Microsoft Intune, Scalefusion, and SOTI MobiControl are designed to provide an organization with a wide range of visibility and control features for in-office and remote network devices.

While not all MDM softwares are identical, many include similar features, such as: 

  • Device monitoring and remote configuration, which allow your IT team to track the activity and location of your business’ network devices, including laptops, PCs, tablets, IoT devices, or smartphones
  • Remote disconnection, which allows IT admins to lock or wipe certain devices in the event of a potential or confirmed data breach, theft, or loss
  • Regulatory compliance management features, such as activity and data logs
  • Application and OS management tools that can schedule and control device updates, as well as block certain device and application features that may threaten data security
Keep reading or check out our infographic to learn about the top benefits of mobile device management.

What Makes Microsoft Intune Stand Out?

Today, there is a massive global market for mobile device management softwares and strategies. According to Business Wire, the MDM industry is anticipated to grow by approximately 23% by 2023. This expansion is primarily driven by increases in smartphone usage across enterprises, as well as growing threats to corporate data across the business world.

So what makes Microsoft Intune a great MDM software? To start, Jeremy argues that Intune is a perfect solution for any business currently using Microsoft’s cloud services, such as Microsoft Azure. “It comes down to the tight integration that Intune has into Microsoft’s other cloud-based offerings, as well as their other products in general,” he explains.

If your business already uses Outlook, OneDrive, Word, Excel, PowerPoint, OneNote, SharePoint, Teams, Azure, or Active Directory, then the team that manages your IT will have a clearer understanding of how Intune works from the start. “That’s going to make it significantly easier for them to understand and implement Intune,” Jeremy says.

An open laptop on an employee desk, which could be monitored with Microsoft Intune.

Even if your team doesn’t already use Microsoft products, Intune may still be a great MDM software solution for your team, depending on your IT infrastructure. Intune does not currently support Chromebooks, which makes it an incompatible MDM software for any businesses with Chromebooks in their device network. 

However, this doesn’t prevent companies that rely on G Suite from getting the most out of Intune. “Even if you’re using Gmail or Google apps, you may still have all of your users on a Windows-based operating system, like Windows 10,” Jeremy says. “And that integrates into Intune.”

Any organizations that rely on Microsoft operating systems or products can have more granular control over the policies on the operating system itself by using Intune, rather than another MDM software.

Is Microsoft Intune Worth It?

Some business leaders may still be skeptical about implementing Intune into their network. They may fear the additional costs of maintaining this software or worry about the length of the implementation process. Others may believe that mobile device management software is too complex for their business’ needs. However, MDM software like Microsoft Intune offers many practical benefits to businesses’ everyday and emergency operations.

Cybersecurity 

Company-issued smartphones, tablets, and laptops, as well as some personal devices, have become essential items for many modern businesses. But these devices are often vulnerable to cyberattacks or employee errors, both of which can lead to major expenses, extended network downtime, or even compliance issues and legal troubles for an organization.

According to Jeremy, these threats are the top reason that any business should consider integrating an MDM software into their digital infrastructure. “The main reason companies would want to consider implementing an MDM solution is to protect their corporate data,” he says.

Lock symbols over a phone, document, computer, email, and cloud to represent cybersecurity, one of the benefits of mobile device management.

Data protection is especially important for small and midsize businesses. CNBC reports that over 50% of America’s small businesses experienced a data breach between 2018 and 2019, with an average cost of $200,000 for damages and fees associated with a single attack.

Long-Term Benefits

Jeremy recommends that business leaders also consider how their organization may grow in the coming months or years. “It’s much easier to get that MDM solution in place when an organization is still small,” he explains.

In addition, Jeremy notes that the initial costs of adopting mobile device management software for your business should pay off in the long term. “Once you do have a proper MDM solution in place, you can actually end up saving the company money by increasing the efficiency at which your internal IT—or your managed service provider— can manage those devices and keep track of them.”

Remote Device Management 

As personal devices become more commonly integrated into company networks, businesses will need to consider solutions to the visibility and privacy issues that personal devices can introduce.

Employees looking at each others' phones, which can be monitored with Microsoft Intune or other mobile device management.

2020 revealed the gaps in many companies’ data privacy and bring-your-own-device (BYOD) management policies. Jeremy points out that the pandemic has rapidly accelerated MDM software adoption due to the ways that they conveniently centralize data management and control for both in-office and remote employees.

Jeremy recommends that leaders carefully consider and develop bring-your-own-device strategies for their businesses before deciding what MDM software to go with. This way, they can ensure that the software options they’re considering are those that can best accommodate their company’s personal device policies and procedures.

Implement Microsoft Intune and MDM Solutions with Guardian Computer

Guardian Computer has years of cross-industry experience helping businesses manage and monitor their networks and the devices that access them. We’re experts in providing flexible, friendly, and comprehensive IT services to commercial clients both big and small.

Curious about Guardian’s MDM services and other technology solutions? Get in touch with us today and see how we can help your business.

/by