21 01, 2020

You’re Never Too Small for Outsourced IT

2020-01-07T09:12:49-06:00January 21st, 2020|Managed Services|0 Comments

You’re Never Too Small for Outsourced IT

Outsourced IT
Small business owners are proud of getting everything done with few people. Every team member wears many hats. They are part of a family, devoted to the firm’s success. But that doesn’t make them qualified to handle IT. Really, you’re never too small for outsourced IT.

A small business may only have a few computers for its handful of employees. Having an in-house person dedicated to IT support would be overkill. But just because the technology is working fine today doesn’t mean your IT is performing at its best. That’s why it can be beneficial to outsource IT.

Having someone who knows technology working for your team can pay huge dividends. Your outsourcing partner will add value by:

  • helping you avoid bad tech purchases or buying software you don’t need;
  • identifying where you can be more efficient with tools you already have, which can save money;
  • providing knowledgeable support and IT help;
  • learning business needs and making recommendations about the best IT for your goals;
  • protecting your business technology and ensuring computers are up to date with security patches.

Small Business Breaches

Cyber-criminals don’t care about business size. In fact, according to Accenture, 43% of cyber-attacks were aimed at small businesses, and only 14% of the SMBs were prepared for defending their networks and sensitive data.

In fact, a small business can be a particularly appealing target. Hackers will exploit a small business as part of a campaign to attack a larger business. They know the SMB is less likely to have the same level of security as the bigger target in their sights.

Accenture’s 2019 study found that more than half of all small businesses had suffered a breach in the last year. These attacks can be crippling for SMBs. According to insurance carrier Hiscox, the average cyber-attack costs a business $200,000. That figure can be a killer blow for a small business. Some 60% of SMBs hacked go out of business within six months of the attack. Even if they can survive the financial hit, damage to brand reputation and customer goodwill is devastating.

Advantages of Outsourced IT

You may not have a clear picture of your cyber-security status right now, but by working with a managed services provider (MSP) you’ll get one. Your partner will conduct an informal audit of your current technology and learn your short- and long-term goals.

Your small business, for instance, may not have a data protection procedure. You might be thinking you don’t have a lot to backup and store. But the quantity may not be the primary concern. Can you recover if your business loses an email chain it was keeping for legal or compliance reasons? What would happen if the computer holding your accounting database died? An MSP can identify where tech changes can better ensure business continuity.

When you outsource, your partner will also inventory all your tech assets. They’ll need to know everything about your infrastructure and your business’s technology capabilities. Your current team may recognize the importance of securing the business’s intellectual property, but are they also protecting customer data and employee records? Your business needs to be intentional about confidentiality, availability, and safety. An MSP can help.

The cost of outsourcing is often a stumbling block for the budget-conscious SMB. Managed IT services can often lower costs for clients by streamlining processes, managing vendor relationships, and ensuring that the business technology is best suited to current needs. And you’ll pay a fixed regular fee for a technology team member who will help you avoid big, costly tech surprises.

No business is too small to outsource IT. Having access to a full-time IT professional via a managed service provider can improve your operations, enhance productivity, and lower cyber-security risk.

Find out more about what we can do for you! Call us at 319-227-7000!

17 01, 2020

Don’t Get Hooked By a Whaling Attack

2020-01-07T12:31:17-06:00January 17th, 2020|Uncategorized|0 Comments

Don’t Get Hooked By a Whaling Attack

whaling attackThe executives of your company are the big fish in your sea. Yet cyber-criminals think of them as whales. A whaling attack is a new cyber-security threat targeting the C-suite level.

You’ve likely heard of phishing attacks. Phishers use scam emails or spoofed websites to obtain user credentials or financial information. This might be an email that looks like it is from your bank asking you to log in and update your details, or a supposed tax alert needing immediate action.

A vishing attack is another fraudulent attempt to steal protected data, but the cyber-criminals are going to use the phone to make contact. They might pretend to be a vendor needing to confirm account details for bill payment.

There’s also spear phishing. In these cases, the attackers do their homework first and target a specific company. They scour directories and employee social media to gather information to gain credibility.

Now, there are whaling attacks, too. The high-value target is a senior-level employee. The fraudster typically also impersonates one of the target’s C-suite counterparts.

What You Need to Know About Whaling

A whaling attack uses the same methods as phishing but focuses on top-level targets. The goal is to get “whales” to reveal sensitive information or transfer money to fraudsters’ accounts.

Whale attacks are intentional. Phishing can see attackers baiting hundreds of hooks to get nibbles. In whaling, information gathered in advance adds credibility to the social engineering. The target has higher value, so it’s worth their time to appear knowledgeable and make a request to and from someone important.

The sender’s email address will look convincing (e.g. from [email protected] instead of [email protected]). The messages will have corporate logos and legitimate links to the company site. Because humans want to help, the communications typically involve an urgent matter.

Whaling attacks are on the rise. In 2016, Snapchat admitted compromising employee data after receiving an email, seemingly from its CEO, asking for payroll information.

In another high-profile example, Mattel nearly transferred $3 million to a Chinese account. Company policy required two signatures, but the attackers (taking advantage of a recent shakeup) faked the new CEO’s signature. The second executive went ahead and added a signature. The only thing that saved the company was that it was a Chinese bank holiday.

Protecting Against Whale Attacks

As with phishing or vishing, the primary way to protect against whaling attacks is to question everything. Train your key staff members to guard what they share on social media. Encourage them to question any unsolicited request. If they weren’t expecting an attachment or link, they should follow up. If a request is unusual, they should trust their spidey-sense and proceed with caution.

It’s also a good idea to develop a policy for handling requests for money or personal information. By requiring that two people must always weigh in, you’re more likely to catch a scam before it’s too late.

Also, train all your employees to look carefully at email addresses and sender names. They should also know to hover over links (without clicking on them) to reveal the full URL.

Security awareness is crucial. It’s also a good idea to test your employees with mock phishing emails.

Need help training employees or testing social engineering? Contact our experts today, call us at 319-227-7000!

14 01, 2020

Computer Cleaning for the New Year

2020-01-07T08:46:08-06:00January 14th, 2020|Computer Repair|0 Comments

Computer Cleaning for the New Year

computer cleaning
The new year can mean resolutions and promises for a “new you.” One way to start this year feeling more in control is to clean up your computer. Follow these simple steps!

Tackle the inbox

We do a lot of shopping at the end of the year. Whether you shop online or in stores, you’re asked to provide your email address when you buy, which multiplies the number of mailing lists you’re on. Don’t start the new year overwhelmed by unwanted advertising emails.

The extra messages in your inbox distract you from the messages that matter. Instead of deleting every new unread message from “Let’s Make Cookies,” click on one and unsubscribe. Usually, there’s a link that lets you do this at the bottom of the email. If you’re a Gmail user, start your effort to cut down on unwanted mail in your Promotions tab. Google’s algorithm sends sales pitches here, so cut messages from this section first.

Clear bookmarks

The internet is built for browsing. We’ve all lost hours to clicking and linking in this vortex of information. “Wait. How did I end up here looking at kittens eating cupcakes?!” To make things easier, we’ll bookmark sites we visit often or put a page we want to return to on a reading list.

By the end of the year, we have marked many sites that we don’t even remember bookmarking in the first place. “When was I interested in this?” Getting rid of any bookmarks for passing interests can help you navigate the Web better this year.

In Google Chrome, click on the three dots in the upper-right of your browser window (to the left of your profile icon). The drop-down menu will have a Bookmarks option. Click on this to see another drop-down menu with Bookmark Manager on it. On the next screen every one of your bookmarks will have three dots beside it. Click on this to select the delete option, and get rid of the ones you don’t need any longer.

Safari users can click on Bookmarks on the top menu or the sidebar icon on the tool bar (to the right of the arrows on the left). Then edit your bookmarks by clicking on sites you no longer want and hitting your delete button.

Sort through downloads

We also download a lot of stuff in a year. Sometimes, because we’re impatient or don’t realize we’ve already hit download, we get multiple copies of the same file! A full download folder takes up storage space on your computer and can slow your computer down.

On a Mac, go to the Finder and click on Downloads on the “Go” drop-down menu. You’ll find a folder filled with .pdfs, .docs, and .jpegs you long forgot about. Click on those you don’t need any more and drag them to your trash can.

On Windows, you can usually go to the “This PC” icon and then the “Downloads” Folder. Right-click on the files you don’t want, and choose “Delete.”

Empty trash/recycling bins

Items you put in the trash or recycling bins at home take up space until you take those bins to the curb or the dump, and the same is true of your computer trash or recycling. Empty these bins by selecting “empty trash” on your Mac Finder menu, or “empty recycle bin” after clicking on the bin icon in Windows 10.

Remove unused programs/apps – If you’re not using a program or app, don’t give it computer space. On a Mac, you can click on the icon for that program and drag it to the Trash. With Windows, you’ll open the Start menu, click on Settings, then System, then Apps and Features from the left pane to select what you want to uninstall. Click the uninstall button, and you’ve de-cluttered your computer that little bit more for the new year. If you need help with any of these streamlining measures or would like to schedule a tune-up, let us know. We can help! Call 319-227-7000 or fill out our contact form.

7 01, 2020

Trades Should Add Technology to Their Tool Belts

2020-01-07T09:27:24-06:00January 7th, 2020|Cloud Services|0 Comments

Trades Should Add Technology to Their Tool BeltsTrades Should Add Technology

There are many hands-on trades that haven’t traditionally needed technology. Yet modern tech tools help the plumber, carpenter, welder, or other trade improve productivity and competitiveness.

There are certain common tasks tradespeople face daily:

  • scheduling appointments with clients, suppliers, or inspectors;
  • tracking project deadlines and budgets;
  • communicating with project managers, customers, trades, office administrators;
  • paying employee salaries;
  • invoicing and tracking payables, receivables.

These can all be done with pen and paper, sticky notes, and forms in triplicate, but technology cuts the time spent and lets you focus instead on increasing your bottom line.

The Difference Technology Tools Make

Most of us carry small, powerful computers around in our pockets every day, whether it’s a smartphone or a tablet. Internet-connected devices give tradespeople access to tools to enhance productivity.

Let’s start with scheduling apps, as tradespeople are often on the move throughout the day. Signing up for a scheduling tool (e.g. Doodle) makes it easier to set appointments, and you aren’t involved in the booking process. Customers simply go to your website or link to the app and choose an available time that works best for them. You can even set it up to ensure you have buffers between appointments or prevent someone from scheduling a new, big project to start at the end of your day.

Integrating the scheduling app with your website helps customers reach you. Also, connecting also to a shared cloud calendar can help your team work together better. Everyone invited into the calendar can see who is out on a call, and where.

You can make changes to a cloud-based calendar on any connected device. Others will see the alterations in real-time. This helps you avoid scheduling conflicts. You can set a follow-up meeting with an inspector while you’re out in the field. The office secretary sees your availability in real-time to set up a new customer visit.

Your Trade Office On the Move

With cloud-based office software also available online, you can get more done out of the office. You don’t have to make a trip back to the office to enter your invoice slips and make photocopies of receipts. Instead, take pictures on your phone or tablet, and attach them to the project file in the cloud, or invoice directly from a secure cloud-based processing site. You won’t have to worry about any paperwork getting lost in the back of a truck or bottom of a toolbox.

The Microsoft Office suite, Google Docs, and cloud storage are available from iOS and Android devices. This lets you monitor project timelines, view budgets, and track invoices and payments in the field. Cloud-based accounting packages let you see cash-flow or outstanding balances, and pay contractors or suppliers on the spot.

Cloud-based software also gives every employee access to business tools in the office. With a virtual desktop, they can collaborate easily (out on a job or in the office) and make changes in real-time. For instance, a contractor could access software to edit a building plan, then actually see the new design in 3D modelling software.

The great news is that technology is ever more accessible and easy to use. Embracing modern digital tools can improve customer service and trade business efficiency.

Your skill set may not extend to technology, but that’s where we come in. We can help you find the right technology for your business needs. Contact us at 319-227-7000 today!

31 12, 2019

What Is a VPN and Why Do I Need One?

2019-12-01T19:53:44-06:00December 31st, 2019|Cloud Services, Networking, Security|0 Comments

What Is a VPN and Why Do I Need One?

What Is a VPN
Ever seen a thriller in which someone asks, “is this a secure line?” The good guys or villains want to be sure their conversations can’t be overhead. When you get a VPN service, you’re signing up for the online equivalent of a secure line.

VPN stands for virtual private network. Put simply, a VPN connects your computer, smartphone, or tablet to a shared or public network as if you’re connecting to a private network. Banks, governments, and companies use VPNs to connect to their networks remotely. Now, it’s becoming more common for the general public to use VPNs. After all, we’re doing online shopping or banking and exchanging sensitive data. We don’t want others to be able to access or track what we do online.

A VPN is an encrypted connection to the internet. It’s your own secure and private internet connection that you can take with you outside of your home.

Benefits of a VPN

There are many advantages to having a VPN. For instance, your VPN also encrypts your online activity. Every internet user has a unique IP address assigned by their internet provider. It’s sort of the technological equivalent of your fingerprint.

When you connect to the internet using a VPN, your IP address is masked. The address used is that of your VPN provider. So, you look like them rather than your home connection. You might think of the VPN as wearing gloves that prevent you from leaving fingerprints when you move around online.

Your search history isn’t logged. You don’t have to worry about bad actors or advertisers tracking your activity. If you want to check social media at work or on a school campus that blocks certain sites, your VPN lets you do so.

You can use the VPN to access a business network securely, too. So, you can use the technology to be more efficient when working remotely.

A VPN can also help you avoid geo-blocking. What’s geo-blocking? It’s a technology that restricts your access to services based on your location. For example, if you were trying to stream a Netflix show from your home country from overseas, you would be geo-blocked. But if Netflix can’t see you’re out of the country, it will let you in to catch up on your favorites.

You could also save money. When your location isn’t known, you can benefit from price disparities – the cost for the same product varies in different regions. The wealthier areas are charged more because sellers can get away with the price markup.

Who can use a VPN?

Anyone can connect to a VPN. You can connect your computers, phones, or tablets to a VPN. It’s a flexible solution that doesn’t need you to switch internet provider or buy any new equipment.

You can also work with a VPN provider. Some are free, but paid VPN providers tend to offer proven security and greater networking speeds.

Make sure your online traffic is secure. We can set up a safe VPN for you. Give our experts a call at 319-227-7000.

24 12, 2019

Are You Banking Online Safely?

2019-12-01T19:19:30-06:00December 24th, 2019|Security|0 Comments

Are You Banking Online Safely?

Are You Banking Online Safely?
Banks and credit card companies are making it easier for us to get money on the go. We can check account balances, pay bills, and transfer funds online. We no longer even have to go into a bank or visit an ATM to deposit checks. But are you banking online safely?

In the past, all we had to do was protect our PIN number (and remember it). Now, we need a mobile account password, too. The first precaution you can take is to have a strong, unique password. Can you believe that “password,” “123456,” and “letmein” remain common access credentials? Don’t do it! Also, avoid using things that a cyber-criminal might guess or be able to learn from your social media. This eliminates anniversaries and birth dates, pets, and children’s names.

Don’t reuse your banking password anywhere else. Sure, if you duplicate the password, it’s easier for you to remember, but, a bad actor could access your credentials for another site. Then, they have that same email and password combo to use to try on your banking or credit card site, too.

It’s also not a good idea to write down your passwords or keep track of them on a note in your phone. If you’re worried about remembering all your passwords, consider a password manager. A high-quality password manager can be a safe way to keep your passwords secret yet available. Top password managers use secure encryption for your access credentials.

Make sure you’re only banking using your own, secured devices. This means don’t check your balance or whether a payment cleared while in line at the coffee shop or in the airport. Don’t risk banking using a public WiFi network that a hacker could be accessing to steal sensitive data. You also want to avoid using shared computers to login to your financial data. A cybercafe or library computer could have a key-logger that tracks your login details for criminal use.

Watch out for phishing emails that look like they come from your bank, credit card company, or a tax agency. Criminals send urgent emails warning of strange activity or that you’re being audited to get you to react.

Don’t click on any link or download any attachments in an email that appears to be from a financial institution – they don’t send private data directly in emails these days. They will send you to a secure inbox on their site. Always type the institutions’ Web address into the address bar. Otherwise, you might go to a fake, mirrored site that looks legitimate but will rip you off.

Added security for online banking

Two-factor authentication can help protect your financial accounts. Various banks will set it up differently, but you should definitely take the time to set this up. You might have to identify an image you selected besides using your password. Or you might need to enter a code sent to another device (such as a text message to your phone).

The second level of authentication can be an annoyance in our convenience-first society. Still, it keeps your accounts secure, even if cyber-criminals access your password.

You work hard for your money, and you don’t want a cyber-criminal taking control of or emptying out your financial accounts.

Worried about securing your online activity at home or on mobile devices? We can help. Contact us today at 319-227-7000 for expert support securing your financial data.

17 12, 2019

Your Equipment Fails – What’s Next?

2020-01-22T13:20:07-06:00December 17th, 2019|Computer Repair, Managed Services|0 Comments

Your Equipment Fails – What’s Next?

Your Equipment Fails - What's Next?You invest heavily in information technology. You depend on your equipment to support your business. Then, the equipment fails. It’s inevitable. Only cockroaches survive forever. You’re left scrambling to find a replacement solution for essential tech. It’s a tough place to be, but it can also be an opportunity.

When you hear the news that a piece of equipment has failed, the headache starts soon after. It can mean costly downtime. You’re going to need to budget for a replacement. You have to spend time and effort determining the next, best solution. Users, and potentially customers, get frustrated, too.

If the equipment that’s conked out is a hard drive or server, don’t even reach for that headache remedy. Stop everything, and call for expert help. Anything you do can result in more data loss. This includes the age-old IT self-help remedy of turning it off and on again!

When anything carrying data fails, the next question is whether you have a recent backup. Can you restore data from that backup? We recommend you have as many as three data backups for safekeeping, with at least one of them kept off-site.

OK, it’s dead. Now what?

After the initial panic, once you’ve determined that the technology is kaput, take some time to reassess.

Your decision-makers can start out by considering whether that equipment needs replacing. Don’t just do a knee-jerk rip and replace it. There may be better technology options or improved ways of doing what you were doing.

An on-site equipment failure is an opportunity to examine cloud technologies. The cloud is more than Software as a Service solutions giving users access to applications online. Infrastructure as a Service offerings quickly get up and running with new technology, and you gain access to enterprise-level infrastructure. Replacing hardware is no longer your problem. Plus, you’ll only pay for what you use and be able to scale up or down as needed.

There’s also less chance of data loss when working in the cloud. Cloud computing takes away the single-point-of-failure problem. Now, your data is available anywhere you have an internet connection. So, even if your desktop computer dies, you can still get into the same virtual desktop from another device. Cloud service providers build in redundancies, so data is not stored on a single server. This supports business continuity even after equipment failure or natural disasters.

Partnering with an MSP

Save yourself the stress of dealing with technology failures alone by partnering with a managed services provider (MSP). There are many advantages. First, we make sure you have a working data backup that’s tested for reliability and secure.

MSP experts also aim to detect potential failures before they happen. If a device needs replacing, we want to know before the last gasp of life. That helps ensure a smooth transition and helps level out the budget impact.

Further, MSPs know what’s involved in migrating technology to the cloud. We can help you weigh the pros and cons, assessing what’s best for your individual business. Plus, we develop your migration strategy and provide ongoing support.

MSPs identify the best providers for your needs. We tailor our services to your business workload, regardless of company size. We make sure every business accesses the best technological tools. Unlike a software salesperson, we don’t enjoy selling you more than you need. We want you to have the best technology at all times and to help prevent issues before they happen.

Don’t wait for the death of your valuable IT equipment. Work with your MSP for peace of mind. Contact us at 319-227-7000 today!

10 12, 2019

7 Things You Need to Know About Ransomware

2019-12-01T18:11:37-06:00December 10th, 2019|Ransomware, Security|0 Comments

7 Things You Need to Know About Ransomware7 Things You Need to Know About Ransomware

Ransomware is a well-named type of cyber-attack. Cyber-criminals taking this approach kidnap your data. After accessing your network, they encrypt files and demand payment for the passcode. Here are the top seven things you need to know about this business threat.

#1 It Can Happen to You

Cyber-criminals rely on your false confidence. Don’t think “it won’t happen to me.” Attacks on government, education, healthcare, or financial institutions get publicity. Yet organizations of all types and sizes are targeted.

#2 Ransomware Spreads Fast

Ransomware is malware, malicious software that can reach throughout a network. So, if Jane from accounting opens a ransomware file, every single computer on your business network could be infected. The virus can spread between businesses, too. Consider the debilitating WannaCry ransomware attack of 2017. Within four days of its first detection in Europe, the strain had spread to 116 countries.

#3 Ransomware Targets People

A common method is to send out phishing emails in the hope of having people enter their access credentials. Targeted business communication emails work, too. The attacker gets to know your business first. Then they send an email impersonating a colleague, supplier, or customer asking you to take action or update contact details by clicking on the link or downloading a file.

#4 Ransomware is Costly

Once the ransomware is installed on your system, it locks down your files. To regain access to the files, you need the password or decryption key the attacker supplies when you pay up; that’s if they keep their end of the bargain once you pay the ransom. These are crooks you’re dealing with after all!

In Coveware’s analysis of Q3 2019, the average ransom payment increased by 13% to $41,198 as compared to $36,295 in Q2 of 2019. And that’s just the cost of the ransom. Indirect costs include the cost of downtime, lost revenue, and long-term brand damage. There’s also the expense of removing the ransomware, forensic analysis, and rebuilding systems.

The average ransomware attack in Q3 2019 resulted in 12.1 days of downtime. – Coveware

#5 Ransom Requires Cryptocurrency

Ransom payment is usually made by bitcoin or another cryptocurrency. Your business needs to buy cryptocurrency with actual cash, then transmit the ransom. They choose cryptocurrency because it’s very difficult to trace. It doesn’t help you that bitcoin is not something you can charge back like a credit card.

#6 A Recovery Plan Helps

Planning in advance can help you respond more reasonably. Document plans to disconnect infected computers from the network as soon as possible. Also, power down any machines that could be vulnerable to avoid spreading contagion.

You should also discuss in advance whether or not your business will pay a ransom. Weighing the costs and benefits without a deadline on the decision can help you react more strategically.

#7 You Can Take Action

You don’t have to sit around worrying and waiting for a ransomware attack. There are many things you can do to help prevent this type of attack:

  • Filter traffic, preventing it from coming into your network in the first place.
  • Scan inbound emails for known threats, and block certain attachment types.
  • Use antivirus and anti-spam solutions and regularly upgrade and patch vulnerable software.
  • Educate all users about social engineering.
  • Allow remote access to your network only from secure virtual private networks.
  • Back up your data to more than one location so that you can restore any impacted files from a known source.

Ransomware is a lucrative, relatively easy mode of attack for cyber-criminals. Contact us today for help implementing the best protection practices to keep your data safe. Call us at 319-227-7000.

3 12, 2019

What Can Go Wrong with BCC

2019-12-01T17:59:03-06:00December 3rd, 2019|Email, Security|0 Comments

What Can Go Wrong with BCC?

Try to find someone who has not “replied all” when meaning to send to only one individual. It’s embarrassing and can aggravate those people with more emails flooding their inbox. Another common email gaffe is misusing the CC and BCC fields in outgoing messages. This mistake can prove costly for business.

You’ll have noticed those extra fields below the “To” field in your email client. CC stands for carbon copy, and BCC for blind carbon copy.

When you use CC, it’s like you’ve imprinted your message on an old blue sheet of carbon paper. The email copy sends to your To recipients as well as anyone you have CC’d. All recipients can see who else you sent your message to. This is a great way to encourage collaboration and accountability.

When you use BCC, your To recipient and anyone else you BCC’d gets the email, but you’re not showing where you sent the message. This is for when you’re addressing a large group of contacts that may not know each other, or when you are sending a group message but you want to respect the privacy of all your recipients.

The Blind Carbon Copy Nightmare

A big problem is using To or CC when meaning to use BCC. You inadvertently expose all your contacts’ email addresses. Personal contact information needs protection, and people’s privacy demands respect. You don’t want to make this mistake with a single or a few emails, or worse still hundreds or thousands of emails.

There are many examples of BCC blunders. West Ham United Football Club faces the UK’s Information Commissioner’s Office fines for confirming all season ticket holders with email addresses in the CC field. In another example, the Independent Inquiry into Child Sexual Abuse was fined US$260,000 for exposing possible victims of child abuse in the same way.

Scotland’s National Health Service messaged transgender patients with their addresses in the To field. Instead of using BCC, the sender used an open distribution list. This shared 86 Glasgow patient email addresses and, perhaps, patient names and dates of birth when the addresses incorporated those details. You can bet there were some heated replies to that message, although the reports didn’t share whether they were “reply all” or not.

Also, the Sydney Morning Herald reported on a real estate company employee mistakenly CC’ing 300 customer emails. A customer complained. The error resulted in a six-figure aftermath. Lawyers, a consulting firm, and eight full-time employees worked on a data breach response plan for weeks.

What’s Better Than BCC

Any CC or BCC blunder could be a data breach. Take care. Don’t risk the loss of customer trust and possible compliance issues.

When you need to send out an email to a large group of people when you’re not necessarily expecting a response, use mailing software such as Mailchimp. Email marketing platforms send an individual copy of your message to every person on your mailing list, so there’s no risk of your contact list being exposed.

Need help setting up your email client or getting up to speed on an email marketing platform? We can help. Contact us today at 319-227-7000

1 12, 2019

Don’t Let Crooks Hijack Your Domain

2019-12-02T13:42:54-06:00December 1st, 2019|Cloud Services, Email|0 Comments

Don’t Let Crooks Hijack Your Domain

Don't Let Crooks Hijack Your Domain
Doing business today you are as likely to give out your website address as your email or phone number. Your Web domain is your business identity on the internet. Don’t risk falling victim to the cyber-threat known as domain hijacking.

You build up a business site to represent your brand online. Every bit of content, and all the fonts and images you selected, reflect your business. You probably also have email addresses at the domain name (e.g. [email protected]). So, imagine the pain of finding out that someone else has stolen your domain.

When your domain gets hijacked, you lose control of your website, its email addresses, and all associated accounts. And it’s not easy to recover them.

The Infosec Institute shares examples:

An advertising agency spent US$15,000 and 19 months recovering its stolen domain.

The owner of ShadeDaddy.com lost US$50,000 and had to lay off six of its eight employees. He said domain name theft is “like your house got stolen.”

How does a domain get stolen?

There are several ways this can happen to a business or individual.

The simplest is that your domain name expires, and you don’t know it. Domain registrars must send notice one month and one week before the domain expires. But the reminders might go to an email address that is no longer active or to the Web company that set your site up years ago and with whom you no longer communicate.

Once your domain rights lapse, the site gets disabled. After that, the domain name goes back into a pool of domain names for anyone to buy.

There are people who make money from purchasing domains. They hope to make money off your company’s desperation to get its domain back. Or they profit from redirecting traffic from your reputable Web address to their own.

Then there are the hijackers. These cyber-criminals also want to profit from Web traffic redirects or to access your domain emails to send false invoices. They might intercept emails sent to your domain to learn proprietary information. They could change the content on your site or redirect traffic to a hub for online gambling, or worse.

The hijackers might steal your domain by gaining access to the email account you used to set up the domain. Cyber-criminals might use phishing emails to obtain the access credentials. They use the password reset mechanism to take over your account and transfer the domain to a different registrar.

Your domain registration company could be compromised, too. It helps to pick an accredited registrar for your domain registration.

Any of these scenarios can have a serious, lasting impact on your business. Once someone else has access to your domain address they can do whatever they want with it.

Protect Against Domain Hijacking

The first step is to protect your access credentials. Leveraging two-factor authentication can also help prevent hijackers from stealing your domain. A registry lock can also help. It requires more communication if someone tries to change domain registration. This lets you know of suspicious activity and gives you some time to react.

It’s also important to know who is managing your domain name and how it is being managed. A Managed Service Provider can take care of this ongoing process for your business. Reach out to our Web experts today! Call us at 319-227-7000.