Category: Blog

Discerning the hype of AI and ChatGPT for your business

ChatGPT has become all the rage and has generated a lot of discussion about artificial intelligence and its use and application in business.  We may want to think our business is immune or doesn’t need AI, but we are here to tell you why being in the know about AI and carefully considering its application will keep your business safe and give you the cutting edge.

You’re already being impacted like it or not.

The news is full of stories of Law Firms being fined for using ChatGPT to write law briefs that are found to have fictious case citations.  We have heard of stories of people using ChatGPT to write their news articles, product reviews or content that is intended to influence us.  Cybercriminals use AI to write convincing Phishing emails, to create fake content, and improve their ability to lure you into their scams.

You’re probably using AI and don’t realize it.

AI is already in use in your business.  Consider the technology you’re using; high-end spam filters and antivirus use AI. Voice search products like Siri and Alexa,  lead generation products that provide intuitive data and CRM tools with predictive analysis are all examples of products using AI technology.

Why ChatGPT is all the rage.

ChatGPT is Generative AI.  Generative AI is the ability to take data and manipulate it to create new data such as text, analysis, imagery, audio, coding.  Generative AI is synthetic data.  Sir Paul McCarthy just used AI to record the “final Beatles record” using John Lennon’s voice (data) he had from prior recording and “creating” new content from that data.

Why Generative Data important to business.

Fusing your technology and operations leaders together will produce powerful outcomes when focused on this technology; content for your business can be easily created, you can increase productivity through process and operation automation, and enhance customer engagement.  All data gathered can also be used to improve decisions you are making.  Early adopters of this technology that are creatively applying its endless application will put themselves at the forefront of their industries.

There are risks of using AI for my business.

Being an early adopter most likely means there is no framework or regulatory process for AI use in your industry.  Being thoughtful and responsible in the implementation and usage of AI is critical.  You want to be the success use case, not the one that hits the news in a scandal.  Make sure that everything being created is reliable and authentic.  We must make sure that we’re protecting our businesses and our customers from ethical issues and the privacy issues that are sure to arise from all this data being harvested.  Businesses should also consider job displacement issues that AI creates and what that means for our staff and culture.

EMCO can help you plan for AI in your business.

EMCO has experience with AI and its applications, we stay current on use cases for different industries.  EMCO can consult with your operations team to discuss ideas and applications, well as risks.  EMCO specializes in applying technology to support routine and repetitive tasks, that can be automated.

By the way…. this post was written by a human! 🙂

9 Essential Tips for Keeping Your Password Safe and Secure

9 Essential Tips to Keep Your Passwords Safe and Secure

Password security means more than hiding your pw on a Post-It Note under your keyboard.   Here are our 9 Essential Tips to Keep Your Passwords Safe and Secure.

  1. Use a combination of letters (both upper and lower case), numbers, and symbols: A password that includes a combination of uppercase and lowercase letters, numbers, and symbols is more secure than a password that uses only letters or only numbers.  In fact, research shows the difference between numbers only and an 11-character password with all 4 variables goes from instantly being brute hacked to THREE YEARS!
  2. Avoid using obvious words or phrases: Avoid using easily guessed passwords like your name, your pet’s name, or common phrases like “password” or “123456.” Hackers often use software that can easily guess common passwords.
  3. Use a password manager: A password manager is a software application that securely stores all your passwords in an encrypted format. You only need to remember one master password to access all your other passwords.
  4. Don’t reuse passwords: Avoid using the same password for multiple accounts. If one account is compromised, all your other accounts will also be at risk. Use a unique password for each account.
  5. Enable two-factor authentication: Two-factor authentication adds an extra layer of security to your accounts by requiring you to enter a second verification code, such as a text message or a biometric scan, in addition to your password. This can prevent unauthorized access even if your password is compromised.  Yes, it can be a pain in the butt, BUT this extra level or protection is effective.
  6. Avoid using personal information: Do not use personal information such as your name, birthdate, or address as part of your password.  !!!BONUS TIP!!!  Avoid answering social media quizzes or posts that ask for such information like mother’s names, street you grew up on, or other personal identifying details.
  7. Change your password regularly: Set a reminder to change your passwords every few months to reduce the risk of unauthorized access,
  8. Beware of phishing scams: Be cautious of phishing scams that attempt to trick you into giving away your password or personal information.
  9. Use encryption: If you need to send sensitive information, use encryption–a way to scramble your data– to protect it from unauthorized access.

File Backup vs. Archiving: Why Your Company Needs Both

File backup vs. archiving.  They are not the same and your company needs both. Why? Because you don’t want to be like Mike.

“Our servers have been hacked.  Please tell me you can help get our data back!”

These were the first words Mike said one afternoon when he called our office in a panic.  Someone in Mike’s firm fell victim to a phishing email and their servers and data were being held for ransom. (If you read my last email, you know this is almost impossible for every employee to avoid all the time.)

Thankfully, Mike’s firm has all their servers backed up and archived to our Data Center.  We were able to recover his data in about 15 minutes and he didn’t have to pay the ransom.   The phishing didn’t cause Mike’s firm too much harm because they had a secure system in place for backing up as well as archiving their files.

So, what’s the difference between file backups and file archives?

File Backup vs. File Archive

The terms File Backup and File Archiving, while are used synonymously to mean the same thing, are actually very different.

A file backup is when you make an exact copy of the files you have on a device.  There are many reasons for wanting to backup the data, but the main reasons for creating a file backup is in case you need to recover your files or even an entire hard drive after a data loss event.

A data loss event can be caused by something as simple as accidently deleting a file you didn’t mean to the hard drive failing and becoming unusable or even, in some cases, the entire computer having a system failure.  By having a file backup, you are now able to recover not only the lost file(s), but you could also, in some instances, restore an entire hard drive after a data loss event.  Backups are based around performance where the storage needs to perform well enough to restore data quickly and are created using replication or mirroring and are updated as files change.

A file archive is slightly different from a file backup.  While a backup is a tool used in order to recover data in the case of a data loss event, a file archive is something that isn’t truly used in order to recover data for data loss purposes.  A file archive is a collection of data moved to a repository for long-term retention, to be kept separate for compliance reasons or for moving off primary storage media.   This data is commonly used to create space on devices by off-loading older data while also complying with company policies as well as possible legal reasons and compliances. Unlike a file backup, a file archive is not based around performance and the data is rarely accessed.

File Backup vs. Archiving:  Why you need both

While both processes are very similar and have the same basic principle, they are used during two very different scenarios as well as for two different reasons.  Just as a best practice, a backup should always be taken of your data periodically so that an up-to-date copy of the data is always available in case of a data loss event.  A backup provides you with a quick option to restore the data back to the most recent state (as recent as when the backup was taken).  This way, if there is any data loss, the amount of data loss will be significantly reduced depending on the frequency of the backups.

An archive on the other hand, would normally be done under circumstance where disk space is limited, or business policy dictates long term retention.  By default, an archive is not focused on performance like a backup.  It is meant to be a collection of data that is not going to need to be accessed frequently and needs to be retained based on legal or policy guidelines.  Doing both secures your data in the moment and over time.

File Backup vs. Archiving: Where to store your data

Archives tend to be stored using either cloud-based storage options in today’s age of technology.  However, physical storage media such as external hard drives are also used for both backups and archiving. Using physical media opens the door for mishaps: the device gets lost, someone copies over it, it goes down in a power outage or is lost in a fire.   Cloud-based storage is better, but the larger cloud storage companies such as Amazon or Microsoft have these large servers often based outside the U.S.  If you are going to spend the money to use a cloud based data center, why not keep your money and your business local.

Our advanced disaster recovery and backup hardware stationed at our local and secure data centers are designed to protect your bottom line. EMCO never allows you to suffer a lack of productivity due to the failure of vital tech and systems.

We “backup your backup” in a second physical location and environment so that your business is never in danger of data loss. In the event of a disastrous incident, our expert BDR technicians are trained to prevent you from suffering days of lost profits and rebuilding.

 

Can You Recognize an Email Phishing Scam?

Can you recognize a phishing email scam? Businesses across all industries are vulnerable to phishing campaigns. Companies that handle an incredible amount of sensitive information, from medical and financial data to merger and acquisition (M&A) data, are at the highest risk.

Firms have to tackle phishing campaigns to avoid the devastating consequences successful attacks can cause. These include a damaged reputation, lost client trust, and regulatory penalties—not to mention the potential loss of millions of dollars.

Hackers do their homework by gathering publicly available information about a company, its employees, and counter parties. LinkedIn, Out of Office messages, and even a firm’s own website make it easy.

By the time most companies realize they’d been successfully attacked, it is too late.

What is phishing?

Phishing is an effort to collect private and sensitive information from you: financial information, social security or login credentials to sites containing that kind of information.

Phishing campaigns are carried out by email spoofing; an email that looks legitimate and directs the recipient to enter personal information at a fake website. Once a link is clicked, malware and spyware are distributed through the links or attachments meant to steal information and perform other malicious tasks.

Specifically, spear phishing is a personalized phishing attack that targets a specific organization or individual.  Law firms are prime targets for spear phishing attacks.

There are 2 types of spear phishing

Business Email Compromise, is also known as CEO fraud, whaling and wire transfer fraud.  In these attacks, criminals impersonate an employee, usually an executive or manager and fellow employees are the targeted.  Employees are asked to wire money, send sensitive data about clients, customers, employees, vendors or partners and thus launch malware and spyware.

Impersonation:  These attacks impersonate a trusted, well-known entity such as Office 365, Gmail, or DocuSign.  It could also impersonate an individual such as a colleague or business partner. These attacks attempt to get the recipient to provide login credentials or click on malicious links.  A common example is claiming an account has been frozen and a password needs to be reset.  If the recipient clicks, the crooks will obtain access to accounts where they can then steal data or launch more targeted attacks against your company.

According to the 2021 Verizon Data Breach Investigation Report, phishing was present in 36% of breaches. Other reports show that over 90% of cyber-attacks begin with a phishing email and more than 97% of users cannot recognize a sophisticated phishing email. These stats alone make it clear why your firm must have cybersecurity training.  Make sure your staff can recognize an email phishing scam.

Why are phishing attacks hard to detect?

Traditional email security relies on reputation analysis, block lists, and signature-matching of malicious attachments and URLs. Spear phishing attacks are carefully designed to pass these checks and go undetected.   Oftentimes, emails start with trivial subjects such as ‘How was your weekend?’ or ‘Do you have five minutes?’ in order to test a firm’s security. These introductory emails have no URL, attachment, or payload included and they sail through a firm’s legacy defenses and SEGs, and don’t immediately appear suspicious to the target.

The reason for this technique? It allows them to identify weak spots and deliver the real attack email a few weeks later. Alternatively, if criminals find that they don’t get a bite from the initial bait email, they will likely move on.

So, how do you protect your firm?  Education!  Experts recommend users and organizations educate themselves and others on these continuing threats and tactics to reduce victimization.

We break down 5 tactics employed by hacker and offer tips on how to recognize an email phishing scam to protect your firm.

  1. Go to the Source

If you receive an email that looks to be legitimate, but you just want to be sure, you can check the email address of the sender. By looking at the email address to see what the domain of the sender is, you can easily determine if it is a legit email or if it is someone trying to pretend to be someone else. The giveaway is in the “@domainName.com” portion of the email address. Scammers will try and make the email address as authentic as possible so you should always double-check and verify the email address to make sure the sender is authentic.

  1. Look for Bad Spelling

Review the email closely.  The spelling and grammar in an email is a good indicator if the email is legit or if it is a fake. Sometimes the emails are very convincing but little things like a comma where a period would normally be or the way currency are typed (i.e. 3,00 instead of $3.00) is another clear indicator that the email is probably not authentic.

  1. Stay Calm and Don’t Give Away Personal Information

Emails that ask you to send sensitive Personally Identifiable Information (PII) are a red flag. Companies, financial institutions, etc. will never ask for this information via email.  You should also look for other not-so-obvious signs that would signify that the email isn’t authentic. These signs include things like random graphics or greetings that say “Dear Customer” instead of your name.

  1. Delete, Don’t Open or Forward

Sometimes, the email has a virus embedded in it and just opening the email will activate the virus without you even knowing. Don’t open the email, simply delete it. You should then notify your IT department and manager immediately that you have received a phishing email but DO NOT forward them the actual email. This will prevent the possible spread of the virus to other computers and users. Your organizations’ IT department will then take the necessary precautions and steps to limit the threat and make a note to prevent it from getting through your security in the future.

  1. Train and Test Your Employees

User security awareness training helps every employee recognize, avoid, and report potential threats that can compromise critical data and systems. As part of the training, mock phishing and other attack simulations are typically used to test and reinforce good behavior.  EMCO Technology can provide this kind of testing and training to your team.   Using specific applications, we can deploy several types of email tests to your team to identify those who are vulnerable to Phishing attacks.   The results will not only show you the vulnerabilities, but we will then show your employees how and why the succumb to an attack.  This simple, easy to understand training will educate the employee to prevent them being a future victim.

If you follow these tips and strategies, you will be sure to help to prevent any spread of scams and viruses across your firm.

Do you think you are prepared?  Take this FCC Quiz to see  https://www.ftc.gov/business-guidance/small-businesses/cybersecurity/quiz/phishing

If you fail the quiz, book a no obligation call with us and let’s discuss how to better protect your firm.

How Can Law Firms Secure Their Remote Workforce

We all know the COVID pandemic changed how we work in a sudden and unplanned fashion. Now, 3 years later, many companies, including our law firm clients, are still shifting their work environments, and trying to navigate that shift while being secure and flexible.

How do Law Firms Secure Their Remote Workforce?

How secure is your remote workforce?

Has your work environment changed over the past few years as well?   The law firms we currently work with tell us reducing office space has not only reduced their footprint but having their tech securely in place to allow for the remote and flexible environment gives them a competitive advantage when hiring new staff.

That sudden and unexpected move to remote work required technology to change on a dime with little planning, preparation, or training. Your staff probably had to navigate using personal, unsecure Wi-Fi, using cloud apps for the first time, jumping back and forth between work websites and applications and personal sites and apps.   All these challenges can leave your remote staff and your firm very susceptible to cybercrime and hackers.

Perhaps now is the time to review your IT systems, cloud, and hardware to better protect your staff, clients and firm as you continue to move through this new work environment. Do you have the right level of security? Does your team need training on working securely or in a cloud environment? Is your data backed up, archived and safe?

Hackers are counting on your insecurity

In the most recent survey on law firm cybersecurity by the American Bar Association revealed that more than 35% of law firms said their systems have been infected by a virus, spyware, or malware.

How do infections occur?

  • Not properly managing all devices and employees
  • Insecure passwords
  • Phishing emails
  • Using unsecured personal devices & networks
  • Video attacks
  • Weak backup and recovery systems
  • Not connecting over VPNs
  • Not using multi-factor authentication

Too often, companies won’t know of the weakness until a hack has occurred.

Hackers have adapted to the remote-worker surge and are counting on your workers to go home, connect to their Wi-Fi, and make a mistake so they can attack computers from one of the many connected devices in their home. So, what can you do?

7 Tips to Secure Your Remote Workforce:

  1. Use strong passwords for logging into computers and when creating Wi-Fi home networks; passwords should be at least twelve alphanumeric characters in length, be somewhat memorable, and have at least one special character
  2. Change the default login password for home routers and turn off remote management.
  3. Use those strong passwords for accessing other devices like phones, internet-connected printers, tablets, and iPads, just in case they end up in the wrong hands.
  4. Never share a firm computer with anyone, as it could come back with a virus. Even evidence that someone else used it can get you into trouble
  5. Make sure devices automatically “lock” in case you lose them, or they are stolen.
  6. Use encryption for sensitive data files.
  7. Use multifactor authentication that requires entering a code after logging in with a username and password.

Building Your Business Safely Through the Cloud 

That sudden and unexpected move to remote work that may be your firms’ way of life now, is more efficient and secure in a cloud environment.   With a cloud hosting provider who is totally focused on security, your law firm can spend more time focusing on delivering services to clients. EMCO Technology has over 20 years of experience offering cutting-edge legal technology including secure hosting to law firms. We’re dedicated to following the industry’s strictest compliance and data security regulations while allowing firms to offer attorneys a flexible working experience.

Here’s how EMCO law firms protect their assets. Each client receives:

RAPID RESPONSE

The average breach lasts an average of over 200 days before detection. That’s nearly 9 months! In this time, the average criminal can do whatever they want with you or your clients’ information, presenting a massive risk to your firm.

ACTIVELY MONITORING THREATS 24/7

The bad guys don’t work “normal business hours” so we monitor and search for threats year-round, nights and weekends with Security Analysts who know what to look for.

PROTECTION FROM MODERN THREATS

Hackers are now more advanced than ever before. The new Malware and Ransomware is designed to get past traditional solutions that no longer work.

ARTIFICIAL INTELLIGENCE

We use cutting-edge AI technology to keep you protected from today’s modern threats. We stay on top of the changes and trends, so you don’t have to.

Where is the “Get this Done” Button? 

You’re busy. You’d rather spend your time focusing on your clients than doing everything in this email. EMCO Technology offers cyber compliance services that do much of the work for you. Whether you need advice on a specific topic or are looking for those services, we are here for you.   Give us a call today! 

 

Why Law Firms Need Cybersecurity

Why Law Firms Need Cybersecurity.   They’r ripe for hackers. You store incredibly valuable, sensitive information and may even have access to trust accounts filled with your clients’ money. This makes you susceptible to theft and ransom.

However, your first line of defense to external threats to your firm is making sure your employees are educated and trained on how5 Steps to protect your Clients' and Firm's Data to operate securely.   According to a study by Computer Weekly, 84% of cyberattacks reported had been due to human error.  So how do you mitigate your firm’s risk of data breaches and keep your clients’ data as secure as possible?

Below are 5 steps your firm can take now to minimize the risk of a data security breach.

5 Steps to Protect Your Clients’ and Firm’s Data

  1. Conduct an Assessment. While performing periodic reviews of your own vulnerabilities, having a third party perform a security assessment can reveal more information using “fresh eyes” and cybersecurity scanning tools to survey your environment. The ABA reminds its members that some cyber insurance carriers may require that a third party perform an assessment and some clients may also want to know the status of your cybersecurity by requiring third party assessments or reviewing past assessments, policies and other documentation.
  2. Have Acceptable Use Policy for all employees in place. An acceptable use policy (AUP) explicitly outlines the rules employees must follow in regard to the firm’s network, software, computers, laptops, and mobile devices. It clearly states how employees should and shouldn’t use both employer-provided technology and personal mobile devices like smartphones and tablets.
  3. Take it to the Cloud. Numerous studies show that cloud-based solutions are more secure than on-site.  With a growing number of firm employees working remotely, cloud-based computing is an integral part of your operations and when staff is trained for security remote access your data is more secure and there is less of a chance for an external threat.
  4. Use A Password Manager. In the 2018 Aderant Business of Law and Legal Technology Survey, no more than 32% of respondents indicate they use a Password Manager.  Implementing and training your staff with the use of such a tool is the most affordable and simply way to keep your clients’ information safe.
  5. Have an Incident Response Plan. Even the most careful companies can’t guarantee they’ll never be a victim of hackers or cyber-crime, so it is imperative your firm drafts an Incident Response Plan just in case.

EMCO Technology has been a provider of IT and Data Security Management for law firms in the Philadelphia are for over 20 years.  We understand the unique needs of the legal industry and offer a variety of products and services to keep you safe.  We can provide you with the assessments, policies, software and training referenced in the list above.

Just as you wouldn’t want a client to represent themselves in court, we don’t want you to represent yourself in the world of IT security.  Let’s talk about your needs and how EMCO’s solutions can help.

How to Spot and Defend Yourself Against Phishing Emails

It’s important to know how to spot and defend yourself against phishing emails. Since the beginning of the pandemic, businesses have had to adapt and become more reliant on a remote landscape. By doing so, a lot of business and communication are handled over email. However, with businesses moving to a more remote setup, there is also a shift in cyber security threat vectors. One of the more popular ones that have increased is phishing scams. These phishing scams have not only increased, but they have also become more convincing as well as harder to detect at a glance.

So how you you spot and defend yourself against phishing emails?

With phishing email scams becoming more frequent in today’s cyber environment, it is more important now to be more vigilant. Unlike some other cyber security threats, there are things that you can do to prevent yourself from becoming a victim. By utilizing some of he following tips and tricks, you can reduce not only yourself but also your organization from becoming a victim of phishing scams.

Phishing email scams are one of the most common scams used in today’s landscape. However, they are detectable if you know how to identify them. One particular way to detect them is by going right to the source. If you receive an email that looks to be legit but you just want to be sure, you can check the email address of the sender. By looking at the email address to see what the domain of the sender is, you can easily determine if it is a legit email or if it is someone trying to pretend to be someone else. The giveaway is in the “@domainName.com” portion of the email address. Scammers will try and make the email address as authentic as possible so you should always double-check and verify the email address to make sure the sender is authentic.

A second preventative measure for preventing becoming a victim of phishing emails is to look at the way the email is written. “Legitimate companies have trained staff and whenever they send out large or small messages/emails to staff, they require double checking and then only they send emails to their staff.” The spelling and grammar in an email is a good indicator if the email is legit or if it is a fake. Sometimes the emails are very convincing but little things like a comma where a period would normally be or the way currency are typed (i.e. 3,00 instead of $3.00) is another clear indicator that the email is probably not authentic.

The third preventative measure should be an obvious giveaway. If you receive an email that is requesting you to send sensitive Personally Identifiable Information (PII) across email is a very unsafe practice. “If your bank emails you to send your account number through email or asking for your username and password through email, it is recommended to not to send it.” You should also look for other not-so-obvious signs that would signify that the email isn’t authentic. Things like random graphics or greetings that say “Dear Customer” instead of your name. “Hackers often rush to get phishing sites up, so some of them will look significantly different from the original company.”

If you do receive a phishing email, there are a few things that you should do immediately.

  • You should first not open it and delete it “since most viruses activate when you open an attachment or click a link within an email.” Sometimes, the email has a virus embedded in it and just opening the email will activate the virus without you even knowing.
  • You should then notify your IT department and manager immediately that you have received a phishing email but DO NOT forward them the actual email. This will prevent the possible spread of the virus to other computers and users. Your organizations’ IT department will then take the necessary precautions and steps to limit the threat and make a note to prevent it from getting through your security in the future.

If you follow these tips and strategies, you will be sure to help to prevent any spread of scams and viruses across your organization.  If you need software or training to help your staff, contact our team today!

 

Code Phishing – The Growing Scam of the Pandemic

As the world of technology continues to expand, so does the number of threatQR Codes vectors that could possibly compromise the security of an individual and company alike. As the landscape for the threats continues to change, the more important it is for everyone to be more vigilant and aware of the potential dangers that are beginning to pop up more and more. One of the major ways that are being targeted is being utilized more and more by restaurants and other retailers alike. QR codes have now become just one of the latest ways that attackers will try and gain access to devices of unsuspecting customers alike. QR codes have now become just one of the latest ways that attackers will try and gain access to devices of unsuspecting customers.  This is known as code phishing and it’s the growing scam of the pandemic.

QR codes are bar-code like objects that are used for a number of things. They can be used to easily navigate to a specific website for a retailer or to data storage as well. They are not only used in retail, they are also used in video games as well as other activities like geocaching. While these companies and activities can be legitimately using the QR codes, hackers are using the public’s blind trust of seeing them at stores and restaurants to gain access to unsuspecting victim’s devices.

An example of how they do this is particularly at restaurants. Since COVID-19 began and then restaurants began reopening again, many of them utilize QR codes for customers to see the menu. By doing this, it makes it much easier for customers to see the whole menu for the restaurant. However, hackers know this and will create their own QR codes and drop them on tables or on the floor near tables. They are hoping that a customer will scan it with their device and once they do, it will either download data to their device without the user knowing it or it can even navigate them to a fake website that the hacker has set up in the hopes of the customer entering personal information like email addresses or passwords.

Once a hacker has access to the device, they can gather any and all the information that they would like. They can use the information entered by the user to start phishing attacks by email spoofing or even just gaining access to your email to read and exploit using your email address or even gain access to your financial information. There are things that you can do in order to help prevent it from happening to you or your organization.


Computer.org gathered a list of ways to prevent this from happening to you. They recommend “scanning QR codes of trusted sources only, regularly update your device’s security as well as remain vigilant.” Another way to limit your exposure is using a QR code reader. Apps like Kaspersky’s QR code Reader and Scanner offer the ability to scan QR codes with a little more confidence. Beaconstac.com has rated this app one of the best because “it offers Kaspersky’s safety checks that ensure a QR code doesn’t lead to a dangerous link or malicious content” as well as “keeps a history of all QR scans done within the app.”

Reach out to us if your business needs software, hardware or training to keep your business safe.

 

Cloud Solutions For Business: Can Your Company Benefit?

Do you utilize cloud solutions for business and if not, is outsourcing to the cloud smart for you? Cloud solutions for business: can your company benefit?  We say yes!

The benefits of outsourcing cloud services come down to cost and efficiency.  The three main business functions (Email, File Storage, and Business Applications) are the most common data pieces outsourced to cloud services. Without the cloud, the corresponding groups of data for these three functions would have to be stored on an onsite server.  But do cloud solutions for business make sense for your company?

There are substantial costs and inconveniences when purchasing and maintaining a dedicated server, other hardware, and software internally. Your company must be prepared to pay for the cost of labor, set-up, and maintenance of the server and other IT infrastructure and assets.  Consider this:

 

    • Servers generally need to be replaced within five years at a significant cost
    • Hardware and software need to be maintained, requiring updates and maintenance at regular intervals.
    • There is significant cost associated with using the business application software
    • As technology grows so does the need for experienced technicians with an increasingly diverse range of technical competencies.

Using cloud solutions, your small business can instead pay for the reduced cost of cloud services as opposed to a dedicated server and the costs associated with onsite IT resources.

EMCOs cloud solutions are convenient, secure and easy to integrate into your existing network. This makes it possible for your employees to easily access their files and applications when working remotely.

Cloud services automatically sync and update, so your files are always ready when you need them on all of your devices no matter where the day takes you. Cloud services are easily scalable, so they can immediately grow with your company’s needs as opposed to the time-consuming processes of hiring new IT personnel and buying updated/upgraded IT assets.

We optimize cybersecurity by ensuring that all systems and applications are updated and patched regularly. The cloud makes it easier to practice good cyber hygiene, which will help protect your company against current and future cyber threats.  Cloud services also serve the important function of backing up company data and services. Since your cloud is hosted in secure facilities with numerous backup and restore options, it is possible to quickly restore operations in the aftermath of a man-made or natural disaster. Best of all, EMCO Cloud Services meet a number of regulatory compliance standards like HIPAA, FINRA, Sarbanes Oxley and more!

When it comes to maintenance, as we monitor your cloud services 24/7, we’ll  advise you on when to upgrade to new options that best suit your company’s objectives and budget. Our knowledge and experience makes us uniquely qualified to continually test and fine tune the output of your cloud-based and onsite IT assets in order to maintain the highest level of performance and security.

Finally, we understand that not everyone has the expertise in their own company to understand the purchasing, usage, maintenance and security of cloud computing. We don’t believe in a one size fits all approach and not everything in your business needs to run on the cloud. For many small business, a hybrid approach may be best. EMCO techs have the expertise to assess your unique organizational needs and make the most cost-effective and operationally effective recommendations on cloud solutions for you.

Think your company can benefit from cloud services?

Call us today for a free consultation about our cloud solutions for businesses to move your business forward safely.

Protect Yourself from Scareware

Ransomware is a word you’ve probably heard often over the past few years and it has been the key topic on many articles and information we’ve shared, but we realized this week, is the increasing need to educate you about and teach you how to protect yourself from Scareware.

Forcepoint defines it best: Scareware is a malware tactic that manipulates users into believing they need to download or buy malicious, sometimes useless, software. Most often initiated using a pop-up ad, scareware uses social engineering to take advantage of a user’s fear, coaxing them into installing fake anti-virus software. Scareware goals can vary from selling useless, fake tools to the installation of damaging malware that exposes sensitive data. Scareware has been known to convince users to download ransomware, a form of malware that holds the user’s data hostage in exchange for a payout.

You’ve probably experienced this and may not even realize it.  Have you ever encountered a surprise pop-up telling you your computer is at risk and software needs to be downloaded or installed to prevent damage?  You are smart and most likely, you ignored the message, but not everyone does—and these messages are getting more and more sophisticated and seem very, very legit.

Over the past few weeks, we’ve had a few reports of users experiencing this scareware tactic.  However, in two cases, instead of being contacted through a pop-up or email, the user  was the one who called a number they believed was the manufacture of a piece of hardware and ended up on a bogus call where the person on the other end tried to get them to pay for a solution.  Thankfully, the users were smart enough to know something wasn’t right and left the call before any harm was done.  They called EMCO to give us a heads up about the incidents and that consideration prompted this article for you.

So how do you protect yourself?

Easy, the first thing you do is DON’T BUY ANYTHING!!  If you think there is something legitimate to the claim, seek the advice of IT professional.  You can also search known cyber security threats at https://www.cisa.gov/cybersecurity .

Second, DON’T PANIC and get help. Call your IT department or tech support company.  If you are experiencing this on your personal equipment and don’t have an IT dept to call, call a local tech company like us for some guidance.

Third, understand a reputable software company like Microsoft, Apple or HP will NOT call you about issues with your computer nor will they threaten you via email.

Recent data breaches such as SolarWinds affected some of the most reputable Fortune 500 companies, so chances are we will continue to see an increase in ransomware and scareware events.   Continue to be diligent and smart about protecting yourself  against and reacting to these events.