Cybersecurity on a Budget: Tips for Small Businesses that Need Managed IT Services

https://ifttt.com/images/no_image_card.png

If you have a small business or are just starting your own company, you are likely on a budget and dealing with sizable monthly bills. Small companies need cyber security services that can work on a tight budget to be secure. The good news is there’s more than one option when it comes to finding the right managed IT service.

1. Lock Down Internet Access

Many small business owners need to realize how much more vulnerable their networks are when too many open ports exist. It leaves the door open for many intruders to get inside and wreak havoc on sensitive data and overall network stability.

2. Keep Your Servers, PCs, and Network Hardware Updated

Small businesses that need managed IT services can rest easy knowing their technology is safe if the servers and network hardware are updated regularly. It is accomplished with the help of a managed IT service provider who can automate updates on all of your assets.

3. Make Proper Backups

Another key to keeping data protected is ensuring all of your data is backed up on a regular basis. The best way to ensure this happens is by contracting a managed IT services provider who will take charge and put an effective backup plan into place for your small business within days of signing up. Regularly backups of your data to a secure location are also important.

4. Secure Key Applications and Data

Businesses whose data is protected by cyber security services need to be more aware of which applications they have installed on their company’s network. Any time an application is downloaded, it automatically creates a back door that is then ripe for intrusion if the right person gets their hands on it. Therefore, the best practice is to use managed IT services to monitor which applications are used on your organization’s computer networks.

5. Implement Strong Passwords

By now, small businesses are no strangers to the idea of key breaches that need serious damage control when securing data and information. However, if you haven’t implemented strong passwords difficult enough to crack, you could set yourself up for serious trouble. Therefore, the best thing any small business can do is take proactive steps to secure their computer networks by implementing strong passwords on all of their computers and end-user devices.

6. Set Up Firewalls

Most small businesses need cyber security services to stop hackers from accessing their networks through the internet and their web servers. The best way to do this is to have a managed IT services provider implement a series of firewalls, VPNs, and proxies at each business location. A good managed IT service provider can implement all these controls remotely so no skilled hacker can get in and cause damage or steal data.

Bottom Line

Every business needs to take cyber security services for small businesses if they want to keep data safe. There are many options for SMBs and IT service providers who can provide affordable managed services that work to help keep the network secure. Consider Reciprocal Technologies for all your managed IT services, and you’ll be maximizing the security benefits of your business.

from: https://reciprocaltech.com/blog/cybersecurity-on-a-budget-tips-for-small-businesses-that-need-managed-it-services/

AI Isn’t an Employee Alternative, but a Tool to Assist Users

https://ifttt.com/images/no_image_card.png

The past several years have brought about innovations in artificial intelligence, or AI, that has workers worried for their jobs—especially as it moves into more practical and usable mediums. This can all be tied to the Turing Test, a way of measuring the intelligence of a computer, created by one of the most notable minds behind computing, Alan Turing.

Nowadays, it’s worth asking if comparing the two was the right call; rather, industry professionals think that collaboration between AI and human workers is more preferable compared to competition.

Turing’s Standard May Have Produced Economic Inequities

At the Stanford Digital Economy Lab, director Erik Brynjolfsson claims that advances in AI have created serious issues, economic inequality among them. In the Spring 2022 issue of Dædalus, a journal produced by the American Academy of Arts and Sciences, he writes that the goal of AI swiftly became a mission to overtake the capabilities of the human mind. All of that to say that this mission was not the appropriate way to handle the development of this technology. Brynjolfsson’s work illustrates that this fixation on creating human-like machines has made wage inequality worse.

Brynjolfsson’s argument is that the development of AI has simply removed the need for human employees, and while productivity can increase as a result, the benefits of that productivity are only really reaped by business owners and leaders within organizations. This divide further increases the rift between workers and the rich, increasing the wage gap and creating what is known as “the Turing Trap.”

The creation of AI is just another example of humans attempting to ascend from humanity to become something different entirely, a creator of life in their own image. There are countless examples of this ranging from the golem of Jewish folklore, the automatons built by Daedalus of ancient Greek tales, or the inventors from early Islamic kingdoms and the European Renaissance. Modern popular culture and media does little to separate AI from these stories, as they paint AI as human-like entities seeking to become even more human-like.

If this is the wrong approach, then what is the right one?

According to Brynjolfsson, AI Would Be Better Used as “Augmentation”

Human employees and AI employees are both capable of doing things well, but it’s critical to note that the things they do well are not the same. Therefore, the key to making the most good out of AI is for humans to supplement their shortcomings with it. In essence, humans are “partnering” with AI to produce better results.

Unfortunately, it’s seen as easier to replace rather than integrate AI, simply because there is no true precedent for doing so. Other research has shown that there are various tasks that people would prefer to do themselves rather than AI, so there will always be things that people want to do themselves that AI can, but should not, do. People are worried that automation will replace the human worker, but there are other proponents who argue that AI can only feasibly cover a small portion of the various duties associated with human work.

AI is a Tool, Not Competition

We urge you to think of AI not as an excuse to cut workers, but more of a tool they can use to bring about success for your organization. To discuss your options, give us a call at (317) 759-3972.

from: https://reciprocaltech.com/blog/ai-isnt-an-employee-alternative-but-a-tool-to-assist-users/

There’s Been Another Step Towards Passwordless Authentication

https://ifttt.com/images/no_image_card.png

While at the moment, passwords are an important part of your security stack, it is important to acknowledge that the concept of the password was always a flawed system and is overdue to be replaced. This may become a widespread reality sooner than you may expect, too, especially with the buy-in that the big names in tech are demonstrating.

Let’s consider a recent step that one of these big names recently took that shows particular promise for a passwordless future.

Enter the Passkey, and Google’s Embrace of It

The concept of a passkey is a simple one—basically, it’s another stored credential, but in this case, it is stored on the device and is exchanged with the website directly. This way, all obligations for the user to remember any credentials is eliminated.

The passkey is, on almost all counts, a superior means of authentication—and it’s all because it eliminates the need for a password text box at all. Instead of relying on the user to provide a form of authentication, passkeys are automatically generated and are inherently more secure than any user-generated form of authentication.

The trouble is, in order for passkeys to work, support for them will need to become standard. As in, every website, every browser, and every password manager will need to implement them. In addition to this, passkeys will require the user to have their phone handy and to use a Bluetooth connection to allow the phone to talk to the device in use. This localization, while helping protect your accounts, will also eliminate the capability of most desktops to utilize it.

Google, and Many Others, are Enthusiastic about Passkeys

Apple, Google, the FIDO Alliance, and Microsoft have all put their support behind the idea, with Google launching betas on both Chrome and Android, and iOS version 16 implementing it.

Google’s beta—which you can sign up for through Play Services—allows you to create passkeys on your Android devices, and passkeys are now supported in Chrome Canary, with more stable versions promised soon.

Google’s plan is to utilize its Password Manager to store these passkeys. The mobile device will have the user pick the correct account, then use a biometric proof to authenticate their identity. The phone will send over the authentication via Bluetooth, the browser sends the passkey to the website, and you’re in. Of course, if you’re actively logging in to something on your phone, the Bluetooth step is skipped.

We look forward to seeing how this technology develops and the prospect of using it as a means of potentially simplifying user authentication, without shortchanging security as a result. While there’s still some work to be done, the promise is there. In the meantime, reach out to us at (317) 759-3972 to find out how we can help you manage your current cybersecurity and user authentication needs.

from: https://reciprocaltech.com/blog/theres-been-another-step-towards-passwordless-authentication/

Different Scams Impact Different Audiences, Which Means You Need to Prepare for All of Them

https://ifttt.com/images/no_image_card.png

Back during the holiday season, the Federal Trade Commission shared some data that showed that members of Generation X, Millennials, and Generation Z are all more likely to fall for online shopping scams than those over the age of 60…and not by a little, either. Those under that age are apparently 86 percent more likely to fall for these scams. 

Let’s examine some of the findings of this report, and what they tell us about the state of cybersecurity.

Here’s the Hard Truth: Different Types of Scams are More Effective with Different Age Demographics

According to the FTC, scams are universally effective. However, one form of scam may be more effective to one generational subset, while another might impact a different one.

For instance, the FTC’s research saw that younger generations were far more prone to online shopping fraud, investment scams, and job scams. Meanwhile, older generations were more successfully targeted by tech support scams and sweepstakes scams.

It also needs to be said that different scam victims are frequently targeted using different means, as well. Younger Millennials and members of Generation Z are frequently successfully targeted by scams that begin on social media, while Generation X and Baby Boomers are frequently victimized by phone scams.

It Doesn’t Matter What Age Someone Is, They’re Just as Vulnerable to Cyberattacks and Scams

With so many scams out there, utilizing different mediums and platforms to target their intended victims, it’s important that everyone is prepared to spot potential threats and react to them appropriately…and this is all the more important in the business.

Fortunately, businesses in Indiana can turn to the professionals at Reciprocal Technologies for assistance in preparing their teams to deal with assorted cybersecurity threats. Give us a call at (317) 759-3972 to learn more about our cybersecurity services.

from: https://reciprocaltech.com/blog/different-scams-impact-different-audiences-which-means-you-need-to-prepare-for-all-of-them/

Who is Handling These Critical IT Tasks In Your Organization?

https://ifttt.com/images/no_image_card.png

Your business might have a full-time IT person, but it also might not have one, and in cases like this, you might find yourself waiting to call your go-to person until you are experiencing a full-blown problem. The reality is that your internal, non-IT staff should not be responsible for the job of your IT department, and if you are relying on someone externally to handle your technology help, then you’ll want to make sure they tick all of the following boxes.

Windows and Server Updates

Microsoft issues patches and security updates for its operating systems and products on every second Tuesday of each month, but others might be released on a less-than-predictable basis. It’s easy to fall behind if you don’t have someone applying all of them, and depending on your infrastructure, you might even find complications which make it hard to run these updates. This doesn’t make them any less important, though, and you should address them on all user devices.

Software Updates and Patches

Of course you don’t use only Microsoft products, and your other software will likely be on a different, more sporadic patch and update schedule. Be sure to test your updates before you run them, and make sure they don’t disrupt your operations.

Antivirus Definition Updates

Virus definitions will need to be updated on a regular basis, as new threats are always being discovered and defined by security researchers. This process usually happens automatically without your involvement, but you should still make sure that the end user isn’t accidentally holding it up. You can use a centrally managed antivirus solution to deploy these definitions effectively.

Daily Backup Checks

Do you know what happens when you skip just one day of backup checks? You could go who knows how long without an adequate backup. In the best-case scenario, you discover that a backup isn’t taking properly well ahead of when you need to deploy it so that you will have your system in place for when you do need it, but imagine if you go days, weeks, or even months without proper data backup occurring. Be sure to check your logs for any signs of corruption and audit the backup system in its entirety. Your daily backup check should also include a random restore at least once per week to make sure the system is working the way it’s supposed to, followed by a thorough monthly examination.

Check Event Logs On Servers

If you are checking event logs for your servers on a daily basis, you can proactively put a halt to a lot of issues you might encounter, whether they are security-related issues or they are errors on your end that could cause downtime. Finding issues before they escalate is crucial to preventing this downtime.

Check Disk Space Across All Critical Devices

You should check disk space for servers and workstations on your device, as a device which has a full hard drive could create plenty of problems on your infrastructure. This process doesn’t take long, and if you have a monitoring tool in place, you can catch these issues before they become problems. You can often address these issues by freeing up storage in instances where you might not be able to physically improve the device with more storage.

Review Firewall, Wi-Fi, and VPN Access Logs

You should always know who or what is connecting to all of your networks. If you keep track of traffic and identify potential problems which could be indicative of security or network configuration issues, you can address slowdowns as they occur rather than let them linger longer than they need to.

Provide Technical Assistance to Your Staff

By now we are sure you are thinking, “Wow, that’s an awful lot,” and you’re absolutely right; it certainly is. On top of all this, your IT staff needs to also help everyone else at your office with technology-related challenges and day-to-day support.

If this sounds like a lot for even an internal IT department to handle, then consider calling us at (317) 759-3972. We can supplement their efforts and make sure no important issues go unaddressed.

from: https://reciprocaltech.com/blog/who-is-handling-these-critical-it-tasks-in-your-organization/

4 Communication Strategies that Will Help You Get More Done

https://ifttt.com/images/no_image_card.png

Communication is a major part of any relationship. In business, there is no way to have a positive working relationship without great communication. A lot of time and effort goes into getting your employees the tools they need to potentially be successful, but without the right mindset and practices, nothing will go the way you anticipate. Let’s look at four variables that are needed by you and your employees if you want to have crystal clear communications.

---

Effective Workplace Communication Strategies

Pay Attention

Nothing is more frustrating than going through a whole plan of action only to have a person or people on your team not be on the same page because they were not paying attention to the particulars when the team was going through them. Whenever you are in a group setting, providing your undivided attention, while admittedly difficult with the constant stream of things going on all the time, is important. No matter how boring or redundant you may think a topic is, avoiding spacing out or compulsively checking your phone is not only critical, it’s just polite. 

Actually Listen

When a person monopolizes a conversation, it makes the other people around them tune them out. Even if you are a team leader or decision maker that has very specific demands of how a project or task gets completed, you need to take the time to listen to the questions and concerns that the people who are working on it have. 

Try to Inspire

When you are in a leadership role, it is important that you not only direct action, but also educate and inspire the people around you. If your communication is going to cut through to your whole team, you need to ensure that what you say is well thought out and has substance. The best way to accomplish this is to plan your meetings ahead and be ready to inspire and lead rather than question and degrade.

Follow Up

Finally, you will want to follow up in writing (or via your CRM) after you have a meeting with your team. Failing to do so may be detrimental as line-items that you may have briefly touched on and thought everyone understood could be overlooked. Not only should you come into your meeting with a general outline of what you need to touch on, you should also assign someone to take down notes in the meeting and have them share them with the team.

Business communication isn’t all about technology. It is also about how you and your team use that technology to improve the outcomes of your projects and tasks. At Reciprocal Technologies, we work with Indiana businesses of all types and sizes and help them get the communication and collaboration solutions they need to drive their business forward. We can certainly help your business. Give our consultants a call today at (317) 759-3972 to learn more.

from: https://reciprocaltech.com/blog/4-communication-strategies-that-will-help-you-get-more-done/

It’s Not Worth Having a Backup Solution if it Doesn’t Follow These Fundamental Rules

https://ifttt.com/images/no_image_card.png

We focus pretty heavily on data backup as an important solution that all businesses should use, and for good reason. It can be all the difference between losing your business’ future or preserving it. We know you don’t like to hear it, but investing in a proper data backup solution is well worth the cost, even if you never have to use it.

The reason? What if something happens?

We know that not all businesses will suffer from the same disasters, but there are some that will always be prevalent—user error, cyberattacks, data breaches, and phishing attacks, just to name a few—no matter the industry or geographical location of your business. How can you make sure they aren’t enough to sink your organization? You can use comprehensive data backup strategies that will keep your business safe no matter the circumstances you face.

Try the 3-2-1 Rule

We adhere to the industry standard called the 3-2-1 rule. This rule governs an effective way to approach redundancy and data continuity. Here are some key takeaways from the rule:

• Keep at least three copies of data
• With two of those backups copied on separate storage media
• And one of those backups stored offsite—we recommend the cloud

As far as how you execute this strategy, we have some recommendations. The idea is to have options available that you can call upon when you need them most. Let’s examine each piece of the 3-2-1 rule and why they are important.

Three Copies

Three copies might seem like a lot, but we promise that it’s worth it all. Having three copies means that if anything were to happen to your business, your chances of recovering from the disaster are essentially tripled, so long as you are backing your data up properly.

Two on Separate Media

If you have two copies of your data on different storage mediums, then you have two copies of your data in the event something goes horrifically wrong. Just think; if both of those were on the same server, you’d be out of luck. Reciprocal Technologies can equip your business with a BDR device to act as a backup device and server in one, allowing you to cover all scenarios possible.

One Copy Off-Site

If you want a secure place to store your data, then an off-site data center is the way to go. Make sure it is in a different physical location from the rest of your backups and ensure that it is accessible through the cloud.

Reciprocal Technologies can help your business implement and maintain a data backup system that will keep your business safe in any circumstance. To learn more, call us today at (317) 759-3972.

from: https://reciprocaltech.com/blog/its-not-worth-having-a-backup-solution-if-it-doesnt-follow-these-fundamental-rules/

How Data Gets Stolen (Even When Security Measures are in Place)

https://ifttt.com/images/no_image_card.png

We talk a lot about best practices that you and your entire workforce need to follow in order to protect yourself, your business, and your customers from data theft. From ensuring that you have strong, unique passwords and making sure two-factor or multi-factor authentication is applied to all of your accounts, to keeping your endpoints updated, a lot of prevention is considered the barest necessities of cybersecurity. It’s worth understanding just how clever cybercriminals are, and just how easy it is to slip up and lose control over your own information.

A Short Recap of Some Critical Steps to Take to Keep Yourself (And Your Business) Safe from Cyber Threats

Let’s start by going over some of the fundamental steps you should be taking to keep yourself, your business, your customers, and your employees safe online.

• Always use strong passwords, don’t use common words or personally identifiable information like birthdays, pet names, relative names, etc.
• Don’t use the same password in two different places.
• Don’t store passwords anywhere but a secure password manager.
• Use 2-factor or multi-factor authentication whenever possible.
• Be aware of who or what you grant access to certain accounts (like using your Google, Microsoft, or Facebook account to log into other sites).
• Keep computers, laptops, tablets, smartphones and other devices updated.
• Use modern, trusted antivirus software and keep it up-to-date.
• Be careful what you click on, download, and open. If it looks suspicious, it could be dangerous.
• Always back up data, and ensure that backed up data is transferred and stored securely.
• Don’t connect to public Wi-Fi without a VPN.
• Don’t store data on your local machine at work, store it in a location that is getting backed up (like shared folders or drives).
• Think before you click—emails, text messages, instant messages, and social media posts could have links or attachments that are dangerous. 

By no means is this a definitive list, but it is a general good start for protecting your data and personal information.

Now let’s assume that an individual is more or less following all of these steps. They are taking many precautions and reducing risk, but not eliminating it entirely. Let’s talk about how the bad guys can still get around all the defenses.

If They Want to Get In, There is Probably a Way

Let’s just take one theoretical soft spot in your cybersecurity armor and see just how far we can go. For the sake of this example, I’ll roleplay as the hacker. Maybe I know you, maybe it’s personal, but probably not. Either way, if I identify you as someone who has a lot of accounts and activity online, I know you are worth exploiting. 

It might start like this. Some random data breach from some online service (we’ll use LinkedIn as an example), gives me your name and email address. This particular data breach happened in 2021, where LinkedIn had user data, including passwords for accounts, stolen and shared online.

Here I am, with plenty of free time on my hands, and a list of millions of emails and passwords that someone stole from LinkedIn and dumped publicly on the Internet.

I pick your name from the list, and start to try to cause trouble. 

I discover that you were diligent and changed your LinkedIn password. I can’t get into your LinkedIn account, but I can see you are a business owner. “Jackpot!” I think to myself.

I look up your business online, I read up about you. I look at your social media and see who you associate with, who you do business with, and follow the clues around. Within a couple minutes I have a pretty good impression of you and what you do, a list of employees, and a list of clients. I set those aside for later.

Meanwhile, I try your old LinkedIn password in a few different places—Facebook, Twitter, Amazon, PayPal. Looks like you are good about using unique passwords. You won’t go down that easy, but I can keep looking…

The last place I try to log in is your website. Oh look! It’s a WordPress site, which means the login URL is typically /wp-login or /wp-admin unless you’ve customized it. I get to the login screen, and… nope. The old LinkedIn password doesn’t work. Bummer, I could have had some fun. Still, I’ll save the login URL in my notes and come back to that another time.

I do a quick lookup of your domain name and I can see where it was registered and figure out what hosting company you are using. I pull up a bunch of tabs in my browser and pick up the phone and call your web host and follow the phone prompts to get support.

Me: “Uh yes, hello, I have an account with you. My normal web guy is out sick and I really need to get into my website and update a page. I was wondering if you could help me.”

Web host: “Absolutely sir, can you give me your account number?

Me: “Um… boy, I really don’t know where that information is…”

I proceed to give the support rep information about you that I can find on your public social media accounts and website. I end up giving them your date of birth and they are seemingly convinced that I am you.

Web host: “Well, sir, unfortunately your hosting account with us doesn’t include support for your WordPress installation, but I can walk you through getting access to your account’s control panel, and you can use the tools there to make some changes.”

Perfect.

I work with the gentleman, quickly getting logged into your web host. He’s nice enough to give me a one-time login and add an email that I control to the account. He’s still feeding me information and providing customer service over the phone while I’m kicking you out of the account. 

I quickly realize your web host also manages your business domain name, so I point all company emails over to my own inbox. I could float around like this for a few months and just collect information—learn all the accounts you are attached to, look for patterns, glean any sensitive information without ever leaving a trace…

But instead I’m just too excited! I hop onto your Google account and request a password reset. It goes to your email, which I now see. I repeat this for PayPal, Facebook, LinkedIn, Twitter, and try a few major credit card companies until I get in a few. Every so often, I’m getting stopped by 2-factor requests, but since I have full access to your email, most sites and accounts tend to think that’s enough. You’ll start getting suspicious as your phone starts sending you 2FA codes, but by then, I’ll already have more control over your online life than you do.

I already own your business website, your domain name, and all of your emails…

And you get the idea.

There is No Easy, Bullet-Proof Cybersecurity Solution

Strong cybersecurity requires diligent effort and even then, nothing is impenetrable. Our little dramatization above got lucky and took the nuclear option, but usually theft is much more subtle than that. My goal was to explain just how quickly someone can go from knowing very little about you, to knowing nearly everything, and using that information against you.

That’s why it’s important for business owners to take cybersecurity seriously, and encourage and train their employees to do the same. Each employee you have is yet another entry point for cybercriminals, and a chain is only as strong as its weakest link.

If this has you spooked, let’s have a conversation about your cybersecurity. We can help guide and train your employees, and use network policies to ensure best practices are being followed when it comes to your business data. Give us a call at (317) 759-3972 to get started.

from: https://reciprocaltech.com/blog/how-data-gets-stolen-even-when-security-measures-are-in-place/

Does Your Company Need a Tech Refresh?

https://ifttt.com/images/no_image_card.png

If your team has trouble using the technology in your office, then you might be staring down an opportunity to completely revolutionize the way your business functions through the use of new business technology. It could be something as simple as your hardware being old or your systems needing a reexamination of your business processes; whatever it is, upgrading your business technology can pave the way forward.

Let’s look at frustrations which could be indicative your company needs to upgrade its technology.

Slow Technology Is Holding You Back

Sometimes an employee will get flustered by their technology in the office not being as up-to-speed as their personal technology. Naturally, the longer a computer is used without being upgraded, the slower it becomes, and eventually you’ll experience operational issues as a result. A solid timeframe to consider replacing a computer is the three-to-five year mark, or whenever complaints and inefficiencies start to cost your business money.

We also recommend that you start thinking about server refreshes around four years after you implement a new one. You could probably get away with using the technology for longer, but you should start thinking about making such an important change to your infrastructure well before you actually start to make the transition. Doing so gives you more time to transition over important elements of your operations.

Your Company’s Growth is Outpacing the Infrastructure

If your business has undergone a surge of growth, then getting new technology becomes a priority for your new employees. Naturally, when a business outgrows its current infrastructure, there are many aspects which need to be considered, including a reexamination of the infrastructure as a whole.

For example, legacy software could hold back your team. Old software which is not supported on newer systems makes for a challenging work environment. There are ways around it, but the point we are trying to make is that any business which sustains considerable and consistent growth will eventually see their infrastructure outpaced by their technology needs, so businesses need to be willing to make changes as needed.

You Have a Remote Team Working Off-Site

A remote workforce will be a significant challenge compared to working with individuals in the office. Everyone needs the appropriate technology, for example, and you need to ensure that resources are distributed through the cloud in a way which makes sense. Cloud-hosted services enable remote workers to be just as efficient as in-house ones.

On average, a cloud platform can cut computing and support costs by about one-third, making it a significant cost-saving solution for most businesses. It’s easy to deploy resources and take care of accounts, and with built-in management and allocation tools, alongside Software-as-a-Service offerings, the cloud can’t be beat as an opportunity to implement new technology.

With the right goods and services on your side, your business can turn technology to its advantage. To learn more about how Reciprocal Technologies can help you implement new solutions, give us a call at (317) 759-3972.

from: https://reciprocaltech.com/blog/does-your-company-need-a-tech-refresh/

Managed IT vs. Cybersecurity: What’s the Difference?

https://ifttt.com/images/no_image_card.png

Managed IT is a commonly used term used to describe a broad suite of IT services for organizations. It’s the virtual IT equivalent of managed care (i.e., managed IT vs. cybersecurity), meaning it helps improve the quality of protection through various processes and technologies to manage risk, such as outsourcing some systems.

Cybersecurity is a complicated and ever-changing concept, as it combines many things. Cybersecurity providers typically focus on improving the security of their clients (organizations) through various technologies to manage cyber risk. The best way for an organization to manage its cyber risk is to outsource some or all of its IT operations—this is where cybersecurity intersects with managed IT.

The scope of work

Managed IT is an umbrella term, as it covers a wide variety of work including IT security. Cybersecurity refers specifically to IT security mechanisms and processes. While managed IT includes things like infrastructure management, cybersecurity is more encompassing, focusing on monitoring and hardening the system (i.e., improving security) and cloud-based SaaS solutions for various business needs (email, calendar, etc.)

Processes to manage risk

The process of securing an organization’s IT infrastructure is a complex one and involves numerous tools, technologies, and services. Tools come in the form of security software such as firewalls, network monitoring tools, and backup processes. Technologies are also present in this process as they are the building blocks for these tools. Resources could be from server space to cloud-based SaaS applications (such as email). Anything that contributes to security has to do with managing cyber risk towards improving it.

Support-related processes (workplace, network, equipment)

In contrast, cyber risk management involves outsourcing some or all of an organization’s IT operations (back office applications and services) to secure its IT infrastructure. This includes the processes and measures that help keep an organization’s assets safe. There is no exact set of services and metrics involved in the process, as it depends on the organization’s size, structure, and needs.

Organizational costs

The expenses for managed IT technology, services, and support are lower than those for cybersecurity. This makes it easier for organizations to afford to implement such a strategy. The benefits of outsourcing are less of a burden—the money is more efficiently spent on other parts of the business that require more security. And perhaps most importantly – with managed IT, the whole organization benefits from cybersecurity rather than just a few dedicated individuals in each department within one or two groups.

Monitoring and controlling the environment

Managed IT covers the role of monitoring and controlling the environment. The factor that differentiates managed IT from cybersecurity is that the latter includes monitoring and hardening network and system controls. Whereas with cybersecurity, this is part of a broader process that provides for other aspects, such as implementing advanced security technologies combined with a well-equipped staff.

Data location and storage policy (local or remote)

Data location is one of the aspects that can vary in managed IT. For example, some applications are hosted on servers in the clients’ data centers. This could be referred to as local data storage. Cybersecurity would usually require secure remote data storage over the Internet in accordance with all security protocols, such as security keys and certificates.

Key Takeaways

Managed IT and cybersecurity are two parts of a more extensive process in which the former plays a more support-related role. The best way for an organization to improve security is to outsource some or all of its IT operations—this is where managed IT comes in. A managed service model is the best option for businesses, as it helps them manage their needs while also focusing their budget on other areas like sales, marketing, and customer relations.

from: https://reciprocaltech.com/blog/managed-it-vs-cybersecurity-whats-the-difference/

Here’s What to Know About Cyber Insurance

https://ifttt.com/images/no_image_card.png

Whether you like it or not, organizations are going to get hacked. It’s the cruel truth. There are just so many individuals and organizations looking to gain unauthorized access and siphon off data and money from businesses, that it is basically impossible to go long stretches of time to not have to confront it in some way. With the threat landscape what it is, companies now offer cyber insurance. Let’s take a quick look at cyber insurance and what you need to know about it.

What Does Cyber Insurance Cover?

Not so surprisingly, insurance companies have created a lot of useful products that can help you mitigate potential damages to your business from cyberattacks. Let’s take a look at some of the coverage options available:

First-Party Coverage: Direct Losses

The expenses from a security breach aren’t just calculated in money stolen. They include the cost of business downtime, data recovery, and any fees associated with the investigation of the breach itself. 

Third-Party Coverage: Your Clients and Business Partners

If your security breach negatively affects crucial third-party data, you can get coverage that protects your vendors and your clients from the corruption brought on by a data breach. Besides that, cyber insurance can cover issues that happen to your actual infrastructure that holds the hard data, although you’ll want to check with your broker about the exact language on your policy to ensure you aren’t left holding the bag.

What Should You Know In Order to Get Covered?

If you think that cyber insurance is right for your needs, you should consider the following questions:

What type of cyber insurance coverage will your business actually need? Every security breach that you deal with could be the big one. Of course, there are costs associated with every security problem, but there can be some pretty exorbitant costs associated with security breaches. Depending on the size of your business, the amount you depend on technology, and how much you have to spend for cyber insurance you could get coverage that will cover a lot or a little. 

How much are you willing to invest in cyber insurance? Obviously, this is contingent on several factors. How much does your business depend on its technology? How much technology does your business actually use? How valuable is your data? Speaking to one of our consultants can give you a list of questions you need to consider.

Does your provider cover all risks you expect to face? If you know about insurance companies, you know that it is all in the language. You will have to have a solid foundation with your broker before investing large swaths of capital in cyber insurance. A security breach can be quite the expensive endeavor with a lot of moving parts, and you will need a partner to help you through that. You’ll definitely want to make sure that the services you want and need from your cyber insurance policy are covered.

Give our consultants a call at (317) 759-3972 to help you get an idea what type of cyber insurance coverage your business could use.

from: https://reciprocaltech.com/blog/heres-what-to-know-about-cyber-insurance/

How to Properly Test Your Data Migration Processes

https://ifttt.com/images/no_image_card.png

Regardless of the business attempting it, data migration (or the process of moving data and systems to a new piece of infrastructure) is critical to get right. One way to improve your chances of success is to create and follow a migration strategy, evaluating it as you go. Let’s walk through some practices involved in doing so.

What Goes into Proper Data Migration Testing?

Data migration testing needs to address the various parts that any migration will inherently have: before the process takes place, what goes on during the migration itself, and what happens afterward. Being prepared to evaluate your process at all three stages based on predetermined metrics is therefore critical to your success, as there is no shortage of things that can go awry during any data migration.

It is also important to acknowledge that, before we go any further, data migration is something that requires some pretty advanced IT capabilities and skills. In short, it’s something that you’ll want to entrust to the professionals—professionals like the ones we have at Reciprocal Technologies. We urge you to reach out and consult with us before diving into any major processes.

That being said, we wanted to run through a few critical steps to attend to at each of the aforementioned three stages.

What Needs to Be Done Before Your Migration Starts

Your first step needs to be to determine how much needs to be migrated—otherwise, you’ll have no scope of reference as to your success once the process is finished. Planning this process and making the preparations for it—like making sure that your data is protected from any negative impacts by backing it up in a properly configured backup solution—will be an important next step. 

You also need to ensure that you and your team also know what your proposed timeline looks like, and have a sufficient budget to cover these plans. Finally, it is also important to consider your cybersecurity and regulatory compliance needs, so that you can be sure that all of your systems meet the requirements.

What to Do During the Migration Process

As you’re completing your migration, there are a few things you can do to assist the testing process. For instance, breaking up the data you’re migrating into smaller batches makes the testing process more efficient. This is also a good time to set access permissions for your employees to fit the needs that their roles call for.

What Should Come After Your Migration

Once your migration has been completed, you should go through and test your new solutions to ensure that it was successful, checking that your data all made it over and that it is properly formatted for your new system. You should also check your new systems’ performance and security, stress testing them and running penetration tests to confirm they are reliable and secure.

Reach Out to Us for Assistance with All This

At Reciprocal Technologies, we specialize in fulfilling the IT needs of our clients, from basic maintenance to advanced network configuration. Whatever it is you require, give us a call so we can help you out! Reach out at (317) 759-3972 today.

from: https://reciprocaltech.com/blog/how-to-properly-test-your-data-migration-processes/

Tip of the Week: 3 Steps You Can Take to Keep Your Computer Clean

https://ifttt.com/images/no_image_card.png

Any machine needs regular maintenance which includes periodic cleaning. This includes any computer you use. We have put together three actions you can take to ensure that your machines aren’t going to break down from a lack of physical maintenance. 

Before we start we should say that these physical maintenance tips aren’t going to make your computer run faster or anything like that. What cleaning your computer will do, however, is significantly improve the experience of using it. It’s also just much nicer to have a clean workstation. 

To complete the cleaning process we outline here, you will need the following:

• A microfiber cloth for wiping down surfaces and screens
• Compressed air to clean out vents and other internal components
• Tools, in case you need to open your computer case (ask us if you’re worried about doing this yourself)

You will want to turn off and then unplug the computer you are going to clean and be in a place that has decent ventilation. 

Start with Your Monitors

Cleaning your displays is perhaps the most important part of cleaning your PC. After all, if you have stuff all over your monitors, it is distracting. You’ll want to avoid using any type of substance that could be corrosive. We recommend wiping the dust away with the microfiber cloth and then using a small amount of distilled water (you can find it at your local dollar store) on a paper towel to thoroughly clean the displays. 

Move to the Fans 

Dust generally accumulates inside your computer if you don’t clean it every so often. It also can build up in the fans and can get in the way of air circulation. This can actually have a negative impact on your PC’s functionality as the hotter it is inside your computer, the more wear and tear the components will endure. 

You will want to blow out the fan for certain with the compressed air, but if you are doing a thorough job, you can take the side panels off of your device and remove dust from internal components too.

Clean the Keyboard

Oh man, we’ve seen some pretty nasty keyboards in our time. If you want your keyboard to avoid this fate, you need to be diligent when cleaning it. After all, if you work at your workstation full time, you probably have dead skin, food, hair, and all types of other stuff situated between the keys. Cleaning your keyboard is probably the grimiest part of the job. Take keys off of your keyboard and get in there with some cotton swabs. If you don’t feel like getting that involved you can just shake the keyboard off and be disgusted at the things that appear on your desk. 

A Clean Workstation Can Still Be Dirty

While you may have a spic and span workstation, it may be infested with malware, adware or some other type of problematic code. That’s where Reciprocal Technologies comes in. Our technicians can clean the inside of your computer and monitor it around the clock to keep threats off of it. Give us a call at (317) 759-3972 to learn more. 

from: https://reciprocaltech.com/blog/tip-of-the-week-3-steps-you-can-take-to-keep-your-computer-clean/

The Basics of a Secure Network

https://ifttt.com/images/no_image_card.png

Unfortunately, some businesses have had to learn the hard way in order to pay attention to their business’ cybersecurity efforts. These cautionary tales aren’t lost on many business owners, but in some cases, they are still ignored. That’s where we come in. Today, we thought we would go through some basic things that any organization needs to know to keep their business safe. 

Reliably Secure Wireless 

These days, a lot of business is done on a wireless network. When a business sets up its Wi-Fi, they can make some pretty serious mistakes that can cause real problems if they aren’t caught and corrected. Best practices dictate that any business that sets up a wireless network for their business should change their router credentials regularly, ensure that any firewalls have been updated, and create a guest network that is separate from the main Wi-Fi network that can be accessed by employees.

Up-To-Date Antivirus

Antivirus tools are one of the most important cybersecurity tools an organization can have, but only if they are regularly updated with threat definitions that represent the attacks a network would have to confront. The entire point of antivirus (and other anti-malware tools) is to identify and quarantine potentially malicious code, so if it doesn’t have the latest definitions to accomplish this, it will inevitably let malicious code onto the network; a real problem for any business. 

Keeping Firewalls Current

The same goes for firewalls. Security-minded companies set up multiple firewalls between elements of their computing infrastructure. If the firewalls’ threat definitions aren’t up-to-date, they won’t be very good at catching the malicious code that comes in and out of parts of a network. 

Utilizing Password Management

Password management promotes better password practices. It does so by encrypting the numerous passwords that any user has to have in the course of their work. This means a user only has to remember one password instead of dozens, and removes excuses to not create complex passwords for every account. The more complex the passwords are, the more secure the accounts associated with them are. 

Multi-Factor or Two-Factor Authentication

Two-factor authentication or multi-factor authentication (2FA or MFA, respectively) is a useful security addition to any password-fueled account. Instead of gaining access to an account or profile after they enter a username and password, the user is asked to authenticate their password using a code or other method. This can be something as simple as a text message sent to a user’s email all the way to a biometric scan of a user’s fingerprint or iris. The idea is to add another layer of security to password-centric accounts, as they are the ones that are most vulnerable to attack.

At Reciprocal Technologies, we work with Indiana businesses every day to improve their business’ security processes and their overall efficiency. To talk to one of our consultants about your business’ cybersecurity, give us a call today at (317) 759-3972.

from: https://reciprocaltech.com/blog/the-basics-of-a-secure-network/

Reduce The Amount of Battery Life Chrome Uses

https://ifttt.com/images/no_image_card.png

Google Chrome consumes your battery a lot faster than you might think, but Google has started to take steps toward implementing a feature that could potentially help users get more battery life while using their web browser. This new feature, an experimental one implemented with Chrome version 108, could potentially be a game-changer for both personal and professional Chrome use.

How to Use Your Energy Saver Feature

Before you try to turn on your Energy Saver feature, you’ll first have to make sure you’re using the right version of Chrome. To check this, you can use the triple-dot menu in the top right corner of the browser window to navigate through Settings > About Chrome. You can see your browser information here, and if you’re not using the appropriate version of Chrome, you can push the update from this screen. Alternatively, you can have a professional like those at Reciprocal Technologies handle this task for you, just to be on the safe side.

Again, we want to reiterate that this Energy Saver feature is an in-development feature and, thus, not available to the general public in an easy-to-find location. Chrome has it hidden away with its other experimental features for only the most ambitious users to try using.

To access these in-development features, type the following into your address bar and search: chrome://flags. You’ll see a page open up with all of the Experiments, i.e. features that are very much in the works, but not ready to be implemented on a grand scale. Search for “battery” and you’ll find the option to Enable the battery saver mode feature in the settings. All you have to do is set this to Enabled, then relaunch Chrome using the prompt.

After you’ve relaunched Chrome, you can go to your Settings to find a new option called Performance, where Energy Saver is housed.

The setting provides better battery life by limiting certain parts of the user experience. According to the setting, “When on, Chrome conserves battery power by limiting background activity and visual effects, such as smooth scrolling and video frame rates.”

Once the feature has been turned on, you can set it to Turn on only when my battery is at 20% or lower or Turn on when my computer is unplugged.

If you’re ever unsure of a feature on your device, be sure to ask us at Reciprocal Technologies what we think. We can give you a solid rundown of the pros, cons, and options you have at your disposal. To learn more, contact us at (317) 759-3972.

from: https://reciprocaltech.com/blog/reduce-the-amount-of-battery-life-chrome-uses/

How Phishing Has Evolved Over the Years

https://ifttt.com/images/no_image_card.png

As the business world becomes increasingly digitized, an ever-increasing number of cyber crimes are being perpetrated. One particularly insidious crime is phishing when someone attempts to steal sensitive information such as usernames, passwords, and credit card numbers. Unlike a virus or ransomware attack, which can cause your computer to behave erratically and become unusable, phishing scams are often tough to detect. Phishing is one of the most dangerous cyber crimes, but how has it changed over the years? Let’s look at some examples to see what new techniques cyber criminals have come up with over time.

1. Gaining the Victim’s Trust

The first evolution of phishing was the realization that perpetrators needed to instill trust in their victims before they could get them to give away their passwords. Over the years, scammers have only become more effective at this. As a result, phishing scams of all kinds have has become quite sophisticated, even in the most basic form. Fake websites are now being created that look exactly like the real thing, using realistic templates and designs. This makes for a phishing scam that is dangerously easy for the victim to fall for.

2. Gaining Access to Account Credentials

The next technique that phishing scam perpetrators began to implement was gaining access to seemingly sensitive accounts. This is especially dangerous because when an individual gives away their login details, hackers will often have access to other accounts if they are connected or if the credentials are reused. This scam has become more sophisticated nowadays, as victims often submit their login credentials through a fake form under the belief that they are accessing a real account. To get past fake verification questions and onto the actual site, users have now been asked to provide information such as credit card numbers and bank details.

3. Installing Malicious Computer Programs (Malware)

As the Internet has grown, so has the range of methods used by hackers. One type that is increasingly common in phishing attacks is malware. This can take the form of a program designed to spy on their victim’s activities and pass information back to a third party. As more and more people gain access to the Internet, it becomes more difficult for them to tell which sites are real and which are fake. Malware is also extremely hard for an individual to detect because it can be loaded onto your machine without you even knowing about it.

4. Changing the System’s Settings

The final method that the creators of phishing attacks have implemented is to change the system settings. This means that along with the malware, they can also gain control over some of the computer’s functions. This way, they can open up their victim’s email service and send messages to specific people. In this way, hackers can pretend to be someone they’re not.

Key Takeaway

These four ways phishing has changed over the past couple of years show that hackers have become more sophisticated daily. However, a lot can still be done to protect yourself from this kind of scam. First, make sure you never send sensitive information over a public Wi-Fi connection. If you need to make an important transaction or log into your account, try not to do so from a public place. Avoid responding to any emails you believe may be suspicious, and always check on the company website if you have any doubts about the legitimacy of an email.

from: https://reciprocaltech.com/blog/how-phishing-has-evolved-over-the-years/

Tip of the Week: How to Copy Excel Data

https://ifttt.com/images/no_image_card.png

So, you’ve spent a ton of time and energy transcribing data into Microsoft Excel, only to find out that you need this same data elsewhere in your spreadsheets, too. Bit of a bummer, unless you know how to accurately and easily copy all of this data. Let’s go over how you can do so.

The first thing you need to determine is whether you’re just copying an existing worksheet in the same workbook or you want to duplicate your worksheet into a completely different file. Fortunately, both are totally possible.

Copying a Worksheet Within a Workbook

Copying a worksheet is a very simple prospect. All you have to do is right-click the sheet tab of the worksheet you want to copy, and from the menu that presents itself, select Move or Copy… Once you’ve done so, make sure you select the Create a copy option in the window that appears. Click OK, and you will have a copy of the worksheet along with the original that you can edit and rename freely.

Copying a Worksheet into a Different Workbook

If your needs would be better suited by having a worksheet duplicated into an entirely different workbook, that’s entirely possible—in fact, there’s a few options available to you.

First, Excel’s user interface has this functionality built in. To use it, you’ll need both locations—the sheet where the original data is present and the sheet the data is to be copied to—open. In the original worksheet’s window, again, right-click the sheet tab. Select Move or Copy… once again, selecting To Book as the target. You’ll be presented with a list of open workbooks to select from. With the Create a copy option selected, click OK.

Likewise, with both the source and the target workbook open, you can simply drag one worksheet from one to the other to copy it. Under the View tab, select View Side by Side in the Window group. This tells Excel to split the display between the two. You can then click and drag the sheet tab you want to copy from one workbook to the other while holding down the Ctrl key. Without the Ctrl key, you’ll just move the sheet over.

Hopefully, this helps you cut down on some of the time you might otherwise spend manipulating Excel. Our managed services can help you save time in other ways, too, enabling you to better utilize it. Give us a call at (317) 759-3972 to learn more.

from: https://reciprocaltech.com/blog/tip-of-the-week-how-to-copy-excel-data/

Apple Devices Have a Significant Vulnerability (So Here’s How to Fix It)

https://ifttt.com/images/no_image_card.png

Do you remember the “Hello, I’m a Mac, and I’m a PC” commercials that aired from 2006 to 2009? These ads, which featured actors Justin Long and John Hodgeman as Mac and PC, respectively, were put out by Apple to promote their line of computers, highlighting the advantages that Macs had over the PC. One advantage the ads referenced repeatedly was the idea that Macs “don’t get viruses,” something that research conducted by Elastic Security Labs has disproved beyond any doubt.

Let’s examine what Elastic Security Labs has discovered, and what can be done about it.

Macs Can Get Malware, Albeit Less Often

According to Elastic Security Labs’ research, 54% of malware impacts Windows devices, as compared to 6.2% being found on machines running macOS. However, a full 48% of macOS devices are infected via the same app.

Somewhat ironically, the app responsible is MacKeeper—a utility that provides assorted tools to help maintain a computer’s privacy and security, which requires it to have somewhat nebulous access permissions. 

MacKeeper is legitimate software, but it has been hijacked and used for malicious intentions.

For this reason, it is likely wiser to remove it.

Here’s how to do so:

Deleting MacKeeper from macOS

• Navigate to the Finder app
• Select Applications
• Locate MacKeeper
• Make sure you have This Mac selected and click the plus sign
• Open the dropdown by selecting Name
• Select Other
• Tick the checkbox next to System Files
• Click Name and select System Files
• Change aren’t included to are included
• Right-click and select Move to Trash for all files in the folder
• Right-click the Trash icon and select Empty Trash

Hopefully, this will help eliminate a big source of threats from your macOS device. We can help you with the rest of your technology as well. Give us a call at (317) 759-3972 to learn more about our managed services.

from: https://reciprocaltech.com/blog/apple-devices-have-a-significant-vulnerability-so-heres-how-to-fix-it/