by John Mamon | Dec 15, 2021 | IT Service Blog, Security
Most small businesses don’t invest enough in technology, or at the very least they don’t do it often enough. For some this is due to apprehension about spending money on tools they know very little about, and some have the approach of ‘so what, it still works so I don’t care’. Both are fair points to make, but the reality is that outdated tech can cause serious problems in your workplace. Think about it – when was the last time you invested in technology?
Most businesses have a mixture of old and new technology integrated into their workflows. The majority of businesses replace their tech, when necessary, usually when the hardware has become outdated or in the event of system breakdowns. An overhaul of your entire system is perceived as being too disruptive, which is why a slow gradual approach is preferred and recommended.
All businesses have pieces of hardware or software that are aging, the rate at which the technological world is evolving makes this inevitable. But with the right education and IT consultancy you can be well on your way to a modern technological future.
The hidden issues of outdated tech in your business
Higher costs
An office full of old technology, can actually cost you more than upgrading to new technology. Most new technology is designed to increase efficiency, and as you know, if your team isn’t able to be as efficient as possible, it’s costing you money. Also, older technology eats more energy. Newer systems tend to run more efficiently, saving you energy costs.
Expensive fixes
Do you allocate part of your annual budget on technology? Like we said earlier, if things are working fine many business owners don’t see the point in making changes. But it’s smarter to budget for technology, and make sure you’re using current systems, rather than have surprise and costly fixes.
Outdated tech is more likely to experience failures. Emergency IT support will be far more expensive than the preventative measures that can be implemented into current, updated systems. The last thing you want to do is to be forced to purchase new technology, and make a snap decision just to get your business back online. It’s always better to plan for what technology you’ll need next.
No flexibility
Work is going to grow ever more flexible as time goes on, and with the unpredictability of the modern workplace, those that are more flexible are set to be the industry leaders going forward. Work doesn’t get much more flexible than when working remotely, working from home, the office, or on the go – without sacrificing productivity or employees wellbeing – is the future of business worldwide.
It is important that you have confidence in your systems, hardware, and devices. You need to be certain that they are secure and functional when working from a remote setting. Outdated tech rarely offers the functionality – or more importantly the levels of security possible with modern tech. Update your tech with remote working in mind and your team will reap the many benefits of remote working.
A loss of customers
Old technology will likely lose you customers. Let’s take a look how.
When working on outdated tech you are for more likely to be the victim of a cyber attack. Your data being compromised will likely cause your customers to lose faith in your ability to protect their data, in turn, leading them to go to your competitors instead.
Modern alternatives are far faster and less ‘buggy’ than outdated tech. This may affect the quality of communication that you have with your customer base and may affect the quality of service you can offer them. This will also cause customers to look for a better experience and quality of service elsewhere.
The relationship you have with your clients is arguably the most crucial element to a successful business. Slow tech can seriously affect the quality of service you are able to offer. The last thing a customer wants is delays, and continuous delays will probably lead you to lose their trust. Slow operations and response times don’t reflect well on your business.
Security risks
We all know cyber attacks are more frequent now than ever before, predominantly due to the pandemic and the increase in our reliance on tech. No matter the size of your business, you are not safe from them, you don’t have to be turning over millions of dollars a year to become a victim. It is, in fact, the opposite. Most cyber criminals target smaller businesses because they presume they won’t have put the resources into advanced cyber security solutions meaning there are more gaps to target.
While your technology evolves, the methods that cyber criminals use to penetrate your systems evolve alongside it. The latest version of any technology is always the best equipped to protect your systems from security threats. The latest tech will have modern preventative measures as standard – this combined with the tools you have purchased will put you in a better position to defend your system.
Vendors eventually stop supporting older systems, making them vulnerable. A lack of security updates will mean that new issues are not remedied. Patching becomes impossible and it’s unlikely that you will be able to prevent breaches until it is too late. Using modern technology will have the opposite effect – a secure productive technological environment.
mPoweredIT – Ensuring You are Cyber Secure
mPowered IT can be your proactive partner in keeping IT systems secure and defended. We never leave things to chance or wait for a problem to arise – predicting and preparing for the threats of tomorrow will help ensure your valuable data is protected and your business continuity maintained.
by John Mamon | Dec 6, 2021 | Security
Phishing scams are one of the most popular tools in a cyber criminal’s arsenal today, given the ease with which they can deliver their attack through the relatively undefended route of email.
Email breaches come in a variety of forms, but predominantly involve the use of a false identity – creating trust between the recipient and the hacker – with the intent of duping the victim into unknowingly sharing sensitive information or opening a malicious file on their computer.
Deception is, of course, the key to a successful phishing attack – this trust is used to draw the victim into clicking on a link embedded within the email, which will often load a website posing as a brand entity or company likely known to the email recipient. The scammers go into extensive detail to impersonate individuals and entities that you or your team are likely to trust, so that you’ll comply with their requests. Familiar names such as Netflix, your bank or governmental departments will often be used – with a message requiring the user to act urgently in updating their credit card information or sharing their login credentials.
While most cyber criminals want to gain access to your systems or to compromising and sensitive information for financial gain, some do it for the pure goal of causing chaos.
Methods of the Phishing Scammer
There are technical solutions designed with the intention of blocking phishing attempts, but the most important and first line of defense is ‘the Human Firewall’. Your team needs to know what to look out for if a scammer slips through the net into their inbox.
Your team’s first reaction to any and every email they receive must be to distrust it, until they can verify its legitimacy.
Deceptive Phishing, as described above, not only impersonates an organization you trust, but it urges you to take immediate action. The email may contain a message along the lines of: “Click link to verify identity” or “Unverified account log in, click link to identify.” Or, it may seem to be helping you avoid something bad, when actually they are the bad thing to avoid. Messages such as these will often be accompanied by a redirect to a login portal designed to harvest account details.
Spear Phishing is a more targeted technique whereby the cybercriminal performs background research on the victim in order to pose as an individual or entity known to them personally. These criminals are not lazy – they will do whatever research they need before beginning an attack. Fraudsters can gather an extensive amount of information from social media profiles so you’ll believe it someone you know and trust. Scams of this nature have a higher chance of success as victims may not think they’d be targeted personally.
CEO Fraud is where the scammer impersonates a company CEO or other other high-status person. Armed with publicly-sourced information about the CEO they’re impersonating, they communicate with company employees asking them to perform tasks and transactions that would normally be unauthorized. The cyber criminals invent stories as to why the requests are valid in the hope that your team complies. Would you disobey and slow down the boss’s workday? You wouldn’t think twice if the source seemed genuine.
Cloning involves creating an identical copy of a previously sent email from a legitimate sender. This time, however, any of the links contained within the original email will be replaced with malicious ones.
Pharming involves directing users toward fake websites set up to steal login credentials and other forms of sensitive information. Cyber criminals may use viruses to direct individual users towards the rogue site – but this method does involve infecting the user’s computer beforehand, which can be difficult.
3 Ways to Avoid Phishing Attacks
With their techniques getting more sophisticated by the day, their manipulative talents, and their clever tricks, anyone can fall prey to Phishing scams. You must always proceed with care, examine links closely, and if you are in doubt, delete.
Pay close attention to URLs. If you find yourself redirected to a site from an email, take a moment to look at the URL to compare it to what you would expect. Look out for anything out of the ordinary, slight misspellings, extra words, or unnecessary hyphens in the domain name for example. Also look to see if the ‘top-level domain’ is as you expect. For example, if you expect ‘.com’ but you see ‘.fr’ then something is not quite right. As we said, if in doubt, just close your window and if you need to visit that site, enter the correct URL manually.
Know your bank and the way it operates. Do some research – or even contact – your bank to learn how they will contact you in the event of an emergency. Any financial establishment worth its weight will let you know exactly how they will get in touch so that you distinguish between legitimate communications and the fraudulent ones.
Do not reveal too much! A massive, publicly available social media presence is a goldmine to fraudsters, and they will use it to gain access to sensitive information. Apply privacy settings and keep things like your friends list, phone numbers and your date of birth viewable only to people you know and trust.
mPowered IT – Ensuring Cyber Security for Your Business
mPowered IT is your go-to proactive partner in keeping IT systems secure and defended. We never leave things to chance or wait for a problem to arise – predicting and preparing for the threats of tomorrow will help ensure your valuable data is protected and your business continuity maintained.
by John Mamon | Nov 23, 2021 | Security
In the modern digital age, our businesses need the security and reliability of our IT systems and infrastructure. Any outage or loss can seriously disrupt the efficiency and security of business operations, potentially creating financial loss, and breaching industry compliance obligations.
Where to begin
The security of your IT should be a priority but how do you achieve it? You should start with these six key tools that give your business the best chance of preventing a cyber-attack.
Six tools to help protect your systems
Firewalls
A firewall protects the perimeter of your network by sifting inbound and outbound traffic. It looks for open ‘doors’ that could leave your system vulnerable to exploitation or take over from cyber criminals. A well configured firewall, (hardware or software) will allow or disallow permissions to enter your network for both people and data traffic. Perhaps most importantly, it monitors and protects information and data, making it much more difficult for data to be stolen. But a firewall alone, especially without continuous updates, will not serve you well for long.
Secure configuration
To achieve a secure configuration, you must implement a series of security measures when building and installing your computers and network devices. By doing this, you reduce your risk of becoming a victim of a cyber attack. Criminal hackers look to exploit your security misconfigurations to gain access to your system. Apply best practices to the way your network and systems are configured to prevent misuse and exploitation.
Access control
Between cyber security and company best practice access protocols, you should limit system access permissions on a ‘need to know’ or ‘need to access’ basis. Restricting access will stop staff from accessing files and folders that do not pertain to their role, while simultaneously limiting the potential reach should a cybercriminal successfully breach your system. Administration rights are seen as the `master key` for cyber criminals. Losing that key could have serious consequences for an individual computer or in the worst-case scenario, your entire network.
Malware protection
Malware protection comes in the form of software that is designed to protect IT and individual computers from malicious software. Malware is the umbrella phrase used to explain malicious software, or what is more commonly referred to as viruses. A virus is essentially designed to cause disruption or steal information from your network. One of the most common forms of malware is ransomware. Ransomware is used by the criminal as a means of locking out your access to your files & folders, sealing them behind the criminal’s own encryption key, only allowing you access after you pay a considerable ransom.
Patch management
Hackers are constantly working to exploit vulnerabilities within the software applications and operating systems you use every day. By employing patch management, you will keep your software up to date and secure by rolling out critical updates as they become available.
Education
There is absolutely no point in implementing all the above tools in your quest for cyber security without educating your staff. Everybody should be aware of best practices when it comes to navigating their cyber environment. Think of it like this — the tools you implement are the armor and the person inside is the soldier that uses them all. They are all there to help as best they can, but ultimately the quality of their defense comes down to the capabilities and knowledge of the person behind them.
How to begin your implementation
If you have an IT person, ask if all the above has been implemented. A lot of businesses just get a firewall and some form of malware protection installed and feel their security is covered. It’s not. Cybercriminals do nothing but look for new ways to attack. Your business cannot passively protect itself against an active, motivated, stalking, evil predator. So start with a conversation with whomever is responsible for your network security to get an idea what measures are in place. If that falls short, or you’re not sure, you need a good IT partner who will work with you, and your IT person, to ensure you have real, up-to-the-minute security measures in place, that are appropriate for your business and budget. The ideal partner will adopt a customer-first approach while having the technical knowledge and competency to see things as they apply to real world solutions and your business.
mPoweredIT – cyber security experts
At mPoweredIT we are proactive in keeping systems secure. We never leave things to chance or wait for a problem to arise. We take care of your business systems with the attention and care as if it were our own network on the line.
by John Mamon | Jun 3, 2021 | Uncategorized
HawkSoft partners with Managed Services Provider mPowered IT
The partnership aims to expand accessibility to quality IT support and services for independent agencies in southeastern USA.
Candy, OR, June 3, 2021
Oregon-based insurtech HawkSoft is partnering with mPowered IT, a leading managed services provider based in Atlanta, Georgia. mPowered IT provides comprehensive IT services to small businesses throughout the southeastern United States – with significant experience helping insurance agencies set up and manage their IT infrastructure. HawkSoft is well-known for their focus on exceptional customer support and a knowledgeable product support team. The partnership with mPowered IT adds another level of IT support, making managed IT services more accessible to HawkSoft customers in the southeast.
mPowered IT is a full-service managed services provider with years of experience meeting the specific IT needs of insurance agencies. They understand the agency workflows and the document management systems used, which eliminates the learning curve needed by so many other service providers. Their concierge level of service and passion for supporting small businesses make them an ideal partner for HawkSoft. “HawkSoft’s ‘Ring of Fire,’ the line we will never compromise on, is delivering an exceptional customer experience,” said Rushang Shah, VP of Marketing at HawkSoft. “Customers recognize the same dedication to service in mPowered IT, and we feel we’ve found another ally as passionate as HawkSoft in helping independent insurance agencies thrive.”
John Mamon, CEO of mPowered IT said, “We are passionate about delivering a great customer service experience with every encounter. That starts with a commitment to responding to every service request in 15 minutes or less, and doesn’t end until the problem is fixed right and the customer is happy.”
HawkSoft customers receive significant savings on both the initial signup cost and recurring monthly subscription for mPowered IT’s ENABLE Program. Learn more about mPowered IT services for insurance agencies here: https://mpoweredit.com/service-support-insurance-agencies/
About HawkSoft
Since 1995, HawkSoft is a leader in management systems for independent insurance agencies that want effective workflows and a delightful experience for staff and policyholders. Created by independent agents, HawkSoft continues to evolve as a cutting-edge system that powers thousands of agencies. HawkSoft offers the following promise to insurance agents: your investment in HawkSoft will pay for itself in the first year. Learn more about HawkSoft’s unique father-and-son story at www.hawksoft.com/story.
About mPowered IT
John Mamon launched mPowered IT in 2014 in Atlanta with a vision of serving small to medium size businesses as a partner and advocate, ensuring that they have the technology they need, and that it’s always working as it should. The company offers a comprehensive range of IT services and support including help desk support, cloud based services, backup and disaster recovery, cybersecurity as well as web and app development. For more information about mPoweredIT, go to https://mpoweredit.com/ or call 678-389-6200.
Media Contacts:
HawkSoft
Rushang Shah
VP, Marketing
media@hawksoft.com
mPowered IT
John Mamon
CEO
jmamon@mpoweredit.com
by John Mamon | Sep 13, 2018 | IT Service Blog
Data breaches reveal the personal information of millions of Americans each year. In healthcare, the trend causes even greater concern due to the nature of the data. The consequences of a data breach are costly to healthcare providers, and more importantly, damaging to the victims.
Here is a sample of developments in this area during the start of 2018
All 50 States Require Breach Notification
On May 1, the Alabama Data Breach Notification Law of 2018 came into effect, making Alabama the final U.S. state to enact such legislation. The law requires notification of breach victims within 45 days of a breach’s discovery, which is 15 days shorter than HIPAA’s 60-day limit. Failure to comply with the notification guidelines can result in a penalty of up to $5,000 per day of the violation.
CT Residents Can Sue for Medical Data Breach
The Connecticut Supreme Court unanimously ruled in January that residents can file lawsuits against healthcare providers seeking damages for negligent disclosure of their medical records resulting in harm. The state joins Massachusetts, Missouri, and New York in allowing such lawsuits, which are not explicitly allowed by HIPAA.
States Looking to Cut Notification Window
A bill to amend Colorado’s data breach notification laws is advancing through the state legislature (not passed as of May 14, 2018). Among other changes, the bill would require organizations to notify individuals affected by a data breach within 30 days of discovery.
Massachusetts Launches Breach Portal
Perhaps following the lead of the OCR’s infamous HIPAA Breach Portal, Massachusetts launched a web portal in February for organizations to submit breach notifications. The portal is later expected to host information on reported breaches, including the organization breached, when the breach occurred, and the number of people affected.
