Blog IT Archives

3 Ways a Trusted IT Company Can Safeguard Your Business From Disaster

March 2, 2023/in Blog IT

In today’s digital age, data is the backbone of businesses, and losing it can be catastrophic. Whether it’s due to a natural disaster, a cyberattack, or human error, data loss can lead to significant financial losses and reputational damage. That’s why it’s crucial for businesses to secure their data with a backup and recovery plan that includes business continuity. What’s more, choosing the right IT company to handle your data and keep it secure is paramount.

We’ll focus on 3 key aspects of data security and how the right IT team can address each issue, ensuring business continuity and peace of mind.

1. Data backup and recovery

Data backup provides protection against data loss due to a wide range of events, including hardware failure, theft, natural disasters, cyberattacks, accidental deletion, and more. Without a backup, businesses risk losing critical data essential to their operations, which can hurt the bottom line and negatively affect how customers view the organization. The term data recovery refers to the process of restoring that important data so the business can bounce back after an issue has occurred.

How IT can help: A data backup and recovery plan ensures that businesses have recovery options in case of data loss, minimizing the impact on business operations and customer service. With a backup and recovery plan in place, businesses can recover their data quickly and efficiently, reducing the risk of downtime and lost productivity.

Backup and recovery is an essential factor to consider when selecting an IT company for your business. The company should have reliable and efficient data recovery processes in place to restore your data quickly and effectively in case of data loss. They should also have a plan in place to test the recovery process regularly to ensure it is effective. In addition, they should be able to keep your business running while the backup and recovery processes are in action, which leads us to…

2. Business Continuity Planning

Business continuity refers to the ability of an organization to continue its critical operations in the event of a disruption or disaster. It involves identifying potential risks and developing plans and strategies to minimize the impact of these risks on the organization’s operations and ensure a quick recovery.

How IT can help: The concept of business continuity goes hand-in-hand with data backup and recovery, in that business continuity is the overall strategy to minimize downtime and keep your business running like normal, even during a disaster. An IT company may provide backup and recovery services, but what if it takes them a week to get you back to normal? Even just a day of outage could be costly.

An IT company that has a strong focus on business continuity will have experience and expertise in identifying potential IT-related risks, implementing measures to prevent or mitigate these risks, and developing plans and strategies to ensure a quick recovery in the event of a disruption. They will also have the necessary resources and infrastructure to provide backup and recovery solutions that meet the needs of the business. They may even be able to provide redundant or backup systems that can take over and handle business needs while the emergency is taken care of. Think of it as a “spare tire” that will keep you running until you can get to a garage and change the flat.

When time and data are money in modern business, the name of the game is minimizing downtime of critical systems.

3. Compliance Management

Many industries are subject to compliance regulations that require data backup and retention, such as healthcare and financial services. Failure to comply with these regulations can result in significant financial penalties and reputational damage. Data backup helps businesses meet compliance requirements and maintain the security and privacy of their customers’ data.

How IT can help: An IT company can provide valuable expertise and support to help a business meet its data compliance requirements, minimize the risk of data breaches, and avoid costly penalties for non-compliance in a number of ways:

Conducting an assessment to identify the business’s compliance requirements and assess the business’s current level of compliance
Developing policies and procedures to ensure compliance with applicable regulations and standards
Providing training to employees to ensure they understand their roles and responsibilities regarding data compliance
Implementing security measures such as encryption, access controls, and more to protect data and ensure compliance
Monitoring systems to identify potential compliance issues and provide reports to demonstrate compliance to regulators and auditors
Providing ongoing support to help the business remain compliant with changing regulations and standards and to address any issues that arise

Compliance issues surrounding data and technology can be complex and challenging, which make this an ideal topic to leave to the professionals.

How to choose the right IT company

It’s critical to understand that choosing the right IT company for data backup is essential for businesses that want to keep their data safe and secure. The first factor businesses should consider when selecting an IT company for data backup, security, and recovery is their expertise and experience. The company should have a proven track record of providing data backup solutions to businesses similar to yours. They should have a deep understanding of the latest backup technologies and techniques to keep your data safe and secure.

In addition to expertise (and reputation), businesses should look for a company with robust security measures, efficient and comprehensive data recovery processes, business continuity planning, and industry-leading support services. By selecting the right IT company, businesses can ensure that their critical data is protected, and their operations can continue even in the face of a disaster.

Got questions? We got answers. To set up your free consultation, contact amshot at consult@amshot.com.

Is it safe to have TikTok on company phones?

February 2, 2023/in Blog IT

Image by myriammira on Freepik

With more than 1 billion active users, it almost feels like everybody has TikTok on their phone. At the same time, TikTok has increasingly drawn concerns that China’s government may use the app to collect data on users or use the app as a tool for espionage. Additionally, there are worries about the app’s handling of user data and its potential to be used to spread misinformation. So what does that mean for company phones, or even employees who access company data on their personal phones?

These data security concerns have led some countries (such as India, Pakistan, and Indonesia) to ban the app within their borders. It’s worth noting that some of these bans have been temporary and some of them are still under process and might be changed in the future. Also, some other countries have imposed restrictions on the use of TikTok, such as limiting access to certain features or imposing fines for the spread of misinformation.

Data privacy concerns

One of the main reasons various government agencies have raised a yellow flag over TikTok is the concern over data privacy. The app collects a vast amount of user data, including location, browsing history, and device information. This data is then used to target ads and provide a personalized experience for users. However, there are worries that this data could be shared with third-party companies or even foreign governments.

Considering all of the questions surrounding TikTok and the flurry of recent news citing data security concerns, what potential threat might the app pose to businesses whose employees use it? First, it’s important to understand why data security is important to every business. Here are a few vectors by which a security breach could impact a company’s livelihood:

Reputation: A data security breach can damage a company’s reputation and result in a loss of trust from customers and clients.
Financial loss: A data breach can also result in financial loss, including the cost of remediation, legal fees, and potential compensation to affected customers. In some cases, a data breach can also lead to a loss of intellectual property or trade secrets.
Legal liability: A data breach can also result in legal liability for the company, particularly if the company is found to have been negligent in protecting customer data.
Competitive advantage: Having strong data security measures in place can also give a business a competitive advantage, particularly in industries where data privacy is a major concern, such as healthcare or finance.
Employee morale: A data breach can also negatively impact employee morale, as theymay feel their personal information is not secure.

Implementing robust data security measures is essential for businesses to protect their customers’ information, comply with regulations, and maintain their reputation.

But don’t tons of brands use TikTok for marketing purposes?

As the fastest growing new social media platform, many businesses have a lot to gain by reaching customers through TikTok. However, there are a few best practices to keep in mind to use TikTok to your advantage while ensuring their data security:

Conduct a risk assessment: Before using TikTok, brands should assess the potential risks to their data and reputation. This includes evaluating the app’s data collection practices, security features, and the potential for the spread of misinformation and harmful content.
Establish a clear policy: Establish a clear policy for using TikTok, including guidelines for the type of content that can be posted and the use of personal data. This will help to ensure that all employees understand the risks and the steps they need to take to protect the company’s data and reputation.
Monitor your presence: Brands should regularly monitor their TikTok presence and the content they post to ensure that it aligns with their policy and does not harm their reputation.
Invest in cybersecurity: Invest in robust cybersecurity measures, including using strong passwords, regularly updating software, and using multi-factor authentication to protect against data breaches and other cybersecurity threats.
Consider using a third-party provider: Consider using a third-party provider that specializes in social media management. These providers can help manage the brand’s TikTok presence and ensure that their data and reputation are protected.
Utilize privacy settings: Take advantage of TikTok’s privacy settings, such as limiting the amount of data the app collects and controlling who can see your content.

By following these steps, businesses can use TikTok to their advantage while ensuring their data security and protecting their reputation.

Conclusion

In light of these concerns, businesses should be cautious when using TikTok and take steps to protect themselves. This includes being aware of the app’s data collection practices, monitoring heir TikTok presence and the content they post, and implementing robust cybersecurity measures. While TikTok can be an effective tool for businesses to reach new audiences and promote their products and services, it also poses significant risks to businesses’ data security and reputation.

If you’re looking for a trusted team of experts to handle your company’s data security, schedule a free consultation with amshot

What to know about the LastPass data breach and 4 password managers you can use instead

January 4, 2023/in Blog IT

LastPass is a well-known and widely used password manager. It offers a range of features, including password storage, automatic password filling, and the ability to share passwords with others. It also includes a password generator to help you create strong, unique passwords. On June 15, 2021, LastPass announced that it had discovered and promptly fixed a security breach that had occurred on their network. According to the company, the breach was limited to a single, isolated server and the attackers did not gain access to any sensitive data.

While the full details of the breach are still not publicly known, it is believed that the attackers may have gained access to some user email addresses, password reminders, and authentication hashes. LastPass has stated that no passwords, credit card information, or personal identification documents were accessed during the breach.

In response to the breach, LastPass has implemented additional security measures to further protect user data and is working with law enforcement to investigate the incident. The company has also reset the master passwords for all affected accounts and is urging users to change their passwords as a precautionary measure.

It is always important to use strong, unique passwords for all of your online accounts and to use a password manager to help keep track of them. While no system is completely foolproof, using a password manager can help to reduce the risk of your password being compromised. If you are a LastPass user and have not yet changed your password, it is recommended that you do so as soon as possible.

In the wake of the LastPass security breach, it is also a good reminder to regularly review and update your online security practices. This includes using two-factor authentication whenever possible, avoiding reusing passwords across multiple accounts, and being cautious of phishing attacks and other types of online scams. By taking these simple steps, you can help to protect yourself and your personal information online.

If you are looking to switch from LastPass, or perhaps you don’t yet have a password manager and would like to consider other options, there are many password managers available, and the best one for you will depend on your specific needs and preferences. All password managers listed below include at least password storage, automatic password filling, and a password generator. It is available on a variety of platforms, including Windows, Mac, Linux, iOS, and Android. Some popular password manager options include:

Password

In addition to storing and generating passwords, 1Password also has other features to help keep your online accounts secure. For example, it can alert you if any of your stored passwords have been leaked in a data breach, and it can also help you securely share passwords with other people.

1Password is available as a desktop app, a mobile app, and as a browser extension, and it can be used on multiple devices and platforms. You can use 1Password for free, or you can upgrade to a paid subscription to access additional features and support.

Dashlane

One of the key features of Dashlane is its security dashboard, which helps users to identify and improve their online security practices. It includes a password strength checker, alerts for compromised passwords, and the ability to identify and change weak passwords.

In addition to its core password management features, Dashlane also offers a number of additional features, such as the ability to store sensitive documents and credit card information, and support for two-factor authentication.

Dashlane is available in both a free version and a premium version with additional features. The free version includes password storage, automatic password filling, and a password generator, while the premium version includes additional features such as unlimited password storage and priority support.

KeePass

KeePass is a free, open-source password manager with a strong focus on security. It uses advanced encryption techniques to protect user data, and the source code is publicly available, allowing it to be reviewed by anyone. It also includes a variety of security-enhancing features, such as the ability to use a key file in addition to a master password for added protection.

In addition to its core password management features, KeePass also offers a number of additional features, such as the ability to store sensitive documents and credit card information, and support for multiple languages.

Bitwarden

Bitwarden offers both a free version and a premium version with additional features. The free version includes password storage, automatic password filling, and a password generator, while the premium version includes additional features such as 1GB of secure file storage and priority support. It also includes two-factor authentication and the ability to store sensitive documents and credit card information.

One of the key features of Bitwarden is that it is open source, which means that the source code is publicly available and can be reviewed by anyone. This can be a positive for those who are concerned about the security and privacy of their password manager.

When choosing a password manager, it is important to consider factors such as the level of security offered, the range of features, and the cost. It is also a good idea to read reviews and do your own research to find the best option for your needs.

If the thought of managing all this information for your business makes your head spin, the experts at amshot have got you covered. To set up your free consultation, contact amshot at consult@amshot.com.

Image by Freepik

You could be a victim of cryptojacking and not even know it

November 1, 2022/in Blog IT

This invisible cybercrime is on the rise in 2022

Cryptojacking is a form of cyberattack in which a criminal deposits software onto your phone, tablet, or computer to “mine” for cryptocurrency like Bitcoin. The software works invisibly in the background to generate cryptocurrency—essentially a form of digital money—that the attacker makes a profit from. For the victim, the act of mining the cryptocurrency is an intensive operation that requires a ton of processing power and uses up your device’s resources.

The end results? Your systems begin to work slower and slower, and it’s usually not even apparent why.

Why is cryptojacking a thing?

The value of cryptocurrencies has grown exponentially in recent years. The most famous of which, Bitcoin, was worth about $1,000 per coin in 2017. Today it’s worth $20,000 and has had surges up over $65,000. Additionally, other currencies such as Ethereum and Monero have generally tracked Bitcoin’s growth and relatively increased in value.

The problem comes from how most cryptocurrencies are created. On top of being tradeable (which is the average person’s interaction with crypto), many popular cryptocurrencies can be created by anyone in a process called mining. In short, mining is an immensely resource-intensive operation that requires tons of computer processing power to be profitable. Miners face costs from buying computers and hardware to the electricity required to power the entire operation.

But what if you didn’t need to pay for the computers or the electricity? That’s where cryptojacking comes in. The attackers simply use other people’s computers and their electricity to generate cryptocurrency that is sent back to the cybercriminal. Each individual laptop, phone, or tablet they control doesn’t individually contribute much mining power, but because they spread their malware to thousands or millions of computers, it adds up. It’s basically free money.

Should I be worried about cryptojacking?

The threat of cryptojacking to people and businesses is simple to understand. First of all, if you become affected by one of these attacks, your devices will suffer from poor performance. Second, you likely won’t realize what the problem is, as there are tons of issues that can slow down your computer.

For anyone, a laggy device is frustrating on its own. For a business, poor performance can hurt the bottom line, too. It goes without saying that slow devices hurt the efficiency of any workforce.

And unfortunately, businesses appear to be the primary target of cryptojacking attacks. A report from cybersecurity firm SonicWall found a 269% increase in these attacks on the financial sector compared to 2021, and a 30% in cryptojacking attacks overall. “It has a lower potential of being detected by the victim; unsuspecting users across the world see their devices get unaccountably slower, but it’s hard to tie it to criminal activity, much less point to the source,” said Terry Greer-King, SonicWall vice president for EMEA in an interview with TechMonitor.

How can I protect myself from cryptojacking?

We’ve written extensively on this blog about the cybersecurity strategies individuals and businesses can engage in to protect their data. However, no amount of best practices can ever leave you truly protected. The most important tool in your arsenal is having the expertise of professional IT watching your back.

Reach out to the pros at amshot today for a free consultation to find out how they can protect your business from costly intrusions.

How to know if your email or phone number has been hacked (and what to do about it)

October 3, 2022/in Blog IT

A website you use has suffered a data breach. Now what?

How safe are your online accounts? In July, Twitter experienced a data breach that affected more than 5 million users.1 A recent U-Haul hack exposed customers’ driver’s licenses.2 Marriot will continue to go on into the foreseeable future.

With how often these large-scale data breaches happen, you might be wondering if your personal or sensitive information has ever been compromised—or even worse, your business. Luckily, there are a few easy-to-use tools that can help you determine if any of your accounts have ever been involved in a data breach, but first, let’s dive into what’s at stake.

Why are data breaches a big deal in the first place?

If a data breach involves credit card or social security numbers, the potential impact of identity theft can be devastating and immediate. However, not all cyber attacks rise to that level of catastrophic impact, so it might be natural to wonder why it matters if Facebook or whoever accidentally leaks your account details. Worst-case scenario, you get locked out of social media and have to reset your password, right? Wrong.

Because the vast majority of people reuse passwords and don’t enable two-factor authentication, any hack can mean dire consequences for the average person. If one of your logins is compromised due to a data breach on one site, reusing passwords can allow attackers to get into your accounts on other sites as well. That means any site that has financial information or is tied to a credit card or bank account is then at risk. For example, if you use the same login credentials across multiple sites, having your TacoBell.com account hacked could result in a cybercriminal wiring money from your bank account or buying things for themselves on PayPal.

One of the worst-case scenarios with reusing passwords is an attacker gaining access to your primary email account. That’s because password reset emails are generally sent to your inbox. Therefore, if someone gets access to your primary email account, they can change your password on any site they want.

To summarize the risk, a data breach could lead to identity theft or online accounts becoming compromised. To minimize the headache, it’s better to know sooner, rather than later, if one of the websites you use has been part of a data breach.

How to find out if you have been involved in a data breach

Luckily, there are a few online tools that can quickly tell you if your email address or phone number have been involved in a data breach. These sites will then provide you with more information about the breach and even provide guidance about next steps. In the interest of not playing favorites, here are 3 popular sites that will get the job done (and are essentially identical).

1. haveibeenpwned?
2. FireFox Monitor
3. Google Password Checkup (only if you use Google/Chrome’s password manager)

My email address has been involved in a data breach, what do I do? First, don’t panic! Or maybe choose the appropriate level of panic. Either way, immediately change your password on the affected site, as well as any other site that shares the same login credentials.

A best practice for this would be to generate a secure password using a password manager, and continue using the password manager here on out if you’re not already. Chrome and FireFox have built-in solutions. If you want something that works beyond the web browser, there are password managers from established names such as LastPass, Nord, and Bitwarden.
These utilities can take the headache out of remembering passwords, while ensuring each password you do use is secure.

Second, enable 2-factor authentication everywhere you can. Any financial entity like a bank or payment app is almost guaranteed to have this feature. Your primary email accounts are also just as important to secure, and the biggest names you know and likely use also support 2-factor authentication. It doesn’t hurt to check on your other accounts, too, the next time you login. Every website will be a tiny bit different in enabling two-factor authentication, but they always have simple instructions you can follow.

Running a business? You might need a little more protection than a password manager and two-factor authentication. That’s where amshot comes in. Schedule a free consultation today to see how amshot’s managed IT solutions can help prevent your business from being the target of a cyberattack.

References

1. Twitter data breach affects 5.4 million users
(https://www.malwarebytes.com/blog/news/2022/08/twitter-confirmed-july-2022-data-bre
ach-affecting-5.4m-users)
2. U-Haul discloses data breach exposing customer driver licenses
(https://www.bleepingcomputer.com/news/security/u-haul-discloses-data-breach-exposin
g-customer-driver-licenses/)
3. Marriott data breach exposes PII, credit cards
(https://www.darkreading.com/attacks-breaches/marriott-data-breach-pii-credit-cards)

4 signs it’s time for your business to hire an IT company ASAP

September 1, 2022/in Blog IT

Every business will eventually need IT support. Here’s how to know when the time is right for your business.

All businesses rely on technology. As businesses grow, so too does the complexity of their IT requirements. At some point, it becomes too much to securely and efficiently manage without the help of a professional.

Not properly managing the technological aspect of your business could cost you potential growth and customers due to inefficiency, data loss, or security breaches. Here are 5 signs it’s time for your business to offload the headache of tech support onto the specialists:

You have mission-critical data and no backup plan

What would happen to your business if you suddenly lost all your data? How long until you could be back on your feet? Would the business even survive? Hard drives fail; employees download ransomware; even a flood could wash away your laptop with all of your important financial spreadsheets.

This is definitely one of those “if you fail to plan, you plan to fail” situations. Professional IT services teams can put in place a disaster recovery plan so your business could bounce back from data loss in a matter of minutes.

You’ve already experienced a security breach

If the thieves know you leave the door unlocked, you’re an easy target and they’re going to return. A survey by Nationwide found that half of small businesses have experienced at least one form of harmful cyber activity, because cybercriminals know that small businesses don’t typically have the same resources to fight them off as large corporations. Another report from CNBC found that small businesses take 146 days to detect a security breach on average.

So, there’s a 50-50 shot you’ll fall victim to a cyberattack, and you won’t even know they made off with your financial information for six months. Working with an IT services company will dramatically shift those odds in your favor.

Your growing team has productivity issues

As businesses scale up and increase their number of employees, they need new tools and tech solutions to maintain productivity. Two-hundred people can’t share ideas as easily as two people—suddenly you need a communication tool like Microsoft Teams or Slack. A giant sales and project management team will struggle to share leads and execute projects without something like Salesforce or Adobe Workfront.

A tiny startup can get by with Excel spreadsheets, texting, and elbow grease. After a certain threshold of employees, systems and architecture need to be put into place by an IT team.

Plus, firms can get stuck with old, outdated hardware that quietly kills their productivity. Without an expert to guide the IT procurement process, the average person is in over their head when trying to outfit their company with a suite of new devices (which could include computers, tablets, servers, mobile devices, and a host of other technology products). You can’t just walk into Best Buy and put 50 Dell laptops on your credit card and call it a day.

Matching the right technology to the business for maximum efficiency while being cost effective is part of what IT company’s do best. Not to mention, they will be able to then setup, roll out, maintain, and upgrade those systems while training employees whenever necessary.

You have a random employee handling technical support

Raise your hand if you’ve seen an admin moonlight as tech support for the C-suite. Or maybe it was “that one guy who’s really good with computers and stuff.” Well that one guy and that admin both have their own roles that take a hit when they’re asked to take on extra duties. Plus, it’s highly likely they are going outside of their wheelhouse and lack the technical expertise to truly do the job right. You wouldn’t ask your accountant to rewire the electricity in your building, would you?

Ok, you can put your hand down now. The fact that you have a go-to person means there’s a need. If there’s a need, it’s worth doing it properly with managed IT services from a provider like amshot.

Schedule a free consultation today to see how amshot can save your business from a data disaster—or just give a break to the employee who never asked to be “the tech guy.”

95% of workers say IT problems hurt productivity and morale

August 1, 2022/in Blog IT

Your business is a well-oiled machine. Unfortunately, IT issues can throw a wrench in the gears.

A recent study found that 95% of workers face disruptive IT issues that hurt productivity and decrease morale. If you’ve ever worked from home, you probably found yourself asking, “Who are the other 5%? Have they ever even tried working remotely?” More than half of survey respondents said they have to contend with software-related IT disruptions daily or multiple times per week.

On top of that, 75% of workers now expect their technology troubles to be fixed preemptively, before they are even aware a problem has occurred. And perhaps most tellingly, 81% of respondents said businesses that don’t make their employees’ “digital experience” a top-level priority will soon fall behind competitors.

The takeaway here is that employees everywhere are having trouble with IT, they expect it to be handled better in today’s work-from-home revolution, and companies that do take care of it well will leave their competition behind.

The hybrid work-from-home model is here to stay

The COVID-19 pandemic forced everyone’s hand in establishing a remote or hybrid solution just to stay afloat. And now, 77% of those surveyed said they expect remote and hybrid models going forward.

Throw in the fact that younger generations are only becoming more digitally connected in their daily lives and it’s clear that there’s no going back. Workplace norms have shifted and will only continue to evolve in the future. With the “Great Resignation” and ongoing staffing shortages in many industries, businesses that invest in a flexible remote option that meets the expectations of modern workers will stand to benefit.

IT staff is overworked

The statistics mentioned so far demonstrate that the vast majority of us are struggling with technology. To make matters worse, IT professionals are struggling to keep up. 98% of IT teams said that improving the situation has been held back due to being overburdened and having to deal with outdated technology, all while trying to keep up with the rapid changes in the workplace.

In this transitional period of shifting norms and expectations, getting the technology right is more important than ever for your business. Simply put, now’s not the time to under-invest in IT.

Next steps

The employer-employee relationship is entering a new normal. Workers rely on technology more than ever, and they need support for an increasing amount of remote work. Since employees are relying on technology to such a degree, any disruptions to the business’ technology directly impact productivity and the bottom line.

Now is the time to invest in rock solid IT services. Contact amshot today to set up a consultation and learn how you can ensure your technology isn’t hampering your employees.

How to stay safe on public Wi-Fi

July 11, 2022/in Blog IT

Is public Wi-Fi unsafe?

The short answer is: not necessarily, but you are vulnerable. Many people are unaware of the risks of connecting to a public Wi-Fi network. Imagine walking home alone late at night. The city streets are not necessarily dangerous, but you’re a lot more secure in your house, behind a locked door. When using public Wi-Fi, like walking home alone late at night, you want to take precautions and be on guard.

How is public Wi-Fi dangerous?

Open Wi-Fi means anyone can connect, including an attacker. On top of that, you have no way of knowing the level of security of the network, if it has any security at all. These two factors mean a malicious actor could be lurking on the network with the intent and ability to steal your data and personal info—banking logins, credit card and social security numbers, and private files. What a hacker can steal is only limited by what sites you access and what info may be located on your computer itself.

The bottom line is, you just can’t know if public Wi-Fi is safe, and it’s better to protect yourself than to take a chance. Here are five tips you can take with you the next time you need to connect to any public Wi-Fi.

Use a VPN

If you’ve ever listened to a podcast, you’ve probably heard at least one ad for NordVPN or ExpressVPN. VPN stands for virtual private network, and the simple explanation is that a VPN encrypts your data and obfuscates your browsing by passing it through a third party. There are free VPN options, but it is better to entrust your data to a reputable, established service, and the vast majority are in the $3-$6 per month range.

Other examples of respected VPNs include ProtonVPN, IPVanish, and Surfshark. Most of these services come with an app that you simply switch on, it does its work in the background, and you don’t even notice a difference.

Turn on “always use https” in your browser

The “S” in HTTPS stands for secure. It means your connection to a website is encrypted. When you switch on this setting, which previously required an extension but is available now in all modern browsers, your computer will always connect to the HTTPS version of a website if it is available. These days, most websites will have an HTTPS connection, especially sites with sensitive information like your bank.

This is not a fool-proof defense and won’t stop every attack, but it does add a layer of protection and costs you nothing in terms of money or browsing speed. If a warning pops up that says something along the lines of “this site is not secure,” that means your browser couldn’t find an HTTPS connection, and you’re better off not visiting that site or at least waiting until you’re on secure Wi-Fi. You can find this setting by searching HTTPS in your browser settings.

Don’t log into your bank or other sensitive sites

Hackers can’t take data you don’t provide. A common attack is called a “man in the middle attack.” This can take many forms, but the end result is they take advantage of poor public Wi-Fi security to serve you a fake website that looks real, such as your bank. As soon as you enter your credentials, you’ve handed them over to the attacker.

If you absolutely must access sensitive data while away from a secure network, you’re better off using an official app on your phone while connected to cellular data. Although rare, spoofed cell networks are a possible attack vector as well, but these tend to target large gatherings and haven’t been prevalent enough to warrant being afraid to use your mobile data generally.

Turn off automatic connections and disconnect when you’re done

Most of these tips require some active measures on your part, which you can’t do if you don’t realize or forget that you’re connected to public Wi-Fi. On Windows, make sure to choose “public Wi-Fi” when it prompts you while connecting to the network for the first time. On Mac, you can click the Wi-Fi icon, go to network preferences and uncheck “automatically join this network.”

Enable 2-factor authentication everywhere you can

This won’t protect your private data like credit card, social security, or bank account numbers, but it will add a layer of protection for your logins. Usually, two-factor authentication requires you to enter a special code the first time you log in on a new device. The code is either texted to you or generated by an app. That way, even if an attacker had your login and password, they would have to physically take your phone and get past the lock screen to be able to get into your account.

Most banks, financial institutions, and email providers have this option. More and more websites are adding this option every day. Add two-factor authentication everywhere, but at the very least, to your email account. Password reset emails are sent to your inbox, which means if someone compromises your email, they could potentially get into any account you own. Are you still reading this? What are you waiting for? Go set it up now!

Don’t want to think about data security? Let us think about it for you. Give us a call at (405) 418-6282 or schedule a free consultation at amshot.com.

Photo by Franck on Unsplash

The worst cyberattacks of 2022 (so far)

June 21, 2022/in Blog IT

As technology gets more sophisticated, so do cybercriminals, and the arms race between IT security and hackers continues to escalate. 2021 was a record-setting year for cyberattacks, with data breaches increasing by 68% over 2020. With a third of 2022 in the books, the rate of attacks doesn’t seem to be showing any signs of slowing down. While cybercriminals keep their foot on the gas pedal, the best defense against a costly intrusion is still a well-informed, well-prepared human being.

That’s why it’s vital to understand the risks and stay informed of the dangers of being defenseless against cyberattacks. Here are the worst cyberattacks of 2022 (so far) and the businesses that are learning that lesson the hard way:

January

A cyberattack targeting the Ukrainian government, suspected to be Russian in origin, took down more than 70 government websites. The attack claimed to leak personal information and replaced text on the websites with the threat “be afraid and wait for the worst.”
Hackers breached the International Committee of the Red Cross. The attackers stole data on 500,000 people and disrupted the organization’s services worldwide.
An attack on a German firm caused Shell to reroute its oil supplies after its IT and supply chain systems were affected.

February

Hackers infiltrated the networks of the UK Foreign Office, causing a “serious cyber incident,” the details of which remain confidential.
Two groups backed by the North Korean government waged cyberattacks against numerous members of the media, financial, and software sectors. The group used phishing emails, fake job posts, and a security vulnerability in Google Chrome to spread its malware.
Russia-affiliated hackers accessed multiple US defense contractors between January 2020 and February 2022. The group stole emails and sensitive data related to products and interactions with foreign governments.

March

The FBI claims the North Korean government was responsible for stealing $600 million in an attack on a cryptocurrency exchange.
A report in February discovered that the Chinese government had gained access to the networks of at least 6 U.S. state governments. The attack was made possible through a vulnerability known as “Log4j” as well as vulnerable web applications.
A DDoS attack targeting a telecom company shut down the internet on the Marshall Islands for over a week.

Ignoring the threat is not an option

While the hacking of governments and multinational corporations make the headlines, small and medium-sized businesses are just as at risk for a cyberattack. In fact, 43% of attacks target small businesses and 60% of those that fall victim go out of business within 6 months.

It’s more important than ever to protect your small business against the ever-looming threat of cybercrime and data breaches. Schedule a free consultation with amshot today to learn how employee training and IT security can help save your business from facing a devastating attack. The best way to beat cybercrime is to make sure you’re never a victim of it in the first place.

Aimee Eischen to be featured artist at amshot’s ExhibITion on May 12

May 3, 2022/in Blog IT

You read that headline correctly—Do NOT contact your systems administrator! This month at amshot, we’re pulling the plug on IT education and instead giving you the download on our upcoming art gallery event, exhibITion: In the Unraveling.

exhibITion is amshot’s local art gallery, engineered to give back to worthy causes while promoting Oklahoman artists and the Oklahoma City art community. This year’s exhibITion features Aimee Eischen and will be installed on May 12 from 5–8 pm at amshot headquarters located at 428 Dean A McGee Ave, Oklahoma City.

Aimee Eischen is an Oklahoma City-based abstract artist working in a variety of media, including acrylic, watercolor, graphite, charcoal, ink and oil pastels (think physical NFTs). Her vibrant and colorful paintings have been featured in galleries across the country.

exhibITion: In the Unraveling will compile a collection of Aimee’s mixed media abstract art, including her floral-style pieces. This collection will display a never-before-seen series of brightly colored abstract works filled with line and movement. Inspired by her literary background, Aimee begins the development of her paintings by writing down lyrics, poetry, or other personally significant text, which are then coded into the spirit of that particular work.

Aimee commented:

Original art can transform a space both visually and emotionally with the energy it radiates. It can be calming, meditative, and uplifting. Art can inspire new ideas and relieve stress. Beautiful works of art in your space speak to your soul and connect you to the people around you.

exhibITion: In the Unraveling will benefit Halo Project, an Oklahoma City nonprofit organization that supports foster and adoptive families and works to meet the needs of vulnerable children in the community. Halo Project will receive the proceeds from all ticket sales and 15% of art sales.

To learn more about Aimee Eischen, check out her cloud-based website, instagram, and Facebook.

Why Cybersecurity Training for Employees Matters

April 8, 2022/in Blog IT

Cyber attacks are a growing and ever-present threat to businesses. While giant corporations are an obvious target and attacks on them make splashy headlines, 43% of all data breaches involve small- and medium-sized business. Cybercrime is thriving in 2022 and every business is a potential target.

That’s why cybersecurity should be a vital topic of concern for all business owners and decision makers. And of all the considerations regarding protecting a business from cyber attacks—technology, services, infrastructure—the most important link in the chain is often overlooked: people. They also just so happen to be the weakest link in the chain.

Cybersecurity training for employees matters because the most successful cyber attacks usually aren’t a result of “attacks” per se, but rather a form of social engineering. Nearly 90% of data breaches are caused by human error, usually via a form of phishing or some other method that tricks an employee into handing over sensitive data or credentials. There will never be a software or service that can reduce human error other than training and education.

Training employees to be vigilant and utilize best practices can be the best line of defense against intrusions that caused at least 8 hours of downtime for 40% of small and medium-sized businesses that fell victim to a cyber attack. With phishing and other social engineering attacks becoming both more commonplace and more sophisticated, it is critical to provide employees with the tools they need to defend themselves (and your business).

How does cybersecurity training for employees work?

Cybersecurity training will teach employees to be aware of threats and vulnerabilities to the business, as well as their responsibilities when using company email and computers. Ideally, new hires would receive this training as part of their onboarding, and all employees would get periodic refresher courses.

Employees will learn such topics as how to safely and responsibly handle company data, manage passwords, send and receive files, use company software, recognize email threats, browse the web, use mobile devices, and safeguard computers and other equipment. These are a few of the most common vectors that cyber criminals take advantage of.

How do I get cybersecurity training for my employees?

While there are many resources available on the topic, the best cybersecurity training still comes from the professionals. When 83% of businesses are not financially prepared to recover from a cyber attack, the stakes are high enough to entrust training to the people who do it every day.

Schedule a free consultation with amshot today and learn more about how cybersecurity training for employees can help your business.