The worst cyberattacks of 2022 (so far)

As technology gets more sophisticated, so do cybercriminals, and the arms race between IT security and hackers continues to escalate. 2021 was a record-setting year for cyberattacks, with data breaches increasing by 68% over 2020. With a third of 2022 in the books, the rate of attacks doesn’t seem to be showing any signs of slowing down. While cybercriminals keep their foot on the gas pedal, the best defense against a costly intrusion is still a well-informed, well-prepared human being.

That’s why it’s vital to understand the risks and stay informed of the dangers of being defenseless against cyberattacks. Here are the worst cyberattacks of 2022 (so far) and the businesses that are learning that lesson the hard way:

January

February

March

Ignoring the threat is not an option

While the hacking of governments and multinational corporations make the headlines, small and medium-sized businesses are just as at risk for a cyberattack. In fact, 43% of attacks target small businesses and 60% of those that fall victim go out of business within 6 months.

It’s more important than ever to protect your small business against the ever-looming threat of cybercrime and data breaches. Schedule a free consultation with amshot today to learn how employee training and IT security can help save your business from facing a devastating attack. The best way to beat cybercrime is to make sure you’re never a victim of it in the first place.

always watching twitter preview pic

Aimee Eischen to be featured artist at amshot’s ExhibITion on May 12

You read that headline correctly—Do NOT contact your systems administrator! This month at amshot, we’re pulling the plug on IT education and instead giving you the download on our upcoming art gallery event, exhibITion: In the Unraveling

exhibITion is amshot’s local art gallery, engineered to give back to worthy causes while promoting Oklahoman artists and the Oklahoma City art community. This year’s exhibITion features Aimee Eischen and will be installed on May 12 from 5–8 pm at amshot headquarters located at 428 Dean A McGee Ave, Oklahoma City.

Aimee Eischen is an Oklahoma City-based abstract artist working in a variety of media, including acrylic, watercolor, graphite, charcoal, ink and oil pastels (think physical NFTs). Her vibrant and colorful paintings have been featured in galleries across the country.

exhibITion: In the Unraveling will compile a collection of Aimee’s mixed media abstract art, including her floral-style pieces. This collection will display a never-before-seen series of brightly colored abstract works filled with line and movement. Inspired by her literary background, Aimee begins the development of her paintings by writing down lyrics, poetry, or other personally significant text, which are then coded into the spirit of that particular work. 

Aimee commented:

Original art can transform a space both visually and emotionally with the energy it radiates. It can be calming, meditative, and uplifting. Art can inspire new ideas and relieve stress. Beautiful works of art in your space speak to your soul and connect you to the people around you.

exhibITion: In the Unraveling will benefit Halo Project, an Oklahoma City nonprofit organization that supports foster and adoptive families and works to meet the needs of vulnerable children in the community. Halo Project will receive the proceeds from all ticket sales and 15% of art sales.

To learn more about Aimee Eischen, check out her cloud-based website, instagram, and Facebook

Why Cybersecurity Training for Employees Matters

Cyber attacks are a growing and ever-present threat to businesses. While giant corporations are an obvious target and attacks on them make splashy headlines, 43% of all data breaches involve small- and medium-sized business. Cybercrime is thriving in 2022 and every business is a potential target.

That’s why cybersecurity should be a vital topic of concern for all business owners and decision makers. And of all the considerations regarding protecting a business from cyber attacks—technology, services, infrastructure—the most important link in the chain is often overlooked: people. They also just so happen to be the weakest link in the chain. 

Cybersecurity training for employees matters because the most successful cyber attacks usually aren’t a result of “attacks” per se, but rather a form of social engineering. Nearly 90% of data breaches are caused by human error, usually via a form of phishing or some other method that tricks an employee into handing over sensitive data or credentials. There will never be a software or service that can reduce human error other than training and education. 

Training employees to be vigilant and utilize best practices can be the best line of defense against intrusions that caused at least 8 hours of downtime for 40% of small and medium-sized businesses that fell victim to a cyber attack. With phishing and other social engineering attacks becoming both more commonplace and more sophisticated, it is critical to provide employees with the tools they need to defend themselves (and your business). 

 

How does cybersecurity training for employees work?

Cybersecurity training will teach employees to be aware of threats and vulnerabilities to the business, as well as their responsibilities when using company email and computers. Ideally, new hires would receive this training as part of their onboarding, and all employees would get periodic refresher courses.

Employees will learn such topics as how to safely and responsibly handle company data, manage passwords, send and receive files, use company software, recognize email threats, browse the web, use mobile devices, and safeguard computers and other equipment. These are a few of the most common vectors that cyber criminals take advantage of.

 

How do I get cybersecurity training for my employees?

While there are many resources available on the topic, the best cybersecurity training still comes from the professionals. When 83% of businesses are not financially prepared to recover from a cyber attack, the stakes are high enough to entrust training to the people who do it every day.

Schedule a free consultation with amshot today and learn more about how cybersecurity training for employees can help your business.

data breach

4 Reasons Why Microsoft Teams Can Instantly Make Your Business Run Better

Borne from the ashes of Skype for Business, Microsoft Teams is an all-in-one communications platform that provides chat, videoconferencing, file storage, and more. It’s built around the central idea that a workforce should have everything it needs “all in one place,” and with 250 million active users, many businesses big and small seem to agree.

Microsoft Teams takes an integrated approach, designed to save time, be more efficient, and generally alleviate the headaches of handling day-to-day minutiae in the office. Rather than using email and various apps, Teams provides a streamlined approach to some of the most common tasks everyone engages in every day. Here’s how:

1) Microsoft Teams solves everything you hate about calls and video conferences.

Scheduling a team meeting the old-fashioned way? It probably goes something like this: Start with way too many back and forth emails to find a common opening in everyone’s schedule and finally send out a Zoom link. On the day of the meeting, inevitably one person will be frantically digging through their emails for that Zoom invite. Then, the presenter shares a file that was too big for email via DropBox. A third person can’t open the file because they only use Google Drive. The meeting takes far too long and everyone laments the poor use of time.

Now, take Teams. When scheduling the meeting, Teams shows the organizer a meeting planner that automatically finds and suggests open times for all parties. On the day of the meeting, a “join” button magically appears on everyone’s agenda and calendar that can instantly bring each person to the call. Files can be shared and opened directly in the meeting chat. Everyone wins because less time was wasted just trying to make things work and get people on the same page.

As the meat and potatoes feature of Teams, this list could honestly end at 1 and still be enough of a reason to get many businesses on board.

2) Find everything – from that old file you suddenly need again, to a conversation you had 6 months ago

Microsoft Teams is like having Google search for everything at work.
Looking for a client presentation someone shared in a meeting 6 months ago? Search it. What about that conversation with a key piece of client information? Search it. The time when James shared his pizza dough recipe? You guessed it, search. You can even find out who James is, if he works in another office for example, see what he looks like, and learn that he prefers to go by Jim.

With Teams, you can search for messages, files, and people, all in one search bar. That means less time spent organizing and less need to take and keep notes. Everything you need is just a search away.

3) We live in the year 2022. Stop spamming each others’ inboxes and chat already!

Email is supremely useful and important, but what it fails at is the “quick chat.” Too many quick questions and reply alls and suddenly you’ve got a clogged inbox that takes time and effort to sort through. Chat is just a more natural and streamlined channel for sending a file or having…well…a chat.

Consider the explosion of remote work due to the pandemic (as well as the general trend in that direction). A remote worker cannot simply swing by an office for a 30 second update. With 1-to-1 and group chat in Microsoft Teams, it’s so much easier to have that super fast, less-formal line of communication for matters that suit it, such as conversations that necessitate a rapid “back and forth.” It provides a social function for remote workers, as well. Imagine the only way to communicate with coworkers being email. It would be rather isolating, wouldn’t it? Chat can be a pseudo replacement for many of the quick conversations that typically happen in an office.

4) If you’re already paying for Office365, it’s included (and there’s a free version if you aren’t).

When doing a cost-benefit analysis, it’s hard to argue against literally 0 dollars. The only challenge can be getting started. That’s why amshot Managed IT Services handles all aspects of Microsoft Teams integration, so you don’t have to take focus away from what you do best.

Ready to get started? Schedule a free consultation with the amshot team.

What you need to know about SMiShing to protect your business

Hackers are using text messages to steal credentials and other personal information.

 

SMiShing is a new vector for attack that targets the victim’s cell phone through SMS messages. For the unfamiliar, SMS is the system used to send simple text, picture, and video messages. Phishing is a term used to describe fake emails that trick people into entering credentials like bank account info or a login password. However attackers are increasingly using the same tactics as phishing, but via text message instead of email.

The resulting combination is SMiShing: a strangely capitalized, slightly difficult to pronounce term that The Guardian calls a “rising threat for business owners.” How much of a threat is it? The FBI says it cost Americans $54 million in 2020 alone, with instances sharply increasing year-over-year. Most likely, these attacks are successful (and therefore increasing rapidly) because of the lack of awareness of their existence, leaving victims unprepared to defend against them. Businesses and Managed IT Services like amshot have been implementing training and helping employees guard against “typical” phishing for years now, and the average person is likely familiar with the term and has some basic knowledge of email safety. However, very few realize that the same tactics can be used against them on their own personal cell phone. 

At a broad level, SMiShing texts attack using the same principles as phishing emails. Their primary goal is to have the victim enter sensitive data (or download malware) by pretending to be a trustworthy source. For example, the text may claim to be from your bank, asking you to login to confirm a transaction. It could look like it comes from your HR department giving you access to training sessions, sending you to a fake webpage that requests your work credentials. 

Generally, SMiShing attempts, like phishing, will try to create a sense of urgency. An example might be: “Click here to login in the next 12 hours to confirm your expense report or you will lose access to financial reporting.” The goal is to get the victim to act without thinking about the legitimacy of the request.

The attacker has masked their true identity, created a fake webpage that probably looks identical to the real one, and then sets a ticking clock to spur action. If you enter those credentials into the fake website, the attack now has them and it can wreak untold havoc. 

Of course, the SMS may even directly just ask for credentials or sensitive information. With so much done on our phones these days, an unprepared victim may simply give the information right to the attacker without thinking. It’s important to always remember institutions like banks (and pretty much everyone) will never ask for this information via text message. 

For the more sophisticated attacks that more closely resemble phishing, the key to increasing defense is simply more awareness. The same smart practices that protect against phishing will help with SMiShing if people are aware they can be attacked this way and trained to make the right choices. At the end of the day, SMiShing is a time-tested tactic wrapped in a new package, targeting people as the weakest link in the IT security chain. That’s why it is so crucial to keep employees up to date with IT security training from Managed IT Services companies like amshot.

Looking for more protection? We can help. Set up a free consultation with an amshot pro.

Demystifying the Cloud: the Pros and Cons of Software as a Service

Ten years ago, the cloud was just a buzzword. Now, it’s a way of life for many businesses. Most people at this point are at least familiar with the idea of subscribing to software that lives online versus installing software locally on their computer. This very blog is being written on Google Docs, software accessed via the internet, and not something like Microsoft Word installed on the hard drive. 

In a nutshell, that’s the difference between typical software and “the cloud.” Many people are quite comfortable with things like Google Docs, Canva, or launching Zoom from a web browser. Just like with these consumer-oriented solutions, you might have heard of business software services that utilize the cloud such as Microsoft Teams or Salesforce. These are often referred to as “software as a service,” and typically require a subscription rather than a one-time payment. 

While it seems that everything is moving online, there are many options available for the software that businesses need to operate, both cloud-based and locally-based. The question is: Which one is right for me and my business? Here are some of the advantages and disadvantages of software as a service. 

 

Pro: no more updates to install

Programs need updates. Hardware needs upgrades. If those programs and computers don’t live in your office, that’s no longer your concern. When Google Docs releases a new feature, there’s nothing for this writer to install; the feature just magically appears the next time the website is launched. 

Keeping an office up-to-date, with tons of computers that each have tons of apps installed, can be a headache. That’s especially true when not being on the latest version of a program can mean exposing yourself to security vulnerabilities. It can also mean compatibility issues such as two different versions of accounting software not being able to talk to each other. Using the cloud means someone else handles all that hassle invisibly. 

 

Pro: less hardware to manage

Thanks to services like Microsoft Azure and  Amazon Web Services (AWS), servers can be moved to the cloud, too. Things like websites, intranet, internal file sharing, and more no longer necessarily need to be housed in your office. Not only does that come with all the advantages mentioned in the previous section, but it also applies to the hardware as well. There’s no need to worry about your online store going down because the office flooded. You won’t have to shop around for new hardware because the old gear can’t keep up after a few years. When changes happen, scaling up or down can happen on-demand; the cloud service handles it all in the background.  This is just one more aspect of the business that the cloud can take off your plate so you can focus on what you do best.

 

Pro: essentially unlimited storage

Whether it’s in the cloud or in the office, you can always pay for more storage space. The problem with local storage is you don’t always have the room for more hard drives and/or servers. Plus, with more storage comes more hardware purchases, backup issues, and all the time and money costs with implementing it all. With software as a service, getting more storage space is usually just a matter of adding a couple bucks to your subscription fee. Depending on the service, many offer unlimited options as well. The recurring theme with online, cloud based software is streamlining and efficiency. That’s something every business can use more of. 

 

Pro: remote access and collaboration

When software and files live online, multiple people can access projects and work on them from anywhere. In many cases they can even work on the same file at the same time at the same time. With Office365, the whole accounting team can be working on an important Excel document at the same time, with changes synced automatically and accessible from any computer. It’s much more productive and flexible than the common alternative of having crucial programs on a limited number of machines. If Dave in accounts receivable is the only one with the tax software and he’s out sick, everyone else needs to wait for Dave to return before they can get what they need.

 

Con: reliance on the internet

Live by the internet connection; die by the internet connection. While some software as a service offers an offline mode, you don’t get all the features you’re paying for if the internet goes down. Many services are entirely inaccessible. In today’s world, with broadband and mobile hotspots, this is becoming less of a concern, but it’s still a potential downside. Every business should already have a backup plan with their Managed IT Services team in place, and the more you rely on the internet, the more important it is to have a plan B in case it goes down.

 

Con: security issues

When software and files are accessible from anywhere, that means they are vulnerable to security issues like phishing or other cyberattacks. An attacker is less likely to walk into an office and gain access to some system in person than they are to trick an employee with a bogus email into giving up their login credentials. Luckily, this is something a Managed Services IT team can guard against with training and security policies. 

While the benefits of embracing the cloud and software as a service are many, there are some inherent risks that business should be aware of. Properly mitigated, these risks can be avoided in order to take advantage of the convenience and efficiency of working online. Schedule a free consultation with amshot today to see how your business can take advantage of the cloud to work smarter.

Cloud Technology

IT Alert: Don’t Try To ‘DIY’ These 3 Seemingly Simple Things

Someone, somewhere ended up calling a plumber in a panic because they YouTubed a fix for their leaky faucet, and their kitchen turned into a swimming pool. Two years of pandemic in the rearview, and we’ve all grown a little more tech savvy. Most of us are pretty confident using and troubleshooting the tools we have at our disposal, and that’s great. 

Fixing your sink is great, too, but knowing what problems are too big to tackle on your own is even more important. What may seem like a “leaky faucet” problem can actually be a “call the plumber” problem. The same applies to IT and the technology you use to run your business.

Save yourself a headache (and a potential security breach) by NOT trying to DIY these things:

 

  • Data backup and sharing 

Sure, you may be well-versed in Google Drive, Dropbox, or one of the many other consumer-oriented solutions. Everyone’s already using something like these to backup their photos and important files. So what’s the problem with setting up a company Google Drive to store data and share it between employees? The answer is almost nothing (if you know exactly what you’re doing AND you’re comfortable only backing up your data to the cloud). 

Okay, those are pretty big caveats. Here’s why: most of these cloud storage and file sharing services DO offer business-oriented plans and solutions, but that’s not what most of us are familiar with using. There are so many considerations that come with setting up file storage and sharing. Here are just a few of the big ones:

  • Who has access to save, delete, move, and change files…and which ones?
  • Who can see what is shared and when?
  • What file/revision history is available?
  • Can the files be made available locally?
  • Can multiple people work on a file at the same time?

This is in addition to the fact that you will want a physical backup and restore solution as part of your overall data strategy as well. When (not if) something fails, you want to be up and running in no time. That’s not possible if all your eggs are in one basket and that basket comes crashing down.

That’s why we recommend leaving this to a professional Managed IT Services team that can handle your data safely and securely, with a plan for speedy recovery in case of emergency. What’s more, they can use a more comprehensive solution like Microsoft Teams through Office365 to create a safe and effective environment for collaboration and sharing files.

 

  • Buying new hardware

As much as you love your shiny new gadget, nothing lasts forever. Whether it’s a laptop, tablet, or phone you’ll need to replace it eventually. It can be tempting to do it yourself, because how hard could it be to go to Dell or Apple and buy a new laptop? Obviously, it’s not hard to click add to cart and purchase a great device. The hard part comes when considering how that device fits into your IT ecosystem.

If you’re a one-man shop using your personal devices for your business, no worries. As soon as you need 2 devices to talk to each other and share information, you’ve got a network. With a network, comes security and compatibility concerns. You have to make sure your computers can print to the printer, and receive automatic updates, and share files with each other, and can be remotely logged into by both the user and IT tech support, and is your head spinning yet?

If you already have a large network, you understand how important it is to consider what devices are added to it. If you don’t, it’s important to start off correctly so you can plan how to scale into the future. Either way, let your Managed IT Services team save you the headache. 

 

  • Video conferencing

Early on in the pandemic, the verb “to zoom” quickly became the noun “Zoom” which then promptly became a verb again with an entirely new meaning—to video chat. With many classrooms, meetings, and even concerts moving online for safety, Zoom dethroned FaceTime as the goto household name in video conferencing.

So yeah, now everybody knows how to Zoom. We all have it installed, and we all know how to use it. That makes it a no-brainer for businesses to incorporate into their workflow, right? Well, like your cousin’s relationship status on Facebook after a contentious Thanksgiving…it’s complicated. 

While Zoom has been addressing it’s security issues over time, there are still concerns. For a one-off meeting with a potential new client, it’s probably okay. However, when implementing a standard for your organization, there are solutions like Microsoft Teams that are built with data security for business in mind. With Teams, properly implemented by a Managed IT Services team, you’ll have the confidence your organization is using a secure solution custom built for its needs. 

The best part? Microsoft Teams, as part of Office365, works hand-in-hand with other services your business likely needs, like data backup, office software, chat, and dozens more. All these pieces “talk to each other” in a comprehensive way that helps improve efficiency, without worrying (so much) about safety or requiring employees to learn a dozen apps for each solution you need.

Ready to stop Googling “back up data easy DIY”? We can help. Contact amshot for a free consultation.

amshot client portal

7 Questions About Data Security ALL IT Providers Should Be Able To Answer

Let’s face it: IT can be a little opaque. It’s a highly specialized field, evolving at lightspeed, with plenty of jargon to go around. What’s more, a lot of the important stuff happens out of sight, out of mind.

Take a restaurant owner for example. It’s easy to know if their bakery is doing a good job. The bread is delivered, and the quality and service can speak for themselves. Likewise, the restaurant owner can check in with their financial services team and see that their money is being handled in a professional way.

How does the restaurant owner know if their Managed IT Service is keeping their business protected? Well, it’s hard to see if you don’t know the right questions to ask. Since many businesses handle data much more sensitive than that of a restaurant, it’s that much more important to be asking the right questions.

And most importantly of all, your IT company should have the answers to these questions:

 

  • How do you identify and classify sensitive data?

Data can be anything from client lists and financial information to a simple image file. You need to know what data you have so it can be sorted and protected effectively. Your Managed IT Services company should be able to scan your systems, categorize the data and create a plan based on their findings. This is important because it leads us to…

 

  • What’s your access control and data monitoring plan?

Once you know what you have, you can decide who gets access to what. You might want your financial team to be able to access the books, and your sales team to access the CRM, but not vice-versa. Not only “who,” but questions of how, when, and where are also important when it comes to deciding how data is accessed. To tie it all together, your IT team should be able to monitor access to safeguard against improper use and ensure everything is running as it should.

 

  • How do you handle data encryption and masking?

Data encryption and masking are essentially two ways of locking your data with a key. If someone steals your phone, they can’t get in without a fingerprint or PIN. This is a simplified metaphor for what’s happening with encryption and data masking. Even if a bad actor gets ahold of your data, they can’t access it.

 

  • What’s your backup and disaster recovery plan?

Everyone needs a plan B, and if possible, a plan C. With so much of business reliant on technology, there’s always something that can go down and take part of your business with it.  The stakes can range from an employee accidentally deleting a critical file, to a flood destroying important servers. An IT team worth its salt will have a plan in place to mitigate disaster and have you back up to speed as fast as possible.

 

  • How do you handle secure data erasure?

You don’t need to keep everything forever. But just like old financial docs need to go into a shredder, sensitive data needs to be erased securely. The same tools that can recover lost data when a harddrive fails can be used against you to restore improperly erased data.

 

  • How do we manage physical security?

All the technology solutions in the world can’t help you if someone can walk out of the building with a USB stick. Controlling physical access to different systems is an often-overlooked aspect of IT security. Just like access control for your data, it’s important to have a plan for who can access what hardware, when they can access it, and under what conditions. Should everyone be able to take home their laptops? Should employees be able to connect any external devices to their computers that they wish? These are questions for your IT team to consider.

 

  • Can you provide employee training for best practices?

Unfortunately, people tend to be the weakest link when it comes to IT security. Like we said, it can be opaque and not every employee is going to be up to date on how to safely use technology. Training against falling victim to phishing attacks or clicking unsafe links are a few of the low-hanging fruit that every business can benefit from. 

Got more IT questions? We got more IT answers. Contact amshot to set up a free consultation. 

Keeping an eye out

You Need To Offer a Remote Work Option in 2021

Here’s why (and how) work-from-home is becoming the new normal 


Work is changing, and we must evolve with it. 

A shift toward remote work was always inevitable because, for many jobs, it doesn’t really matter where the computer is that you sit in front of. Why waste time and money on commuting and office space? As we run more of our lives and businesses online, workers’ physical presence is becoming less and less relevant. For jobs that could be remote, it seems like inertia was the main thing keeping a “traditional” office setting the default option.  

In that regard, the global health crisis has forced a lot of hands. Everyone had to scramble to figure out how to keep the lights on when gathering together in an office wasn’t an option. Fast forward to today, and influential businesses like Twitter and Square have made waves by announcing their employees would be allowed to work from home permanently. By 2025, it’s expected that 70% of the workforce will work remotely at least 5 days per week. The first dominoes have fallen, and it’s a safe bet there’s no going back.

Worker expectations have shifted, and that gives you an edge.

No commute, the comforts of home, the ability to throw a load of laundry in the wash while you’re on a conference call…many people got a taste of the benefits of working from home, and they like it. According to Pew Research Center 54% of workers would like to continue working remotely after Coronavirus ends. Conversely, up to a third of workers say they would quit their job if there was no possibility of working remotely. 

These stats are a snapshot in a trend that’s only growing. Getting ahead of the curve in the remote work revolution gives you a competitive edge in hiring the best talent. 

You can cut costs while retaining productivity.

No matter your business, if you have an office, you’re also in the real estate business. You need space, supplies, desks, utilities, security and about a thousand other things that come along with simply supplying an office to your employees. It’s a no-brainer that every employee that could be moved remote is money in the bank and a major reduction of logistical headaches that come with running an office. 

The only thing stopping a lot of business owners is a concern over productivity. “How can I make sure my employees aren’t slacking if I can’t check up on them?” Of course, work-from-home comes with temptations like always having Netflix within arm’s reach. One could easily envision an employee taking advantage of their lack of supervision. But reality, it turns out, is quite different. One survey showed that, even with employees working remotely, 94% of employers said productivity was actually the same or higher than before the pandemic.

It’s important to implement work-from-home the right way.

Setting up employees to work remotely presents efficiency and security challenges. Without the benefit of face-to-face, you need to ensure your team has the proper tools in place to manage their workflow and communication effectively. How do you protect sensitive data and information once it leaves the walls of your office?

While the potential benefits of empowering your business with the ability to work remotely are myriad, so are the pitfalls. It’s definitely a “measure twice, cut once” situation. That’s why you want a full-service IT company like amshot to get you up and running. You want a team that can analyze your specific security needs and can implement and maintain your service from beginning to end. 

Schedule a consultation with amshot to ensure your business is staying ahead of the curve.

Is Your IT in Good Hands? All Great Managed Service Providers Offer These 5 Things.

You would be hard-pressed to find a local business owner who wants to hire and run their own, in-house IT staff these days. That’s why managed IT services are more critical than ever, especially for small and medium-sized businesses. Technology and networking needs are growing at a pace that takes a dedicated team of specialists to keep up with and manage.

More and more businesses are turning to Managed Service Providers (MSPs) to manage their IT services and support. But if technology is so complex you need a dedicated team to deal with it, how do you separate the wheat from the chaff when it comes to selecting a provider? You should look for these five key signs to find a top-tier MSP. 

 

Laser-focus on data security

In 2021, we increasingly rely on cloud and networked services. Data is moving around constantly, and much of it is sensitive and valuable. MSPs should have as their top priority mitigating risk related to internal and external data breaches and cyber attacks. From procuring your hardware and software, to deploying your systems and network architecture, and to defending them all once they’re live, your MSP should have a rock-solid plan of action for every link in the IT chain. Beyond external security, they should be able to propose and implement a plan for keeping your data safe from internal breaches, too. 

The consequences of playing fast and loose with data security are crystal clear. Just this year the cost of a data breach to companies rose to record highs. This front in the battle for IT security is only escalating, and you want your MSP to be on the front lines defending you.

 

Business continuity and disaster recovery services

Despite everyone’s best efforts and intentions, sometimes things just go sideways. An elite MSP will always have a plan B, plan C… and probably D through Z as well. 

When disaster strikes, downtime costs your business money and every second counts against your bottom line. What happens if the network goes down? Business-critical software breaks? The storage that keeps your financial data fails, or worse, is stolen? Someone accidentally deletes important files? 

Your IT solutions should have a built-in failsafe ready to keep your business running in the event of a disaster. They can recover hard drives. They can have redundant systems ready to come online when something breaks. Your MSP shouldn’t shy away from “what if…” questions. They should already have the answers. 

 

Attention to detail and professionalism

Everything speaks, and sometimes the little things speak the loudest. MSPs that do great work pride themselves in delivering their services with the care and respect your business deserves and pays for. The precision in which any professional performs, IT included, is reflected in the way they carry out their work. A lack of attention to detail or being lazy about the presentation of their services can belie a deeper-rooted lack of precision that carries over to their other work. 

Simply put: If it’s not clean in your server room, it’s not clean in your server.

 

Not just responsive proactive

It’s pretty much a given that your IT service needs to be available 24/7/365. Disaster doesn’t work nine to five, and it can strike without warning when you least expect it. Excellent MSPs know this and plan for it. Even the best of the best don’t want to wake up to a 4 AM phone call and jump right into crisis mode. 

That’s why they anticipate your needs and establish protocols that mitigate risk related to data breaches, data loss and other infrastructure failures.

You don’t want a help desk that sits around waiting for something you catch on fire; you want the team that’s making sure it never happens in the first place. Ask your potential MSP about their ability to respond to problems. Then, ask them how they implement a plan to prevent issues in the first place.  

 

A reputation for excellence

Promises are only worth something if they are kept. Words mean little unless they’re backed up by action. And as with hiring anybody, some MSPs will say anything to get your business.

That’s why you shouldn’t just listen to what they say, but rather look at what they’ve done. What clients do they have, and what history do they have with them? If you can talk to those clients to hear about their experience with their MSP, all the better. Contracting an MSP is not just hiring a service, but in some ways relationship and  partnership as well. 

You want to do your research so you know who you’ve chosen a partner you can trust.

Here Are the Mistakes You’re Making That Put Your Data at Risk

How you’re almost asking for your data to be stolen through bad passwords and indifference.

Protecting your data is pretty important. We even wrote a whole blog about why backing it up is mission critical. As crucial as it is to safeguard your data within your organization, it’s just as essential to keep it out of the hands of others. In today’s economy, data is money. And like money, data can be lost or even stolen.

Cyber breaches can cause huge financial and emotional heartache through theft or loss of data which we should all endeavor to prevent.

Those are the words of a spokesperson for the UK’s National Cyber Security Centre, after a 2019 research study revealed troubling trends in online security. Not to make any assumptions, but it seems like “huge financial and emotional heartache” is something you might want to avoid.

If you’re thinking you’re an unlikely target because of the size and scope of your business, think again. Ransomware and extortion can impact anyone with valuable data to lose. “More than half (56%) of ransomware victims paid the ransom to restore access to their data last year, according to a global study of 15,000 consumers conducted by global security company Kaspersky.”

Would your customers even be able to trust you after something catastrophic happens? There are too many fronts that need defending, and there is too much to lose by being indifferent and hoping for the best.

So how do they get my data?

Glad you asked. One prominent study showed that nearly half of all data theft occurred via remote login apps. A full 90% of the time, hackers were able to gain access to an organization’s network without any trouble at all. How? Bad passwords and default passwords. To the company, the hackers looked no different than an employee logging in from a coffee shop.

Can you guess what the most common (and easily hackable) password is? If you said 123456 (#1) or password (#4), well done. But guess what else makes the top 200 common passwords: names, sports teams, cities, fictional characters, and musicians.

Did we just hear an uh oh? An audible gulp? Of course not, because this is a body of text and is in no way sentient. But there’s a high likelihood you read that sentence and blinked a few times blankly at the screen while your heartbeat elevated.

We are sorry to bring the bad news that OKCThunder1! Is not a secure password. Neither is CarrieUnderwood4eva. Simply put, remote access is a vital component to many businesses, yet it is extremely vulnerable to malicious actors if not managed by experienced IT professionals.

People are human and fall victim to social engineering.

Let’s face it, you can’t expect every single person in your organization to behave like an IT security professional. We make honest mistakes. In the rush of a busy day, a phishing email that looks extremely convincing can swipe someone’s credentials. All it takes is one dodgy link to infect a network with malware or ransomware.

It’s not just over the web, either. If someone can get access to a computer, it can potentially be compromised by a thief or even a disgruntled employee. A USB thumb drive is a potential vector for attack, whether intentionally, or by accidentally transferring malware onto the system.

Despite all due diligence, it’s impossible for you to be eternally vigilant. That’s why amshot provides comprehensive enterprise IT security services that safeguard your organization against cyber-attacks and data breaches. Ready to take the first step to avoid that “huge financial and emotional heartache” we talked about?  Contact us to set up a consultation.

data breach