Working from home introduces a much bigger threat of attack from hackers. Here are five remote access threats you should know about:

• Phishing: tricking your employees into sharing sensitive data or passwords. 
• Distributed Denial of Service (DDoS): malicious attempts to disrupt normal server traffic, specifically aiming to take down your encryption service so your employees can’t use VPN.
• VPN Tools: ensure all your VPN software has been patched to minimize chance of threats.
• Remote Desktop: attackers could gain access to critical computer or servers through phishing or brute force attacks.
• BlueKeep: a vulnerability in Microsoft’s Remote Desktop services allows for remote code execution. Make sure patches are installed. 

Abilita and our cyber security business partners can help protect your company against cyber attacks. If you wish advice on this or any other Communications Technology, contact your Abilita consultant today!

Click here to schedule a no obligation 10-minute discussion to discuss your objectives and identify a strategy to come up with the right Remote Worker solution for your company.

In 2018/19, according to Gartner, roughly 1/3 of companies reported issues and dissatisfaction with their cloud VoIP solutions.

The key to a successful cloud transition is in proper planning, to get a system that fits your needs, from the right provider, at the right price.

With a successful cloud implementation:

• Employees appreciate the seamless integration of their office and mobile phones allowing them to work anywhere and keep in touch with their customers and fellow workers. Collaboration is easier.
• IT Departments appreciate the outsourced application, allowing them to spend time on priority projects rather than maintaining/updating a legacy phone system and managing the vendors.
• Management appreciates the increased employee productivity, improved customer relations, and flexibility offered by cloud systems.

With an unsuccessful or problematic cloud implementation:

• Employees will bypass the office phone systems, telling customers or suppliers to “use my cell number”.
• IT Departments will need to devote priority time and effort to sort the issues out with the vendor and the company data network. They’ll also likely be blamed for the problems.
• Management is unhappy with the employee dissatisfaction and customer relations issues and if necessary the cost to transition again to a new system or provider.

Needs Assessment

What system features do you need and would like to have in a Unified Communications system?

• i.e. Mobile integration, multi-location, call center requirements and reporting, employee collaboration tools, and conference calling.
• What are your growth requirements over the next few years?
• How important is redundancy and back up?

Pricing can vary considerably depending on the features selected.

Resource – Managed vs. Outsourced

How much responsibility do you want to retain in house or off load? 

It is important that your Unified Communications system integrates effectively with your data network and security protocols.

Some vendors will offer a completely separate network for your communications, so that there is no interference between your voice and your data applications.    

Data Network assessment – The Network Is the #1 Failure Point for UCaaS

In planning you need to start with a proper network assessment, not only what you have now but what your data/voice requirements will be a few years out.

Potential Network Issues:  Enough Bandwidth, Latency and Jitter, Misconfigured Router/Firewall, Internal Network Problems, Internet Fail Over

The solutions may be more bandwidth or a separate voice network to ensure that you have the right provider for the quality you need. The selected VoIP-UC provider needs to have the expert network techs to work with your IT department to plan and resolve any issues.

Finance Considerations

Today many Unified Communications are cost competitive, even with traditional telephony when you consider the phone line costs plus the licensing and maintenance costs for a traditional phone system. 

Capex or Opex ?  You often have the choice to purchase or rent your phone hardware.

Contract terms? How long are you prepared to contract your system for?  

Vendor Selection

Do your research carefully on any vendors to be considered.

• Do they have sufficient rollover facilities to avoid any network failures?
• Customer satisfaction?
• Do they have adequate project management and follow up support?
• Do they monitor call quality?
• How do they handle system and feature upgrades?

To schedule a 10 minute phone call to explore cloud communications for your organization, click here.

Once as important as the railroad and electrical grid, phone companies aren’t quite what they used to be. The article below addresses some trends our offices are seeing across the country:

• Rural areas are still struggling for reliable high-speed connectivity with decaying facilities.
• The breakdown and transition of traditional carrier networks from copper to fiber.
• The migration of customers from carriers to cable.

Many aging networks, built on taxpayer subsidies, still remain in use and slower expensive DSL can sometimes be the only broadband service available in rural areas.

Many phone companies have attempted to shift their business models toward new, more profitable sectors as the use of copper-based landlines has plummeted over the past few years. As VoIP services became more common in the early 2000’s, the nation’s phone companies used this surge in voice competition to convince lawmakers that meaningful oversight was no longer necessary.

Cable operators certainly appreciate phone companies’ apathy. Consumers with an actual choice in broadband providers are fleeing to cable at an unprecedented rate. This shift to cable operators has allowed them to raise their rates, impose arbitrary usage caps, and struggle with customer service.

And while next-gen wireless networks may provide an additional competitive option to some of these neglected customers, wireless won’t be a magic bullet for many due to geographical limitations, bandwidth usage restrictions, and potential higher prices.

To help you determine your best option for your voice and data networks, contact your Abilita consultant today.

Fishing can be an exceptionally relaxing way to spend a sunny afternoon. That is, unless you’re the fish. The more contemporary concept of phishing scams everyone, from ordinary web surfers to marketers to high-level executives.

3 ways to protect your business from phishing scams

To help you steer clear of future headaches, here are three key ways to protect your business from the vast number of phishing scams lurking on the web:

• Use proven professional antivirus software.
• Migrate from HTTP to HTTPS.
• Preach the importance of safe email use.

What are phishing scams?

Put simply: Phishing scams are attempts by a hacker to pilfer your personal information for their own financial gain. And they cast a wide, effective net — costing companies roughly half a billion dollars per year in the U.S. alone.

Being able to avoid the bait set every day by hackers and scam artists is an important skill to cultivate for all internet users. And if you’re running any aspect of your business online, getting caught will cost you not only money but also loss of customer confidence and possible fines for not providing adequate safeguards.

Let’s look at each strategy in more detail.

1. Use (and update) your antivirus software

There are a variety of tools and antivirus software services available for businesses. Free downloads do not provide the full range of protection a business needs. Your antivirus package should include email, web and malware protection.

Once your antivirus software is live, don’t just set it and forget it. Leaving all of your company data in the hands of out-of-date software is asking for trouble. Studies have found that out-of-date antivirus software is similar to having no antivirus protection at all.

2. Migrate your website from HTTP to HTTPS 

One type of phishing that is less publicized but equally dangerous is referred to as pharming, and it can affect your website even when clicking a link or downloading an attachment. The “S” at the end of HTTPS stands for Secure which means communications between your browser and website are encrypted.

​While HTTPS protects your own website to a great extent, seeing it on another website doesn’t mean that URL is necessarily safe. Phishers have learned to exploit some SSL certificates, which give a website its “HTTPS” encryption designation.

3. Preach the importance of safe email use (don’t click that link!)

Even with all of the antivirus technology in the world at your disposal, user error can still lead to company data getting compromised. All it takes is one wrong click inside an inbox.

Phony emails that trick users into divulging their personal information are prevalent and they are on the rise as automation makes sending out bulk messages easier than ever. If even one employee fell for a single one of these email phishing scams, it could mean big trouble for your business.

Phishers have had time to refine their skills over the years. Some now even specifically take aim at company executives (a process known as whaling) to nab high-level access to all kinds of company/employee data.

Make sure your employees are aware of what’s at stake when it comes to safe email use. Implement policies for safe and secure email. Building a culture of skepticism where suspicious emails are treated with caution is a big step toward protecting your business from the negative effects of email phishing.

You can never be too cautious

Online phishing scams are born out of vulnerabilities. If one hacker or fraudster finds a situation that can be exploited, they are going to do so. These con artists have been known to use psychology, technology and craftiness to exploit anyone or any situation they can. Scams can also be perpetrated via the phone: phishing for account numbers and passwords or requesting bank account details to process a “refund”.

If you invest in the digital security of your business, train employees to be critical of suspicious emails, and maintain a proactive rather than reactive attitude about data protection, you’ll be able to ideally avert every potential phishing crisis that rears its ugly head.

Abilita and our business partners are available to assist with any of your company’s technology needs. Contact your Abilita consultant today.

 

This article, written by Brenda Barron, first appeared on GoDaddy.com on Oct 11, 2018. Brenda Barron is a writer from southern California specializing in technology and business. 

• Two Factor Authentication, although an extra layer of security, still has potential for cyber crime.
• View the video of KnowBe4’s Kevin Mitnick demonstrating how Two Factor Authentication can be hacked.
• User education and training along with other cyber security efforts can help protect your company’s data.

In today’s world of digital crime and Internet fraud, most people are familiar with the importance of online login security using usernames and passwords. Two Factor Authentication adds an extra layer of security that requires not only a username and password but also a piece of information only they should know or have immediately on hand – such as a physical token.

This does make it harder for potential intruders to gain access and steal that person’s personal data or identity, however Two Factor Authentication may not be the panacea that many believe it is. Kevin Mitnick, cybersecurity expert and KnowBe4’s Chief Hacking Officer, shows in the video below how easily this defensive measure can be spoofed:

This example demonstrates how Two Factor Authentication is not enough to stop phishing attacks. You and your employees must remain diligent through user education and training, along with technology to help protect your company’s data.

Abilita and our cybersecurity business partners can help protect your company against cyber attacks. Contact your Abilita consultant today for assistance.

• Your employees are often the weakest link when it comes to enterprise cybersecurity.
• Your IT Department, Finance and C-Suite are particularly risky when it comes to cyberattacks.
• Harvard Business Review identifies 4 areas to mitigate the risk of cyberthreats through human error.

Cybersecurity has now expanded far beyond external threats of hackers attacking network vulnerabilities. Your employees are often the weakest link when it comes to enterprise cybersecurity. Insider threats are much more complex and difficult to manage. The nature of insider threats can be categorized into malicious, accidental, or negligent.

Some departments are more likely to fall victim to cyberattacks:

• IT and development: These employees have system access and passwords to sensitive company files.
• Finance: Attacks target these employees to transfer large sums of money, bypassing normal accounts payable procedures and controls.
• The C-Suite: Executives often work long hours, are rarely confined to the office, and have unrestricted access to the most sensitive company data, making them highly valuable and highly available targets.

Harvard Business Review wrote an excellent article about the problem of employees exposing your organization to cyberthreats through human error. They identified four areas where you can significantly mitigate this risk:

• Rethink employee training: In order to make a meaningful and lasting impact on employee behavior, organizations should organize frequent and interactive training sessions.
• Identify high-risk users and intervene: Another technique is to send out mock-phishing emails to see who clicks. Predictive analytics and artificial intelligence can also monitor and influence risky behavior.
• Shape the solution to the human user and not vice versa: Secure systems such as encrypted email can be complex and cumbersome to use. Companies should engage with employees to find a viable and workable solution to support cybersecurity efforts
• Constantly adapt to changing threats: Rapid advancements in technology makes it easier to secure data and to apply advanced analytics.

The Harvard Business Review article ends with: “It’s true that to err is human, and humans will keep erring. But increasingly, technology and improved practices can help you identify those employees who are most at risk of exposing your company to a cyberattack — before it becomes a major problem.”

Abilita and our cybersecurity business partners can help protect your company against cyber attacks. If you are ready to explore some of the strategies outlined in this report, contact your Abilita consultant today!

Key Planning Guidelines for Disaster
Recovery and Business Continuity

Disaster recovery should be a critical component for any business that relies on technology. Hurricanes Harvey and Irma highlight an important lesson for businesses. On a more local level, cable cuts and other outages cause disruptions to data and/or voice services. It doesn’t take a natural disaster to create havoc. And today, it’s not a matter of if it happens…it’s when it happens. What would the impact be to your business if you lost voice or data communications?

A data and voice continuity plan is like insurance. You need to ask yourself what is the cost in lost business and productivity in the event of a failure in voice or data communications for an hour, 4 hours or even 4 days.

For many major service providers, the mean time to repair a lost connection is four hours. But as evidenced by Hurricanes Harvey and Irma, outages can be significantly longer.

Businesses need to assess the potential costs of any disruption, and how redundant coverage and alternate routes can lessen the consequence cost of lost business.

You can’t predict the effects of a disaster, but you can plan for one. A carefully considered business continuity plan will help make coping with a disaster less impactful, and enable you to minimize disruption to the business and your customers.

For more details, read our full report titled “Lessons From Catastrophic Events“

An independent communications technology consultant can help you create a disaster recovery plan that meets your critical business needs. This will help to minimize the impact of service disruptions so you can get back up and running as quickly as possible after a disaster. As we have learned, and some the hard way, it’s better to be safe than sorry!