Capstone Works, Inc. Blog

Ransomware attacks are a serious threat to any size business. For a small business, a ransomware attack can even result in the company going out of business. Last year, ransomware was found to be the most prevalent form of malware connected to company data breaches; cybersecurity provider Malwarebytes cited a staggering 90 percent increase in detected ransomware attacks. Being vigilant and armed with a ransomware plan is not just another best practice, it’s necessary to company survival.

There are two types of ransomware to look out for: encryptors and lockers. Encryption ransomware programs take your files hostage, converting them into a code that will require decrypting. Locker ransomware takes entire networks and devices hostage, sometimes even preventing a computer from booting up. Both types of ransomware tend to have a time limit associated with them. If the ransom is not paid within the time frame, the hackers threaten further sabotage. You do not want to find yourself pitted against criminals like these without a trusted IT partner by your side.

Systems can be infected in several ways. One common method is through phishing attacks, which are communications that pose as content from trusted sources like banks, governments, or popular businesses. These attacks ask users to click on an attachment or a link that then invades the network. Other tactics include pop-up ads and exploiting browser vulnerabilities. There is even a new trend of demanding a ransom without actually infecting the network or device! This method is executed by hackers sending multiple emails threatening users that there is a destructive malware infection on their computer waiting to be activated unless the ransom is paid. At Capstone Works, it is our job to make sure we stay on top of the common tactics so that your network is always protected.

Don’t face the threat of ransomware attacks alone. These attacks can quickly escalate into extremely high-cost disasters. The price of a ransomware attack goes beyond the ransom you pay. For example, the Erie County Medical Center reported it recently spent an estimated $10 million on a $30,000 ransom. How did this happen? Responding to the attack can lead to additional high-cost consequences like staff overtime, lost revenue, emergency IT services, and staff training to prevent another mishap. These costs may be even higher if you are caught without a plan in place and a trusted IT partner like Capstone Works in your corner.

Prevention is your best strategy. Our goal is to work with you to recognize common tactics and train your employees so that we can decrease the likelihood that a ransomware attack will find its way into your network or device. We will monitor your network for suspicious activity, and help you back up your files so that you, and not the hackers, are in control – even if they infect your system. We can also help you manage and predict costs by building a ransomware plan as part of a comprehensive disaster recovery strategy.

Contact Capstone Works today. We will make sure you are ready for whatever hackers could throw your way.

The summer season has arrived! Warmer weather means families are spending time enjoying outdoor activities like hiking, bike rides, and beach days. With less time in the office comes more time on other devices, especially wearable technology like Apple Watches or FitBits. In other words, it is time to think about IoT security.

IoT stands for Internet of Things. Today, we are interconnected like never before, and more and more of our everyday devices are connecting to the internet and to each other. Consequently, more personal and business data is being shared. Your IT strategy must now encompass all the different ways through which you and your team are connecting to your business network.

You are probably wondering how an employee’s fitness tracker affects your cybersecurity strategy. Fitness trackers need to connect to another device like a computer or smartphone in order for the user to view all of the data they collect throughout the day, or input information like foods eaten or how many glasses of water they had. In this example, your employee might be connecting their fitness tracker to both their work and home computers. If their home computer is less secure, a hacker may be able to use the fitness tracker to also infiltrate your network. This is just one example. New IoT devices are now coming onto the market constantly. Soon, smart home assistants could be as common as smartphones. You may even make use of them in your office. With all of this innovation and change, it can be hard for your IT strategy to keep up.

IoT devices are known for being unsecured and lacking built-in security systems. They are also designed to be found and recognized by other devices, so if the default password has not been changed, it can be extremely easy for a hacker to find and access a device by exploiting a known default password. In order to secure your network in the face of increased connectivity, you need to put proactive policies in place, rather than depending on the device’s security systems. Hackers are sophisticated, and their favorite targets are those they expect to be unsecured. They assume that small-to-medium sized businesses are not investing in cybersecurity and will not keep up with the latest technology trends.

We’re here to prove the hackers wrong. With Capstone Works in your corner, you can be confident that we will keep you up-to-date on the latest cybersecurity best practices. We can also help you develop and implement policies that will help manage which personal devices your employees connect to your business network, and educate them around the security steps they need to take when doing so. Even seemingly small steps, like making sure they change their devices’ default password, can make a big difference.

Contact Capstone Works today. Partner with us to keep up with today’s latest technology trends and manage the risks so that hackers never catch you off guard.

Passwords today are like spare keys that have been given out to too many friends and neighbors. Common password content like birthdays, favorite sports teams, or names of children or pets are easily found on social media accounts.

Cybersecurity is vital to a successful business, especially as hackers try to exploit the companies they expect to be the least protected: small-to-medium sized businesses. Your accounts need an extra layer of protection so that your business network does not fall into the wrong hands. This is where multi-factor authentication comes in. Multi-factor authentication requires two or more pieces of evidence before a user is granted access to a protected account or device. We see this in practice all the time. For instance, at the ATM, the user must present both the correct debit card, and enter the right PIN. This is an example of two-factor authentication at work. The system works by requiring information the end user possesses, like a PIN or a password, with an object the intended user should have on hand.

Today’s businesses rely on cloud storage. The cloud is an incredible efficiency tool that empowers your workforce to access what they need when they need it. With that ease of access comes a risk that your information could be accessed by the wrong individuals, especially if you have not taken every precaution to secure it. When your sensitive business accounts and databases are secured only by passwords, you are putting yourself at risk, even when the passwords are complex and changed frequently. You need backup protection in the event that passwords are compromised.

There are many products that help you add this layer of protection to your network. Trying to sift through, select, and implement these products can be time consuming and confusing. At the same time, you know that an upfront investment of time and resources into cybersecurity can make all the difference when hackers strike. Multi-factor authentication creates more work for the hackers, and more opportunities for your defenses to protect your network. If someone is trying to invade an employee’s email account, guesses the password, but then needs to enter a randomly generated code that went to your employee’s phone or workplace computer, they may move on to invade a less protected network. Unlike a PIN, which suffers many of the same pitfalls of a password, these codes may only work for a limited period of time and have no personal connection to the user, meaning they cannot be guessed. This type of system gives you greater confidence that the people accessing your network are the ones meant to be there.

Setting up multi-factor authentication can have some unforeseen complexities, and is best handled by IT professionals who have the expertise and skillset to implement this useful protection for your business.

Capstone Works has the experience and cybersecurity expertise you need to ensure your network is as secure as possible. Contact us today to talk about your next steps.

National Small Business Week is April 29 to May 5! According to the United States Small Business Administration, "more than half of Americans either own or work for a small business, and they create about two out of every three new jobs in the U.S. each year."

You and other small and medium-sized business owners play a critical role in the American economy. That makes your network a prime target for hackers. This National Small Business Week, take a moment to reflect on the role technology plays in your company.

Your IT infrastructure is a key element of your business. Have you taken the steps to protect it in case disaster strikes?

Protecting Customer Data 

Most businesses collect customer data, using it to build positive relationships with their clients. Think of the auto repair shop that sends a reminder email when you are due for an oil change, or the hair salon that sends you a coupon to use on your birthday. These personalized communications are extremely valuable to small and medium-sized businesses that want to differentiate themselves from the competition and encourage previous clients to return.

Your customers need to trust that their information is safe with you. Recently, news broke of a major Under Armour/MyFitnessPal data breach affecting more than 150 million customers. The story comes directly on the heels of the recent controversy over Facebook’s data use practices. What do these stories mean for your business?

Customers may have more questions about why you need their information, how you plan to use it, and how you plan to protect it. Are you prepared to answer these questions? If not, contact Capstone Works. We can help you assess and improve your current data security practices so that you can answer your customers with confidence.

When Data is Exposed 

No cybersecurity plan is 100% effective. Hackers get more sophisticated by the day and are extremely skilled at exploiting human error in order to infiltrate business networks. Small and medium-sized businesses like yours are some of their favorite targets because they know these networks are often left minimally protected. What steps will you take if your system is attacked?

Planning ahead is critical. Don’t get caught off guard; anticipate the attack before it happens.

Work with a trusted Managed Service Provider like Capstone Works to create a Disaster Recovery Plan. We will run through potential scenarios so you understand where IT threats may come from, and work with you to determine the steps you will take to identify and lock down breaches as soon as possible. We will also help you develop a plan for when and how to let your customers know their data has been exposed. Capstone Works will be there through each step of this process.

Preparing for Anything 

A comprehensive Disaster Recovery Plan is not limited to preparing you for hacks and data breaches. The right plan will prepare you and your employees for any other scenario with the potential to affect your IT infrastructure, from natural disasters like floods or tornadoes, to man-made disasters like ransomware or phishing attacks.

With this plan in place, you will be able to assure your customers that you are taking every precaution with their information, and you will rest easier knowing that you are ready for any IT threat.

This National Small Business Week, make sure your business is prepared to face IT threats. Your customer data is too important to risk. Contact us today to protect your business, your customers, and your reputation.

Small and medium-sized business owners must take every precaution against cyberattacks, and World Backup Day is the perfect time to assess the cybersecurity tools in your arsenal. In the current high-threat environment, it is good for business to add as many layers of digital protection as possible. That’s where File Folder Sharing (FFS) comes into play.

FFS is the practice of sharing digital resources, like documents, multimedia (audio or video), graphics, programs, images, and e-books. While the most obvious business benefit of FFS is convenience, granting your team members the ability to collaborate no matter where they are, FFS also gives you an added layer of cybersecurity protection.

Using FFS to Back-up Your Business Data

Securing backups in the cloud can save files that would otherwise be compromised in an attack. Your device may be infected, but with your files backed up in the cloud, you can restore them quickly and easily. This backup ability empowers business owners over hackers. When hackers demand ransom to unlock your devices, their threats are significantly weakened if your FFS solution enables you to restore your files.

At first glance, FFS products may appear to be identical, but the features they offer vary. Most importantly, certain systems offer more protection than others. Which FFS solution is optimal for your needs?

How do you decide which FFS solution is right for your business?

• Is it safe to choose your FFS product based on cost, or are there specific “must have” features for your business?
• Is a popular, well-known, and widely used product really the best, or does it just have the most name recognition?
• Is it worth spending more for a product that offers end-to-end encryption to avoid higher costs in the event of an attack?

These can be tough questions to answer without the time to devote to complex IT matters. Assessing which FFS product is right for your business takes research, expertise, and time. At Capstone Works, we are experts who stay current on the best practices for cybersecurity and the tools available in today’s market. Save staff time by partnering with Capstone Works to determine how to back up your data and increase productivity with the FFS solution that best suits your business.

The right FFS product can make a critical difference for you when hackers strike. Differentiate yourself from your competitors who are not investing in the right cybersecurity solutions. Avoid the pitfalls of cyberattacks by consulting with Capstone Works to determine the best strategies and products to meet your security needs. Contact us today or give us a call!