3Qs: Azure—What Is It?

Microsoft Azure is on the rise in business IT, but what exactly is it and how does it help? In this episode of TN 3Qs, sales director Chris Montgomery and Cloud Services Manager Aaron Oliver explain what Microsoft Azure is, the benefits your business can derive from Azure, and how your business can be protected while using this solution. This is the first episode in a multi-part TNTV series about all things Microsoft Azure. Press play!

Video Transcript

This is the first episode in a series of episodes called the 3Q’s where we talk about important topics and answer some common questions. Today’s topic is focused on Azure, what is it, how it can benefit you, and how it can help protect your company. Azure has been on the market for a while now although it has recently gained more attention for multiple reasons, those of which we will be discussing. Read on to find out what those reasons are.

What is Azure?

Essentially, Azure is Microsoft’s enterprise-level Cloud platform. This means that it is very scalable, computable, and able to network on a global scale. Azure gives many businesses a means to host their infrastructure applications. Some companies use Azure to hold pieces of their business data in Microsoft’s domain. This way, their company does not have to worry about maintaining or management their hardware. In brief, all the capabilities that come with Azure and what it includes:

• Microsoft Enterprise Level Cloud
• Applications
• Global Scale Networking
• Pieces of or Complete Infrastructure
• More Secure than On-Premise

Since there is no possible access, Azure is going to be more secure than anything on site. With Azure, users are not constantly in and out of your data center compared to how they are at your actual office building. Azure is way more secure than anything else you could host yourself because it meets Microsoft compliance needs to all industries including PCI, HIPAA, FINRA, and SOX.

 

How Can Azure Benefit You?

Azure allows your company free-range to do what you want for your company. If you want to get out of the hardware business so you no longer have to worry about hosting your own hardware, go on ahead. The cash flow of your company will be increased and your overall cost will be decreased. The reduction in overall cost comes from Azure’s feature to pay as you go, meaning, you only need to pay for what you need now.

If your business is small right now but has plans on expanding into a large company in years to come, Azure has the flexibility to account for that. As your company grows and changes, you can move pieces of your network to Azure, you do not have to do it all at once. In addition, Azure can act as a type of “hybrid” model if you want to move only a certain amount of information to the Cloud while keeping some in house. With Azure, you can access data, services, and applications from anywhere. Being able to access your data from anywhere gives your business a global feel without actually having to be a global market player.

• Benefits of Azure Cloud:
• Stop hosting expensive hardware
• Remove capital hardware expense
• Reduce overall IT costs
• Only pay for what you need
• Extremely scalable

Azure has so many helpful capabilities that will help your company succeed in the long run.

 

How Can Azure Protect Your Company?

This world is very unpredictable and there are so many different circumstances that could put your company at great risk. Accidents and disasters happen all the time so it is critical to stay up to date on the latest prevention methods because the damage is often hard to fix after it has already been done.

It is impossible to predict when there will be electrical or internet failures at your office. With the help from Azure, if your internet goes down at your place of work, all you have to do is go anywhere with a working internet connection and connect your own server to it. There is also the unpredictable instances of national disasters that have the potential to severely hurt your business and the data it is built on. The impact of these inclement weather situations will not impact your company nearly as much if you have Azure.

Azure has the amazing capabilities of going geo-redundant. You can have data in different data centers across different regions of the country. This way, all your services can be running in a different region and you will be able to continue business like normal. Setting up Azure so that is it geo-redundant will help satisfy customers that are paying for a service that may be in a region that is down.

Furthermore, Azure also helps to prevent human errors. Human errors happen all the time and are not able to be controlled. For instance, if a user were to accidentally unplug a cord that they were not supposed to unplug, the network would not fall apart.

• Protection Capabilities of Azure:
• No more hardware failures
• Can work anywhere
• Disaster recovery
• Data is spread across the country

The goal of Azure is to eliminate any downtime of a business so that it is always running efficiently and effectively. Not only are you now aware of what Azure is, you know its many benefits and how it can protect your company.

Thanks for tuning in this episode and we look forward to seeing you next week as we continue the 3Q’s video series. If you would like to learn more about Azure and how it can benefit your company, contact us!

CHECK OUT MORE VIDEOS ON TNtv

Video Transcript

Welcome to TN Knowledge.

Today I will be showing you how to change themes in Microsoft Outlook and Microsoft Word.

To do so, first click on file, options, and inside the general tab, you will see office theme.

This theme is independent based on the application. So, to make the change in word, we would need to open it.

Click file, options at the bottom, under the general tab, office theme.

Thanks for watching. We look forward to seeing you next time.

CHECK OUT MORE VIDEOS ON TNtv

In this episode of TN Knowledge, Service Manager, Chris Gleockner, shows you how to create a local copy of your emails for backup, more specifically for Microsoft Outlook. Watch now!
 

Video Transcript

Thanks for watching TN Knowledge.

Today I'm going to show you how to create a local copy of your email.

To do so, we are going to go to “File”, “Open and Export”, “Import-export”, “Export to a file”.

Next, “Outlook data file”, next. Here, it's asking what we want to backup. You can choose specific files or you can choose all of them by selecting the top layer.

Here it's asking where we're going to save the file. It's important to note this if you are going to be copying this to a flash drive or other external media.

Clicking finish, it'll ask you if you want to password protect it and clicking ok will run the process.

Thank you for watching. We look forward to seeing you next time.

CHECK OUT MORE VIDEOS ON TNtv

In this episode of TN Knowledge, we review the most common fix for working offline in Microsoft Outlook. Learn how to change your status to connect your Outlook back to Email with Service Manager, Chris Gloeckner. Watch now!  

Video Transcript

Thanks for watching TN Knowledge.

Today I'm going to show you the most common fix for working offline in Microsoft Outlook.

As indicated at the bottom, Outlook is working offline here. You will also see a red X on Outlook. The most common fix, go up to “Send and Receive” click on it and you'll find that your “work offline” is selected. Click it once and you'll notice it is now connected.

Thank you for watching. We look forward to seeing you next time.

CHECK OUT MORE VIDEOS ON TNtv

In this episode of TN Knowledge, Service Manager, Chris Gloeckner, shows you how to create a rule for Emails in Microsoft Outlook. Watch now!  

Video Transcript

Welcome to TN Knowledge.

Today I'm going to show you how to create a rule in Outlook.

In order to create a rule, in Outlook, right click on the email, down to rules, and create rule. Here it'll ask the options for the email. I'm going to select anything from that address.

The action, I'm going to move into a folder Chris G. It's important to note that I did create this prior to this video. Once that's done hit okay, and it'll ask me, “do I want to run the rule against messages already in that folder”. In order to show you, I went ahead and selected yes and hit okay. The email now goes into that separate folder that I created.

Thank you for watching. We look forward to seeing you next time.

CHECK OUT MORE VIDEOS ON TNtv

In this episode of TN Knowledge Service Manager, Chris Gloeckner, will show you how to disable apps when your computer starts up. Watch Now!

Video Transcript

Thank you for watching TN Knowledge.

Today I will be showing you how to disable items from starting up when the computer turns on.

To do this, go down to your taskbar, right-click, and hit task manager. Find the startup tab. Maximize for easy viewing. Items that are marked enabled by default, will start when the computer turns on. If you would like to disable one, simply right click, disable. Thank you for watching. We look forward to seeing you next time.

CHECK OUT MORE VIDEOS ON TNtv

In this episode of TN Knowledge learn how to create and edit Outlook email signatures with Service Manager, Chris Gloeckner.

Video Transcript

Welcome to TN Knowledge!

Today, I'll show you how to set a signature within Outlook.

So first, we want to go up to the top left and click on “file”, followed by going to “options”, on the left hand side, ”mail”, and finally “signatures”.

To create a new signature you would click “new”, give it a unique name, and then enter what the signature you want in the box below. Once you are done, click “save” on the right hand side.

You can choose which signature to use depending on the situation one might need for new messages. Whereas the other signature is shortened and used only in replies.

When you have selected two signatures you wish to use click ”OK” and the signature is set. To test, compose a new email and you'll see the signature at the bottom.

Thank you for watching. We look forward to seeing you next time.

CHECK OUT MORE VIDEOS ON TNtv

In this episode of TN Knowledge learn how to operate the alarms, timers, stopwatches, and clocks in Microsoft Windows 10 with Service Manager, Chris Gloeckner. Watch Now!

Video Transcript

Welcome to TN Knowledge!

Today I will be showing you how to set an alarm or a timer on a Windows 10 PC.

To do so, first click the start key on your keyboard that's located on the bottom left between the control and ALT. Now, type the word “clock”. Go ahead and click on that. Once the application opens. You should see four things.

1. Alarm,
2. Clock,
3. Timer,
4. and Stopwatch.

To set an alarm hit the plus at the bottom right. Select your time, whether or not you want to repeat the sound, and a snooze time.

The clock tab allows you to add multiple clocks. To add a different clock, press plus, search, and now it adds and tells you the difference in time between the two clocks.

The timer tab, as shown here, is a quick way to set a timer should you need to count something down. In order to adjust the timer click up into the box. A single left click will bring open the options. Should you need to pause it middle button, reset it on the left.

The stopwatch tab is shown here. It's just a quick way to have a stopwatch.

Thank you for watching. We look forward to seeing you next time.

CHECK OUT MORE VIDEOS ON TNtv

In this episode of TN Knowledge, learn common uses of function keys F1-F12 with Chris Gloeckner. Watch Now!

Video Transcript

Today I'm going to show you common uses of the function keys.

1. Starting off, we have the F1 key. This is often referred to as the help key or the get help key. Now I’ll demonstrate in any application. Should you need some assistance inside that application. Generally you can hit the and it'll pop up a help dialog box. Oftentimes is the case that the F1 key results in opening a web browser and taking you to a support site for that application.
2. Much like the F1 key the F2 key has different functions depending on where you're trying to use it. For instance, on the desktop, should I want to change the name one of these icons. I could click on it, hit F2, and it will allow me to change the name. In Microsoft Excel, selecting the active cell and pressing F2 allows you to change the contents of that cell. In Microsoft Word, if you press control, alt + F2 at the same time, it'll open an open file dialog box.
3. The F3 key is commonly used within a Word document to change the capitalization holding shift and pressing F3 will change the capitalization of the word.
4. The F4 key is used for a variety of functions if you Like the F4 Key by itself, it will repeat your last action. The combination of alt + F4 will close a program window. If you have changes, it should prompt you to save.
5. The F5 key is most commonly used to refresh your browser. However, within Word if you click F5 it'll bring up the find and replace dialog box.
6. F6 is an easy way to move the cursor to the address bar.
7. F7 is handy when you need to spell check.
8. F8 is used on older versions of Windows in order to boot.
9. The F9 key triggers the send and receive email inside Outlook.
10. The F10 key activates a menu bar within the open application.
11. When using a browser F11 is used to maximize the current window.
12. You can use it again to bring it back to the regular view. F12 opens the save as window in Microsoft Word. Shift + F12 will save any new additions. Pressing Ctrl + Shift + F12 prints a document in Microsoft Word.

Thank you for watching. We look forward to seeing you next time.    

CHECK OUT MORE VIDEOS ON TNtv

Welcome to this TN Alert. Join Director of Sales, Chris Montgomery, as he discusses the latest type of phishing attack, brand phishing. Users can come across these sites while browsing the web and they look identical to brand websites, and these threeats continue to grow during the COVID_19 pandemic as people are frequently banking online, purchasing online, and more. Learn what to look for and how to protect yourself from brand phishing.

Video Transcript

My name is Chris Montgomery and welcome to this TN Alert.

Recently Check Point Research, a leading provider of cyber Security Solutions globally, published their brand fishing report for the first quarter of 2020. This report highlights the brands most imitated by cybercriminals in their attempts to steal personal information and payment credentials. Brand phishing attacks are when a cybercriminal tries to imitate the official website of a well-known brand using a similar domain name or URL as well as using a site design that looks almost identical to the brand site they're imitating. Links to these sites are then sent by text or email to unsuspecting individuals.

In addition, users may stumble across a site like this when web browsing since most search engines will pre-populate based on the website it thinks you're looking for. Once on the site, it may ask you to login which then provides your credentials or it may ask you to fill out a form containing both personal and financial information.

So far this year Apple was the brand most frequently imitated by cybercriminals going from seventh place in the fourth quarter of 2019 to first in the first quarter of this year. This means that Apple comprised 10% of all brand phishing attempts as bad actors look for creative ways to leverage brand recognition in their attacks with Netflix coming in second at nine percent followed by Yahoo at 6%. Rounding out the top ten were WhatsApp, PayPal, Chase, Facebook, Microsoft, eBay, and Amazon.

The most likely industry Target for brand phishing attacks was Technology followed by Banking and Media. This illustrates the diversification of some of the most well-known and widely use consumer sectors particularly during the current pandemic requiring individuals to work remote as they grapple with potential changes to their finances as well as an uptick in streaming home entertainment services.

Of the different types of attacks, the web was first with 59 percent of all phishing attacks being conducted via fraudulent websites. This was followed by mobile at 23% and finally email at 18%. Needless to say this comes surprise since most would assume emails the primary method of phishing attacks. When in reality, it's impersonated brand sites where most data is compromised.

Phishing will continue to be a growing threat in the coming months. Especially as criminals continue to exploit the fears and needs of people using essential services from their homes.

As always we encourage users to be vigilant and cautious when divulging personal data.

Thank you for joining me for this TN Alert. If you would like more information on how ThrottleNet can help protect against phishing attacks. Please reach out to us today at 866-829-5557 or visit us online at ThrottleNet.com.

CHECK OUT MORE VIDEOS ON TNtv

Welcome to our latest TN Alert, Chris Montgomery, joins us to discuss the boom in Zoom. During these unprecedented times, Zoom has become a way for all of us to connect with co-workers, clients, family, and friends. This has led to the latest cybersecurity threat called Zoom Bombing. Learn how these threeats are gaining access to your Zoom video feed, how to prevent it, and what you should do if your video becomes compromised.

Video Transcript

My name is Chris Montgomery and welcome to this TN Alert. As more and more employees find themselves working from home, Zoom has become the go to method of communications and collaboration for individuals, businesses and schools since it works across virtually any device allowing you to conduct meetings from anywhere, anytime.

So, what is Zoom – exactly?

Zoom is the leader in modern enterprise video communications, with an easy, reliable cloud platform for video and audio conferencing, collaboration, chat, and webinars across mobile devices, desktops, telephones, and room systems. And Zoom Rooms is the original software-based conference room solution used around the world in board, conference, huddle, and training rooms, as well as executive offices and classrooms. Our alert today centers around a recent trend when using Zoom – specifically, Zoom Bombing.

Zoom bombing - otherwise known as Video Hijacking - occurs when conferences are hosted on public channels shared over the internet via URLs, making them accessible to anyone. Hijackers can sometimes guess the correct URL or meeting ID for a public Zoom session, giving them access to the feed.

Thus far there have only been a handful of Zoom Bombings, but those are just the ones that have been reported. I say this because the school my children attend have had this happen to them as well, but just didn’t report it. In the case of our local school, students are having regular meetings online to visit with their teachers and classmates during the stay at home order currently in effect throughout the US; however, a Zoom Bomber was either given or figured out the meeting ID and was able to join resulting in a bit of chaos. In reported incidents, Bombers will shout profanity in addition to sharing personal information about the teacher. The reason Zoom Bombers are so effective is that meetings are only protected from those Zoom Meeting ID auto dialers that have a set password. If the meeting doesn’t have a password, it’s just a matter of guessing the Meeting ID and pressing Join. To protect against this, you can do one of two things. First, you can simply require a password to join your meeting, but if you’d like to make this your default setting, simply select the option to “Embed password in meeting link for one-click join” as either one of these will prevent an actor from accessing your meeting without losing the usability of sharing a link to join.

Additional recommendations from the Better Business Bureau include:

• Use a unique ID for large or public Zoom calls
• Don’t share the unique ID’s publicly
• Only allow hosts to share their screen
• Create a waiting room
• Create an invite-only meeting
• Lock the meeting once it starts
• Remove attendees or put them on hold if they become disruptive
• Disable the unruly participant’s camera or all cameras assuming that’s an option
• Make sure the Disable File Transfer setting is active

If you find yourself the victim of a ZoomBomb, please contact the authorities as the FBI has said that anyone who hacks into a teleconference meeting can be charged at the state and federal level. Charges can include the disruption of a public meeting, computer intrusion, using a computer to commit a crime, hate crimes, fraud, or transmitting threatening communications. These are punishable by fines and even imprisonment, according to the FBI. Thank you for joining me for this TN Alert. If you would like more information on how ThrottleNet can help you and your business, please reach out to us today at 866-829-5557 or visit us online at throttlenet.com

CHECK OUT MORE VIDEOS ON TNtv

On this episode of TN Knowledge, Matt Trembly, walks you through how to access your remote desktop through EverFuel. Remote desktops have become a crucial part of businesses during uncertain times, and ThrottleNet is here to make sure your network stays secure.

Video Transcript

Today, I'm going to show you how to access EverFuel secure remote access and show you how to connect to your computer from wherever you are. We're going to open our internet browser and I'm going to use Internet Explorer. We'll go up to our address bar and type in EverFuel. ThrottleNet.com and that will open the login page. So the next thing we'll do is enter our email address. Then enter our password and hit login, we'll open our portal here and you'll see on the right where it says computers. There should be at least one. Once you click on that you'll see the list and you can click on your computer. Here you will see a number of different pieces of information about your computer, but we want to come over here to the right hand side where it says remote access and will click on that. If you have a pop-up blocker, you will see this window pop up. You can just hit launch and it's going to launch the tool. So here you'll see your computer's desktop and icons. If you look at the top there's a bar across the top that has all of your options up here to the one that looks like a monitor and you'll see the multiple monitors that you can select. If you are using connecting to a computer that has multiple monitors. We're going to go to the lightning bolt icon and this gives you several different options here. If you go to blank guest monitor that will blank out the monitor of your computer at the office. If someone were to sit down at that desk, they would not be able to see what you're doing while you're working from home. We have this option here that says activate remote printing. Once you click on that, it'll take a few minutes to connect to your printers, but, you'll be able to print from your remote computer to your home printer. If you have one connected, we also have shared clipboard' selected here, which allows you to copy and paste files from your home computer to your work computer if you want or vice versa. So now you are connected and we can maximize the screen. Basically we are working directly on your computer so you can access your files, you can access the internet from there as well. And when you are done working on your work computer, you can hit the X. It will close out your session and the office computer will automatically lock the screen so nobody can just jump into your computer. They'll have to put in your password. If you're not already using EverFuel Secure Remote Access, please visit our website and contact us today.

CHECK OUT MORE VIDEOS ON TNtv

Our sales director at ThrottleNet, Chris Montgomery, explains how advanced persistent threats, APTs, can run silently in the background collecting data from your network. These attacks cannot be detected by anti-malware, anti-virus, or anti-spyware software due to how the attacks are performed, however, there are several preventative measures you can take to ensure you don’t become a victim. Learn more about APTs, and how to prevent attacks in this TNtv Alert!

Video Transcript

HOW DO APTS WORK?

Advanced Persistent Threats can compromise an entire network while going unnoticed. The following ways are how APTs get into your network if it is not properly protected and breach your network:

• A hacker gains access through Phishing.
• The malware waits and records data.
• The malware sends data and gains further instructions from a command server.

APTs can gain access to a network through Phishing by a hacker. Whether it be a malicious email, network file, or application, a hacker will find its vulnerability and insert malware. The inserted malware will offer an access point for the hacker and your network will be compromised. The inserted malware waits and records your network’s data and actively searches for any more vulnerabilities it can use.

The malware may also communicate with a command and control server to gain further malicious code or instructions. At this point, the malware can access additional instructions from a command server and send more data. The inserted malware will then figure out a way to establish that its attack may still continue even if one point is closed.

WHAT HAPPENS DURING AN APT?

After the malicious threat has been inserted into your network, the hacker now has reliable access to your data. The data that hackers are more likely interested in are your passwords and account names. Your passwords and account names are what allows the hackers, or threat actors, to find and collect your data. So what actually happens during an Advanced Persistent Threat? This targeted data will be sent to the hands of the hackers:

• Passwords
• Account numbers
• Keystrokes
• Any other personal data available

The malware inserted by the threat actor collects this targeted data through a staging server. This data is then extracted from your network and the threat actor has complete control over it. By now, your business’s network is fully compromised by the Advanced Persistent Threat. The hacker now has the ability to access your network whenever they please to keep the data breach going. Since an APT runs silently in the background, there will be no evidence of the attack even though your network is still breached.

 

WHY ARE APTS SO HARD TO FIND?

Advanced Persistent Threats are so difficult to detect for many organizations because even the most common solutions such as anti-malware, anti-virus, and anti-spyware, are not effective enough in finding this type of threat. To simplify, APTs are harder to find because:

• Anti-malware, anti-virus, and anti-spyware aren’t effective

Persistence and its level of capabilities are both in the name of an Advanced Persistent Threat. These threats are just that: advanced and persistent. This is what makes is so hard for these traditional solutions to detect and APT. In addition, Advanced Persistent Threats are able to create zero-day exploits. A zero-day vulnerability is an unknown security flaw in your software that hackers use to their advantage.

 

WHAT CAN YOU DO ABOUT IT?

In order to protect your business against an Advanced Persistent Threat, it is crucial that the following precautions are taken:

• Avoid odd-looking emails. Always look at From and Subject lines.
• Never click on links within emails unless trusted sender.
• Never open attachments unless trusted sender.

Following the above outline will help protect your business against a threat actor inserting malware into your network and compromising it. To further protect your business, the most effective solution you can take is to use a third-party provider such as us at ThrottleNet. At ThrottleNet, we have the right tools and talents to scan to any APTs. If we were to find and APT in your network, we will diagnose and remove it before it can do any further damage with your data.

If you’d like any more information about how ThrottleNet can help your business against Advanced Persistent Threats, please contact us today!

CHECK OUT MORE VIDEOS ON TNtv

Microsoft announces it is going to stop support for Windows 7 and Server 2008 and Server 2008 R2 operating systems on January 14th, 2020. Watch this video to learn what this means to your business and why planning ahead is so important.

Video Transcript

In this episode of TnTV Alerts, we will be discussing the recent Microsoft announcement that they are going to stop support for Windows 7 and Server 2008 and Server 2008 R2 operating systems on January 14th, 2020. Learn how to plan for this new update and how to prepare your business.

What Does This Mean for Your Business?

There will no longer be any support for Windows 7, Server 2008, and Server 2008 R2 after January 14th, 2020. Without this support and updated security patches, your servers and workstations are extremely vulnerable. Without support from these operating systems, your business faces the risk of:

• Hackers
• Viruses
• Malware
• Ransomware

These risks can greatly affect your business and all that you have built if you do not act on preventing it right away. After January 14th, your network will face many vulnerabilities and updates will no longer be performed for you. With Microsoft no longer pushing out critical security patches to Windows 7 Professional and Home, your company is at risk and it is time to start planning for it.

How to Plan Ahead

It is important to plan ahead before this update sets in place so your business is not susceptible to the risks that will come with it. One option when planning ahead is extending support, which will end up being quite costly. The cost per server can be about 75% of the license cost for just one year. For example, if you have many PC windows 7 computers in your workstation, the cost is not as high, but it is per PC. Paying the fee will upgrade all your computer systems with the latest critical and security information. You will have access to critical and security patches if you pay the fee, however, workstations may be less and this fee will double year to year.

Luckily, if you are a current ThrottleNet client, you will not have to worry about this because your vCIO (Virtual Chief Information Officer) will be well ahead of the curve. A vCIO if a great benefit that we can offer your company at ThrottleNet and they help to monitor your network in full detail, act as an advocate for your company, and have quarterly in-person meetings to ensure everything is going as expected and there are no issues. Your vCIO will discuss with you soon about what you should be doing to prepare for Microsoft no longer supporting Windows 7, Server 2008, and Server 2008 R2. Your network will be updated to the Windows 10 environment with the help of your vCIO and offer any additional options available for support.

For those of you who are not current ThrottleNet clients and would like more information on how we can assist you to contact us today!

CHECK OUT MORE VIDEOS ON TNtv

TNtv Alert: WiFi Phishing

Social Engineering attacks are the fastest way to gain access to wireless networks by bypassing security. WiFi Phishing is the latest in social engineering attacks and is the most powerful. Learn more on how to make sure you're protected in this TNTV Alerts video featuring sales director, Chris Montgomery.

Video Transcript

In today’s day in age, there are many new technological advancements that have created easy access to wireless networks by bypassing security. These network attacks are through social engineering and are the fastest way to gain secured information from a company. The latest and most powerful form of social engineering is called WiFi Phishing. Through WiFi Phishing, hackers put their attention towards cracking passwords and gaining full access to all the information in a company’s network. Many companies are unaware of the dangers that WiFi Phishing can create for this business and the different ways to stop it. In this video, we will alert you on what WiFi Phishing is exactly and how to protect yourself and your company from its damage.

Why is Social Engineering so Powerful?

Social engineering is one of the newest and most enhanced techniques when it comes to stealing information from a company’s network. Through social engineering, hackers have the ability to bypass all forms of security altogether. With the use of tricks, verbal or physical, hackers use these malicious skills to gain access and wiggle their way into your private data.

There are many instances that provide hackers with the capability of getting into your network:

• If you have simple passwords or all your passwords are the exact same
• Different forms of email phishing attacks
• Dropping random USB sticks near your office
• do NOT plug into any computer, give the USB to a trusted IT department professional who will know how to handle it

Oftentimes, hackers will trick employees to enter their passwords into a fake login page or use any of the tactics listed above. Continue reading to learn about a specific form of social engineering, WiFi Phishing, and how to protect yourself against its harm.

 

What is WiFi Phishing?

As previously mentioned, WiFi Phishing is one of the newest, most powerful forms of a social engineering attack. To walk you through the process of how WiFi Phishing works, we have outlined the steps a hacker will go through to gain your information:

1. Hacker removes all users from the WIFI.
2. Created a new WIFI with the same name.
3. Appears to be a router failure.

First, the hacker will select a nearby wireless network and de-authenticate it from all users, this will essentially jam them from entering into it. The hacker will then create a network that appears the be the exact same as the one the employee was using, a clone network. This clone network is unsecure and will require no password to join. The employee might think that there is just an issue with the router since the WiFi will cut out and be inaccessible. The employee might then try multiple attempts to re-connect to their network, but it will keep failing. This is the point where the employee gets discouraged or frustrated with the network until they see the same network (created by the hacker) that requires no password.

Once the employee eventually decides to join the cloned WiFi network, an official router page will open and informs the employee that an update needs to be installed. Of course, the update will require the employee’s login password. This is the trick that hackers will use to gain employees valuable passwords and gain access to your company’s network. The hacker has time to validate the employee’s password while this “update” is being installed on their computer. Many skilled professionals fall for this trick that hackers are now using to steal data from companies. This is one reason why WiFi Phishing is so powerful because not many people know how to look out for it and may not notice it is happening at the moment.

 

How to Protect Yourself

Now that you know the dangerous abilities that WiFi Phishing can have on a company, it is time to learn the ways to prevent it from happening. As soon as your WiFi connection goes down and you discover the “same” network that requires no password, immediately contact your IT Administrator before doing any further action. The IT Administrator should be familiar with this tactic and let you know how to proceed. This way the IT Administrator can let the company know of the situation so no other employee falls prey to the phishing.

Another crucial prevention method is to always be suspicious of any odd activity happening online and report it to an administrator. The internet has a ton of information and not all of it is secured. Be wary of what you are clicking on at all times and make sure you are not giving out your password to anyone if you are not 100% sure you know it is safe. Before connecting to an unsecured WiFi network after the connection suddenly drops, pause to evaluate if it seems suspicious because it will most likely be a hacker’s attempt to gain your password information.

6 out of 10 people use the same password across all or multiple sites.

Don’t be one of those people. Make your passwords different and more intrinsic so they are more difficult to distinguish. Again, the prevention methods you need to take to further secure your network and private information include:

• Always be suspicious of any odd activity online
• Check with an IT Administrator before connecting to another network
• If the WiFi connection suddenly drops, pause before taking further action
• Create new, more complicated passwords for all your devices and make sure they are all different from each other

Get in front of the hackers and stop the WiFi Phishing and Social Engineering attacks before they happen. Follow the tactics we discussed to put your company in the best position to fight any phishing attacks or any other security breaches.

If you’d like to learn more about ThrottleNet and how to prevent attacks from hackers, contact us today!

CHECK OUT MORE VIDEOS ON TNtv

With Black Friday and Holiday shopping ramping up, there is a new threat to be aware of, eSkimming. Hackers are infiltrating eCommerce stores to steal credit and debit cards, along with other personal information, this process is similar to skimming on a gas pump. Join Sales Director, Chris Montgomery, in the latest TN ALERT to learn how to protect your eCommerce store and your customer during the holiday season.

Video Transcript

My name is Chris Montgomery and welcome to this TN Alert. Just as online holiday shopping begins to heat up, the FBI has issued a warning about hackers infiltrating online shopping carts to steal credit and debit cards and other personal information. The growing scam is called a skimming and it happens when cybercriminals inject malicious code onto retail websites, reports the organ FBI in a news release with small and medium-sized businesses as well as government agencies being the target. The electronic process is similar to skimming at gas pumps and ATMs. After eSkimming, scammers install the wayward codes that can capture credit card data in real-time as users enter them. The data is then sold in the dark web or used by thieves to make fraudulent purchases. This and other cyber crimes are part of a growing threat to businesses. Fraudsters gain access to vulnerable websites via a phishing attack by targeting a company's employees or through a vulnerable third party vendor attached to business servers, according to the FBI. It is nearly impossible for consumers to know a website has been infiltrated. That is why it is imperative that businesses protect themselves and consumers by keeping software up-to-date and installing patches, by implementing multi-factor authentication, and by segmenting and segregating networks and functions, so says the FBI. The agency also warns all consumers and especially employees to be wary of email attachments and messages and always create strong unique passwords on all systems and accounts. Additional FBI tips for the prevention of eSkimming fraud include, update and patch all systems with the latest security software, antivirus and anti-malware need to be up-to-date and firewall strong, change default login credentials on all systems, educate employees about safe cyber practices, and most important do not click on links or unexpected attachments in messages. Segregate and segment Network systems to limit how easily cybercriminals can move from one to the other and, report any instance of online fraud to the FBI's internet crime complaint center at www.ic3.gov or call your local FBI office. If you would like to learn more about how ThrottleNet can assist your business with cybersecurity, contact us today at 866-829-5557 or visit us online at ThrottleNet.com.

CHECK OUT MORE VIDEOS ON TNtv

How can Microsoft office 365 and Azure can work together to benefit your organization? In this Episode of TN 3Qs Sales Director Chris Montgomery and Cloud Services Manager, Aaron Oliver continues the Azure series with part 2. They will explain if you still need a server or can it be replaced with Office 365 and Azure and other benefits of moving to the cloud-based services. Learn more in this week's episode!

Video Transcript

OFFICE 365 AND AZURE CAN WORK TOGETHER TO BENEFIT YOUR ORGANIZATION

With the recent spike in attention on Azure products, ThrottleNet’s second episode in our TNTV 3Qs video series will be highlighting how specifically Azure and Office 365 can work together to benefit your organization. Watch the second episode to learn more on this topic.

NUMBER 1 IS A SERVER STILL REQUIRED?

Servers are definitely more common in smaller organizations with less clients. But how does a company know if they still require a server based on their overall needs and size of operations? Companies need to start considering all the facts and know exactly what they need to start thinking about to make the correct decision.

 

NUMBER 2 OFFICE 365 PROVIDES AZURE ACTIVE DIRECTORY

When you get an Office 365 its comes with Azure Active Directory. An Active Directory, or “AD” is a service developed by Microsoft for directory needs for Windows domain networks. Your on-site AD controller can be replaced by one that has multiple features. Cloud Services Manager at ThrottleNet Inc., Aaron Oliver, states “today most people are moving to Office 365” and that “a lot of smaller clients have servers just to serve up files and be their AD controller for security and permissions to those files”. With this in consideration, some clients might want to think about getting an Azure/Office 365 environment instead of their single server. However, before making this ultimate decision there are some details to figure out that will determine the outcome.

• Is SQL required for business apps (are my vendors capable of this?)
• SQL helps with managing data that is held in a relational database management system or for stream processing in a stream management system.
• Location of your files
• Capital expense savings
• Removes expensive on-site email

Today, we have found that many clients are getting more on-board with the Cloud for their business app needs. For example, companies have used Cloud QuickBooks to track and manage their business, Cloud ERPs (Enterprise Resource Planning) to support and engage their workforce, or Cloud CRNs (Cloud Resource Names) to specify a resource. Your company could be in a good position by not having to spend extra on hardware for that particular server and advance to Office 365 for email. This will replace your file server and you can join workstations through Windows 10, PC’s to the Azure Active Directory, and use a RMN tool through ThrottleNet. This RMN tool will organize and oversee any policies that would have been done on a single active directory server. Therefore, it is not always necessary to have a server in place.

 

NO LONGER A NEED FOR A SERVER

What Makes Azure Possible?
Technology has been rapidly advancing, especially with the special capabilities that Azure and Office 365 can offer. All of these offerings have been coming out every month for over a year now and have interesting and useful features each time. Some new features include OneDrive and Integrated SharePoint. OneDrive helps companies to host files and synchronize their services and was recently updated to have a new files on demand feature. This new files on demand feature is extremely affordable per terabyte and can:

• Store all files in the Cloud
• Have files ready for use when needed
• Synchronize automatically

All these features provided through OneDrive will increase productivity for your company so you can focus on other important aspects of daily operations. Not only will you get to use your saved expenses for another priority, the overall organization and effectiveness of your company will be greatly increased.

 

OVERALL BENEFITS OF AZURE AND OFFICE 365

The pairing of Azure and Microsoft Office 365 will overall benefit your company in many ways. If you are still skeptical about what these actual benefits are if you decide to push everything down this route, consider these facts:

• There will be no extra costs of repurchasing servers and/or licenses
• The cost of on-site backup and storage will be reduced
• Files and apps have accessibility anywhere with no use of a VPN.

It is much, much cheaper for your company to backup Cloud storage rather than a traditional server. If you want to save your company time, money, and increase availability, it is time to switch to Azure and Office 365 products.

This is a multi-part video series, you won’t want to miss our next and final episode! If you have any questions or want to know more information on how ThrottleNet or the Azure product can benefit your organization, give us a call today!

CHECK OUT MORE VIDEOS ON TNtv

Is your network and data secure? Gain insights into trends and outside threats that could put your network and data at risk, and what you can do to improve network security. This includes lack of strong password policies, unlocked workstations, remotee desktops accessing your network as well as hackers stealing your data through network security vulnerabilities. Learn more about how to improve your network security from ThrottleNet.

Video Transcript

In today’s fast-paced world, it can be hard to keep up on all things data security. There are so many outside threats that makes your data at risk. In this week’s episode, we are discussing the tops trends that could put your data at risk in 2019 and some helpful insights about security vulnerabilities.

Video Transcription

Welcome back to this week’s episode of TnTV about Trends that could put your data at risk. My name is Chris Montgomery, Sales Director at ThrottleNet, and today I have with me Corey Phillips who is the Support Crew Manager. In this short video, we will be discussing the various security methods that companies should be paying attention to and what you need to be thinking about in order to protect yourself from unauthorized access to your network. More specifically, what is the most popular trends that we are seeing involving data risk in 2019?

 

Is My Data Secure?

First things first, look at the level of your data security within your company. Get in tune with your IT department and see if there is a lack of security anywhere. IT is not always one of the priorities at some companies, and we are here to tell you that it is the time it becomes a top priority. A few must-have things to ensure your data is secure are strong set passwords and password policies, to make sure there is an actual password set and it is not a simple password, and to have workstations that are supervised or locked at all times. All the data you have collected over your years of operation is what makes up your business, it is important to always protect that.

Data Security Checklist:

• Strong passwords
• Strong password policies (no simple passwords allowed)
• Workstations are always monitored/locked

 

Watch out for A.I.

A.I. is a new technology that has been advancing rapidly. Although, some businesses might want to be a little weary towards it. A.I. stands for Artificial Intelligence and is essentially a human simulation of an intelligent process. Some examples of A.I. include Alexa, Siri, OK Google, etc. When this technology is put to good use, the benefits it can have are tremendous. However, these A.I. devices are always listening or watching you, which is where some companies could potentially be at risk. A.I. machines are constantly listening for you to give it a command and everything they hear is stored data in its system. The more information A.I. collects, the more it learns from the environment. However, if there is private information about your company that is being discussed, you might not always want that information being stored anywhere.

A.I. Checklist:

• Make sure it’s being used for good, not evil.
• Beware of devices listening in
• Alexa, Siri, OK Google. Etc.

Outside Devices

Most businesses are not always aware of all the devices their employees are bringing into their office building. It can be hard, almost impossible to closely monitor people’s personal devices they are bringing with them to work whether you like it or not. When an employee, or anyone who enters your building and uses your network on their own device, you have no control over what they are remoting through your networks system. People’s personal devices have the possibility of having malware, viruses, or no security protocols setup whatsoever. All this lack of security on other’s devices puts your data security at risk.

When someone brings in a laptop, iPhone, Tablet, etc. into your business and uses their credentials to use your network, they are exposing it to any danger on their device. Some companies try implementing some type of personal device policy where people’s devices have to have no malware, viruses and be password protected. However, these policies can be very difficult to regulate. The overall best prevention measure to deal with the risk of outside devices is to simply increase your IT security in general.

Outside Device Checklist:

• Try to set a device policy
• I.E. personal devices put be password protected with the latest antivirus protection and no malware
• However, this will be hard to regulate
• Be prepared for the risk that outside devices bring
• Increase your data security for prevention measures

Beware of Hackers

When a hacker gets into your system, it can often go unnoticed. Hackers will sneak through your data system, steal information, and get back out without leaving a trace. Sometimes small businesses do not think they are at risk of hackers because hackers only like to deal with larger operations. This is very wrong, most hackers actually prefer to hack smaller businesses because it is a lot easier to do. Smaller companies still have valuable information such as financial statements, social security numbers, employee birthdays, and more. All this data is information that can be sold very quickly and hackers can earn a lot of profit from it. The IT departments of smaller companies are often overlooked due to a smaller budget. Although IT security can be an expense on your company, the payoffs will outweigh the costs.

Hacker Prevention Checklist:

• Monitor your network data system regularly to ensure no outside forces have gotten in
• Up your IT security, especially if you are a smaller business
• Stay updated on ways hackers could get into your system and use diligent prevention methods

Final Checklist of How to Secure your Data

• Password protect all data with a strong password that are not easily encoded
• Always monitor all workstations with a lock or supervisor
• Be aware of A.I. devices listening or watching you (Alexa, Sire, OK Google, etc.)
• Create prevention tactics for risks that outside devices may bring into your business (laptops, iPhones, tablets, etc.)
• Regularly check data system to ensure there have been no outside invaders
• Delegate larger portion of your budget to your IT security (especially if you are a smaller business)

If anything you’ve heard today peaks your interest, if you have any concerns, or just want to learn more, give us a call at 866-826-5966 and we will be happy to answer any questions you may have.

CHECK OUT MORE VIDEOS ON TNtv

The importance of a managed network.
Find out why a managed network, a business process outsourcing solution, is essential for any business wanting the latest software solutions, network support, security enhancements and more. It’s ideal for meeting IT requirements without hiring a full time IT staff.

Video Transcript

A Managed Network is Important

 

In this week’s episode of 3Q’s you will discover the importance of having a managed network. A managed network is essentially a business process outsourcing solution that enables your business to run with the latest software solutions. Having managed networks means having ultimate network support, professional services, security enhancements, and much more. There is no need to hire a full-time IT staff when you can meet the IT requirements with a managed network.

 

Top 3 Benefits of a Managed Network

 

A managed network can be extremely beneficial to your company, and here’s why. With a managed network you will always be protected through network backups in case an incident occurs, your technology vendors will be taken care of, and you will have a Virtual Chief Information Center (vCIO) that will organize the details and strategies of your network.

Backup Management

Every day, ThrottleNet will manage your backups in precaution of any potential disasters. Every backup is noted into a ticket in our system, which you will receive and have full access to. The backups are checked to make sure they are viable and all your network information is secured. The preferred backup solution that we use at ThrottleNet is called “Datto”. When using this solution, we can go right in and do our test resourcing. Through Datto, we will perform disaster recovery testing, restore your server in minutes, and restore your files in seconds. Backup management is another layer of security that ThrottleNet offers to ensure your network is reliable.

• ThrottleNet manages your backups daily in case of a disaster & then we note that every day in a ticket that customer will receive
• ThrottleNet conducts daily checks to ensure they are completed and viable
• ThrottleNet’s preferred backup solution is “Datto”, we can go right in and do test resource
• -Disaster recovery testing
• -Restore server in minutes
• -Restore files in seconds

Vendor Management

Through vendor management, we take the burden off of our clients when dealing with technology vendors. There can be so many tedious tasks when it comes to managing vendors, and that will all be taken care of. ThrottleNet will handle all third party IT concerns your company may have that deals with anything from internet connections to provide a stress-free work environment through software systems. Here’s how our vendor management system works:

1. We will get a letter of agency from our clients
2. On our client’s letterhead, we will say we can work on their behalf
3. Should any issue arise, we will be able to handle it

The responsibilities that come with vendor management can all be dealt with through our refined system. Tell us what your technology concerns are, and we will find the best possible solution. Giving ThrottleNet the task of vendor management will give your company more time to focus on what you want to deal with.

Virtual Chief Information Center (vCIO) -most important

A vCIO, or Virtual Chief Information Center, is what our Director of Managed Services, Todd Budde, says to be one of the most important benefits we offer. A vCIO works as a point of contact for your company to be your advocate for all things technology related. Meetings with your Virtual Chief Information Center will be held quarterly to review:

• Network details
• Strategies for the future
• Technology budgets

Along with those three core review points, the vCIO will go over anything technologically related that you may have questions or concerns about. The vCIO is employed by us at ThrottleNet to help you organize, maintain, and monitor your network solutions.

What Does it Mean to Have a Managed Network?

 

Having a managed network means you are backed up by an entire team of IT professionals with the sole purpose of securing and managing your network. Our team will provide your company with refined ticketing and monitoring systems and successful solutions. A managed network for your company is an important factor in creating a smooth business operation and it should not have to break the bank. At ThrottleNet, we provide your company with a managed network that you can afford within your budget.

A managed network offers many features such as backup management, vendor management, and a Virtual Chief Information Center (vCIO) that provides your company with a business process outsourcing solution. Not only does a managed network provide those benefits, but it also provides:

• Anti-virus, Malware, Spyware
• Monitoring, maintenance, and management
• Ongoing user training
• Increased security
• Unlimited support

Looking for current issues and how to prevent a potential issue, providing top-notch security, and support on the go are all vital parts of a managed network.

If you’d like more information on this solution on how it can benefit your organization, contact us today!

CHECK OUT MORE VIDEOS ON TNtv

Learn the importance of IT security for protecting your business data against cyber threats. Todd Budde, Director of Managed Services at ThrottleNet, reveals how ransomware and malware can be stopped before they infiltrate networks and technology devices searching for ways to harm your business.

Video Transcript

Hi, my name is Chris Montgomery and I’d like to welcome you to a new series that we here at ThrottleNet are introducing called 3Qs. The idea behind this series ultimately is to be able to ask 3 high-level questions to somebody with a technical background and get more information, detail, an insight specific to those questions, and how in an example today we can and are enhancing security across the networks we service now and those we will be taking on in the future. In today’s episode, I have with me Todd Budd3e, our director of managed services. So, the first question that most would ask is:

What is IT+Security?

Again, this is a core focus on what we as an organization are doing, and everyone defines this differently. How we define it is pretty straight forward: IT+Security is our solution that provides business owners and organizations with:

• A fulltime IT department
• Advanced network management services to keep your network running smoothly
• Protection you from data loss, hacking, and ransomware.
• This allows you to focus on what you do best, which is running your business.

IT+Security Enhancements

Now that we have established what IT+Security is, What are some of the enhancements that we have added or always had that we may not have messaged very well out to our viewers as to what we can and have been doing for them.

1. Better malware protection through the use of DNS

How does this solution work leveraging that to provide better security?

• This solution is going to push all of your user’s DNS requests through a specific set of servers. These servers scan websites to make sure they are not infected with any type of malware or anything.

2. What does this address and what is this going to protect against?

• In addition to having a firewall and antivirus, this is going to prevent you from getting any type of malware.
• We now not only have the ability to address security-related issues and do group policies and otherwise at the domain level and pushing those down, but we can also do those on the outer edges of the wheel at the workstation level.
• Correct, and we will continue to do both, but what this will really help if you have mobile users. Say they have laptops that they are taking out of the office and you want to push out a new policy. Now we can do this because they have our agent installed on their laptop, so we don’t have to wait until they check back into the office and get the new policy. We can push it out in 3-5 minutes.

What is a final or third enhancement or security option that we are now including as part of our services?

3. Better ransomware protection through isolation.

Ransomware being the keyword there, I think anytime anyone hears that term. We hear it quite a bit here at ThrottlNet, for better or for worse right? So how does it do that, how is it assisting with isolating ransomware incidents?

• We have a tool that places a hidden file in your “my documents” folder, and that’s constantly scanned. If that scan notices a change that’s going to look similar to a ransomware outbreak it’s going to isolate that computer from the rest of your network, but still, allow ThrottleNet a way in to start cleaning up the issue.

The upside is this is happening automatically, and it’s not a matter of us getting an alert to then go in an isolate that pc its automatically isolating, and advising us via alert that there is a problem so that we can go in and remediate that issue or whatever it happens to be, or at least check is this truly a ransomware attack. If it’s not great, we can unlock it and let the user continue on.

What do these enhancements mean to you and your business?

Well, what it really means is that we can prevent users from going to infected websites, preventing you from malware attacks that are coming in just by going out and doing a regular run of the mill searches online. In addition, it can isolate workstations, but still provide us with a gateway into the workstation to resolve any issues we identify, hypothetically a ransomware attack occurs it impacts the hidden file that Todd has referenced, we now have the ability to go in and specifically resolve that issue while keeping that workstation isolated from the rest of the network. And then finally, we are able to establish policies specific to the end-user and their workstation without having to worry about whether or not they are connected to the network, which allows us to do things on the fly so to speak in a much more timely manner as the needs present itself. But the end game here is, this is going to provide you with a higher level of security and business continuity, because if your users and your network experience less downtime, of course, that is going to ensure that you have more uptime. More Uptime results in high levels of productivity, efficiency, and profitability. Todd, I appreciate the time today. Thank you so much for coming in and giving us some information. I appreciate your time as well and I look forward to seeing you again on 3Qs. For more information about our IT+Security services, and how it can help your business, contact us today!

Does your business have the proper process in place for onboarding new employees, modifying employee access, or terminating access when an employee leaves a company? In this TNtv Alert, Sales Director, Chris Montgomery reviews the results of a survey of IT professionals from Ivanti, and he discusses how to ensure your process is streamlined and completed in a timely manner.

Video Transcript

My name is Chris Montgomery and welcome to this TN Alert a recent survey of IT professionals conducted by it firm, Ivanti has revealed access rights digital resources are not always terminated promptly when employees change roles or leave the company.

The latter is especially disconcerting as there is a high risk of data theft and sabotage of company systems by former employees. There have been many reported cases of former employees taken sensitive data to new employers and conducting malicious attacks and cases of termination.

What they found is that while the policies and procedures have been established to cover the entire process, there are typically issues with onboarding new employees, modifying permissions, and terminating access rights. Regarding new employee onboards. It was found that 85 percent of employees said they did not have access to all the resources they needed to complete their job duties when they first joined the company. This was corroborated by those surveyed with 38% saying it takes an average of two to four days to fully onboard new hires and 27% saying it takes more than a week. A larger concern from a security and compliance perspective is the modification of access rights to data and resources and even though legislation, such as HIPAA calls for prompt changes to be made to prevent unauthorized data access, access right changes are slow to be applied, if they are applied at all.

This is supported by the fact that only 55 percent of respondents were confident that access to unnecessary resources was removed when an employee’s role in the organization changed. It was also found that over 25 percent of IT professionals say its typically takes over a week to fully remove or disable an employee when they leave the company and only half we're confident that access to critical systems and data had been blocked for the most recent employee to leave the organization. Taking a step further, when asked if they knew someone who still had access to a former employer systems or data over fifty percent said yes. This presents a significant risk, including but not limited to data leakage, cyber attacks through an unmanaged account, and malicious data theft.

When asked about the reasons for the onboarding amending and off-boarding issues, the main issue was poorly defined processes with other reasons including issues with automation or lack of resources. Some ways to prevent this include speaking with your IT provider and making sure you have a plan for both on-boarding and off-boarding your employees to ensure there's a level of accountability and documentation around this process. This would include documentation on standard new user workstation requirements, as well as a process to disable or delete users when they leave the organization. The best way you can address these concerns is to partner with professional IT provider that can supply this documentation and information, as well as best practices for new user on-boarding and off-boarding.

If you would like more information on how ThrottleNet can address challenges around on-boarding new users or removing those that have left the organization check us out at ThrottleNet.com or call us today.

CHECK OUT MORE VIDEOS ON TNtv

Venmo users are being targeted with the latest scam. Users are receiving text messages that are modeled after the Venmo website. In the latest TNTV Alert, sales director, Chris Montgomery, discusses how you can make sure you are protecting your personal information as well as your username and password along with what you should do if you think you have been a victim of this attack.

Video Transcript

My Name is Chris Montgomery, and welcome to this TN Alert.

If you're anything like me you probably doesn’t carry much cash these days and depend on applications or just your debit card to send money or make purchases, but as the use of these tools becomes more prevalent so does the potential for cybercrime.

Today’s alert is specific to an application that has been gaining traction for the past year, Venmo.

In a new scam, cybercriminals are using to collect your credit card information, as well as your login credentials.

How Does the Scam Work?

The scam works in the following way:

• Cybercriminals send Venmo users text messages that share the same colors and fonts of the mobile payment application. These text messages state that they are about to be charged, but if they would like to cancel the withdrawal they can log into their account.
• The text then directs users to a website via a link that looks exactly like Venmo’s. Once there the website allows users to sign in using any phone number and password combination but asks for personal bank information including a bank card to verify the identity of the user.

How to Prevent Being Scammed

If you receive a text message from Venmo like this, users are advised to go to the website directly via their desktop as opposed to the link contained in the text message, or simply open the app on their mobile device, as this is the most secure method of confirmation.

In addition, this illustrates the importance of verifying your username and password across all financial websites you frequent. The reason is that 60% of users use the same username and password across all or multiple sites, but what this really means is if they have your login credentials for Venmo, they could have them for every site you frequent.

How to Manage your Login Credentials:

• A tip for managing your login credentials would be to use a password vault such as LastPass to house this information.
• If you rather not use a service like LastPass, consider having a complex password one that contains capital letters, numbers, symbols, and a combination of all three for your financial website, while having a more simplistic password for a site like Facebook.
• An easy way to create a complex password is to use a movie quote or a song lyric including all punctuation & capitalization throughout.

What to do if you Think You are a Victim:

If you feel you have been subjected to this type of attack, officials ask that you contact your bank or credit card lender immediately to advise them so they can cancel your card and issue a new one. In addition, Venmo, which is owned by paypal, asks that users that think they may have been targeted by scamers posing as Venmo to contact spoof@paypal.com.

If you would like to learn more about how ThrottleNet can provide training to your users on how to identify and protect against attacks like these, please contact us today!

CHECK OUT MORE VIDEOS ON TNtv

Is your company protected against a mobile data breach? Mobile security has become much more than just worrying about your smartphone security, today tablets and laptops are also vulnerable. In this TN Alert Director of Sales, Chris Montgomery explains the types of threats that target mobile devices and how to protect yourself.

Video Transcript

My name is Chris Montgomery and welcome to this TN Alert.

There was a time when all you had to concern yourself with when it came to mobile security was your smartphone but this is no longer the case.

We now live in a mobile society in which you have tablets, laptops, or a combination of the two to worry about. Couple this with information often being the most important asset a company can possess and you can assume mobile breaches are, and will continue to be a threat to businesses of all sizes.

Let's start with data leakage according to research by Ponemon, companies have Chance of almost 28 percent that they will suffer a breach within the next two years. However, a lot of this is preventable given that the biggest threat comes from users who are often lacks and what information they allow apps to share. The solution to this is as simple as educating users on how and when to transfer sensitive data, as well as what permissions they give their mobile applications.

Next up or two items most are familiar with, Phishing and scam attacks. The frustrating aspect of these types of attacks is how easily avoidable they are since most come in Via social engineering attacks. For those that aren't aware of what social engineering is an example might be someone sending an email with an address that's familiar to you which contains a link that once clicked on will begin infecting your PC. The solution to this is to train your users on
what to look out for when checking their email and what to do if they believe they are being targeted.

Another way a mobile device can be compromised is by being on an unsecured Network.
As we become more mobile, we also need to be more conscientious of the networks were connecting to. For example, in a previous TN Alert we discussed Wi-Fi Phishing and how easy it is for someone to spoof a network resulting in you inadvertently logging into a malicious Network, as opposed to the secure network you're accustomed to. Unfortunately, the only way to protect against this is for the user to be more Vigilant in their behavior when connecting to public networks.

Last but certainly not least is Smishing. Smishing is like Phishing in that a text message is sent to your device to entice you into making a call which can automatically breach your device. The solution to this thread is largely education. Simply include this in any training you provide around phishing attacks and advise your employees to never call unknown numbers texted to their mobile device.
If you'd like more information on how ThrottleNet can help you protect your business against mobile device threats, please visit us online at ThrottleNet.com.

CHECK OUT MORE VIDEOS ON TNtv

TN Alert: Florida Ransomware Attack

The City of Riviera Beach, Florida is the latest ransomware attack victim in a string of high-profile phishing attacks striking US cities and businesses. Learn how this costly attack happened and how to keep it from happening to you in our latest TNTV Alerts video featuring Todd Budde, Director of Managed Services at ThrottleNet, Inc.

Video Transcript

In this week’s episode, we have a TnTV Alert about a recent ransomware attack in Riviera Beach, Florida. High-profile phishing attacks have been sweeping the country and all businesses are susceptible to it. It is crucial to understand how this attack happened in order to learn how to prevent it from happening to your own company. We are here today with ThrottleNet’s Director of Managed Services, Todd Budde, to discuss the details of this disaster, what measures you can take to prevent it, and how ThrottleNet can assist with these efforts.

What Happened?

About 3 weeks ago, a police department in Riviera Beach, Florida suffered from a major breach in their security. Hackers sent an email to one of the department’s employees and a malicious link within the email was clicked on. After the link was clicked, all of the department’s files became encrypted and locked leading to their entire email system being shut down. For the past couple of weeks, this Florida police department has been without any access to their emails or files.

This phishing attack hit the department hard at a whopping $600,000 ransom, that’s roughly 65 Bitcoins. Todd Budde thinks that the ransom was originally low, but when the hackers realized they had a significant hold on the police department, they raised the ransom greatly after the city had to respond.

As technology has continued to develop, so have different means of hacking into systems. Increased hacking and phishing leads to a need for an increase in security. Don’t let your company suffer this costly mistake of not protecting your digital network.

No one wants to go through the trauma of experiencing a ransomware attack. It will cost your company greatly and it is hard to recover from. It is important to understand the most common reasons how a company can get attacked and what to do to stop it from happening again.

The most common reason as to how companies experience a breach in their security is through their own employees’ negligence. The weakest link in the security of your network is the users who are on it. To try and stop phishing and ransomware all together, the best method of prevention is employee training. Developing an ongoing training program for your company will strengthen their knowledge on how to look out for suspicious emails and other tactics on how to avoid security problems.

How ThrottleNet Can Help

Training

The first and most efficient way of preventing any ransomware attack is through employee training. ThrottleNet will provide your company with a training initiative and a variety of high-quality tools to decrease the risk of phishing.

ThrottleNet offers a live simulation that simulates a live phishing campaign against your company with a final report of the outcome. We will evaluate what links your employees click on most often and if there are any specific areas that need to be more closely monitored. We will teach you skills of how to look out for any malicious outside input that may be trying to get inside of your business.

Security Tools

Along with training, ThrottleNet will provide your company with tactful tools to help in the prevention of security attacks. We have tools that will place files within your employee’s folders that will automatically be isolated and locked out of the rest of your network in case a disaster were to present itself. This tool helps in preventing the spread of the ransomware and cuts it off at the source from getting to the rest of the network. Another successful tool that we offer at ThrottleNet is DNS filtering which prevents your employees from visiting malicious websites. You have no control over what websites and links your employees are navigating through during the workday. If you are prepared for a disaster such as a ransomware attack, then there will be no disaster.

Again, the advanced tools that ThrottleNet can provide to your company in the prevention of a security attack include:

• Isolation of machines to prevent spread to network
• DNS filtering
• Employee training
• Live Phishing simulation
• Protect users if they are going out to malicious websites

Disaster is never expected and can happen to any business. Be prepared before disaster strikes so your company will not lose money, time, investments, and important data. Take action by increasing your network’s security so what happened to the police department in Riviera Beach, Florida does not happen to you.

If you’d like more information on how ThrottleNet can assist you in avoiding attacks similar to this and how we assist organizations in doing so, give us a call today!

CHECK OUT MORE VIDEOS ON TNtv

What is a VCIO and how do they benefit your organization?
Sure, every ThrottleNet employee is committed to your success, but two are dedicated to your business full-time. Your vCIO (virtual Chief Information Officer) and Field Engineer will know your network inside-out. They are your primary contacts and will provide ongoing strategic direction and tactical support.

Video Transcript

What is a vCIO and how do they benefit your organization?
Sure, every ThrottleNet employee is committed to your success, but two are dedicated to your business full-time. Your vCIO (virtual Chief Information Officer) and Field Engineer will know your network inside-out. They are your primary contacts and will provide ongoing strategic direction and tactical support.

Transcript

In this week’s episode of part of TnTV 3Q’s, we will be discussing all about a vCIO and what it can do to benefit your company. Paired with each solution that we manage there is a vCIO. Continue reading to learn more about what a vCIO is, the benefits of having a vCIO and what happens if your company does not have one, and the importance of having a dedicated vCIO.

 

What is a vCIO?

vCIO stands for Virtual Chief Information Officer. At ThrottleNet, we find skilled talent to act a vCIO for your company since many companies do not always have it within their budget to hire their own vCIO. The vCIO’s we hire are professional and have good personal skills. Most of them have industry expertise and experience in networking. Our vCIO’s have at least 10 years of previous experience and are fully qualified.

The various roles that our vCIO’s conquer include technology consultations, in-person quarterly reviews, and act as your company’s personal advocate.

Roles of a vCIO:

• Technology consolation
• In-person quarterly reviews
• Your advocate

During the technology consultation, the vCIO will speak about how to administer your network and properly take care of it along with discussing new and upcoming technology trends such as new techniques to be aware of. The quarterly reviews will be taken place quarterly and the vCIO representative will come to your office to talk about all the statistics of your network in detail.

These details will include areas such as your patch history, status, and any updates that need to be installed. The in-person reviews are great to find out what exactly the vCIO is doing for your company like what viruses or security threats they have stopped, etc. Having a vCIO is like having a personal advocate for your company to oversee and monitor all digital aspects.

What happens if you don’t have a vCIO?

If your company does not have a vCIO there will be no technology plan set in place, no advocate, and no knowledge accessible of network activity.

With no vCIO, comes no:

• No technology plan
• No advocate
• No knowledge of network activity

Without a solid plan for your technology and network system, there will not be any organization or goals. Your company will not have an advocate to make sure everything is running smoothly with your network or monitor for any potential issues. If there is no vCIO in your company, you will have to trust that your employee is not misleading.

A vCIO will bring you updated reports that will let you know exactly what is happening within your company’s network. The vCIO’s we hire at ThrottleNet have experience working with many different customers within many different fields so you know their knowledge base is backed up. Bring the best practices to your network to strengthen it through the use of a vCIO.

 

Importance of a Dedicated vCIO

Having a vCIO means you get dedicated, personal assistance on all things network technology. A vCIO is your advocate, not just an engineer. If you have questions or concerns, you will always have someone to contact who specializes in creating the right solutions for your specific company.

Our vCIO’s do not work on commission, so you know there is no alternative motive for their work. The vCIO understands the details of your company and genuinely wants to see it flourish. You will get increased security and unlimited support with a vCIO who is highly skilled in working with real clients of all types.

To refresh, let’s highlight the main importance of having a vCIO:

• The owner will be limited on time
• Engineer not advocate
• Sales think in commissions
• Increased security
• Can be unlimited support

At ThrottleNet, we take pride in our network security and management capabilities and we hire the most trusted individuals to help portray that. If you want to have personal technology consultations, in-person quarterly reviews with detailed reports, an advocate for your technology plan, and a detailed knowledge base of your network activity we strongly suggest getting a vCIO for your company.

We look forward to seeing you next time on TN 3Q’s. If you have any more questions or want to learn more about our vCIO’s, contact us now!

CHECK OUT MORE VIDEOS ON TNtv

Do you need to upgrade your entire server environment to Azure at once, or can you do it progressively? In this episode of TNtv 3Qs Sales Director, Chris Montgomery and Cloud Services Manager, Aaron Oliver continue to part 3 of our Azure series. They explore how companies can migrate their current server environment to Azure without disrupting workflow. Learn more about creating a hybrid environment with Azure & ThrottleNet in this week’s episode.

Video Transcript

In this episode, we are discussing how you can upgrade your entire server environment to Azure without moving it all at once. Your organization has the option of applying Azure solutions progressively or whatever best fits your needs. ThrottleNet’s Sales Director, Chris Montgomery and Cloud Services Manager, Aaron Oliver continue discussing the Azure series and how companies can infiltrate the server environment that they currently have seamlessly into their daily workflow. Read more to learn how Azure can benefit your organization and how you can migrate to an Azure server environment form your on-premise server environment.

All or Nothing?

• If a business wants to start moving more towards Azure, do they have to take their entire server environment and push it up there?
  Or is this something they can do in pieces and dip their toe in the water to see if this is something that will work well for them?
• Answer: That’s the beauty of Azure. You can move all of it or just move individual servers or services
• With Azure, you can create a virtual network that will have a VPN connection just like if it was another office, so your on-prem infrastructure can “talk to” the new infrastructure that you put in the Azure environment to give you a seamless transitions (gives you the option of having servers in-site and/or servers in the Cloud)
• It all acts as one large infrastructure in a hybrid environment
• The Gradual Approach: crucial servers & services can be moved to Azure’s Cloud while keeping others on-site

Would a User Notice Any Difference?

• User Experience: Seamless transition with the same applications and services
• Answer: No, from a user’s standpoint they would still be using the same applications and services just like they were connecting to the original on-premise services
• As you move those services to the Cloud, the user’s really shouldn’t notice a difference if it’s done correctly.

Given the fact that they can move in sections to do whatever they want to do,
Where’s a Good Place to Start?
Depends on the organization and what their needs or decisions about how they are going to move are made.
We are seeing a lot of clients decommission their file servers and move to Azure’s Active Directory along with OneDrive and SharePoint to facilitate those file server needs to eliminate the need for remote workers to have VPNs

Where to Begin:

• Decommission file servers
• Move to Azure’s Active Directory
• OneDrive & SharePoint
• Remove required VPNs
• Sync local active directory with Azure active directory so you can keep all of your permissions and security roles intact as you make this move from on-prem to cloud
• From there you can do whatever you want. You can pick out individual applications that you’d like to move to the Cloud (moving entire server or just the application itself)
  The same thing goes for SQL servers, you can move the SQL server as it sits on prim to a virtual machine in the Cloud
  Or if your application allows it, instead of paying for an entire virtual machine in the Cloud, you can just pay for a SQL database in the Cloud & then have your application that you moved to the Cloud talk to that SQL instance without ever having a virtual machine at all, it can be serverless.

Things to Consider:

• Can access your apps anywhere
• Can move SQL server
• Can lower costs & exposure
• May not need a server altogether
• As you move certain pieces, you may find that you can do certain things without servers and other processes for your business that might require a server on the backend can be moved in chunks as well.
• Whatever fits your needs and benefits your company the greatest
  **Increase efficiencies by moving apps to the Cloud, and reduce capital costs by not replacing end-of-life servers.

Why Move?

• Now that we understand where you might want to consider starting, what are some of the benefits a company should expect to derive?
• What it means to your business:
  -Reduce capital expenditures
  -Reduce server maintenance costs
  -Removes warranty renewals
  -Reduces data center hosting costs
  -Increase the server security
  -Meet your compliance requirements
  -Scalability drastically improved
  -Only pay for what you need
• Get you out of the hardware purchasing & hosting business
• Reduce the maintenance on all those physical servers, Microsoft now takes care of al that for you when your servers are in Azure
• Reduce some of your power consumption costs if you’re having to rent a data center for some of your servers now, some of that cost would get rolled up in your Azure per-month pricing
• Also going to increase the security that’s available to your organization, won’t have to worry about access to a shared data center
• If you’re a company that has compliance requirements, Microsoft has documentation that they will provide to partners and vendors if needed for any kind of audit that you might have to undergo
• In general, you will only pay for what you need
• Instead of scaling up those big hardware stores, it’s going to allow you to pay for what you need & not pay for things that you aren’t using or for servers that may sit in the background and do nothing

If you have any questions of how to create a hybrid environment solution or how the Azure solution and ThrottleNet can assist your organization, contact us today.

CHECK OUT MORE VIDEOS ON TNtv

Holiday shopping is in full swing and 'tis the season for holiday scams. In this TNTV Alert, sales director, Chris Montgomery provides tips to know if the retailer you are shopping is legitimate. Be sure to double-check retail sites to make sure you don't fall victim to holiday cybercrime.  

Video Transcript

My name is Chris Montgomery and welcome to this TN Alert. Tis the season again, Christmas is upon us and along with it, online shopping and the potential for being scammed. So what can you do to ensure your able to get something for everyone on your nice list without being compromised by someone on the naughty list? Here's how to make sure the Retailer's legitimate before you make a purchase. Check out online reviews by searching the BBB website for negative reports or complaints about the online retailer just be aware that some are foreign based, so a search might not yield anything. You can also search the domain name with a quick Whois search. Look for how long ago the site was registered, and perhaps consider an unknown merchant that has a more recently registered site as being more or less suspect. Do a Google search to see what reviews or news stories, good or bad, turn up about the retailer. Keep in mind that positive reviews can be easily faked and a lot of negative reviews should be a red flag. Another thing you can do is look for clues on the website such as scrolling down to the bottom of the site and look for the about us or contact us section. Most legitimate sites will show a physical address and a phone number. Plug the physical address you find in Google maps to make sure the location looks like some place a legit business might operate as opposed to someone's house. Call the phone number to see whether someone answers or do a reverse phone lookup. Another thing you can do is examine the writing and the URL by taking a close look at how the website is written starting with the URL and onto the product and customer service pages. The URL is Important because in a version of online shopping scams fraudsters sometimes create facsimiles of familiar websites. Look closely to make sure the business name is correctly spelled and if there aren't any extraneous characters. The URL shouldn't be overly long or complicated. For example, if you're shopping on Amazon, the URL should read amazon.com not Amason.com with an S and not amazon.com/payments/toys/holiday shopping. Finally look for seals of approval the retail sites home screen might display a seal of approval from organizations that vouch for the Retailer's reputation or responsible data collection practices. Such as the Better Business Bureau seal, the TRUSTe certified seal or the Norton secured seal. Of course logos can be faked meaning that isn't a Flawless guarantee, but at least it's a positive sign if the retail site has some seal of approval from reputable organization. In closing and when making a purchase always make sure there's a padlock symbol that is used to indicate that a site securely protects your payment information, as something scammers have been known to copy. Trust it only if it appears in the same field as the URL which should begin with https, which stands for hypertext transfer protocol secure with the S standing for secure. Thank you for joining me today on this TN Alert. If you would like more information on how ThrottleNet can help you and your business, please reach out to us today at 866-829-5557 or visit us online ThrottleNet.com

CHECK OUT MORE VIDEOS ON TNtv

If you’ve been listening to the Dave Glover Show on FM NewsTalk 97.1 recently, you might have heard a familiar name during the commercial break. That’s right, Dave was talking about ThrottleNet and how we’ve saved St. Louis area businesses more than $2.6M in potential ransomware losses this year alone. Think you missed it? No, you didn’t! Catch the clip again right here.

CHECK OUT MORE VIDEOS ON TNtv

Doing business with customers generates sales and vital data. It’s information that you worked hard to collect and use to grow your business. However, predators are lurking around your small business, and cybercriminals are working hard to accessyour data through vulnerabilities in your network, website, and emails. Learn more from sales director, Chris Montgomery, on how to prevent your small business from becoming fish bait.

CHECK OUT MORE VIDEOS ON TNtv

In this episode of TN Knowledge learn how to use the Windows 10 Night Light.

Video Transcript

Welcome to TN Knowledge!

Today I'm going to show you how to use the Windows 10 Night Light feature.

The purpose of the Night Light is due to the fact that your monitor will normally display blue light.

This is the kind of light you see during the day. This is what can keep you up at night when staring at electronic devices. In order to turn the Night Light on, simply click Start, type “night” and you will see the option to click Night Light. Go ahead and select it here.
You can set the hours and also the strength of the light. To test it, click turn on now and the monitor, if it's supported, will display warmer colors. Turn off to turn it back to its original state.

Thank you for watching. We look forward to seeing you next time.

CHECK OUT MORE VIDEOS ON TNtv