IT Connect Newsletter

by

Professional Businesses Deserve Professional Setup

Watching a business grow is as satisfying as it is rewarding. Whether opening a new office, starting a new department, or bringing in a new employee; it’s a positive step in the right direction. Upward growth often requires new office tech and IT changes to bring new staff fully online.

At a minimum, a new computer will be needed for employees to get started quickly and hit the ground running. New staff or an entire department may require a server, printer, or additional networking hardware to cope with extra demand.

A tech smart business should give careful consideration to how it sources and sets up its hardware and software. It can be tempting to pick a simple solution off the shelf from the nearest retailer.

Modern manufacturers often make it easy to get set up with a new device straight out the box. Using default settings and a simple setup means a laptop or tablet can be just plugged in and it’s ready to go, right?

Unfortunately, setting up technology to create safe, secure, and reliable business services requires a little more detail.

Setting Up Tech For Business

The hardware you have is at least as important as the hardware you buy. It’s important to ensure new tech on the network is compatible with your existing business systems. Adding the wrong solutions to accommodate new employees can slow down the system for everyone.

Many firms talk themselves into buying the most expensive, or heavily marketed system on the market. Buyers often feel confident that the high price tag and slick design means it’s guaranteed to work with anything you put to it. We wish that were always the case.

Without an eye for fine detail and good IT knowledge, combining certain solutions can cause a significant network slowdown or even fail to work together at all.

Consistency Is Key

It can seem easy, and tempting, to buy technology based on offers and deals around at the time you need it. Some companies do this to save money short term, building their systems using a mixture of hardware from various vendors and manufacturers. When thinking long term, this approach might not get you the great deal that you think.

Mixing suppliers alone can make it difficult to track where components came from in the coming months and years. Warranties, service agreements, and support can become hard to track down when parts fail and hardware dies. Money spent securing your business against failure is completely wasted if you can’t find the right paperwork at the right time.

Sourcing replacement parts and supported peripherals can be made more difficult when components are mixed too.

Planning ahead and purchasing identical hardware can make swapping components fast and straightforward. When systems are consistent, both parts and knowledge can be shared throughout the entire business. A smart decision today can eliminate costs, time, and headaches further down the road.

Unexpected issues appearing at the last minute can have large consequences on workload and deadlines. Sharing everything from chargers to memory can help to reduce and mitigate IT risks. Consistent hardware, swappable components, and even considering a supply of spares can take care of many potential headaches.

Smooth Onboarding

In business, first impressions are critically important. Whether setting up a new office or getting an employee ready to start, a professional attitude goes a long way. Good IT that’s ready to work sets a professional tone to carry your business forward.

IT that supports and enhances operations is infinitely better than IT that gets in the way. Using consistent and well-known solutions in the right way avoids wasting time, maintains performance, and reduces costs where it matters.

Our goal is to ensure your hardware meets your business needs. A professional setup ensures your IT is consistently improved while you watch your business flourish and grow.

Give us a call at  (416) 645-2469, (905) 667-0441 or email us for a professional setup to make sure nothing stands in the way of growing your business.

by

What Hackers Target In Small Businesses

Hackers today have many ways to attack small businesses and business owners. Many attempt to use technology to send malware, viruses, or phishing attacks; or use information to con owners and employees into handing over more information than they should.

One or more of these techniques can be combined with gaining physical access to steal from vulnerable firms. Identifying precisely how criminals target businesses and what they deem most valuable can help to protect from the most devastating attacks out there.

Remaining vigilant and informed is one of the most vital things you can do as a business owner to protect your assets and reputation.

Extortion

Different types of attacks tend to rise and fall in popularity. Fifteen years ago, computer worms were the most common attack that businesses faced. Security software wasn’t as advanced or as widely used at it is today. Computer worms were, at the time, an exceptionally low-cost and efficient way to inflict the maximum amount of damage for minimum cost.

Today ransomware has seen an unfortunate boom in popularity. This technology aims to encrypt the target’s files on their personal computer. This technique denies the victim access and charges a large fee in exchange for the key to retrieve the victim’s own data.

The attack has worked so often because it requires minimal effort and can be used again and again. Many businesses have no option but to pay because the data is worth far more than the ransom demand the hackers have made.

The best defense against ransomware attacks, in addition to strong online security, is an up-to-date offsite backup — one that is tested to work reliably.

Targeting Customer Records

One of the most important things for your firm to take care of is your customer data records. Records which include names, dates of birth, and other personally identifying details. These details are extremely valuable to hackers or criminals who, either use them personally or sell them on to someone who will.

Many regions have strict laws and guidelines about how this information must be stored, accessed and protected. Failing to follow these can result in severe penalties that could devastate any company.

Targeting Financial Information

Like personal information, a small business must take extreme care when storing customer financial information. Sensitive details such as credit card or banking information are a key target for hackers looking to steal money fast.

The impact on your business reputation following a breach of financial data will be severe and devastating. Even a simple mistake can require years of advertising and great PR to repair. Many firms have failed to recover after losing the trust of their customers.

Social Engineering

Most firms today run good IT security packages to protect against online attacks and other forms of malware. Attackers often know to take their methods offline to achieve the best results.

Whether posing as a supplier, customer, or interested party; attackers can seek to gain information that you may be less than willing to hand over to a stranger. Small businesses can often be used to gather information on vendors and suppliers they do business with in order to attack them too.

Be particularly cautious of the information you provide when discussing business with individuals you haven’t spoken to before.

Keeping Small Business Safe

Each of these targets and attacks are just some of the most popular and hard-hitting attacks out there now. The list is forever changing, and the methods we use to protect against them always needs to change too.

Some can be defended against with great security, backups, and software. Others, such as social engineering, need you and your staff to stay up-to-date and remain vigilant about the major attacks affecting small business today.

If you need help tightening your businesses security, give us a call at (416) 645-2469, (905) 667-0441 or email us.

by

Time to Refresh Your Passwords

We often tend to be creatures of habit, particularly when it comes to technology. Passwords are a prime example. Many of us use the same logins for multiple websites and applications because we don’t have a photographic memory. A large percentage of users aren’t aware that this is one of the most significant security dangers they can face online. It has a simple fix too.

Regularly, in the news today, there are stories about major companies being hacked, their customer data stolen, and their customers left stranded. Hackers commonly use data stolen from one site to access others where login credentials have been reused between accounts. In some cases, access to bank accounts has been gained simply by using a compromised email account.

Businesses and individuals can face significant losses simply because a third party outside their control has been hacked or compromised.

The Danger Of Old Passwords

MySpace is a key example of why old and possibly forgotten services pose a security danger when passwords haven’t been regularly changed. Once a thriving popular network, the use of MySpace services declined drastically from 2007 onwards. While many people moved to new social networks, old accounts typically remained abandoned on their servers. Hundreds of millions of accounts remained on MySpace servers many years past the firm’s peak.

In 2016, MySpace suffered a data leak which exposed usernames, emails, and passwords of 360 million user accounts. Shortly after the hack, these details were published online for anyone to see. Many were used to access email accounts, servers, and accounts that shared the same details.

Shared Responsibility

Even if you have never had a MySpace or social media account personally, how many of your employees or coworkers have one or more? Many have had more social media, forum, or game accounts than they care to remember. Have their passwords been updated since 2016?

Your business network protects your systems, work, and intellectual property. For many firms it’s the single most critical component, the backbone to business operations. Keeping it secure regardless of the number of people, staff or clients using it is a crucial task.

Consider how many people currently have access and how many of those may reuse their password on another website or service. Just reusing your password once can expose you to the hacking of a third party entirely out of your control.

Password Management

Good security practice is to use a unique and strong password for every login you use. A strong password should include, where possible, capital letters, lowercase letters, numbers, and character symbols. Many consider this impractical or even impossible, but it is entirely achievable for every firm.

It is clearly impossible to manually remember a strong password for each one of the dozens of logins needed today. Few would even attempt to. A password manager makes storing, retrieving, and using unique passwords easy.

When using a password manager, an individual is required to remember only one single strong password to access a database which contains a different login password for each service. This database can be synced between multiple devices, saved and backed up to the cloud, and even used to create strong passwords for you.

Strong Protection

Password managers can be used to implement security policies that demand zero password reuse, between services or over time, and set strict limits over the duration a password can last. With the right policies in place, both your business and your employees are protected against attacks from hackers that have compromised third-party sites.

The maximum recommended lifetime of a password for any service is a single year. Make the start of the calendar year the time which you refresh your passwords and start new.

To help keep on top of your security and make sure your firm is safe well into the new year, give us a call at (416) 645-2469, (905) 667-0441 or email us.

by

Preparing Your Business Tech to Start the New Year

Preparing Your Business Tech to Start the New YearThe start of a new year is a challenging time for businesses. It can be a good time to reflect on the wins and losses of the previous twelve months. It’s also an excellent time to take stock and evaluate what your business needs to go forward.

IT demands move at a staggering speed, meaning last year’s tech may not fit next year’s needs.

The new year can bring major change to both the business and the environment it operates in. Regulations, contract terms, and seasonal spending habits mean that adaptations have to be made for continued growth.

A smart business knows how and where to incorporate flexibility to win more business and adapt to a new environment. As we move into the new year, there are fundamental questions we should ask about our IT to ensure we are ready to tackle the next twelve months too.

Is Your Hardware Still Up to The Task?

Businesses are often challenged by their client’s demand for files that seem to continually increase in size and resolution. The storage needed to handle, use, and archive these enormous files appears to grow at a near exponential rate.

Every device today is capable of capturing more data at a higher resolution than ever before. Huge data needs have become the new standard.

The expectation of bigger and bigger data is only set to continue as we progress into another new year. Many clients expect, or demand, exceptional quality from professional services and with a fast turnaround time too.

These competing demands put as much strain on network hardware and computing power as they do physical storage. One of the most important things a business can do when reviewing IT demands is to ensure there are no bottlenecks in the productivity pipeline.

Is Your Backup Reliable and Ready?

Almost every business in the modern day has learned enough to put a backup in place. Whether simply transferring files manually to USB storage, copying documents over to a local server, or saving media to the cloud. However, not every business is testing their backups. Fewer still are testing them reliably.

A backup is only as good as what we know can be reliably restored from it. Cases have emerged where big-name firms had famously believed they were backing up successfully for months or years, only to find out their backup was failing when they really needed it.

Whether impacted by missing assets, unable to transfer files, or affected by corrupt data, an untested backup may be as useful as not having any backup at all. A critical goal for the safety and reliability of any business should be to have dependable backups that are tested at regular intervals.

Is Your Compliance Still Up to Date?

Nearly every business in the world has compliance and regulations standards it must adhere to if it is to keep its position in the marketplace. These may be industry specific such as medical or automotive certifications, or regional protections such as data protection regulations.

Requirements for each of these areas change regularly. It is up to each firm to keep on top of both changes to rules and changes to the firm which may impact them.

Changing IT can often impact certifications in a big way. Many feature rules which affect storage, processing, or altering the way in which data is used; it’s essential to check your usage against strict requirements relevant to your business.

While time-consuming and difficult, these checks require a strong knowledge of both the rules and your IT system. The penalties for failure can be severe and crippling. It is a critical area of the firm you can’t afford to get wrong.

If you are looking to boost your business in the new year, check up on your systems and technology, or dust up your certifications to the latest standard: there’s never a better time than now.

Give us a call at (416) 645-2469, (905) 667-0441 or email us to get your new year off to a flying start.

by

Should You Repair, Upgrade, or Replace Your Computer?

Like many valuable things we buy, new computers suffer from wear and tear over time. Our computers are particularly vulnerable as we have placed more and more demands on them every year. New machines have got faster, quieter, more reliable, and more capable over time. At the same time our own computers have begun to slow and sometimes even stop performing altogether.

There are many ways to address the problem of a PC which isn’t quite performing up to the task anymore. Whether frustratingly slow or no longer working; we are happy to take a look. When you bring your computer to us we will diagnose the condition and find a solution that works for you. Often times the simplest solution works best. A complex problem sometimes only needs a simple repair to get your home computer up and running like new again. Whether a small replacement part, loose wire, or bad connection; we will find and fix the problem to give your familiar, home machine a new lease of life.

Many computers come to us running slowly, taking a long time to start up, or freezing when trying to load files and programs. Often owners have reached breaking point and become convinced the machine is fit for only the scrap heap. In many cases, the problem can be pinpointed to a bottleneck in the system. A single, seemingly trivial, part can be holding up the entire system. Amazingly, upgrading just that one component can make the whole machine run like new again.

Adding memory can provide extra space for programs to run faster. Adding an updated, faster hard drive can allow files to be retrieved without delay. In both cases, a low-cost single component can provide a cost-effective solution that makes an old machine like new again.

In some cases, computers succumb to more major faults. A critical part, difficult to replace, may stop working altogether. A failure of the motherboard for example, the backbone that all other components connect to can be expensive, if not impossible, to fix. Typically, with the fast-paced and ever-changing nature of computing, a motherboard will only house computer parts that were manufactured around a similar time.

A motherboard is almost certain to be incompatible with components built just a couple of years before or after its own design for example. Occasionally even a motherboard failure can be resolved too. In these cases we strive, whenever possible, to find a replacement board of the same generation that will work alongside existing components. The result is a cost-effective solution that keeps cost down by saving replacement parts.

In cases where a like-for-like replacement motherboard is not available, many parts of the computer may have to be replaced at the same time. Often replacement costs in these cases can get close to, or even exceed the cost of buying a new machine.

We would always give advice where it makes sense financially and practically to consider replacing an old machine. Often, in this respect, a home PC can be considered a little like a car. Sometimes a simple, non-expensive, easy to replace component such as the window wiper can fail. While a crucial part to be used for driving; it would be silly to suggest replacing the vehicle once it has worn out.

A window wiper may be low-cost and simple to replace, but if the engine were to wear down or break the solution may not be quite as simple. Attempting to make a 30-year-old car as fast, safe, and reliable as a brand new model generally doesn’t make any financial or practical sense. Sometimes the best course of action to save money and avoid breakdowns is a more up to date vehicle.

In computing, many of the same rules hold true. The best solution in each case is always tailored personally to fit you and your own computer.

Give us a call us at (416) 645-2469 to discuss your computer issues. We’ll keep you informed about your machine and advise on the best course of action to get you up and running as quickly as possible.

by

Using Tech to Tailor Your Work Day

Most of us can admit that we have lost track of time during the workday on occasion. Sometimes time can get away from you, particularly when you’re busy. Often you can be running late before you know it and wondering where the day has gone.

Luckily, there is a wide range of technology solutions to put to work helping to put you in charge of your to-do list.

Office 365 Calendar

We’re often guilty of spending the entire day stuck just in Outlook. In addition to taking up your time, there are a range of features that can help you make the most of it too. With simple tools and tweaks, you’ll be able to manage your calendar like a pro.

Office 365 Calendar allows you to make quick changes, alter your diary, and update items on the go. The Calendar interface allows events and items to be picked up and moved to a different time or date with ease.

Many think of calendar packages in terms of old desktop applications of years gone by. Events, once input, were almost impossible to change, alter, or remove. In old applications it was easier to go without a calendar at all than attempt to use the one included.

The biggest advantage Office calendar has is the ability to access and update it from anywhere. With 2-way sync appointments, meetings, and events can be updated anywhere and accessed everywhere. The days of no longer being able to look at your calendar because you’re not at your PC are long gone now.

Today you can add events straight from your email with a simple click. Participants in events can be contacted with reminders automatically. You can even schedule your own reminders before the event too. Using your calendar to stay on top of your day has never been easier.

OneNote

Office 365 additionally offers OneNote too, an indispensable tool that you shouldn’t do without.

OneNote acts as a virtual notebook to keep your ideas, projects, and notes in line. Using OneNote enables you to power-up your text with drawings and diagrams, tailor your projects with color coding, and record your thoughts with media clips all in one location.

OneNote is the ultimate record keeping tool that you simply can’t go into a meeting without. Physical notebooks begin to seem like a relic of the past, limited by old constraints that no longer apply.

Microsoft To-Do

Included with Office 365 is Microsoft’s To-Do application. To-Do offers simple, straightforward to-do list that makes it easy to plan your day.

Whether plotting your school work, planning your projects, or keeping on top of your home life, To-Do is designed to boost productivity and make the most of your time. The simple interface makes it easy to use and the instant reward for checking of tasks makes it well worth your while.

To-Do sorts your tasks into lists, which are combined into a single day view. The view of your day provides a clear, clutter-free list of tasks to be done. The application syncs with all your devices to give you access from anywhere. This empowers you to quickly add, change, schedule, and tick off tasks as you go.

Keeping On Top Of The Day

Losing track of time is easy to do. It doesn’t take much before your day seems completely off-balance and impossible to retrieve. With these tools from Office 365 and a tiny bit of planning, your days can become more productive than ever.

Back on track, you’ll no longer have to spend your free time making up for lost time. Your spare time will be your own again and everyone will wonder how you manage to remain so productive.

Give some tech tools a try today and you’ll wonder how you ever managed without them.

by

Business Tools to Take Your Business Out of The Office

Business Tools to Take Your Business Out of The OfficeBeing engaged in business used to mean staying wired in at the office eight to twelve hours a day. In the modern day, this is completely untrue. Often the most efficient workplace is spread far and wide and always on the go.

Today you can completely unplug from your desk with just your laptop computer and 4G modem. The freedom to work out of the office and even on the move is a huge advantage gifted to modern business. A simple mobile phone tether is enough to work from anywhere in the world.

The Right Tools for the Job

The most important part of working on the go is ensuring you don’t lose touch with your team. Maintaining total collaboration between team members can be tricky. Luckily, there are tools that will help you to stay on top.

Microsoft Office 365 provides the traditional tools and support of Microsoft office, but adds remote team collaboration and cloud support too. Files can be saved into the cloud, worked on, and accessed anywhere for review. At one time, remote working meant taking a copy of a file somewhere else to work. Changes to the original weren’t reflected in the remote copy and at least one version was destined to be lost forever.

Software packages such as OneDrive allow the entire team to work on a single centralized file saved to the cloud. Whether you edit on a beach, plane, or train; your team in the office gets the same version you do, at the same time.

Collaborative Working

The key to remote working is the ability to collaborate in a digital space with everyone at once. Modern software such as Office 365 allows all team members to be working on a single document at the same time.

Whether the project calls for killer spreadsheets, expertly crafted documentation, or a knockout presentation; everyone can pull together and hit it out of the park.

Even when you’re not working out of the office or busy on the road, collaborative software can help to power your team working locally too.

Admin Done Remotely

Modern software has impacted the way in which we do bookkeeping and accounts too.

Similar to being tied to your desk in years gone past; accounting software was once stuck solidly in the desktop too. Previously, batch runs of calculations were required to provide reports on a weekly, bi-weekly, or monthly basis. Today, cloud computing has opened up ways to speed up business in ways we couldn’t have imagined.

Cloud-based accounting packages such as Xero or Quickbooks Online allow for your accounts to be done remotely. Moving the resource and strain out of your firm takes it out of sight and out of mind.

Security and maintenance of your accounts databases, for example, falls to cloud professionals instead of your business. Rather than waste company time on submitting documents and calculating taxes they are done in the cloud and submitted to you instead.

Make your Accounts Work for You

Maintaining your accounts is made as simple as logging into a single portal. This tool allows you to take both your admin and your work out of the office and keep it on the go.

By the time your accounts are due, your accountant simply has to log in remotely and pick up where you left off. By the time taxes are due the work is done and you can get on with the important things.

Getting work done out of the office and on the go is a huge boost to productivity. Modern technology enables you to keep team members up to speed, continue collaborating, and even stay on top of your accounts from anywhere in the world.

Give us a call today at (416) 645-2469, (905) 667-0441 or email us  to talk about how we can help you unwire from the office.

by

5 Red Flags of Phishing Emails: Think Before You Click

5 Red Flags of Phishing Emails: Think Before You ClickA single click can be the difference between maintaining data security and suffering massive financial losses. From the moment just one employee takes the bait in a phishing email, your business is vulnerable to data breaches and extensive downtime.

Quickly spot the red flags and put phishing emails where they belong:

1. Poor spelling and grammar While occasional typos happen to even the best of us, an email filled with errors is a clear warning sign. Most companies push their campaigns through multiple review stages where errors are blitzed and language is refined. Unlikely errors throughout the entire message indicate that the same level of care was not taken, and therefore the message is likely fraudulent.

2. An offer too good to be true Free items or a lottery win sure sound great, but when the offer comes out of nowhere and with no catch? There’s definitely cause for concern. Take care not to get carried away and click without investigating deeper.

3. Random sender who knows too much Phishing has advanced in recent years to include ‘spear phishing’, which is an email or offer designed especially for your business. Culprits take details from your public channels, such as a recent function or award, and then use it against you. The only clues? The sender is unknown – they weren’t at the event or involved in any way. Take a moment to see if their story checks out.

4. The URL or email address is not quite right One of the most effective techniques used in phishing emails is to use domains which sound almost right. For example, [microsoft.info.com] or [pay-pal.com] Hover over the link with your mouse and review where it will take you. If it doesn’t look right, or is completely different from the link text, send that email to the bin.

5. It asks for personal, financial or business details Alarm bells should ring when a message contains a request for personal, business or financial information. If you believe there may be a genuine issue, you can initiate a check using established, trusted channels.

While education is the best way to ensure phishing emails are unsuccessful, a robust spam filter and solid anti-virus system provide peace of mind that your business has the best protection available.

Give us a call at (416) 645-2469, (905) 667-0441 or email us to discuss how we can secure your system against costly phishing attacks.

by

 

Marriott Hotels Exposed 500 Million Customer Records. Make Sure Your Business Doesn’t Suffer the Same Fate.

Up to 500 million travelers could be compromised as hotel chain Marriott International have announced a security breach in their guest database. Analysts recently alerted the firm to a vulnerability that has granted hackers access to the hotel chain’s systems since 2014.

The firm announced their Starwood Preferred Guest (SPG) loyalty program was compromised for an extended period which left customers vulnerable. The exploit exposed critical guest information which included names, addresses, passport numbers, and dates of birth. Marriott also announced an unknown number of customers had encrypted credit card details stolen in the attack.

If you have been a member of Marriott’s Preferred Guest Program or a customer of Marriott hotels in the past, you should take steps today to ensure your data security. By doing so, you can protect your finances, prevent identity theft, and defend your data from attackers looking to exploit an opportunity.

Secure Your Data

Changing your Marriott password should, of course, be the first step to protecting your accounts. Even more importantly, sites where that same password may have been reused should be updated with new credentials too. Hackers commonly try details stolen from one site to access popular services and pages. We encourage everyone to use a password manager to store their details for safe use in the future. A good password manager enables unique, random, and strong passwords to be used with ease for every single website.

While we can’t stop hacks on systems outside of our control; we can defend our other accounts from being accessed by criminals.

With secure password management, attacks on your business services or related accounts from a single hack are made impossible.

Performing Damage Control

The damage to the Marriott International brand following news of the leak will be undoubtedly huge. At a minimum, they have lost the trust of their customers worldwide. Asking customers to leave their personal and financial details again to pay for goods and services will be no small feat.

News of the hack made front page news as it broke, further damaging the firm’s reputation among potential future customers too. As a result of a simple security attack, Marriott International will be forced into damage limitation to keep customers returning to the brand. This is why business security matters to us; when done right it’s cheaper by far.

The total cost of this latest attack won’t be known for years to come. The firm is vulnerable to lawsuits worldwide, in some cases liable for financial losses, and required to purchase identity monitoring and security services for affected customers. Business owners can learn from Marriott’s costly lesson.

Stopping an Attack in its Tracks

Marriott’s security breach was recently discovered, hitting the headlines just this week, but the firm admitted unauthorized access took place since 2014. This means the firm had a security hole for four years that they were unable to detect or patch.

For a firm of any size, this should be unacceptable. As business owners, we shouldn’t accept security vulnerabilities that leave our records, finances, or services open to hackers. As customers, we shouldn’t accept our data being treated so carelessly. The recent Marriott hack underlines the need for businesses to maintain constant network monitoring, regular security updates, and a lockdown on data access.

Protect Your Business and your Customers – Any business can find their systems vulnerable to attack at some point. Whether waiting for updates, a newly released zero-day hack, or malicious employee; responsible firms take steps to limit their liability.

As a rule, staff accounts should be locked to only the systems the regularly need to access. Similarly, customer data should only be open on an as-needed basis when a legitimate requirement exists. These steps, alongside systems and data monitoring, prevent a small-scale attack resulting in an enormous data breach. Strong security enables customers to place and maintain their trust in a brand they can keep coming back to again and again.

If your business could use a security update to protect against a Marriott style attack in the future, give us a call today at (416) 645-2469, (905) 667-0441 or email us.

by

Should You Pay for a Ransomware Attack?

Should You Pay for a Ransomware Attack?Getting hit with a ransomware attack is never fun, your files get encrypted by cybercriminals and you’re left having to decide: should we pay to get them back? It’s a scene that’s played out across the world with 70% of businesses saying ‘yes’ in 2016 alone. Here’s what you should consider if you’re ever in this situation.

Do you trust them?

Besides the fact that they’re criminals holding your data hostage, how confident are you that they’ll send the decryption key? Most attackers demand you send the payment via untraceable Bitcoin, so you have no recourse if they take it and run. You’re also equally trapped if they decide they asked too little and come back with increasingly higher demands. If they do send the decryption key, be aware they still have access to your systems and can hit you again at any time until your network is disinfected by experts. Businesses don’t exactly want their breach publicized either, so many don’t admit to paying the ransom, whether it went to plan or otherwise.

Can you manage the impact?

Best case scenario, you can wipe the affected drives and restore from a clean backup without paying the ransom. You might even decide the encrypted files aren’t that important and simply let them go, or even wipe a whole laptop or workstation. On the other hand, if your data management comes under any special regulations, like health or legal, you may find the attack has a much wider, more intense impact. The attacker will usually give you a countdown to motivate a payment, with a threat of deletion when it hits zero. If the data isn’t that valuable, or you have confirmed backups, this urgency has no effect. There are also new types of ransomware like KillDisk which can permanently wipe your entire hard drive or even network.

How much do they want?

Cybercriminals rarely send out global attacks with set amounts, instead, they prefer to customize the ransom based on how much they think you can pay. Large corporations and hospitals are hit with very high demands, while small business demands are more modest. They may be criminals, but they’re smart people who know your financial limits. They’ll also consider how much similar businesses have paid and how quickly, then expect you to follow suit.

Are your backups good?

Many businesses are discovering too late that their backup systems aren’t robust enough to withstand this type of attack. Either they’ve become infected too, they weren’t up-to-date or they backed up the wrong data. It’s worth doing some quick checks on your backup processes as even if you have to take the system down for a day as you recover, you’re still light years ahead of those without them.

What’s your policy?

More and more often, businesses are adding ransomware to their disaster recovery plans and having predefined actions mapped out. Seemingly simple inclusions like who has final say over the payment decision can stop chaos in its tracks. Employees and management alike can then approach the situation calmly, ready to make the best decisions for the business.

Stay safe in the first place

Ransomware is showing no signs of slowing down. As more businesses keep them funded the cybercriminals are steadily launching new attacks and making it their full-time job. Most attacks come via phishing emails – those emails that trick employees into clicking a link – and they can be extremely convincing. While training helps people spot them, it’s no guarantee. We recommend using business-class spam filters to catch these types of emails before they land in your employee inboxes so that triggering a ransomware attack becomes something that happens to other businesses, not yours.

Secure your data systems now, we can help! Call us at (416) 645-2469, (905) 667-0441 or email us.