Phishing remains one of the most dangerous threats to individuals and businesses alike. It’s the number one delivery method for malware, spyware, viruses, password theft, and multiple other types of online attacks.

The fake email has been around since the early days of the internet and those “Nigerian Prince” scams. The early forms of phishing would be long rambling emails that spoke of some immediate hardship that the sender needed the recipient to help them out of, promising a huge reward.

Today’s phishing is much more sophisticated and designed to look exactly like emails that come from sites like Amazon, UPS, or your bank. They use the images and signatures of these companies and are designed to fool the recipient into downloading malware or visiting a link to a malicious website.

Phishing has been such a successful way to deliver online attacks or gain access to login credentials, that it continues to increase. In the 2nd quarter of 2021, phishing email volume rose by 281% in May and by another 284% in June.

Of all the IT security solutions your company can take to help ward off the impacts of phishing, employee awareness training is one of the most important. 

Why Employee Phishing Awareness Training is Important

Employees are directly targeted in phishing attacks. The fake emails come into their inboxes and are cleverly disguised.

Phishing emails can look like just about anything, including:

• Request from the HR department for payroll details

• Shipping notification

• Purchase order from a customer

• File sharing request from Microsoft 365 or Google Drive

• Holiday party survey

• Warning from a cloud vendor about an account problem

• Security notification from the bank

• Fake password reset scam

• And many more

Without proper awareness training that’s conducted regularly, employees can often get fooled by phishing emails. Just one click on a phishing link is all it takes for your entire network to get infected by ransomware or your database of customer information to be breached.

Studies show that with proper employee security awareness training, cybersecurity risk can drop by as much as 70%.

One of the most important things to train employees on is how to spot fishing links in an email.

Tips for Spotting Phishing Links

A majority of phishing emails use links instead of file attachments. This is because a link does not contain malware, so it can get past most antivirus applications.

These links take users to malicious sites that can do an immediate injection of malware into their devices. They can also take users to a spoofed login page that looks like a legitimate site. The user enters their password, and the hacker immediately steals those login credentials and uses them on the real site.

Because links are used most often in these types of attacks, users need to know how to spot them. 

Hover Over the Link, But Don’t Click

The quickest way to uncover a phishing link is to hover over a hyperlink with your cursor without clicking on it. This will pop up a small box that contains the actual URL. This works on text links as well as image links.

You can see in the image below that this fake order confirmation that was personalized with the person’s name and company, isn’t actually from Amazon at all. Hovering over the URL reveals an address at bobin-head.com.

Here is another example that is pretending to be from AT&T and uses a convincing email to fake the look of the company’s actual emails. Again, hovering over the link, the words “right here,” shows this is phishing.

Avoid Shortened URLs

When you’re looking at your email or a strange text message on a mobile device, it’s not possible to do the hover action like you can when using a mouse. In this case, you need to look for other signs of phishing URLs.

One of these is the shortened links that use “bit.ly” or another similar form of obscuring the longer URL.

Here is an example that Malwarebytes has posted on their site as a warning.

You should avoid clicking any links from your mobile device that are shortened unless you are 100% sure that the sender is legitimate.

View the Source Code of the Message

Another way that you can spot malicious phishing links in an email is by viewing the message source code in your email application.

This shows the raw code behind the email and will also include the URLs used for any links. It can be more difficult to read through all the code, but you can look for any “http:” or “https:” notations that proceed a link to find them.

Here are the instructions for doing this in Outlook.

Get Help Protecting Your Company from Phishing 

BrainStomp can help your company with several phishing safeguards, including employee awareness training, DNS filtering, and more.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

The most insidious phishing scams are usually those that fold themselves into the flow of the common types of emails we receive every day.

For example, if you get a fake receipt from a retailer that you’ve never done business with, you’re likely to stop and examine that further before taking action. But if you get a request for a password reset, something that people may get a few times a month legitimately, you may be more likely to believe it and click the link.

Phishing scammers are always looking for ways to get past IT security, especially when it comes to cloud accounts. Companies are now keeping most of their data in the cloud and powering their operations through cloud software. 

All a hacker needs to gain access to multiple company resources is one user’s login credentials.

77% of cloud account data breaches are due to compromised passwords.

Credential theft has been on the rise as companies have come to rely more on the cloud, and this had led to one of the most dangerous types of phishing emails – the Password Reset Scam

How Does the Password Reset Scam Work?

In a large company, it’s not unusual for a security policy to be put in place that requires users to change passwords after a certain period. This may be done automatically by an administrator, and users all get a password reset email.

What the fake password reset email scam does is mimic this common activity. Only it sends the user a fake request to reset their password on a specific account in order to steal those login details.

Scammers send these emails for multiple account types and may even have some information from another source that allows them to target you with a particular type of email. For example, if they’ve breached a list of “ABChost” website hosting customers, they may send all those customers the fake password reset for their account on that service.

This is what happens on the user’s side:

• The user receives an email that appears to be from a sender they recognize. It might be their own organization, a SaaS provider, or another type of account.

• The email requests that the user reset their password for some reason or log in to “verify” their account.

• If the user clicks the link, they’re taken to a page that looks identical to the login page they’re used to seeing.

• They’re asked to input their username and password and then may be prompted to put in a new password.

• The form is fake and it’s only designed to steal the user’s login.

• It may be hours or days before the user realizes their account has been hacked.

Types of Password Reset Scams to Watch Out For

Microsoft Account Password Reset

A popular scam email appears to be from Microsoft asking a user to reset or re-validate their Microsoft 365 account. One that’s been going around says:

“Please complete your account verification and re-validate account ownership security. To help keep you safe, upgrade to a more secured outlook account platform.”

The fake email includes a Microsoft support address in the “from” line and a signature that looks legitimate, with links to a privacy notice and acceptable use policy.

Netflix Account Password Reset

Here’s an example of a Netflix phishing scam shared by Mailguard. It looks like a legitimate email from Netflix and will even take the user to a page that looks just like the Netflix login page.

But it’s designed to steal the user’s credentials, just like other scams. Notice how the email itself doesn’t mention password reset. This could be to get past newer spam filters and to keep the user from immediately getting suspicious. Of course, when they click “verify now,” it takes them to a page where they must log in.

Fake phishing email

Social Media Account Password Scams

The password reset scam is also prevalent over social media. Scammers know that most people have at least one social media account, so it’s easier for them to send a message that would be appliable to the user.

They’ll send fake password reset or password verification emails that look to be from Facebook, Twitter, Instagram, LinkedIn, and other platforms.

How to Spot a Fake Password Reset Email

This type of phishing scam can appear to be from any type of account. Your work email account, business SaaS platform, online retailer, bank account, and any other account that you log into online.

Here are some tips to help you spot a fake.

Look for any slight inconsistency: This can include something as small as the word “outlook” not being capitalized in an email purporting to be from Microsoft. A major corporation would not forget to capitalize its application names.

Double-check the email header: Email spoofing is a common trick to get a user to think a fake email is legitimate. Don’t trust what you see on the “From” line. Go into the email header code to see if the address matches what’s shown.

Avoid clicking any links: If you’re unsure about a password reset email, go to the account in question by typing the URL in your browser and NOT by clicking the link in the email. You can contact support for the site to see if you truly do need to do a reset.

You can find more tips for spotting fake emails here.

Looking for Solutions to Combat Phishing & Spam?

Reducing the number of phishing emails that make it into your inbox significantly reduces your risk of an account compromise. BrainStomp can help your business put intelligent email filtering in place to reduce phishing and spam.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

Have you ever had a phone or laptop casing crack even though you never dropped the device? This could be a sign of a dangerous occurrence – a bulging battery. 

Offices are largely relying on mobile technology solutions these days. This includes more reliance on laptops, tablets, and mobile phones. Most of these devices use lithium-ion and lithium polymer batteries. 

Mobile devices make up approximately 60% of the average company’s endpoints. 

A serious problem that these types of batteries have is the possibility of a bulge, where they can get nearly double in size. This bulging is caused by excessive heat that produces a build-up of gas. The gas build-up causes the battery to grow in size and bulge out.

Common causes of this problem include the lack of a “smart charger” on the device which stops the flow of electricity when the device is at 100%. Overcharging is a common cause of bulging batteries.

Another cause is simple overheating which can come from multiple causes. This includes things like exposure to high temperatures (over 95°F), improper cooling due to fan malfunction, using a laptop on a soft surface that blocks vents, etc.

Signs of a bulging battery include the following:

• The screen of your device appears slightly bent

• The device case is coming apart even though it hasn’t been damaged or dropped

• The back casing popping off your phone

• The touchpad or keypad seems to be lifting off the device

• The device rocks even when put on a flat surface

• There is a noticeable bulge on the device

Why is a Bulging Battery Dangerous?

It Can Explode and Catch Fire

If a bulging battery isn’t taken care of right away, the pressure of the gas buildup can cause the battery to burst, exploding and causing a fire. This can be extremely dangerous, especially if you’re holding the device at the time.

The potential for the battery exploding is why you need to get this issue addressed immediately. 

It Can Crack the Device Casing

Bulging batteries are literally swelling in size, so they’re expanding larger than the casing was designed to accommodate. This can lead to damage to the screen, casing, keyboard, and other components of your device.

There Can Be a Dangerous Off-Gassing

If the battery swells enough to crack, there could be off-gassing of the built-up gas, which could be toxic if you have the device nearby. For example, if you’re talking on your phone at the time the gas escapes. 

Performance & Internal Components Can be Impacted

With excess heat build-up comes the potential for the internal components of your device to get overheated and damaged. This will typically impact performance and you’ll notice that your device is no longer working as expected.

Tips for Preventing Bulging Batteries

Don’t Expose Devices to Excess Heat

Don’t leave your mobile device or laptop in a hot car or sitting out in the sun. Lithium-ion batteries don’t like heat, so it’s important to keep that in mind. It’s also not a good idea to charge your devices in direct sunlight or near a heat source.

Ensure Vents Aren’t Blocked

The term “laptop,” in retrospect, might not have been the best name. It’s not advised for laptops to be put on soft surfaces, like your lap or on a blanket because the vents can get blocked, causing heat buildup.

Always use your laptop on a solid surface to prevent this from happening. There are plenty of lap desks out there that can give you the ability to have the device on your lap safely.

Use Only the Approved Device Charger

There are tons of cheap knock-off chargers that you can find online, but all of them may not be built to the same safety standards. The same is true for those “fast charging” stations or batteries you might find.

It’s best to only charge your device with the approved device charger to ensure it’s not being overcharged, which could increase the risk of battery swelling.

Don’t Leave Your Device Plugged in 24/7

While devices with proper safe charging mechanisms will stop charging at 100%, it’s still recommended that you don’t leave your devices plugged in all the time. These batteries are designed to charge and then use the charge, but not be continually charging. 

By unplugging your devices for a while, then recharging when needed, you can also increase battery life and performance. 

Replace Older or Malfunctioning Batteries

If you have a battery that isn’t holding the charge as it should or is malfunctioning in another way, replace it. This will reduce your risk of problems with that battery as it ages, including the risk of gas build-up and bulging.

Need a Check of Your Device Batteries?

Don’t risk the potential of an explosion from a failing battery. BrainStomp can take a look at your device batteries and quickly replace any that are on their last legs.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

Microsoft’s big announcement of a 2021 Windows 11 release has many companies wondering what this means for them over the next several months.

When a major change in business technology infrastructure, like a new OS, is on the horizon, it can mean major disruptions and downtime if it’s not handled properly.

Users can end up being blindsided when their workstation is upgraded, and productivity can drop as they attempt to learn the new PC environment. Companies can also end up with broken software or processes if they haven’t considered workflow compatibility with the new operating system.

The worries about what a change might mean keep many companies from upgrading to a new OS version until well beyond the usable life of the outgoing OS.

For example, roughly six months before Windows 7 reached the end of life and end of support, 35% of PC users were still using the OS and hadn’t yet upgraded to Windows 10.

What can happen if you stay on an older operating system instead of upgrading?

• You risk falling victim to a cyber attack.

• You begin experiencing compatibility issues with newer software and hardware.

• You miss out on productivity improvements.

• You can get left behind your competition because you’re an OS behind.

• You invite more vulnerabilities that can enable ransomware, viruses, and other malware.

So, rather than wait until the last minute to upgrade when an OS is reaching the end of all support, it’s best to upgrade as soon as possible. Taking the proper steps now to prepare your business for a Windows 11 upgrade can make all the difference in how smoothly the transition goes. 

Prepare Now for a Windows 11 Upgrade

Evaluate Your Computers & Tablets for Compatibility 

While you won’t have to pay for Windows 11 if you’re already using Windows 10, you may have to upgrade some of your workstations, employee tablets, or laptops.

It’s best to switch all your devices at the same time, so you don’t have some staff still using Windows 10 while others have already upgraded to 11. 

Go through each of your devices and check them against the Windows 11 minimum system requirements to see if each can be upgraded. If not, it may be able to be upgraded if more memory or storage is added, or it may just make more sense to purchase a new PC. Especially if the current device is four or more years old.

You can easily check devices for compatibility with Windows 11 by downloading Microsoft’s PC Health Check application and running it. It will tell you whether the device is good to go or doesn’t meet the requirements.

Make a Replacement Plan for PCs That Can’t Upgrade

For those computers or tablets that can’t be upgraded to Windows11, make a replacement plan now so you can spread out your purchases over the months leading up to the release and your planned upgrade date.

Create an Upgrade Roadmap & Pre-Schedule with an IT Provider 

According to Microsoft, Windows 11 is expected to be rolled out to the public near the end of 2021 and early 2022. There have been some rumors that it might come as early as October of this year, but that hasn’t been confirmed by Microsoft. 

Decide how soon after the release you’d like to upgrade your office. It’s important to keep in mind that Windows 11 was created with productivity boosts in mind and has a lot of helpful features, such as:

• One-click video calling from Microsoft Teams (which is natively integrated)

• Snap layouts to help arrange several open windows for optimal efficiency

• Curated news and info feed

• Windows Voice Typing that automatically punctuates as it transcribes

• Cleaner Start menu that’s less busy and more streamlined

Once you decide when you’d like to upgrade, contact an IT pro, like BrainStomp to schedule a professional upgrade of all your devices. You’ll want to do this in advance of the rollout because once Windows 11 is available, schedules will be filling up fast.

Check Your Software & Peripherals for Compatibility

You’ll want to check any software you are using for compatibility with Windows 11, so you can make any needed upgrades before moving to the new operating system.

Most businesses use cloud tools these days, so there are fewer compatibility barriers when upgrading an OS. However, those that use custom offline software might need to have developers make updates to ensure it can run on Windows 11.

This is something you want to check well in advance so you can ensure a smooth transition that’s going to help and not hurt your business processes.

Train Your Users in Advance on the New OS

Users need to be trained on the new operating system before they begin using it. This will help reduce the risk of productivity loss that can happen right after an upgrade as users are getting used to the new environment.

Users can get a sneak preview and training before the OS officially rolls out because Microsoft is offering it now to users that sign up for its Windows Insider Program.  

Pre-Schedule User Training & Your Windows 11 Upgrade Today

BrainStomp can help your business through a smooth transition to Windows 11 so you and your users can enjoy all the productivity-boosting benefits of the new OS as soon as possible.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

Microsoft just made an exciting announcement about a new operating system. Windows 11 is expected out later this year, and it has people buzzing about what to expect with the changes.

Because Microsoft chose to put out a new OS version, rather than just doing feature updates to Windows 10, it means there are some pretty significant upgrades that people can expect.

Windows 11 comes out as its predecessor is about four years away from retirement (end of life for Windows 10 is slated for October 2025), so it makes sense to have a new OS come out now. People and PC manufacturers typically need time to adapt and switch over.

The operating system your company uses is a foundational element of your technology infrastructure, so it’s important to know what to expect from the new OS so you can be properly prepared for an upgrade. 

Windows has approximately 73% of the global desktop operating system market share.

We’ll go through everything you need to know about the upcoming features, price, and timing of the Windows 11 release. 

Everything You Need to Know About Windows 11

When Can We Get Windows 11?

Windows 11 is being released during the holidays of 2021 and into early 2022, according to Microsoft. However, rumors in the PC world are that the public availability could be as early as October 2021. 

Some advertising for an October 2021 upgrade on laptops by Walmart as well as an October date on the taskbar in marketing screenshots for the OS are some of the things that have fueled the early-release rumor.

What Is Windows 11 Going to Cost?

If you already have Windows 10 and you have a system that has the minimum requirements for Windows 11, then the upgrade will be free. 

You will need an internet connection to download the new OS version.

Some of the common requirements include:

• 1GHz processor with 2 or more cores on a compatible 64-bit processor or SoC

• 4GB of RAM

• 64GB or larger storage space

• UEFI, Secure Boot capable firmware

• Trusted Platform Module (TPM) version 2.0

• Graphics card compatible with DirectX 12 or later

• High definition (720p) display that is great than 9”

Now, let’s get into the key features of the new operating system.

Microsoft Teams Is Integrated & Easier to Use

Microsoft Teams was first introduced as one of the apps included in a Microsoft 365 subscription. Since the pandemic and rise of online meetings and virtual teams, Microsoft created a free Teams version for anyone to use and has been adding tons of video meeting features.

All Windows 11 images are courtesy of Microsoft

Windows 11 natively integrates Teams and you’ll see the MS Teams icon on the desktop. Users can click the icon to connect with people easily via video, voice, or chat, without needing to open the full Teams application.

More Accessibility Features & Voice Typing

Windows 11 represents the “most accessible” Windows OS ever designed. It includes new color filters and more options for changing the text size and high-contrast themes.

Users will also have the ability to add custom sounds to more Windows events. The new Windows Voice Typing makes using the OS easier on small mobile screens and can assist those with limited keyboard mobility. This feature will even add punctuation automatically.

Sleeker Start Menu & Taskbar

Distraction-free and clean are two of the guiding forces behind the design of Windows 11. You’ll see this play out in the Start menu and taskbar.

The Start menu is much simpler, and the menu sidebar and boxes are gone. Users can pin apps to the top and search for whatever they need. 

Changes to the taskbar include removing the search bar and putting it inside the Start menu instead. The Windows icon to get to the Start menu has also been moved from the far left to the middle of the taskbar.

Personalize a News & Info Feed

Windows 11 incorporates a new information feed that is powered by widgets. (If you have an iPhone, you’re probably familiar with the concept of a widget feed.) You can add the widgets you like to your feed to personalize it and get helpful info at a glance.

This includes things like:

• Weather

• News headlines

• Stocks

• Calendar

• Photos

• ToDo list

• Bing search

• And more

Arrange Windows in a Snap

Arranging windows on a screen to see more than one at the same time is a common frustration for users. You have to resize them just so, and then move them again to scroll.

Snap layouts in Windows 11 are going to reduce your frustration when working in more than one window at a time. You have six different arrangements of between 2-4 windows to choose from. Your open windows will snap into place for an optimized view.

Need Help Rolling Out Windows 11 to Your Office?

BrainStomp can help your business through a smooth Windows 11 office upgrade that mitigates downtime and helps you benefit from the productivity improvements of the OS faster.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

There are many avenues when it comes to looking for ways to improve productivity. Some of them being more expensive than others.

For example, a complete transition to a new cloud business solution and automating processes can significantly reduce costs and boost efficiency. It can also include a healthy investment of time and money.

If you’re looking for a fast and low-cost way to get a big uptick in productivity, then one of the best solutions is to add a second monitor to employee computers.

The simple act of adding a second monitor to employee desktops and laptops can improve productivity by as much as 40%. Because everything you do on a computer requires a monitor, adding more screen real estate makes a difference in multiple tasks, allowing them to be done faster.

For example, in a Dell study of laptop users and several configurations of additional monitors, it was found that overall productivity improved by an average of 38% with one user getting as much as 50% higher productivity.

Tasks that were tested ran the spectrum of things people do every day. They included:

• Downloading a .zip file

• Extracting an Office document

• Copying and pasting rows of data from multiple columns in Excel

• Inserting charts into Word and PowerPoint

• Duplicating and editing PowerPoint slides

• Exporting Word and PowerPoint documents to PDF

• Combining files into a .zip file and attaching it to a new email

• And other similar tasks

Crunching the Numbers on Productivity

Let’s take a look at the potential payback period and ongoing ROI from purchasing an additional monitor.

A quality monitor can run in the neighborhood of $160 - $250. So, let’s say that you get a higher-end display for $250.

Now, let’s factor in productivity savings that are similar to the one in the Dell study at 38%.

You have an employee making $20 per hour and working 40 hours per week. If they get a 38% productivity boost, that would equate to $304 per week in additional productivity. So, you end up with a payback in less than a week and an ongoing return on the investment of over $1,200 per month in efficiency boost.

That’s a great return on a fairly low-cost purchase!

Benefits of Adding a Second Monitor to PCs

Less Window Switching

The act of switching between open application windows might not seem like it takes up much time, but all that activity can multiply fast. 68% of surveyed workers say they spend 30 minutes a day switching between their apps. That adds up to a time loss of about 10 hours per month.

Having more screen space allows users to have more application windows open on a computer at the same time. Instead of physically having to minimize and maximize each app window, they can simply glance from one to the other.

Easier Side-by-Side Work

Multiple tasks require you to have two windows open side by side. For example, you may need to pull research data you find online into an Excel document. Or a document with instructions may need to be compared with what a designer actually created.

Trying to have two windows up on the screen at the same time when you have a single display, can make it difficult to see more than a small area of each document. Then you struggle to try to reach the navigation controls to scroll where you need to in each window.

With a dual-display setup, you can easily have two documents open fully at the same time, one on each screen. This allows for a much easier comparison between the two that takes a lot less time because you can see more of the document without having to adjust the view.

Find Information Faster

Users that have been tested on the use of one display versus two displays note that finding information is easier because they have more area to work with. File explorer windows can be opened wider, for example. More screen area also allows a user to easily separate their browser windows and see more than one at the same time.

More Flexible Online Meetings

When participating in online meetings, the window can take up the entire desktop screen. This makes it difficult to switch over to email to see if an urgent message has come in from an expected attendee or to refer to notes if you’re sharing a screen.

When you use two displays, you can designate which of the two you’d like to share when sharing the screen and use the other one for notes. Having that additional display also allows you to keep programs open, like email, without the need to minimize the video conferencing window.

Get Help Setting Up New Displays & Optimizing for Efficiency

BrainStomp can help your business implement cost-efficient technology solutions that pack a powerful productivity punch. Ask us about adding dual-monitors and other efficiency improvements.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

Does it seem like suddenly the terms “ransomware” and “cybersecurity” are everywhere? It’s not your imagination. The recent attacks on Colonial Pipeline and JBS, the world’s largest beef and pork producer, have been a cause for alarm.

Ransomware has been a particularly nasty form of malware that’s been around for a while. But of late it has started eclipsing other types of attacks like viruses or spyware due to the alarming rise in the volume and cost of the attacks. 

Just 12 months ago, the average cost to remediate a ransomware attack was an already crippling $761,106, but now it’s more than doubled to $1.85 million per attack.

The costs included in that figure are:

• Business downtime

• Lost orders 

• Operational costs

• Emergency remediation costs

• And more

The recent attack on Colonial Pipeline shows just how devastating and urgent a ransomware attack can be. When the company was hit on May 7th with ransomware, it had to shut down pipeline operations. This is a pipeline that supplies 45% of the East Coast’s gas, diesel fuel, and other petroleum-based products.

People panicked and began hoarding gasoline causing major shortages throughout several states. The national price for a gallon of gas also rose higher than it’s been since 2014, to over $3.00 per gallon due to the ripple effects of the attack.

Then, while everyone was still reeling from that attack, global meat producer JBS was also hit with ransomware, leading people to worry about what that will mean to the beef and pork supply. Several factories had to be shut down for nearly a week.

So, what’s going on? 

We’ll go through some of the main causes for the rise of ransomware and provide guidance on how to avoid becoming another ransomware headline through proper cybersecurity best practices.

Why Has Ransomware Become So Big?

Ransomware Often Results in a Full Shutdown 

Ransomware is a form of malware that encrypts files and then rapidly seeks out other devices on a network. It infects all the files it finds on that device and continues. 

It’s not unusual to have several devices and unprotected cloud storage accounts all infected in a very short time due to the way that ransomware rapidly spreads. 

Once encrypted, users can no longer access the files. This causes companies to need to completely shut down in most cases because they rely on technology for their operations.

What happens next is that the attacker’s note appears on the screen demanding a dollar amount as a ransom. The promise being that if the ransom is paid, the hacker will provide the encryption key to unlock the files so the organization can resume operations.

Because of the immediate shutdown of operations, ransomware is a particularly urgent form of malware that tends to get a quick response, something that hackers see as a bonus.

More Than Half of Ransomware Victims Pay the Ransom

If you were selling various consumer products and one of them really started to take off. You’d focus more of your time and effort on that product that was bringing in the most revenue. Your competitors would probably take notice and begin producing their own version of that product to sell as well since it was so popular.

That’s similar to what’s happened with ransomware and why attacks have been exploding. It’s become quite lucrative for attackers as a money-maker, so they focus more of their attention on ransomware attacks.

Other hackers and cybercriminals, including large state-sponsored groups, are seeing that ransomware brings in the money and are perpetrating attacks as well.

When ransomware victims pay the ransomware (which 56% of them do), it further confirms to criminals that this is a good business model for them.

Criminal Organizations Are Offering Ransomware as a Service

Most people are familiar with Software as a Service (SaaS), which are cloud tools they subscribe to and use every day. Well, due to the lucrative nature of ransomware, criminal organizations have been looking for other ways to make money from it.

One of these is selling ransomware as a service, which democratizes these types of attacks. It makes it easy for anyone with the money to invest in the service to roll the dice on collecting a ransom. With more players in the game, no size company is safe. There will be attackers that specialize in large enterprises, while others see small businesses as low-hanging fruit.

Best Practices to Avoid Becoming a Ransomware Victim

Best practices for reducing your risk of a devastating ransomware attack follow the same standard for overall cybersecurity. One critical addition is the need to have a fast recovery process for your backup strategy to ensure you can mitigate downtime costs.

You should have in place the following safeguards:

• Firewall

• Antivirus/anti-malware

• Multi-factor authentication on all logins

• DNS filtering

• Email phishing filtering

• Employee security awareness training

• Backup and recovery solution (with fast recovery)

• Incident response plan that is practiced regularly

• Patch and update management

• Ongoing network monitoring

Get Managed Security to Cover All Your Bases!

Don’t risk falling victim to a costly ransomware attack. BrainStomp has managed IT services that cover all your bases when it comes to IT security best practices.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

One of the common business activities that staff does daily is search for information. They may need to find details for a report, look for information related to planning a new product or service, or require data that are used for billing purposes.

According to a report by McKinsey, employees spend an average of 1.8 hours each day gathering information from various sources. That equates to 9.3 hours per week (over a full day every workweek).

What if there was a way that you could simply go into your Excel spreadsheet and pull up the information you needed, without needing to search for a thing?

That type of business IT solution could save you a lot of time and money, and completely streamline your reporting and process for multiple activities.

If you’re a Microsoft 365 subscriber, then you have this capability through Excel data types.

What’s an Excel Data Type?

For any data that you’re working with, you typically have a type. For example, if you’re editing a list of your employees, then their titles would be a “job roles” data type.

If you’re creating a menu for a school or restaurant, then the listing of ingredients would be a “foods” data type.

Data types in Excel classify your data and then connect that classification to a database of information. Once you tell Excel what data type you’re working with, it will serve up a list of data that you can choose from.

For example, if you happen to be looking up universities in the U.S., you could simply classify them as the “university” data type and then populate university-specific data into your Excel sheet. 

We didn’t look up anything online, Excel filled in all the information for us in a click! 

How Do You Use Data Types in Excel?

You begin with your list of information. Say that you are creating a menu and want to see nutritional information for each serving. You don’t have to touch the Google search bar; you can simply follow these steps.

·      Highlight your list of data.

·      Click Data in the top Excel menu.

·      In the Data Types window, choose the “Foods” data type.

·      You’ll see a small icon appear to the right of your data.

·      Highlight all your data again, and you’ll see a small database icon appear at the top left.

·      Click that to get the list of available data.

·      Click the data you like, and it will populate into the next open column to the right.

·      Do this as many times as you like to fill more columns.

Troubleshooting Data With a Question Mark

If you have text in a cell that Excel doesn’t recognize in relation to a data type, or there is more than one option for that data, you’ll get a question mark icon (instead of the data type icon). A panel will also open up on the left with more details.

Either retype the name or choose from the options given. In some cases, you might be trying to use a term that’s not associated normally with that type of information. 

If more than one entry exists, Excel will ask you to choose the right one.

What Can Data Types Be Used For?

The reason we’re bringing up data types is that recently, Microsoft just added a bunch of them to the platform. Initially, there were just a couple, limiting the value of the feature.

But now there are over 20 different types that can be used for a wide range of business needs. 

Examples include: 

·      Medical Industry: There are data types for anatomy and medical-related terms, providing instant access to information on diseases, medical tests, ICD-9 and ICD-10 codes, and more.

·      Construction & Engineering: Reporting related to terrains and geographical information can be done in much less time by accessing data types such as geography, locations, and terrain.

·      Health, Exercise: Anyone in health-related fields can find details on calories burned per activity with the activities data type. There is even a data type for yoga.

·      Restaurants, Nutritional Experts: The foods data type is extremely helpful for anyone that needs to look up nutritional information for foods or recipes. Once the data is in Excel, it’s simple to create a formula based upon the percentage of the standard serving added to a specific recipe. 

·      Music, Art, Film: People that work in the arts or write about them, will find a plethora of information about movies, music, books, and more using data types for movies, music, and the automatic type that includes media.

·      Financial Industry: One of the original data types was stocks. This one along with the data type called currencies is particularly useful for those in the financial industry. 

You can see a full list of Excel data types here. Check them out and save tons of time searching for information. 

Are You Missing Productivity Boosters in Your Office Tools?

BrainStomp can help your business uncover productivity-boosting tools inside the software you’re already using. Don’t miss out, get expert guidance!

Schedule a free consultation today! Call 260-918-3548 or reach out online.

A strong cybersecurity strategy includes a balance of different layers that protect your network, devices, cloud tools, and data. The balance of safeguards needs to be reviewed regularly to ensure that all areas of your IT infrastructure are properly protected.

The reason the IT security balance needs to be checked and redistributed regularly is that hackers are checking it all the time. They’re constantly looking for vulnerable areas that allow them a way into a company’s network and data.

A recent report by Microsoft called the March 2021 Security Signals found that for many companies, that balance is off, leaving the firmware that runs their devices unprotected.

The report found that even though attacks on firmware have increased five-fold in the past four years, organizations are only allocating a little over a quarter (29%) of their IT security budget to firmware protection. 

What Happens If a Hacker Gains Access to Firmware?

Firmware is software with a specific purpose, which is to tell the hardware how to operate. The firmware will tell your computer or server how to load the operating system at boot. It also is used to store user credentials and privilege level data.

Just about any electronics that you can think of needs firmware to operate. Firmware is used in: 

·      Computers

·      Servers

·      Security cameras

·      Printers

·      Wi-Fi routers

·      IoT devices

·      Networking equipment

·      And much more

You can think of firmware as the “operating handbook” of your device. So, you can imagine how damaging an attack at the firmware layer can be. A hacker can tell your hardware to do whatever they like.

Some of the common things that hackers do when they breach firmware include: 

·      Plant backdoors in a system that allow them to steal sensitive data

·      Give themselves a user credential with high-level privileges

·      Plant malware, like ransomware or spyware

·      Control how a system boots

·      Control how the operating system applies patches

·      Control access and visibility into the operating system

Things You Can Do for Better Firmware Security

The challenge with firmware security is that it’s not entirely in your hands. Much of the problem with firmware attacks is shared by the device manufacturers.

They don’t always build adequate visibility into the firmware layer, which lives outside the operating system. This causes problems, such as the inability for security applications (antivirus, anti-malware, etc.) to see any threats planted in the firmware layer.

However, this is changing because of the ongoing attacks on firmware. That means that companies often need to be proactive when it comes to choosing the right hardware or seeking the help of an IT professional to ensure their devices are properly protected.

Here are some of the steps you can take to ensure you’re not missing the boat when it comes to securing your firmware.

Keep Firmware Updated Regularly

Can you remember the last time you did a firmware update on your computer or router? Most users can’t. It’s because firmware doesn’t have the same “in your face” type of alerts for updates as do operating systems or applications.

Often, a device will simply have a small indicator somewhere on an icon that users can completely miss. If they do see it, they have to click in and go through a more manual process than they’re probably used to.

When it comes to something like a router or other IoT device, a company may never know about a critical security update, unless someone specifically logs in to the router settings (something hardly anyone does!).

So, firmware is left without its critical updates in many cases, leaving an open door for hackers.

What you need to do is make your firmware updates part of your entire update schedule for software and OS updates. All devices should be checked regularly for firmware updates. This is most easily done through a managed IT support plan. This ensures all updates are done on a schedule and professionally installed.

Keep Users Trained on Security Awareness

Regularly training users on IT security awareness is a preventative measure for all types of breaches, OS, firmware, network, and others. 

Hackers tend to use the same attack mode for all types of attacks, which often involves the use of phishing emails directed at your users.

By “regularly” training users, we mean more than once a year. Cybersecurity should be an ongoing conversation that keeps your employees aware and armed with the knowledge they need to stay secure.

Look for Firmware-Protected Devices

As we mentioned, device manufacturers are realizing the need to better protect firmware by building in zero-trust architectures at the firmware layer.

When you purchase new hardware (computers, servers, etc.) look for details on firmware protection that show the manufacturer is developing products with this in mind. 

Some examples include: 

·      Microsoft Secured-core PCs

·      HP Elite PCs

·      Intel-based Macs

Get a Firmware Security Assessment to Prevent a Breach

BrainStomp can help your business ensure you’re properly protected from a firmware attack. We’ll assess your current systems and provide solutions for any vulnerabilities. 

Schedule a free consultation today! Call 260-918-3548 or reach out online.

One of the challenges that companies face in their day-to-day operations is how to handle their files. Without a centralized strategy, they can end up with files being spread out over multiple computers and easily lost. 

While cloud storage is helpful, many users still want to have direct access to their data without having to depend on a cloud service provider, which can have an outage at any time. 

For example, in December of 2020 Google’s cloud services were down for approximately an hour, which can seem like an eternity in “business time.” This impacted multiple services like Gmail and Google Drive, the company’s cloud storage system.

Any modern office technology needs to be resilient in the face of outages, which means having access to files locally, while also backing those up to the cloud. But having employees all storing files on their hard drives causes multiple problems. Including:

·      Files are more susceptible to being lost due to a hard drive crash

·      All devices may not be backing up regularly

·      File sharing becomes difficult, especially with large files

·      Your data is at higher risk of a cybersecurity incident 

·      Difficulty finding files or the right version of a file

Network drives (also known as network-attached storage) are one of the best ways to get a handle on your company data and keep it easily accessible when you need it. 

What is a Network Drive?

A network drive is simply a local hard drive designed for file storage and sharing that can be accessed locally via an ethernet cable or wirelessly. 

Users with the right credentials can log into the network drive, which acts as a shared data storage for your entire organization. 

Why Should Your Company Store Data on a Network Drive?

All Data is Captured in One Place

Using centralized local file storage for your team gives everyone a single place to store and access all company files. This ensures that all company data is accounted for and you don’t have important files that only one person can access.

Employees spend an average of 1.8 hours per day (9.3 hours per week) searching for and gathering information. Using a comprehensive system and a network drive, you can reduce the time spent searching for information and eliminate the need to email data back and forth. 

You Control Your Data

Because you own your network drive and have it physically on-premises, you aren’t reliant on a cloud provider for access to your files. You can control access to your data and decide how it’s stored.

You can even set up your own archiving system, so files aren’t deleted without your knowledge. Many cloud storage systems will have confusing data retention policies that can mean you lose data unexpectedly. 

Better Security

When you use network storage, you don’t have to wonder how secure your employees’ devices are, which may contain vital business information. You’re also not at the mercy of a cloud provider’s security system.

If you want to use a Zero Trust security setup, you can. You can also deploy any type of access security you like, including multi-factor authentication and a single sign-on solution (SSO).

You have control of how strong your network firewall is and can even choose when you want to take your storage offline for security. For example, during holidays when no one will need access to your data.

Remote Access to Your Files

Network drive storage can be accessed over an internet connection as well as locally, so your employees can get to files whether they are working from home, on the road, or at the office. 

You gain the flexibility of cloud storage without giving up control over your data.

Back-Up All Your Devices Fast

Cloud data backup can take a while and take up a lot of your Wi-Fi bandwidth if you have multiple employee devices. When you have devices connected via ethernet to your network storage device, backups happen faster. 

Ethernet can be as much as 10x faster than Wi-Fi, giving you a more efficient way to back up all your onsite employee devices.

Everyone is Working With the Same Files

When employees are saving work to their hard drives, you can easily end up with different file versions on different computers.

For example, a salesperson may have an old copy of a company price list on his hard drive, and not realize there’s a newer one. It’s sent out by mistake to a big customer, putting you in an awkward situation.  

When all files are centrally located, employees can always have access to the newest version. You avoid problems with old files floating around and potentially being sent to customers or others.

Get Expert Help Setting Up Your Network Drive

BrainStomp can help your business with an efficient network drive setup to stop file confusion, save you time, and keep all your data more secure.

Schedule a free consultation today! Call 260-918-3548 or reach out online.