Select Page
Mobile Device Theft Prevention Tips

Mobile Device Theft Prevention Tips

by | Jun 3, 2020 | Business Consulting, Managed IT Services, Security

Estes

Cell Phone Theft Prevention: Digital Assets vs. Liabilities 

With more people working outside of the office, companies need to prepare their employees for the possibility that company and personal mobile devices could be lost to theft or misplacement. Remotely securing users can be a challenge for small companies and large companies alike. Fortunately, there are easy ways that companies and employees can prepare and prevent the loss or theft of devices before it happens. Whether you have a mobile device or a hardwired PC, these device prevention tips can ensure that your phones and laptops are assets, rather than liabilities.

mobile theft
Security

Step 1: Make sure your device is locked and so are the apps!

 

In this day and age, most laptops and other portable devices can be locked (both physically and by using a passcode). Yet, anyone hanging out at a coffee shop will notice many people going to the restroom, paying for food or going outside to take a call with their devices left unattended and unlocked. Don’t be that person and become the victim of theft or loss (or even a drive-by malware install). The likelihood of theft in such public and transient locations tends to be high, and relying on the video camera of the theft doesn’t guarantee the return of the device. Take your devices in a bag with you if you leave the location any reason and also when you don’t have a direct line of sight on you and your company’s belongings.

 

When walking in crowded locations make sure to close all of your bag openings (lock them if you can) and be aware of how easily a device could be taken without your knowledge. Visible and unsecured devices are targets of thieves and could fall out of whatever you are holding them inside. Having a cell phone with critical information in the back pocket of your jeans is an invitation for accidents or worse to happen. Cell phone theft prevention needs to be proactive. Know where your device is at all times and know how to prevent both physical and digital theft.

Step 2: Know where your devices are located.

 

Most phones have the capability to track where you might have left it or where someone has taken it. These features are great but you can also step it up a notch with 3rd-party tools made for this purpose. A simple search will yield a number of location security applications built for business consumers.

 

In addition to 3rd-party applications that can help you find devices, if you want to add another layer of security there are a few physical GPS devices available. These small devices are not prohibitively expensive and can be slipped into a phone/tablet case, a briefcase or a backpack for an extra layer to identify where a device is located.

world

Step 3: Consider having the device engraved or having return information placed on the device

 

Another tip that is overlooked but important is to have devices engraved so you can add return (and reward) information in the event that a device is misplaced. If engraving is not possible, a sticker with your contact details is also another useful option. Not everyone is out to steal your device. Mobile device theft prevention savvy also protects you from your data ending up in a lost & found box. Sometimes we simply misplace our laptops or phones, so leaving contact details in the event of a loss will facilitate the return of your device.

Step 4: Encrypt or remove sensitive information

 

Luckily there are plenty of options to encrypt information on your devices. Not only do many operating systems provide you with encryption options, but there are also many 3rd-party applications to help you.  VeraCrypt is a free/open-source disk encryption software that’s worth considering if you are looking for free options.

 

Beyond encrypting sensitive data, developing a mindset of being rigorous about the removal of sensitive data (that includes photos of sensitive information) will help you avoid unwanted access to your devices that might hold sensitive information.

Shield

Cyber Thieves vs. Cyber Peace

While loss prevention isn’t always avoidable, these tips will help to reduce the probability of loss or theft and ensure we are doing everything to prevent our devices and the sensitive data (like information protected by HIPAA) from being accessed by unwanted individuals, hackers, or dark web cybercriminals. If you do become a victim of device theft, or if you lose your device, then EstesCloud BDR, or a similar disaster recovery solution, can help return cyber peace to your world of data. Cell phone theft prevention is becoming a more critical issue for businesses because remote workers often install work apps on their iPhones, Samsung Galaxies, or other competing brands.

 

Hidden Ransomware as a VM Valentine (Video)

Hidden Ransomware as a VM Valentine (Video)

by | May 27, 2020 | Managed IT Services, Network Security, Security

Apparently ransomware is now installing a virtual machine inside the hacked computer in order to avoid detection.  We’ve entered a new phase of devious behavior!  How will your company avoid the new forms of ransomware hidden in your system’s shadows?

Hidden Ransomware

Hackers Exploit Your Pixie Dust Trust

Please make sure your users are safe!  I think the only way to avoid all this malefic malware is to adopt a Zero Trust attitude, bringing in an IT expert with a Zero Trust philosophy if necessary.  Think of it this way — do you let a technician into your home to work on the AC unit, just because they have the right shirt on?  Did you call them?  Are they “safe”?  Do they take their shoes off and keep their N95 masks on?  Some of us will allow them in, some will not.  At this time, I have immune-compromised folks at home, and that technician isn’t coming in.  I’ll live with a busted AC unit for now — it’s not worth the risk.

 

Is your PC worth the risk to allow untrusted software in and run whatever, wherever it wants, with whatever bugs it brings with it?  I think not.  When it comes to the technology that enables your business, it can be easy to trust your users because you see them as good people, as your helpful team.  But the magical thinking of an IT fairy tale will not protect your team from hidden ransomware dangers, especially those that appear deceptively dressed in a VM.  You can trust your team without trusting their machines or their software.

 

Made in the Shade

Are your systems safe from ransomware hidden in the shadow of a VM?  Companies enabling remote connectivity for their teams may have put their data at significant risk by taking shortcuts to ensure business continuity.  Rushed IT policy often creates vulnerabilities that hackers can easily exploit.  Malware can get into your network by posing as something friendly to your system.  Hidden ransomware, now lurking as an amicable virtual machine, creates troublesome tenements for remote teams.

 

Ghosting the Hackers

Hidden malware is only one challenge you have when connecting your teams to company data.  Fortunately, remote access and remote control utilities, when done properly, are tools that allow companies to connect home users to corporate data securely and efficiently.  You can keep your team safe from malicious valentines, even when they appear in the form of a friendly VM.  With protective IT policies in place, including a Zero Trust approach to the machines that make your business run, you can ghost the bad guys trying to unlock your data and prevent their hidden ransomware from accessing your system.

 

 

 

To learn more about remote access and remote control utilities, please watch one of our IT strategy videos here:

 

 

IT Strategies for Remote Teams (Video)

IT Strategies for Remote Teams (Video)

by | May 26, 2020 | Leadership, Managed IT Services, Network Security, Security, Software

Brad Feakes Director Professional Services
Brad Feakes

SVP Epicor Services, Professional Services

Daryl Sirota – Director, Technical Services
Daryl Sirota

Technical Services Director

 

Brad and Daryl talk about IT strategies for remote teams

 

Brad and Daryl sit down this week for a Q&A style chat to unravel a few of the complex IT issues in today’s work from home (WFH) environment.  At a high level, Daryl emphasizes how we should not make the mistake of trying to plug pieces of cloud software together expecting them to work properly.  That is almost impossible to do effectively without the appropriate policy to guide the technology.  You will need to understand how you will provide guidance to your end users faced with a variety of remote work environments (working for a cafe, home office, etc) and the new tools you will use to manage staff.

 

They move on to talking about some of the end-user WFH problems from asking the question “what does work from home mean?”  to discussing what technology can be used to help get users up and running while also creating business efficiencies.

 

Throughout the discussion, Daryl covers a variety of other topics such as data security, public vs. home wifi, two-factor authentication, remote access vs. remote control utilities, data access, machine vulnerabilities and many other topics.

 

Brad and Daryl do an excellent job of taking some big, complex issues around WFH and explain the issues that every business owner needs to be aware of as they navigate moving their staff into the cloud and potentially hiring a company like EstesGroup to help them with their remote IT management.

 

Of course, you can always reach out to our managed IT services team.  We’ll help you throughout the entire process of moving your company into the cloud and help you avoid the costly mistakes that can put your entire business at risk.

 

Are you having issues with or have questions about your current IT management? Contact us today.

IT Security Gone “WFH” – Now What?

IT Security Gone “WFH” – Now What?

by | Apr 28, 2020 | Managed IT Services, Network Security, Security

 

Recent “Work From Home” (WFH) mandates have quickly pushed manufacturing and distribution employees out of the familiarity of their work offices and into a new realm of IT security needs.  Currently, statistics are saying that 70% of the workforce that can work from home is and, after this crisis is over, more than 40% will STAY at home.  With this transition, IT security principles become part of a critical conversation, especially for companies with remote workers supporting on-site manufacturing or distribution activities.

 

What is your WFH IT security policy?

 

Many distributed businesses have responded to the telecommute directive without many changes, especially those companies with data residing in the cloud.  These companies have already established work-at-home policies and invested in the remote access/remote desktop technology to enable telecommuting with IT security in place.  Folks who invested fully in the Office 365 space are feeling little pain, but businesses with legacy on-premise servers, workstations and printers are probably still scrambling.

 

Don’t be fooled—the hackers have followed you home!  The increase in suspicious emails, bad websites, and malicious advertisements has skyrocketed, and the cybercrime community is just waiting for your users to click on something to ransom your hard-earned data away.

 

Without a written and agreed upon IT security policy, you are at the mercy of your users’ good intentions.  Imagine a home PC with a saved password left on the VPN all day while the kids are stuck at home from school.  The amount of data that could be lost or compromised is staggering!  At a minimum, make sure you have a document that instructs your WFH users to lock the keyboard when they step away (or implement a screen saver with a password).  Ensure your users don’t download documents to their local hard drive or USB drives.  The list goes on, but the human element is the riskiest of all!

 

If a home user gets infected on the VPN, their malware is the company’s malware!  Let me write that again:  If a home user gets infected on the VPN, their malware is the company’s malware.

 

How to connect securely to your enterprise data?

 

Many businesses have NOT invested in expensive VPN or Remote Desktop solutions, and now it might seem either too late or too expensive.  You need a low-cost, secure, and easy-to-deploy strategy to connect your home users with their corporate data:  desktops, servers, and printers at the office.  Many options exist, but without a budget and a vision, you’ll get lost in the storm.

 

 

Keeping your home PC safe!

 

Home computers are more vulnerable than corporate PCs.  Home PCs tend to fall behind on patches and updates.  Moreover, the computer might get repurposed for things like the kids’ Xbox.  Home firewalls never measure up to those provided by your IT department.  Most have no web filtering to speak of, and bad websites abound!  You’ll need that enterprise class security in a mobile-friendly package.

 

 

Productivity

 

Another blog could certainly be written about home offices, with a good webcam and a quiet space, but that’s for another page.  People are people, and the distractions from working from home are numerous and easy to fall prey to.  We recommend easy-to-deploy software to ensure that your users arrive to their home office on time and ready to work (even if it’s in their PJ’s), ensuring that they are productive and not on YouTube or getting the latest Amazon order completed.

 

 

 

Looking to provide IT security for your remote workers?  Deploy the EstesCloud PC Security Stack on your home users’ PCs and rest easily, knowing that your WFH users are protected and productive!

 

Endpoint Security: A Powerful Endgame

Endpoint Security: A Powerful Endgame

by | Apr 8, 2020 | Managed IT Services, Network Security, Security

 

You already know you need protection from the cybersecurity threats circulating the market, but you might not have the time to know the specifics—like what endpoint security is or why you need it.  If you have devices accessing a network, then you have an endpoint that needs protection.  This elusive endpoint is simply any device that interacts with your network—the touchpoint between your network’s perimeter and the outside world.  The bring-your-own-device (BYOD) movement that’s currently shaping the business world makes network security challenging because it creates a high demand for comprehensive endpoint security.  You need to protect your customers and your business by protecting your team, and this begins with endpoint security.

 

 

 

Bring Your Own Disaster

 

The BYOD movement introduces a number of specific challenges in securing networks.  The proliferation of devices interacting with a network, both in kind and in number, increases the number of endpoints and thus also increases the potential vulnerability of a network.  Each new endpoint is a potentially exploitable gateway.  The propagation of vulnerabilities demands a solution that can address this new circumstance.  The solution that companies are increasingly utilizing to address their evolving needs has come to be known as endpoint security.  Endpoint security helps ensure that all devices interacting with a network are compliant to the necessary security standards, protecting both the network and the devices themselves.

 

Endpoint security differs from traditional antivirus in the way that it detects and responds to threats.  Traditional antivirus operates by comparing a program’s signature to a database of known malicious programs.  Programs flagged as malicious would be stopped by the antivirus agent.  This method of threat prevention is, by design, a step behind the attackers.  Traditional antivirus can only detect malicious programs that have already been logged in the antivirus agent’s database.  This creates problems in detecting new threats—what are sometimes called zero-day attacks.  This also creates problems with newer “signatureless” attack methodologies that work to obscure their signatures, to work around the known signatures that antivirus looks for.

 

The question here is one of prevention vs. one of detection:  antivirus focuses on preventing attacks.  While this sounds logical, the tools available at its disposal, as we have seen, are limited.  Should a malware attack slip through, antivirus is ill-equipped to deal with it once it’s inside the network.  This brings in the need for more dynamic, behavioral-based detection methodologies that can leverage artificial intelligence and machine learning to detect suspicious application behaviors and react accordingly.

 

Leveling Up

 

Modern endpoint security platforms operate in a multi-level manner, protecting networks and network devices in multiple phases of vulnerability and response.

  • The pre-execution phase: This level is for threats as they enter the network.
  • The on-execution phase: This step is for threats that have entered the network and are in the process of acting out their program logic.
  • The post-execution phase: This involves the steps to mollify threats that have executed.

Combining static prevention with dynamic detection, modern endpoint security platforms leverage machine learning to detect threats on execution.  This becomes beneficial, not only for signatureless attacks, but also for “file-less” attacks that are operating exclusively in memory.

As part of our EstesCloud security stack, we work with several vendors to provide broad and comprehensive endpoint detection and response.  AI, combined with our SOC (Security Operations Center), provides the level of endpoint security that cannot be addressed by traditional antivirus.  Our cybersecurity solution comes with a strong warranty—cyber threat protection provides you with financial support of $1,000 per endpoint, or up to $1 million per company, securing you against the financial implications of a ransomware attack if your company indeed suffers an attack and our team is unable to block or remediate the effects.

 

 

 

Is your company in need of a security assessment?  Learn more about how EstesGroup can protect your business.

What Are My ERP Private Cloud Options

What Are My ERP Private Cloud Options

by | Feb 10, 2020 | Cloud, Epicor, Epicor 10, ERP Risks and Challenges, ERP Selection, Hosting, Managed IT Services, Prophet 21, Security

Not All Clouds are Created Equal: Reviewing Your ERP Private Cloud Options

 

It’s no secret that cloud computing has been increasingly finding its way into businesses by providing reliable solutions to increasingly challenging problems.  But for ERP customers with complex environment maps, an unmitigated move to the cloud might feel risky.  For this reason, some customers look for middle options between full cloud deployments and on-premise installations.  Private cloud hosting is one such midpoint, and it’s not uncommon for customers to approach the opportunities of cloud computing in search of a private solution.  But will this option leverage the obvious benefits of the cloud, while effectively providing the necessary support for your complex ERP ecosystem?

 

Your ERP installation is rarely an isolated entity—it is part of an integrated ecosystem of applications and processes, with various third parties, bolt-ons, and in-house applications interacting with the core ERP system.  As such, an ERP system is not always easily extracted from its ecosystem, as such an extraction is something akin to major surgery.  If you’re looking at handling this complexity with private cloud ERP deployment options, there are basically two management directions you can take.  You can build a private cloud using AWS, Azure, or Google, or you can work with an already established team of experts in private cloud hosting.  Let’s explore these options in greater detail.

 

Private Cloud in AWS/Azure/Google

 

The big players in cloud computing entered the application hosting game a while ago – Amazon, Azure, and now Google.  The option here would be to build out your virtual machine architecture within one of these clouds, and install your applications within this architecture, while working in turn to integrate your company-specific application ecosystem with the new ERP infrastructure.

 

While this eliminates the hardware investment of an on-premise install, you are still responsible for all the administration activities, at the server, application, and database levels.  And if your Epicor Admin should win the lottery, you are left scrambling for options.  If you lack the internal resources and need to bring in assistance in the administration of the application, you are now adding another party to work within this ecosystem.  Moreover, to your monolithic cloud provider, you are still just a number, and the service levels you can expect to receive will indicate as much.  Will the hosting company be responsive and listen to your apps and your business needs?  Is there a human voice to reach out to when issues occur?

 

Private Cloud Through the Estes Group’s ECHO Managed Hosting

 

EstesGroup’s EstesCloud Hosting, or ECHO for short, is our hosting platform. For one monthly price, we include all the functionality and support you need to keep your hosted applications running properly for your business.  While providing the access level that companies look for in private cloud solutions, we also provide the support and expertise that a big box store cloud partner can’t provide.  One phone call puts you in touch with our support team.  Well-versed in Microsoft’s full stack, we cover your servers with 24x7x365 EstesCloud Monitoring.  We cover the backups and disaster recovery, and we protect your users with EstesCloud identity management under the security of EstesCloud-managed Firewalls.

 

We have experience in moving many customers to a private cloud environment, while working with them to integrate their hosted ERP platform with their family of related applications.  With this experience comes the knowledge in working with protocols, networks, VPNs, and database connections, and we leverage this knowledge when engaging a customer.

 

In summary, some of the benefits of the EstesGroup’s ECHO Private Cloud Hosting solution include:

  • Known monthly expense, with no large capital expenses
  • Growth with your business supported by continual and customized service
  • Proven backup and disaster recovery playbooks
  • Easy, secure access from anywhere you wish
  • No Server Maintenance
  • No need to upgrade or repair hardware

 

When it comes to deploying your ERP architecture, there are clearly a number of different options, and the implications of the decisions made will have a lasting effect on your company’s future.  Are you considering spinning up your own private cloud to host your ERP application?  Drop us a line first, and let us help you explore your options.

Interested in learning more about Managed Hosting for Epicor ERP or Prophet 21 ERP?

 

Visit our Managed Epicor ERP Hosting page

Visit our Managed Prophet 21 ERP Hosting page