Chat with us, powered by LiveChat
13 05, 2019

Communicating after a Cyber Attack

2019-08-14T16:31:04+00:00May 13th, 2019|Tags: , , , , |

Organizations of all sizes are at risk for cyber attacks that can cripple operations and cause lasting damage. Businesses must have a plan in place for communicating with customers in the event of an attack so as to minimize losses. We are happy to share some information from our partners at Pronto Recovery about planning your communication and response after a cyber attack. The costs of a cyber crime The price tag of a security breach is staggering, with an average cost of $1.2 million. Cyber crime will cost the world in excess of $6 trillion annually by 2021 and financial costs are not the only consequences. Ransomware attacks are the #1 cyber threat to businesses and are growing at a yearly rate of 350%. These often start with a simple phishing email and can lead to the complete shutdown of business operations. One-third of companies surveyed claimed their company lost intellectual property due to a cyber-attack and 36% of them believe the attack reduced their competitive advantage. In today’s globalized business environment, organizations of all sizes face the prospect of falling victim to a cyber-attack or IT outage that could cause serious damage to its infrastructure and ability to operate. Despite the improvement of cyber-security techniques, criminals continue to develop sophisticated ways to disrupt systems and steal data. The need to prepare for cyber-attacks is more important than ever. According to Cisco’s 2017 Annual Cybersecurity Report more than one third of the organizations that experienced a cyber breach in 2016 reported a loss of customers, business opportunities and [...]

25 01, 2019

Strengthening Your Cybersecurity Plan

2019-07-23T22:32:45+00:00January 25th, 2019|Tags: , , , |

Is your business safe from cybersecurity threats? Do you have a plan to proactively improve and protect against new types of attacks? We want to help you improve your cybersecurity plan. By implementing even one or two of the suggestions below, you’ll be taking a step toward reducing the likelihood of data loss, downtime, reputation damage, and lost revenue. Laying the groundwork Before writing any cybersecurity plan, it’s important to have a risk assessment under your belt. Risk assessments highlight exactly where and how your workforce, technology, and physical environment are exposed and therefore where you need to allocate your risk-reducing budget dollars. An upfront risk assessment is also THE key input into your cybersecurity plan. After all, the whole point of a cybersecurity plan is to reduce the vulnerabilities uncovered by a risk assessment. Chances are you probably already have a cybersecurity plan for your organization. It may be a plan that was written to meet regulatory requirements. Alternatively, it may have been written because you value the continuous operation of your organization and want to protect the private data it stores and processes. Whatever your goals, it is important to make sure your cybersecurity plan includes several key points. Your cybersecurity plan should state: The organization’s general attitude toward risk – averse, neutral, or accepting The importance of cybersecurity from leadership to individual contributors Commitment to adhere to any applicable regulations such as HIPAA, PCI, 23 NYCRR 500, etc. Specific incident response procedures outlining what each internal and external stakeholder will do [...]

10 01, 2019

Cybersecurity Trends – BEC Phishing

2019-05-16T17:55:45+00:00January 10th, 2019|Tags: , , , , , |

Ransomware may be the number one cyber threat but there is another, newer cyber attack that is not being talked about enough. This threat can result in the loss of millions of dollars for companies who are affected by it and lead to the complete shutdown of their email systems – Business Email Compromise. We are happy to share some information from our partners at Pronto Recovery about BEC attacks and how you can protect your business. Business Email Compromise or BEC is an exploit in which the attacker gains access to a corporate email account and spoofs the owner’s identity to defraud the company or its employees, customers or partners of money. Unlike the typical phishing attacks that target everyone, BEC specifically targets high level business executives such as the CFO or corporate attorney to initiate a wire transfer. BEC scams have three main versions: The Bogus Invoice Scheme: this scheme involves a business that has an established relationship with a supplier. The attacker then requests a wire transfer for invoice payment to an fraudulent account via spoofed email, telephone, or fax. CEO Fraud: in this scheme, the attacker pretends to be a high-level executive or attorney who requests a wire transfer to be initiated with instructions to urgently send funds to their bank. Account Compromise: in this version, an employee’s email account is hacked and then used to make requests for invoice payments. And though not as common as the typical phishing email, an FBI announcement in 2017 confirmed that between October [...]

20 11, 2018

Investing in IT: How to Choose the Best Option

2019-06-06T22:29:58+00:00November 20th, 2018|Tags: , , , , , , , |

One thing we see a lot at ImagIT is that many people don’t think about the true cost of a job well done. When we submit a proposal for IT services, it’s always based on our real experience of the work and resources required for a quality solution that meets your needs. But for people who aren’t working in IT day in and day out, it’s hard to know the true cost of dependable, skilled IT services. When someone tells you about cheap IT services, it can be tempting to assume the best about the integrity and experience you’ll get for your dollar. Unfortunately, this often results in higher overall costs when all factors come to light. Is it Apples to Apples? It’s important to understand what is and isn’t included in the proposals you receive. Begin by making a comparison chart of primary aspects such as price, delivery time frame, and services so you can truly compare apples to apples. Look for proposals that spell out exactly what you will receive, rather than ones that make broad or vague statements. Companies that are not detailed about what is included in the contract, such as hours of training, change orders, on-going costs, etc., will not deliver what you think they promised. Don’t Assume All IT Companies Are Equal Price quotes can vary for a multitude of reasons, and so can a company’s experience. When it comes to IT services, and especially large-scale projects, you want the most qualified company for the job. A lesser-experienced [...]

10 10, 2018

50 Million Facebook Accounts Compromised

2019-07-05T17:22:17+00:00October 10th, 2018|Tags: , |

Facebook has announced a massive data breach affecting almost 50 million accounts. This breach, the largest in the company’s history, was discovered on September 25 and announced three days later. So far there is little information about the full impact, the motive, who may have been targeted, or whether the data accessed was misused. Here’s what we do know: What Happened Vulnerabilities in Facebook’s code allowed attackers to directly take over user accounts by stealing “access tokens” which are essentially keys to an account. These tokens act as authorization that keeps users logged in to their accounts over time without having to re-enter a password. Facebook discovered the breach because it noticed an unusual spike in users on September 16, prompting investigation. The company has said that the attackers could see everything in a victim’s profile, though there is still no information about the potential misuse of this data. According to CEO Mark Zuckerberg, “So far, our initial investigation has not shown that these tokens were used to access any private messages or posts or to post anything to these accounts, but this, of course, may change as we learn more.” Facebook has stated that passwords and payment information were not compromised. how accounts were accessed This breach was made possible because of three distinct flaws in Facebook’s code that, combined, allowed attackers to see a user’s access token in the page’s HTML. This vulnerability has existed since July 2017 when Facebook implemented new video upload functionality. The “View As” page, normally a read [...]

28 09, 2018

Windows 7 End of Life Countdown

2019-07-05T17:22:05+00:00September 28th, 2018|Tags: , , , , , |

Windows 7 is nearing end of life yet is still in use by almost half of businesses. Many organizations have yet to develop a strategy to migrate to Windows 10 and some are not even aware of the impending deadline. Read on to learn more about preparing for Windows 7 end of life and scroll to see our infographic with key information about the countdown. windows 7 end of life Mainstream support of Windows 7, in which Microsoft provided security patches and new features, ended on January 13, 2015. Windows 7 moved into extended support at that time, ending complimentary support and active development of the product. During extended support bug fixes and patches are still deployed to ensure the safety of the operating system; however, the product is being phased out. Once the extended support ends on January 14, 2020 the outdated system will be unsupported and a risk for any machine that runs it. For companies using Windows 10 Enterprise or Education that do not complete their migration to Windows 10 by 2020, Microsoft has announced that it will offer Windows 7 Extended Security Updates (ESUs) through January 2023. The ESUs will be sold on a per-device basis (with the price increasing each year) and provide a short extension during which organization could continue to use Windows 7 as they complete migrations. We strongly recommend that businesses purchase ESUs if they need to continue using Windows 7 past January 14, 2020 in order to protect machines from threats. The end of life for [...]

10 09, 2018

380,000 Passengers Affected By British Airways Breach

2019-07-05T17:21:46+00:00September 10th, 2018|Tags: , |

British Airways is investigating the theft of customer data from its website and app over a two-week period and has urged customers affected to contact their banks or credit card providers. The airline said around 380,000 payment cards had been compromised and it had notified the police. In a statement it said: "The stolen data did not include travel or passport details. From 22.58 (10:58pm) BST August 21, 2018 until 21.45 (9:45pm) BST September 5, 2018 inclusive, the personal and financial details of customers making bookings on ba.com and the airline's app were compromised. The breach has been resolved and our website is working normally.” British Airways has yet to reveal any technical details about the breach, however the type of information compromised makes it likely that the information was skimmed live, as customers booked and paid for flights. The issue was identified when a third party noticed unusual activity and reported it to the airline. This is the first breach to hit a major company since General Data Protection Regulation (GDPR) came into effect on May 25, 2018. GDPR is a regulation on data protection and privacy enacted to protect individuals within the European Union. Fines are levied on violators of GDPR, and British Airways may be liable for $646M if it is determined that the airline did not do enough to protect customer data. Shares of the airlines parent company IAG have dropped in the wake of the announcement. All affected customers have received an email from British Airways, asking them to [...]

7 09, 2018

Facebook Building $1B Data Center

2019-07-05T17:19:27+00:00September 7th, 2018|Tags: , , , , |

On September 5 Facebook’s VP of Engineering Jay Parikh announced plans to build a new $1 billion data center in Singapore. This will be the first data center engineered by the company in Asia and will run on 100% of renewable energy. The planned 1.8 million square foot facility will employ evaporative cooling technology to minimize water and power consumption while maintaining the required temperatures without supplemental cooling, reducing water usage by 20%. Singapore’s location and more relaxed stance on the storage and transfer of data than surrounding countries has led many tech companies to build there including Google, who has 2 centers there already and is planning a third. Singapore currently has over 80 active data centers and the Singapore government is encouraging growth in the market. The data center is expected to begin operations in 2022, although the construction will continue past that date. ImagIT Solutions is a network engineering company that provides comprehensive IT services for channel partners, managed service providers and enterprise businesses with multiple locations. ImagIT was founded with the goal of providing comprehensive, IT services for multi-site organizations. Built on providing exceptional customer service with the most trusted technicians in the field, we continue to grow with our clients and expand internationally. Our team of 400 expert engineers and full PMO are ready to take on any type of networking engagement!  Whether its proactive support, an emergency call, long-term projects or ongoing break-fix services, ImagIT will deliver a solution that is customized to best fit your organization. [...]

26 04, 2018

Does Your Company’s Security Policy Address These Seven Points?

2019-07-16T22:39:13+00:00April 26th, 2018|Tags: , , , |

Data breaches and ransomware attacks have become more prevalent than ever, with almost 7 billion records breached in the past two years. Many cyber-security issues still involve basic, fundamental security missteps, which directly or indirectly lead to these incidents. These attacks can be reduced by establishing clear security guidelines and providing training for your employees. Implementing these key components in your security and disaster recovery plans will help your organization’s network combat attacks. Here are some points to address as part of your company security policy: Emphasize the Importance of Security It’s important to instill that security is everyone's responsibility. Employees should be told why cyber security is important and the potential risks should be explained in detail. If data is lost or stolen it most likely will negatively affect the individuals involved, as well as severely jeopardize the company. If the company systems are infected with malware, this could hamper the efficiency of the organization. Ask employees to take an active role in security by reporting suspicious activity to their IT administrator. If employees become aware of an error, even after it has happened, reporting it to IT means something can still be done to minimize the damage. Cyber security is a matter that concerns everyone in the organization, and each employee needs to take an active role in contributing to the company’s security. Secure Computers and Devices When employees leave their desks, they should lock their screens or log out to prevent any unauthorized access. Laptops and cellphones should also be physically locked [...]

23 03, 2018

9 Benefits of Virtualization

2019-07-09T19:28:29+00:00March 23rd, 2018|Tags: , , , , |

Virtualization helps businesses improve operations and decrease spending. Learn about the benefits of a virtual environment and decide if this technology is right for your business. What is virtualization? Virtualization is the process of creating a simulated virtual version of something such as a server, storage device, network, or operating system. This is done by partitioning a single physical machine into several virtual machines which can then interact independently and run different operating systems and applications. Virtualization makes the relationship between computer hardware and software far more flexible and presents capabilities that would never be possible within a physical infrastructure. Virtualization is more than just a buzzword; this technology is the most effective way to reduce IT expenses while increasing efficiency and agility. Businesses of all sizes are reaping the benefits of virtualization and we are seeing more and more companies requesting assistance in creating a virtual environment. Check out these nine ways your business can benefit from a virtual infrastructure: reduced spending Companies spend a significant portion of their IT budget on hardware every year, with the majority spend allocated to multiple servers. Virtualization reduces the number of servers needed as well as extending the lifespan of existing hardware. Many servers are grossly underutilized, using only an estimated 5-15% of their actual capacity. This is because many applications require their own server, which without virtualization means many more physical machines. A single physical server can run approximately 16 virtual servers, allowing companies to considerably reduce hardware and software costs. In addition to reducing [...]

imagit logo