The Continued Threat of Phishing Attacks for SMBs
Phishing is an IT headache that is here to stay. But what is the clearest threat to your SMB clients--social media or garden-variety spam?
By Tim Sprinkle
Traditional spam emails remain the number one electronic security threat to SMBs, according to the results of a recent IT survey commissioned by anti-spam filtering software provider SpamTitan Technologies (so remember that grain of salt). That’s despite the high profile increase in phishing attacks perpetuated via social networking sites like Facebook and Twitter, says the company.
Although 37 percent of IT managers surveyed did admit that online phishing is a growing problem for SMBs, 75 percent called tried-and-true spam attacks the top security issue they face on a day-to-day basis. Social networking-based intrusions remain marginal threats at best, especially given the overwhelming prevalence of email scams.
According to a Microsoft Web security report released in 2009, spam accounts for more than 97 percent of all sent emails, and the Palo Alto-based Radicati Research Group found that spam costs businesses some $20.5 million annually in lost productivity and IT downtime.
But are phishers starting to shift their focus from email to social media? Opinions are still divided on that point, with 31 percent of respondents dismissing the appearance of a rising Facebook threat as simply a result of the increased use of social networking sites by business users. More users equal more targets, after all, though it can be tempting to extrapolate that there are more phishers at work in the social networking sphere as a result.
The SpamTitan findings jibe with a report released earlier this year by Kaspersky Labs that found that just 5.7 percent of phishing attacks in the first three months of 2010 could be traced back to Facebook. Compare that to HSBC, eBay, and PayPal, which together account for more than 52 percent of all online scams, according to Kaspersky.
Either way, phishing is an IT headache that is here to stay.
“Phishing attacks remain a clear and present threat to businesses,” says Ronan Kavanagh, CEO of SpamTitan Technologies. “There is no evidence to suggest that network security measures are discouraging the number of phishing attacks; it is simply that the arrival of social networking in the workplace has presented phishers with a bigger pond to phish in.”
As far as prevention is concerned, Kavanagh suggests that IT managers establish clear policy guidelines and educate their users on the various types of electronic threats facing their networks. Awareness is the number one tool in the fight against phishing attacks, he says, whether they come in via email or social networks.
Friday, September 24, 2010
Thursday, September 23, 2010
Back from Speaking at the Channel Partners Show 2010
OK- The Steve Austin cartoon avatar had to go. I received way too much flak about it and it was agreed that it didn't convey the right image. Done. Now you get to look at the professional portrait...Boring, but how impressive...
I was asked by the editor of Phone+ Magazine, Khali Henderson, to speak at the opening panel discussion for the 2010 Channel Partners Conference held in Washington DC. Wow! I joined four other distinguished interconnects and systems integrators that had made the move to becoming a VoIP provider. My message was simple, partner with a company that you know and trust, who is professional and who provides a superior product. I was happy to tell the assembled attendees that that was what we did with SNET Silver Networks.
I was able to bring up case studies - using actual installation figures about our cost savings for clients, how using a hosted PBX actually reduced their total cost of ownership and increased their functionality. I told my professional colleagues how at first, I was apprehensive about going to a "cloud" environment- but that today, I realize how well the "cloud" has supported my clients!
Back in the exhibit halls, we were investigating a lot of new options to enhance the offerings in hosted applications. We think that 1st Quarter 2011 will see a lot of enhancements in the way that people will be able to collaborate, in the security of networks and in proactive way that the client networks are managed.
Message heard loud and clear: it's a brave new world out there! Innovate, enhance and use it!
I was asked by the editor of Phone+ Magazine, Khali Henderson, to speak at the opening panel discussion for the 2010 Channel Partners Conference held in Washington DC. Wow! I joined four other distinguished interconnects and systems integrators that had made the move to becoming a VoIP provider. My message was simple, partner with a company that you know and trust, who is professional and who provides a superior product. I was happy to tell the assembled attendees that that was what we did with SNET Silver Networks.
I was able to bring up case studies - using actual installation figures about our cost savings for clients, how using a hosted PBX actually reduced their total cost of ownership and increased their functionality. I told my professional colleagues how at first, I was apprehensive about going to a "cloud" environment- but that today, I realize how well the "cloud" has supported my clients!
Back in the exhibit halls, we were investigating a lot of new options to enhance the offerings in hosted applications. We think that 1st Quarter 2011 will see a lot of enhancements in the way that people will be able to collaborate, in the security of networks and in proactive way that the client networks are managed.
Message heard loud and clear: it's a brave new world out there! Innovate, enhance and use it!
Thursday, September 2, 2010
The importance of Disaster Recovery and Back Ups
Have you ever lost an hour of work on your computer?
Now imagine if you lost days or weeks of work – or imagine loosing your client database, financial records, and all of the work files your company has ever produced or compiled.
Imagine what would happen if your network went down for days where you couldn’t access e-mail or the information on your PC. How frustrating would that be?
What if a major storm, flood, or fire destroyed your office and all of your files? Or if a virus wiped out your server…do you have an emergency recovery plan in place that you feel confident in? How quickly do you think you could recover, if at all?
Many small business owners tend to ignore or forget about taking steps to secure their company’s network from these types of catastrophes until disaster strikes. By then it’s too late and the damage is done.
After working with over 1000 small and mid-size businesses in the Chicago area, we found that 6 out of 10 businesses will experience some type of major network or technology disaster that will end up costing them between $9,000 to $60,000 in repairs and restoration costs on average. That doesn’t even include lost productivity, sales, and client good-will that can be damaged when a company can’t operate or fulfill on its promises due to a down network.
What’s most exasperating about this situation is that 100% of these disasters and restoration costs could have been completely avoided easily and inexpensively.
The 5 Most Important Things You Should Do To Make Sure Your Company Is Protected From These Types Of Disasters:
While it's impossible to plan for every potential computer disaster or emergency, there are a few easy and inexpensive measures you can put into place that will help you avoid the vast majority of computer disasters you could experience.
Step#1: Make Sure You Are Backing Up Your System
It just amazes me how many businesses never back up their computer network, OR only keep an onsite copy of their data. Imagine this: you write the most important piece of information you could ever write on a chalk board and I come along and erase it. How are you going to get it back? You’re not. Unless you can remember it, or if YOU MADE A COPY OF IT, you can’t recover the data. It’s gone. That is why it is so important to back up your network. There are a number of things that could cause you to lose data files. If the information on the disk is important to you, make sure you have more than one copy of it.
Second, it’s absolutely critical that you keep an offsite copy of your data. No one expects a flood, fire, hurricane, tornado, or other natural disaster. But did you ever consider theft? What if someone breaks into your office and takes every single piece of computer equipment you have? It has happened.
What if a neighboring office catches fire or if a faulty sprinkler system waters your server room? Here’s another onsite disaster most people never consider…
What if your data becomes corrupt or a tape drive hardware failure erases your data? Again, your data is nothing but a memory. That’s why you want to not only keep an onsite copy of your data, but also an offsite copy. Your data is just too important to not do everything possible to protect it.
Step #2: Perform A Complete Data Restore To Make Sure
Your Backups Are Working Properly
This is another big mistake I see. Many business owners set up some type of backup system, but then never check to make sure it’s working properly. It’s not uncommon for a system to APPEAR to be backing up when in reality, it’s not. Remember the Health Products Company that shelled out $40,000 to recover data they THOUGHT they backed up? Don’t let this happen to you.
Step #3: Keep An Offsite Copy Of Your Backups
What happens if a fire or flood destroys your server AND the backup tapes or drive? What happens if your office gets robbed and they take EVERYTHING? Having an off-site back up is simply a smart way to make sure you have multiple, redundant copies of your data.
Step #4: Make Sure Your Virus Protect Is ALWAYS On And Up-To-Date
You would have to be living under a rock to not know how devastating a virus can be to your network. With virus attacks coming from spam, downloaded data and music files, web sites, and even e-mails from friends, you cannot afford to not be protected.
Not only can a virus corrupt your files and bring down your network, but it can hurt your reputation. If you or one of your employees unknowingly spreads a virus to a customer, or if the virus hijacks your e-mail address book, you’re going to make a lot of people very angry.
Step #5: Set Up A Firewall
Small business owners tend to think that because they are “just a small business”, no one would waste time trying to hack in to their network, when nothing could be further from the truth. I’ve conducted experiments were I connected a single computer to the internet with no firewall. Within hours, over 13 gigabytes of space was taken over with malicious code and files that I could not delete. The simple fact is there are thousands of unscrupulous individuals out there who think its fun to disable your computer just because they can.
These individuals strike randomly by searching the internet for open, unprotected ports. As soon as they find one, they will delete files or download huge files that cannot be deleted shutting down your hard drive. They can also use your computer as a zombie for storing pirated software or sending spam which will cause your ISP to shut YOU down and prevent you from access the Internet or sending and receiving e-mail.
If the malicious programs can’t be deleted, you’ll have to re-format the entire hard drive causing you to lose every piece of information you’ve ever owned UNLESS you were backing up your files properly (see 1 to 3 above).
Now imagine if you lost days or weeks of work – or imagine loosing your client database, financial records, and all of the work files your company has ever produced or compiled.
Imagine what would happen if your network went down for days where you couldn’t access e-mail or the information on your PC. How frustrating would that be?
What if a major storm, flood, or fire destroyed your office and all of your files? Or if a virus wiped out your server…do you have an emergency recovery plan in place that you feel confident in? How quickly do you think you could recover, if at all?
Many small business owners tend to ignore or forget about taking steps to secure their company’s network from these types of catastrophes until disaster strikes. By then it’s too late and the damage is done.
After working with over 1000 small and mid-size businesses in the Chicago area, we found that 6 out of 10 businesses will experience some type of major network or technology disaster that will end up costing them between $9,000 to $60,000 in repairs and restoration costs on average. That doesn’t even include lost productivity, sales, and client good-will that can be damaged when a company can’t operate or fulfill on its promises due to a down network.
What’s most exasperating about this situation is that 100% of these disasters and restoration costs could have been completely avoided easily and inexpensively.
The 5 Most Important Things You Should Do To Make Sure Your Company Is Protected From These Types Of Disasters:
While it's impossible to plan for every potential computer disaster or emergency, there are a few easy and inexpensive measures you can put into place that will help you avoid the vast majority of computer disasters you could experience.
Step#1: Make Sure You Are Backing Up Your System
It just amazes me how many businesses never back up their computer network, OR only keep an onsite copy of their data. Imagine this: you write the most important piece of information you could ever write on a chalk board and I come along and erase it. How are you going to get it back? You’re not. Unless you can remember it, or if YOU MADE A COPY OF IT, you can’t recover the data. It’s gone. That is why it is so important to back up your network. There are a number of things that could cause you to lose data files. If the information on the disk is important to you, make sure you have more than one copy of it.
Second, it’s absolutely critical that you keep an offsite copy of your data. No one expects a flood, fire, hurricane, tornado, or other natural disaster. But did you ever consider theft? What if someone breaks into your office and takes every single piece of computer equipment you have? It has happened.
What if a neighboring office catches fire or if a faulty sprinkler system waters your server room? Here’s another onsite disaster most people never consider…
What if your data becomes corrupt or a tape drive hardware failure erases your data? Again, your data is nothing but a memory. That’s why you want to not only keep an onsite copy of your data, but also an offsite copy. Your data is just too important to not do everything possible to protect it.
Step #2: Perform A Complete Data Restore To Make Sure
Your Backups Are Working Properly
This is another big mistake I see. Many business owners set up some type of backup system, but then never check to make sure it’s working properly. It’s not uncommon for a system to APPEAR to be backing up when in reality, it’s not. Remember the Health Products Company that shelled out $40,000 to recover data they THOUGHT they backed up? Don’t let this happen to you.
Step #3: Keep An Offsite Copy Of Your Backups
What happens if a fire or flood destroys your server AND the backup tapes or drive? What happens if your office gets robbed and they take EVERYTHING? Having an off-site back up is simply a smart way to make sure you have multiple, redundant copies of your data.
Step #4: Make Sure Your Virus Protect Is ALWAYS On And Up-To-Date
You would have to be living under a rock to not know how devastating a virus can be to your network. With virus attacks coming from spam, downloaded data and music files, web sites, and even e-mails from friends, you cannot afford to not be protected.
Not only can a virus corrupt your files and bring down your network, but it can hurt your reputation. If you or one of your employees unknowingly spreads a virus to a customer, or if the virus hijacks your e-mail address book, you’re going to make a lot of people very angry.
Step #5: Set Up A Firewall
Small business owners tend to think that because they are “just a small business”, no one would waste time trying to hack in to their network, when nothing could be further from the truth. I’ve conducted experiments were I connected a single computer to the internet with no firewall. Within hours, over 13 gigabytes of space was taken over with malicious code and files that I could not delete. The simple fact is there are thousands of unscrupulous individuals out there who think its fun to disable your computer just because they can.
These individuals strike randomly by searching the internet for open, unprotected ports. As soon as they find one, they will delete files or download huge files that cannot be deleted shutting down your hard drive. They can also use your computer as a zombie for storing pirated software or sending spam which will cause your ISP to shut YOU down and prevent you from access the Internet or sending and receiving e-mail.
If the malicious programs can’t be deleted, you’ll have to re-format the entire hard drive causing you to lose every piece of information you’ve ever owned UNLESS you were backing up your files properly (see 1 to 3 above).
Wednesday, September 1, 2010
A VoIP Primer for Small and Medium Businesses (SMB)
VoIP technology primer for SMBs
There are four basic models of VoIP to choose from
Hosted: SMBs access the call processing server, also known as Internet Protocol private branch exchange (IP PBX), through a Web-based interface. The hosted PBX is off site, is managed by a service provider and offers the same functions as a PBX, for a contracted fee, without the sizable upfront costs of buying, installing and maintaining the equipment on premises. The downside is the SMB gives up control.
Managed: The IP PBX resides at the company but is managed remotely by a service provider, again avoiding upfront capital investment and maintenance costs. But the on-site IP PBX is subject to power outages or natural disasters.
Do-it-yourself: The SMB takes complete control, buying the VoIP system itself, or through resellers, and managing the system. Cost and no disaster recovery backup are the potential drawbacks.
Broadband VoIP: SMB takes the consumer approach, using an analog telephone adapter to access VoIP through a broadband Internet connection. A small business could reap significant savings. The big worry? Call quality and quality of service.
Who should ring in VoIP? SMBs with branch or satellite offices stand the best chance of realizing cost savings by reducing the cost of moving, adding, changing or removing phone lines for employees and long-distance charges between offices and to clients. SMBs with a mobile salesforce or a large number of teleworkers are good candidates for VoIP.
There are four basic models of VoIP to choose from
Hosted: SMBs access the call processing server, also known as Internet Protocol private branch exchange (IP PBX), through a Web-based interface. The hosted PBX is off site, is managed by a service provider and offers the same functions as a PBX, for a contracted fee, without the sizable upfront costs of buying, installing and maintaining the equipment on premises. The downside is the SMB gives up control.
Managed: The IP PBX resides at the company but is managed remotely by a service provider, again avoiding upfront capital investment and maintenance costs. But the on-site IP PBX is subject to power outages or natural disasters.
Do-it-yourself: The SMB takes complete control, buying the VoIP system itself, or through resellers, and managing the system. Cost and no disaster recovery backup are the potential drawbacks.
Broadband VoIP: SMB takes the consumer approach, using an analog telephone adapter to access VoIP through a broadband Internet connection. A small business could reap significant savings. The big worry? Call quality and quality of service.
Who should ring in VoIP? SMBs with branch or satellite offices stand the best chance of realizing cost savings by reducing the cost of moving, adding, changing or removing phone lines for employees and long-distance charges between offices and to clients. SMBs with a mobile salesforce or a large number of teleworkers are good candidates for VoIP.
Subscribe to:
Posts (Atom)