Bryley is on the move!

Some of you may know, but Bryley has outgrown our current location in Hudson and will be moving to Clinton. Our new building is a historic 1937 post office that was completely renovated and modernized in 2004.  It has more than 10,000 square feet, the majority of which we will occupy, and comes with glass-walled offices, broad sweeping staircases, an elevator, two kitchens, and more.
We expect to move in mid to late Fall.

Ray Baldez obtains his Mac certification

Raymond “Ray” Baldez successfully became MAC certified as an Apple Support Professional (ACSP). With this certification, Ray understands the MacOS core functionalities and has the knowledge to support MacOS users, manage their networks, and provide technical support.

Why Ransomware Hits Smaller Organizations Harder

Ransomware and other cyberattacks seem to be more prevalent than in previous years. While the news has mostly focused on the large attacks (WannaCry, Petya, Netflix hack, etc), small businesses are not immune to these dangers. In fact, in a recent study performed by Symantec, it was discovered that phishing campaigns targeted small businesses 43% of the time, up 9% over 2014 and a dramatic increase from the 18% of attacks in 2011.1 While larger organizations are able to rebound, roughly 60% of small businesses that experience a cyberattack are closed within six months.2

The cost of a data breach

  • Lost Revenue. According to a report conducted in June by Osterman Research, roughly 22% of businesses with fewer than 1,000 employees experienced a ransomware attack in the last year and were forced to stop business operations immediately, resulting in 15% of those surveyed losing revenue.3
  • Downtime. When a ransomware attack occurs, many organizations are forced to shut down to stop the spread of the attack. As a result, they incur downtime. Of the organizations surveyed by Osterman Research, one in six organizations incurred 25 or more hours of downtime as a result of a cyberattack.3
  • Loss of Confidence. When a company admits to a data breach or customer data that was leaked, it causes many consumers to be wary of conducting business with the organization.

What causes a Small Organization to be a target?

The difference between larger vs. smaller organizations is that oftentimes the smaller organizations don’t always have the budget to be able to afford their own IT department.

“A survey published by Manta last month shows that 87 percent of small-business owners don’t feel that they’re at risk of a cybersecurity attack, and 1 in 3 small businesses don’t have the tools in place — firewalls, antivirus software, spam filters or data-encryption tools — to protect themselves.

“The general majority of small-business owners don’t have an IT person. It’s not the first place they spend their money,” said John Swanciger, CEO of Manta. “They’re really relying on themselves to update their software and check for security patches.”4

How can Small business owners limit their risk of an attack?

  • Perform software updates/patches. Their intended purpose is to quickly push out fixes to bugs that may be occurring and create a safe computer environment. When you browse the internet, your computer is at the mercy of its current protective measures. Viruses, malware and rootkits are always on the search for security holes to exploit and gain entry to your personal data. While the best antivirus software would prevent this from ever happening, in order to accomplish such a goal you need to perform recommended updates. These updates serve numerous functions:
    • Fix security holes
    • Optimize the utilization of resources on the operating system
    • Add newer and more secure features
    • Remove old and unprotected features
    • Update drivers to increase software efficiency
  • Regularly backup your data. To reduce downtime, make sure you perform regular backups that are easily retrievable in the event of a breach or data loss, providing a sense of security. Both offsite storage and external drive storage are potential necessities. Data backup and data recovery work basically the same way. Offsite servers are useful for data recovery as they provide massive amounts of storage for nominal prices especially when comparing the hassle it saves in the event of an information disaster. Having a safe place to put information off of the main business server can prove to be more proactive in the long run. Using an offsite server to protect your business data is one of the more effective methods to keep information safe.
  • Create strong passwords. Strong passwords reduce the likelihood that a criminal will be able to easily gain access to your data. But remember to change the password regularly. Passwords are undoubtedly essential to security, but they are not the only method that can or should be used to protect one’s computers and devices. In addition to creating a good password, people should learn how to safeguard it and use it wisely. This means never sharing it and, if unable to remember it, keeping the written copy in a secure location.
  • Protect your Wi-Fi. Wi-Fi can be an easy access point for potential cyber hackers. If you use a Wi-Fi network access in the office, make sure it’s invisible to outsiders, encrypted and secure. Set up your router to require a password for access, and set your wireless access point so it does not broadcast the network name. It is always wise to make a separate network available for guests and to check rogue access points which may have been brought in by employees or visitors.
  • Use a Firewall. Firewalls are like home security systems for your computers. They control the data coming in and out to prevent unauthorized access to your network. A Firewall is a software or hardware device that protects your computer from being attacked over the internet by hackers, viruses, and worms. Having a firewall in each company’s internet connection allows the business to setup online rules for the users. Here are the different ways of how a firewall controls online activities:
    • Packet filtering: small amount of data is analyzed and distributed according to the filter’s standards.
    • Proxy service: online Information is saved by the firewall and then sent to the requesting system.
    • Stateful inspection: matches specific details of a data packet to a database of reliable information.

Firewalls allow you to either add or remove filters based on certain circumstances such as:

    • IP addresses – If a certain IP address, not belonging to the company’s network is accessing too many files from the server, this IP can get blocked by the firewall.
    • Domain names – with a firewall, a company is able to block or allow access to certain domains.
    • Specific words and phrases – A firewall will scan each packet of information to match the filter content. You may select any word or sentence to be blocked.
  • Install antivirus software. Antivirus software helps protect against viruses or malicious software programs, which can also be damaging to your business operations. The software is designed to block damaging messages before it reaches the user. Antivirus software is the “guard” at the gate of a computer system. It protects the computer from incoming threats and seeks out, destroys and warns of possible threats to the system. New viruses are coming out all the time. It is the job of the antivirus software to keep up with the latest threats. This is achieved by daily updates of the antivirus database definitions, which counteract the latest threats to provide constant protection.
  • Educate and train employees. Establish a written policy about data security and clearly communicate it to all of your employees. Train your employees on security basics and best practices when it comes to web browsing and email. Many data breaches aren’t the result of a hacker, but by negligence or human error. If employees are trained on proper ways to handle data, it will significantly reduce the chances of a mistake being made.

Working with a managed IT service provider can remove a lot of the burden and take away the mystery of proactive measures to protect your business.

Protecting your company’s data and infrastructure should be a top priority, but you do not need to do it alone.  Let the Bryley experts help protect your company’s data and infrastructure. Please contact us at 844.449.8770 or by email at ITExperts@Bryley.com. We’re here for you.

 

1 43 Percent of Cyber Attacks Target Small Business. Sophy, Joshua. 28 April 2016.
2 CYBER SECURITY STATISTICS – Numbers Small Businesses Need to Know. Mansfield, Matt. 3 Jan 2017.
3 Why ransomware costs small businesses big money. CNN Tech. Larson, Selena. 27 July 2017.
4 Congress addresses cyberwar on small business: 14 million hacked over last 12 months. CNBC. Zaleski, Andrew. 5 Apr 2017.

How to Spot and AVOID Phishing Emails

Phishing emails are malicious emails sent by criminals attempting to compromise your personal information. They often appear to be legitimate, so beware.

Most phishing emails are disguised as messages from an authoritative entity asking you to visit a website and enter personal information. These websites are set up to gather personal details, which they can then use to hack into your accounts and commit fraud. Some links and attachments in these emails contain malicious software, known as malware, which will install itself on your computer. Malware then collects data such as usernames and passwords. If you recognize these emails, delete them immediately.

Being informed about Phishing techniques and the current news relating to it is very important because new phishing scams are being developed all the time. Without staying on top of these new phishing techniques, you could inadvertently fall prey to one. Keep your eyes peeled for news about new phishing scams. By finding out about them as early as possible, you will be at much lower risk of getting lured in by one.

Being able to recognize these emails will lessen your chances of being compromised. Here are some tips:

  1. Email Address. This is the first thing you should look at. Criminals use two tricks when crafting email addresses. First, they’ll put a real company’s name before the “@“sign to make it look credible. Second, they’ll use a web address similar to the genuine one. Scammers will craft phishing email addresses almost (but not exactly) identical to the real addresses. Check these emails carefully to make sure they are exactly the same as the real web address.
  2. Generic Greetings. Being cautious of emails with generic greetings such as “Dear Valued Customer” or “Dear Valued Employee”. Look for poor spelling, punctuation or grammar. Scammers will go to great lengths to make their phishing emails look authentic. They’ll use an actual company logo and even the names of people who are employed at the company.
  3. Links. If a link appears within the email, hover your cursor over the link to view the underlying address. Check to see where it would take you if you were to click on the link.
  4. Sense of Urgency. Phishing emails may use phrases such as “act quickly” to create a sense of urgency in order to lure their targets in. These scammers may make you feel as if you’re missing out on something. They want to pique your curiosity or exploit your fear to push you into an instant response.
  5. Name. Look to see whose name is at the end of the email. If it’s from a person, is their name in the email address and does the email address appear valid?
  6. Keep Your Browser Up-to-Date. Security patches are released for popular browsers all the time. They are released in response to the security loopholes that phishers and other hackers inevitably discover and exploit. Don’t ignore messages about updating your browsers – when an update is available, download and install it.
  7. Use a Firewall. High-quality firewalls act as buffers between you, your computer and outside intruders. You should use two different kinds: a desktop firewall and a network firewall. The first option is a type of software, and the second option is a type of hardware. When used together, they drastically reduce the odds of hackers and phishers infiltrating your computer or your network.
  8. Add Antivirus. There are a number of antivirus options available to both home users and business owners. There are special signatures that are included with antivirus software which will protect you against known technology workarounds and loopholes. Remember to keep your software up-to-date since new definitions are added all the time due to scams being developed consistently. Antivirus software will scan files which pass through the Internet to your computer and prevent damage to your PC.These types of emails are just generic emails which are sent out to large groups of people, knowing that it only takes a few people to click to make the effort worthwhile to the scammers.

Hold on, there’s more…

Spear Phishing. Criminals who target specific individuals use what is called “spear phishing.” Spear Phishing emails are even more sophisticated than your run-of-the-mill phishing emails, often using personal information obtained from social media pages to make the emails appear credible. These cyber criminals might use your name or tailor the email to reflect your hobbies, interests, where you live or events that are happening locally. They may even make the email look as if it came from the organization you work for. People are sometimes targeted because of their position within the company or because they have access to sensitive data.

As a general rule, you should never share personal or financially sensitive information over the Internet. When in doubt, go visit the main website of the company in question, get their number and give them a call. Most of the phishing emails will direct you to pages where entries for financial or personal information are required. An Internet user should never make confidential entries through the links provided in the emails. Never send an email with sensitive information to anyone. Make it a habit to check the address of the website. A secure website always starts with “https”.

When in doubt, don’t click! Contact your IT administrator. And remember, legitimate organizations will never ask you to disclose personal data via email.

You can also report the scam to the FBI’s Internet Fraud Complaint Center at www.ic3.gov.

Bryley Systems specializes in protecting you from malware. Contact us at 978.562.6077 or by email at ITExperts@Bryley.com. We’re here for you.

Read this case study about a particularly vicious attack that Bryley remediated.

 

Additional Resources:

https://www.sec.gov/oit/announcement/notice-regarding-phishing-scam-targeting-edgar-filers.html
https://www.usatoday.com/tech/
https://apwg.org/resources/overview/avoid-phishing-scams

Bryley’s Prestigious Channel Partners 360 Award Travels the U.S.

After being honored as one of 25 recipients worldwide, our prestigious award is traveling the U.S. in celebration – being one of the most sought-after in the industry of technology solutions.

About Bryce Canyon. Bryce Canyon National Park in Southwestern Utah is famous for the largest collection of hoodoos—the distinctive rock formations at Bryce—in the world. Pillars of red, white, and orange cut through bluest skies, forming some of the world’s most famous breathtaking views. Bryce Canyon first became a tourist destination in 1916 with Union Pacific. It was then declared a National Monument in 1923, and officially established as a National Park in 1928.

 “Bryley Systems works toward continuous improvement; we strive to manage, optimize, and secure our client’s information technology, which brings substantial business benefit and value to their organizations. Our team-focused, best-practices-oriented approach, coupled with high-value/low-risk service options, enables us to provide our clients with Dependable IT at a Predictable Cost™. We thank Channel Partners for this prestigious Channel Partners 360° award!”                

    – Gavin and Cathy Livingstone, Co-Owners, Bryley Systems, Hudson, MA

Bryley Systems named to Top IT Service Providers by the Worcester Business Journal

Each year, the Worcester Business Journal (WBJ) compiles and publishes a list of IT Service Providers throughout Central Massachusetts. The list, published on June 12, 2017, ranked Bryley Systems among the top 15 organizations surveyed. Rankings are determined based on survey results, federal filings and Web sites.

Bryley Systems named in Top 501 Managed IT Service Providers (MSPs) Worldwide for the Fourth Consecutive Year!

Bryley Systems, for the fourth-straight year, ranks among the world’s most progressive 501 Managed Service Providers (MSPs), according to MSPmentor’s 10th-annual MSP 501 Worldwide Company Rankings. The top MSP 501 companies ranked this year include organizations from around the world and from diverse technology and business backgrounds. Collectively, they amassed $14.48 billion in total revenue (based on 2016 results), up more than 15 percent from a year earlier. (The complete 2017 MSP 501 list is available at MSPmentor.net.)

“We are honored to be named to the MSP 501 for the fourth consecutive year.” said Gavin Livingstone, President of Bryley Systems.  “It is a great honor and demonstrates our dedication to remain one of the top providers of managed IT services worldwide.  We look forward to continuing to provide excellent service to our clients.”

“On behalf of MSPmentor, I would like to congratulate Bryley Systems for its recognition as an MSP 501 honoree,” said Aldrin Brown, Editor in Chief, MSPmentor. “The managed service provider market is evolving at a rapid pace and the companies showcased on the 2017 MSP 501 list represent the most agile, flexible and innovative organizations in the industry.”

The 2017 MSP 501 list is based on data collected by MSPmentor and its partner, Clarity Channel Advisors. Data was collected online from Feb. 16 through May 15, 2017. The MSP 501 list recognizes top managed service providers based on metrics including recurring revenue, growth and other factors.

Bryley Basics: How to Handle Phishing SPAM

With an uptick in cyberattacks and phishing scams, we thought it prudent to provide some tips to avoid becoming a victim:

  1. NEVER open or click on links in email unless it is a known source and you are expecting the message that contains the links (Nice work Bill).
  2. NEVER respond to an email emphasizing the need to “Act NOW!”  This urges you to not think about what you are doing and is certainly the road to perdition.
  3. The bad guys are out there trying to lure you in.  They are up to no good 24/7 and constantly seeking out new and improved ways to dislodge your sensibilities and compel you to CLICK before you think.
  4. Remember that the bad guys are very clever, intelligent, and determined.  What they do represents potential cash flow to them.  They are motivated and have resources available to them.  Tired, rushed, frustrated, angry users are a potential bumper crop for them.
  5. Putting SPAM email on Block Lists is futile.  Today they change constantly and move around geographically.  Just delete them.  Your SPAM protection will eventually catch *most* variants and block them.
  6. You WILL get SPAM.  As the good guys thwart the efforts of the bad guys (SPAMMERS) they figure out ways to get around the walls of protection.  It is a running gun fight.  Thankfully there are good guys out there fighting on the front lines of this war.  They too are clever, intelligent, and determined.  We can help by being cautious and aware of the danger.  The moment we let our guard down, is the moment they gain an advantage.
  7. Being ever vigilant and careful about what is put in front of you as you use your computer is the best defense against becoming a victim.
  8. Emphasize these basic practices to your users.  The best way to avoid most mail delivered scams and many internet-based scams is to pause and examine the links contained in the email or on the web page.  Willy-nilly clicking links at any time will ultimately make you either appreciate your backup strategy or wish you had one.
  9. See #7 above.

A periodic review of Business Security practices with users is recommended.  Keep your business best practices along with computer security best practices in the forefront of your employees’ minds.  Emphasis on how to handle emails that “look” like they could be legitimate will pay big dividends in terms of time and money.

Sending people email about what to do to keep your company secure will not be nearly as effective as taking the time to gather in a room for ½ an hour face-to-face to demonstrate the seriousness of the situation.

Bryley Systems specializes in protecting you from malware. Contact us at 978.562.6077 or by email at ITExperts@Bryley.com. We’re here for you.

As they always said in the TV series “Hill Street Blues” at the end of the morning briefing, “Let’s be careful out there…”

Bryley Employees Enjoy a Summer Outing!

Bryley Employees took some time to gather together and celebrate all that we have accomplished this year.  We ventured out to Puzzlescape in Hudson, to see if we had what it took to get out!  We are happy to announce that everyone safely escaped their respective rooms!  Here are some photos from our adventure.

 

 Trudging through the pouring rain. We did it! Making our own Ice Cream Sundaes!