You might know of Barbara Corcoran from Shark Tank. A member of her staff was tricked, via legitimate email that looked like it was from Barbara but wasn’t, into sending a wire transfer to Germany to the tune of $388,700. Transferring large sums of money is something that her assistant does on a regular basis. Her assistant replied to the email to verify and of course the scammer replied, that it was legit and then it was done.
Barbara’s bank, with this being a huge number and her being who she is, leaped into action and asked the German bank to freeze the transaction. And they did, just in the nick of time. Barbara got her money back from the bank. Most people aren’t like Barbara. We know of two businesses that we’re not so lucky. Both lost 10’s of thousands of dollars and were not insured. The money was just gone into the pockets of the scammers. This isn’t a big business problem. It’s an every business problem.
Policy only takes you so far
We can set anti-spam, anti-phishing, anti-spoofing and anti-malware policies. They help but they are not perfect. The bad guys are always looking for ways around and they find them frequently. Lately they don’t even try to circumvent the policies via tricks. Instead, they’ve found it is easier to trick you. The just sent a text only email from an address that looks like one you are familiar with and use words that they think you will be familiar with in order to trick you into sending the money. No link to click on. No nothing. Just plain ole social engineering.
We can’t protect you against that.
Other things we can’t protect you from
Ransomware, malware, viruses, bad actors in all forms doing bad things to your computer and your business. It’s not that we won’t try. It’s that today’s malware is so sophisticated that it’s impossible. A bad link, a bad file, a bad picture, a bad advertisement, a bad email none of which actually looks bad could be the culprit that causes an infection. And today’s infections don’t even have to run or have files! They are fileless! They are just a command, or some temporary code loaded into memory and never installed or written to disk. There’s no protection for these things anymore.
Most of these now are ransomware where they encrypt your files then wait for you to pay up for the un-encryption code. The ransoms have been going up too, into the hundreds of thousands of dollars.
Here’s what you can do
Take us up on our offers to:
- hold twice annual training sessions with your staff to train their eyes to spot modern hackers ($200-$400 a year)
- purchase our online monthly mini training courses (between $100-$300 a year)
- implement multi-factor authentication on everything (no cost except maybe a short training to get everyone onboard with how to do this)
- make every employee use a password management tool ($39.95 per employee annual)
- modernize your business practices and processes to take advantage of new more secure ways of doing things (this would have saved Barbara) we can help you identify, plan and implement these changes
- implement new acceptable use policies (we have samples available)
- put some control on phones, even employee owned phones when it comes to housing business data on them
- change the way that data is secured so that we are no longer dependent on permissions or file location but so that the security goes anywhere the file goes (it’s in your M365 subscription)
- buy cyber insurance. If your insurer won’t offer it to you, ours will. The cost is around $42 per month for $500k of coverage and $70 for $1M, multiply on up. The coverage offered by our carrier is very fully featured. Some aren’t so be careful.
- buy backup. Just because your data moved to the cloud doesn’t mean is doesn’t need to be backed up. ($5 per user per month)
- eliminate RDP. This was a common way that we all accessed our networks remotely. We can’t anymore. It is fully hacked and the biggest target out there.
If you don’t take us up on these offers to help you better secure your business in a modern way, then our hands a really tied. No amount of protection is going to get us to 100% but layers upon layers is the most effective way to attack these new threats
What really stands out to me is that security has changed. It is no longer in the hands of IT. It’s in the hands of a workforce that is beyond simply computer literate, can click on things and type, but rather is aware, educated and savvy and using applications and technology fully and confidently. We can help get your staff there and this is what will make you the most secure you can be.
I’m not trying to use fear tactics here. I hope that you know me better than that. Security has changed and it’s in your hands. We can offer up things, left and right, but if you don’t take up on it and your staff isn’t modern and educated and using modern business processes and tools then doing the same thing in the same old way might get expensive at some point. I’m ready to say that it’s not IF you will be effected by these new hacking methods, it has reached the point of WHEN you will be caught in their traps.
About Harbor Computer Services
Harbor Computer Services is an IT firm servicing Southeastern Michigan. We work exclusively under contract with our clients to provide technology direction and either become the IT department or provide assistance to the internal IT they already have. We have won many awards for our work over the years, including the worldwide Microsoft Partner of the Year in 2010. We’re the smallest firm to have ever won this most prestigious award. Most recently we were recognized as one of the top 20 visionaries in small business IT by ChannelPro Magazine. And as the top Michigan IT firm for Manufacturing.
There are a few simple things that make Harbor Computer Services the best choice for your business. •We are Professionals •We are Responsible •We are Concerned About The Success of Your Business