Blog

Remote Access Security is Vital to Business Security

by Bob Kwiatkowski

Remote Access Security image

Why is remote access security important for your business?

Fundamentally, with the COVID-19 Pandemic, many businesses are struggling to maintain regular operation.  Yet, the team at IT Edge has seen first hand the benefits of modern technological advancements in computing. Primarily, these new advancements have allowed many businesses to abandon the brick and mortal community setting. So, they opt for the safety of socially-distanced remote access from their employees’ individual homes. Then, remote access security becomes key.

Commonly, remote access has carried businesses forward. It provides a way to maintain financial security to owners and employees alike. Remote access is an important productivity tool. But, it does have some inherent security concerns.  As an outsourced IT provider in West Chester, PA, we make sure that these concerns are properly addressed.

Therefore, our team works to prevent unauthorized access to business networks. And, no business can be too secure.

Read on to learn of some popular ways businesses are taking advantage of remote access.

SSL VPN

SSL VPNs (virtual private network) provide safe communication across public networks and private networks.  Most commonly, a VPN is used to provide safe and secure remote access from a remote location to the servers stored in the office.

Hence, our team strongly recommends using complex passwords with a documented password policy. Plus, multi-factor authentication provided by mobile device apps like Google and Microsoft Authenticators.  SSL VPN services are most commonly hosted by a hardware appliance on your business network.

GoToMyPC

GoToMyPC is an online service that allows a user to remotely control a pre-authorized workstation in the office.  This service uses a secure website to provide access to authorized computers.  AES 128-bit encryption is used to safeguard the connection, protecting sensitive data.  It is important to use a complex password for the website account and a unique passcode for each accessible workstation in the portal.

Which remote access solution do you prefer? No matter the specific solution, it is critical that you work with a trusted IT consulting partner to be safe online. Ultimately, a trusted team can properly align the product with performance and meet security requirements for your business.

Realistically, there are a lot of ways to protect your business. When it comes to remote access, you need to be safe. Your business’s data is extremely important. So, you need to take the proper steps to protect it!   Then, you can have peace of mind.

The team at IT Edge is a West Chester based IT provider, with the knowledge and resources to assist you in this process.  Please give us a call today!

Beefing Up Your Business Security with Microsoft 365

by Nick Volpe

Microsoft 365 image

You have probably heard about Microsoft 365 services (formerly Office 365) in one form or another. As an IT provider in West Chester, PA, IT Edge migrates and sets up various Microsoft 365 services for its clients. Ultimately, you need to be sure that your business is safe and secure. Are you looking to increase your email and overall business security? Here are some ways that Microsoft 365 can help.

Multi-factor Authentication

Microsoft 365 can secure your services with a multi-factor approach. That means that your users’ account passwords are no longer the only thing keeping the bad guys out. Then, you can be sure that your valuable information is safe and secure. To us, it seems like a simple solution to a complex problem.

You get options like text message-based verification or One-Time Passcodes. They even offer a Microsoft Authenticator app for your mobile device. This allows you to allow or deny access to your account. This is one of the best ways you can secure your email and business; by keeping prying eyes out of your business communications.

Email Encryption with Azure Rights Management

Companies all over the world are communicating with customers and clients on a daily basis for business. Ultimately, email without an additional layer of encryption is like sending a postcard through the postal service. It is fairly easy for bad guys to intercept email messages. When your emails are compromised, there could be a risk for more information being lost. Fundamentally, consider how much information you are sending through email channels. If this is funneled into one central location, your company’s data could be at risk.

Thus, you should always assume that your message contents and attachments can be viewed by anyone. This is where Email Encryption comes in. With this offering, you can categorize emails or push a button in your email client to send an encrypted message to your recipient. This ensures that the intended recipients are the only ones with access to the message contents.

Hence, this is a great solution for anyone looking for increased security. Realistically, computer safety is more important now than ever before. Because of this, we encourage companies to consider the best track for their safety online. Take the right steps to stay safe online!

Security & Compliance Center

When you need to know what’s happening in the system, the Microsoft 365 Security & Compliance Center can help you out. The Center can setup policies, look at detailed logs, and even setup alerts to know when email is being forwarded from an account. These are some of the many security improvements you can make for your business when utilizing Microsoft 365’s suite of email and productivity services.

It helps to have a trusted IT consulting partner and Managed Service Provider at your side to assist. Located in West Chester, PA, our team is ready and willing to help your business stay safe online. Give us a call today to get on board with Microsoft 365.

QuickBooks Slow Performance due to Large .TLG File

by Walt Ball

QuickBooks Performance, May 20, 2020

QuickBooks assistance in West Chester, PA

Of course, every business strives to find their own way to take care of accounting internally. Not only does it save money, but it allows any business owner to stay on top of their books. What is the most common option?

Many small and medium sized businesses use QuickBooks. As one of the most popular software services for businesses, it is relatively user friendly as far as software goes. However, even on QuickBooks, users occasionally experience slow performance.  Ultimately, this could be for a variety of reasons; but a few are particularly common. As QuickBooks ProAdvisors, the team at IT Edge not only provides IT Support but assists with the setup and troubleshooting of the program.

So, what is making the program slow down? QuickBooks stores data in a QBW file. Yet, it also keeps track of everything every user does in the TLG file.  The TLG file quickly grows beyond the data file. As the program adds to it constantly, it begins to slow down. This can be a common issue.

In order to “shrink” the TLG file, you have to do a backup within the program itself and go into Options and select Complete Verification.  Once the software knows a fully verified backup has been completed, it will purge all the information since the last backup from the TLG file, thus reducing it in size.  

Like most things with computers, there are potential issues and additional steps may need to be taken.  Let our IT Edge team train you how to handle the process.

Microsoft Windows 7 – Discontinued Support, End of Life

by Craig Crisafulli

Windows 7 ending

Microsoft is discontinuing support for Windows 7 effective on 01/14/20. That means that we recommend replacing all PCs running this OS by that date, or upgrading to Windows 10, as soon as possible. But why is this necessary for your business or personal computer?

The biggest issue with continuing to use Microsoft Windows 7 is that it will no longer be patched. That means your PC is vulnerable to any new viruses or security problems once patching is discontinued. This leaves those machines extremely vulnerable to any emerging threats.  Ultimately, you shouldn’t have an operating system that is no longer patched; this will lead to many problems down the road. That is why it is best to address the issues now, before you run into problems.

As a general rule, we recommend replacing PCs that are more than three years old. Plus, consider upgrading a computer to Windows 10 if it’s 3 years old or newer. Our team has been busy the last several months upgrading many clients and expect that to continue through the new year. 

Once you switch to the newest version of Windows, you won’t be disappointed. Because the patches are still active, you can rest assured that any bugs are taken care of. Realistically, when it comes to your business, there is no room for error. Further, there is no time to waste on trying to fix bugs yourself.

Are you making sure that your computers are up-to-date? If they are not, connect with our team. Because we are experienced at updating these computers, there is no doubt that we can assist your business.

 

Don’t Be Fooled by Rising Extortion Email Scams

by Nick Volpe

Over the past few years, there has been a rise in extortion email scams. In short, these are from individuals who say that they have an embarrassing video of the person receiving the email. Are these true? What can you do?

First, the scammer will threaten to send the video, or other embarrassing evidence, to contacts from your email address book. However, if you pay a fee to the scammer, they say that they will not send the message. Yet, the truth is that the scammer is just out for the money. Chances are that they did not actually hacked your computer or capture any information.

 

Ultimately, this trend of extortion email scams is not new; it is just the latest chapter in online email scams.

However, there are some new aspects to this latest threat. The scammers are using publicly available databases of leaked information. Possibly, these databases can be from high-profile data breaches such as LinkedIn, Yahoo, Equifax, and others.

Realistically, private information including email addresses and passwords are likely out there on the dark web. Now, they are being included in these email scams to give the impression of credibility.

Fundamentally, if you see your password in an email threatening you, the hope is that you will react quicker. Don’t be fooled!

Plus, if you want to read more, check out this article.

Whether this scam or another, contact us to learn how IT Edge can help.

PC Backup: Are you as safe as you think?

by Nick Volpe

PC Backup image

 

Your PC backup is just as important as the data itself. Ransomware, phishing, and user error are all risks to your data. We care about your business network, and we want to make sure that you are checking data backups daily. It is critically important that an appointed individual in your business is checking the backups daily and alerting your IT designee when issues arise. Backups are often the only means of recovery, specifically in the event of server failure, virus infection, accidental deletion or lost data, etc.

3-2-1 Backup Strategy

The 3-2-1 PC backup strategy is a key element in understanding a well-planned backup solution. It involves three functions: 3 copies of your data, 2 different mediums, 1 offsite. When considering different options, it is best to plan out your solutions. Ultimately, this will lead to a much better outcome in the long-run. When it comes to IT consulting and backup support, our team has you covered. Although some businesses may not think that they have a lot of data storage, you may be surprised. All of your billing, client lists, and email histories could be at stake.

3 Copies of Your Data

You should have no less than 3 copies of all of your data at any one time. One is the original data and the other two are backup copies. With multiple backup copies of your data, you can have much more peace of mind. Are you doing all you can to make sure that your most important data is kept safe? Ultimately, it is always worth it to take the safe route when it comes to your data.

2 Different Mediums

Keep your backups on different mediums such as a cloud-based backup and a local NAS storage device. That way, if the NAS dies, you have the cloud-based copy or vice-versa. Hence, you are able to hedge your bets if one backup dies. If this is the case, you will be more prepared than before. This can make all the difference in the long-run. Alternatively, without the different mediums of storage, you could be left stranded in the case that one of the types of data storage fails.

1 Offsite

Always keep atleast 1 copy of the data offsite at all times in the event there is a fire, flood, theft, or disaster, you have a copy somewhere else. The best option is cloud-based backup but even a NAS drive that is stored in another location is sufficient. What happens in the case of this physical disaster? Your important data is perfectly fine, elsewhere, out of the firing line of any danger. We can’t think of a better solution!

Contact US for a PC Backup Strategy today

Please take a moment now to find out how your backup is monitored and contact us to discuss your needs. If you are not 100% sure of where you stand or need a new strategy or solution for your business, call us.

What You Need to Know About Email Phishing

by Nick Volpe

Email phishing attacks are on the rise. How can you be protect yourself?

What is Email Phishing?

Fundamentally, email phishing is a method used by bad-guys. Their intent is to trick and bait email users. Plus, it tricks them so that they share confidential information or downloading malware to their computer. Usually, the email looks like it is from a legitimate or trusted sender. This is done in order to gain your trust or to trick you into action.

In the earlier days, the most common phishing attempts were Microsoft emails. Alternatively, they were emails from package tracking companies informing you of an upcoming delivery. More recently, however they are using more sophisticated methods to tricking you into trusting the emails.

Spear Phishing

This type of email phishing is a targeted attack. Honestly, generic phishing scams will send out thousands or millions of unsolicited emails to anyone and everyone.

Yet, with spear phishing, the scammers will use more sophisticated methods.

When sent, these are intended to get specific information from a specific group.

For example, a scammer may have gotten your email address from a compromised banking database. Then, they can use that information to send an email and spear phish your banking log-in information.

CEO Fraud

Realistically, this is one of the biggest growing and dangerous threats.

CEO fraud is a type of spear phishing where a scammer will spoof the email of a business leader or someone of authority in your company.

They request that someone else in the company, usually in accounting, wire money to a fraudulent bank account under the guise of a legitimate business transaction.

Ransomware

Not so much a type of phishing, this is often the goal of a phishing scam. Often, a scammer will send an email with an attachment or link to an infected file.

That file will download, usually in the background, a ransomware variant with the intent of encrypting data. This is very dangerous!

A common example is a fake resume sent to an HR department. The HR rep downloads the Word document or fake zip file which then runs a macro infecting the computer/network with ransomware.

What does it look like?

Here are some common phishing email examples:

Email phishing image    Image result for phishing email

What can I do?

  1. Check out this quiz from our partner to get some good practice with spotting common email phishing techniques.
  2. Make sure you change your email account password regularly. This can be done with a very secure password using the following guidelines:
    • 12+ characters in length
    • combination of uppercase and lowercase letters
    • use multiple numbers
    • use multiple symbols
    • refrain from the use of dictionary words or guessable words or numbers like your birthday or dogs name
  3. Do not click on links in emails. Any reputable company will allow you to call them to confirm. Or, you’ll type in their website address manually versus clicking a suspect link in an email.

Connect with our team to learn more!

Office 365: 4-step migration process

by Nick Volpe

Last time, I discussed the benefits of implementing Office 365 in your organization. In this article, I will explain the migration process to Office 365 from various mail system types.

Step 1: Planning and Scheduling

To have a successful migration, we need planning and a timeline. This is not typically something that can happen in 1 day. It takes a few days of planning and strategy. Not all migrations are the same and some have personality. However, we can generally plan around unexpected or unique cases.

To start, we will figure out exactly how many mailboxes need to be moved over. Then, we’ll get an idea of what devices need to be setup for email to calculate how much time the process will take. Exchange migrations are simplest. POP/IMAP migrations involve manually uploading through Outlook to the new account(s).

Step 2: Making Domain/DNS Changes

Once we have the timing figured out, we’ll login to the domain name registrar or DNS host to make the needed changes and “flip the switch” so to speak. This will start routing emails to Office 365 instead of your old mail system. The internet propagation takes a bit of time so we then typically wait a few hours. This is the quickest part of the process but is the most crucial.

Step 3: Migrate Emails

Coming from Exchange, we would have already begun this step in tandem with Step 2 but typically we would do a final push of data to the new service.  Coming from other mail systems, we would at this point, login to your computers and upload email data to Office 365 manually. This step also involves various tweaks so you don’t notice the difference. This includes setting email signatures, auto-complete history in Outlook, and adjusting Outlook settings appropriately.

Step 4: Wrap Up

In the final step, we will work with the client to get mobile devices configured for the new system and work on any follow-up tasks.  We will also evaluate if there are any new features that can be implemented to increase productivity and convenience like shared calendars or cloud file storage with OneDrive.

Office 365: The best way to do email in business

by Nick Volpe

Office 365Email is still a very important business productivity tool. Most businesses rely on it heavily for communication. In some cases, it’s an archive of information and interactions. Although it is a very old technology, the wheel is still being refined. IT Edge has been migrating clients to new and better email solutions to fit their needs since the 90’s. Office 365 is Microsoft’s cloud platform and software subscription service. We will discuss what the benefits are to moving your email service to it. In a future article, I’ll explain how the process works.

Benefits

Approximately 50,000 small businesses move to Office 365 each month. The numbers, and our experience, show that it is a very reliable and robust email solution. If you are currently on a basic POP or IMAP email service, the benefits should will be significant.  Are you using Microsoft Outlook or syncing your email to your iPhone or Android device? Exchange is a powerful mail system that will keep everything in sync.  It can handle gigabytes and gigabytes of emails and calendar data.  Plus, it is Microsoft hosts the service in its vast datacenters so you don’t have to worry about security and redundancy.

Exchange was designed around Outlook. Everything you love to do in Outlook will work, and in many cases, work better for you.  If you are one of the many companies that has an in-house Small Business or Exchange server, you will no longer have to worry about email outages when your server goes down or power outages.  With Office 365, if your internet or power goes out, hop over to your neighborhood Panera Bread or Starbucks and you are back in business.

Next Steps

Now that you know some of the benefits, give us a call to discuss more. Next time, I will explain the process of migrating. It’s not as bad as you think!

Recent Remote Access Security Concerns

Remote Access Security image

Is your remote access security up to par? Many of you use Microsoft VPN and/or Microsoft Remote Desktop products to connect directly with your PCs or servers.

We have seen a dramatic increase in hacking attempts targeting both styles of connection. In light of these events, we are recommending that you take certain steps to safeguard against these attacks. This will thereby increase your network’s security.

The Client For You

One of the best solutions available is Sonicwall’s SSL VPN client. The Sonicwall appliance handles the VPN authentication tasks, instead of your server. Your PC, laptop, iPad, iPhone, Android, Apple computer, etc. connects using a small, locally installed software client.

Fundamentally, you benefit from a more secure version of VPN encryption. Plus, you also take advantage of multi-factor authentication by means of a separate user account and password for the VPN connection. SSL VPN credentials are separately maintained on the Sonicwall appliance. We encourage the use of unique passwords for a higher level of security.

The Sonicwall router also allow us to restrict certain inbound traffic to commonly used business ports. This is done by identifying a source address or source network. A good example of this is an on-premise Exchange server. We disallow all traffic inbound on port 25, unless the source of the traffic is coming from our SPAM and virus filtering solution.

Is There Another Way?

Alternatively, you can address this issue by moving away from Microsoft VPN / Remote Desktop. You can move to a 3rd party service like GoToMyPC or LogMeIn. Experience has shown that most individuals prefer Remote Desktop over these products for a variety of reasons. Some of these are the speed of access to their business network.

Ultimately, our goal is to increase security while maintaining functional access to business technologies that you currently use. If you do not own a Sonicwall, we can work with you to replace the existing firewall/router in your office to achieve these goals.

We’d encourage you to reach out to your account lead to discuss the particulars of your setup. That way, we can accurately advise on the best way to handle your unique situation. Remote access security should be a priority!