Limbtec Limited > Blog > cybersecurity

10 Common Tech Problems Plymouth Businesses Are Eliminating From Their Business Forever

9th May 2023

They say, “You get what you tolerate” and now more than ever, we’ve been conditioned to tolerate worse service at higher prices. Companies get a ‘free pass’ simply by saying phrases like “the labour shortage,” “because COVID,” or “inflation.”

But it doesn’t have to be that way.

While you may be able to still do business even with some less-than-stellar vendors in some areas, if all your computers were to suddenly stop working, your network go down, your files gone, chances are you’d be dead in the water.

Your business depends on technology, and you need to make sure everything is up and running RIGHT and you’re protected ALL the time.

Here’s a list of ten common problems, complaints and just downright failures in service we hear of all the time…and I’ll show you how to eliminate them in your business.

  1. When you call your IT company, your message goes to voicemail and you’re stuck waiting hours (or even days) for a call back so your problem gets resolved.
  2. You often must reach out multiple times to get a problem resolved and you need to check back to see what the status is and get a timeframe.
  3. Your IT company doesn’t proactively monitor, patch and update your computer network’s critical security settings daily (or at least weekly) leaving your entire business vulnerable to attacks.  
  4. Your IT company doesn’t offer proof that they are backing up ALL your data, laptops and devices.
  5. Your IT company doesn’t meet with you regularly (at least once a quarter) to report what they’ve been doing, review projects and offer new ways to improve your network’s performance instead of waiting until you have a problem to make recommendations.
  6. Your IT company doesn’t provide detailed invoices that clearly explain what you are paying for.
  7. Your IT company doesn’t explain what they are doing and answer your questions in terms that you can understand, NOT in “geek speak” and they don’t routinely ask if there’s anything else they can help with, no matter how small.
  8. Your IT company doesn’t proactively discuss cybersecurity with you or make recommendations for protecting your network from ransomware and offer employee training videos, so they don’t fall victim to a scam.
  9. Your IT company hasn’t provided you complete network documentation, and they hold the “keys to the kingdom” refusing to give you admin passwords so you’re totally helpless if something goes wrong and you can’t get a hold of them.
  10. Techs arrive late and dressed like they just got out of bed, and you cringe every time you need to make that call because they’ll make you feel dumb or like they are ‘doing you a favor’ even though you’re paying them!

If you’re tolerating any of these common problems, know that you don’t have to! You could be paying for substandard support and worse, not be keeping your company protected.

This could jeopardize your data and your network’s security and cost you thousands in lost productivity because you and your employees are spending time dealing with problems that shouldn’t exist.

If that’s the case, then it’s time you see what else is out there and make sure you’re getting what you pay for.

To schedule a free 10-minute discovery call to see how we can get rid of your tech issues, go to https://limbtec.com/book-a-call

Read more

Microsoft 365 makes Multi-Factor Authentication easier

3rd May 2023
Multi Facto Authnetication made Easier

Microsoft is planning to enable Multi-Factor Authentication (MFA) directly in its Outlook app for many 365 business users.

MFA is a vital tool to help protect your online accounts from cyber criminals. It works by generating a second, single-use passcode every time you log into an account. It’s usually sent to an authenticator app on your phone that you have to download and set up first.

Security codes can also be sent via SMS text message, by a phone call, or you might be given a special USB key to plug into your computer.

The process is often made quicker by using a biometric login like your fingerprint or face ID. It’s a minor chore, but the protection it offers far outweighs the couple of extra seconds it takes to access your account.

Microsoft isn’t so sure about those extra seconds, though. If the tech giant can save you that time, it’s going to do it. That’s why it’s looking to streamline MFA for Microsoft 365 business accounts.

It’s rolling out the improvement by building MFA directly into the Outlook app in a feature called Authenticator Lite. Until now, it’s relied on a separate authenticator app or sending login codes.

There’s no news yet for those of us who want faster authentication on our personal PCs. If Microsoft does announce plans to make this feature available to more hardware or operating systems, we’ll update you with any news.

If you don’t already use MFA for your apps and online accounts, we recommend that all businesses implement it as soon as possible. The additional security it offers protects against the vast majority of today’s cyber threats.

For more help and advice about implementing MFA or getting the best from Microsoft 365, just get in touch.

Published with permission from Your Tech Updates.

Read more

The Bad Bots!

24th April 2023
Bot malware is a growing security threat

If we talk about ‘bots’ you’d be forgiven for thinking of the amazing AI chatbots that have been all over the news lately.

But this isn’t a good news story. Bots are just automated programs, and bot malware is a worrying new security risk you need to defend your business against.

Malware bots are particularly dangerous because they steal whole user profiles – that’s a complete snapshot of your ID and settings. This potentially allows cyber crooks to bypass strong security measures like Multi-Factor Authentication (MFA).

Usually, if a criminal steals your username and password, they still can’t access your account because they don’t have access to your MFA authentication method. But with your whole profile available to them, using your cookies and device configurations, they can trick security systems and effectively switch off MFA. 

Once profile information is stolen, it’s sold on the dark web for as little as £5.

And it’s not even super-sophisticated cyber criminals deploying this technique. Just about anyone can obtain your details and use them for phishing emails, scams, and other criminal activity.

Since 2018, 5 million people have had 26.6 million usernames and passwords stolen, giving access to accounts including Microsoft, Google, and Facebook.

All this means there are things you need to do – right now – to keep your profiles and your business protected from bot malware.

  • Update your antivirus software and keep it on at all times.
  • Use a password manager and Multi-Factor Authentication to keep your login credentials safer
  • And encrypt all your files so that, if anyone does access your profile, there’s very little to steal.

These are the things we help our clients with every day. If we can help you, just get in touch.

Published with permission from Your Tech Updates.

Read more

Cyber Security – What about your Mobile.

21st March 2023
Don't forget your phone when you think about cyber security

Our phones are a goldmine of private information. Just think of all the financial details, personal messages, banking apps, photos and contact information that live behind that little glass screen.

And if your team use phones for work, they’ll often have access straight into company systems – email, contact lists, network access, file systems. So if they’re not kept as secure as any other device in your workplace, they can become a gaping hole in your cyber security.

Criminals know this, of course, which is why they target us through our phones just as much as they do through our networks and servers.

But cyber crime isn’t the only concern. Just losing your phone, or having it stolen, can put your data at huge risk.

So, whether you issue company smartphones, or your employees use their own, you should make sure everyone implements some simple security steps to protect your data and avoid disaster.

What to consider

Start with making sure your people set up a PIN and a biometric login (like a fingerprint or face scan) to open the device.

Only install apps from trusted sources to make sure you’re using genuine software.

And enable Multi-Factor Authentication on all apps that store even a small amount of sensitive data.

Be careful about where you connect to Wi-Fi. If you work remotely or often connect to public networks, consider using a VPN – a Virtual Private Network – to add another layer of security. You never know who’s monitoring traffic on a public network.

Finally, ALWAYS make sure your phone is running the latest version of its operating software, and keep all apps up to date.

Smartphones have changed so much about the way we live – at home, and at work – but it’s too easy to take them for granted. And that could be a costly mistake.

If you need help to keep your smartphones safe, just get in touch.

Published with permission from Your Tech Updates.

Read more

Cyber attacks are getting smarter and bigger. Is your protection?

27th February 2023
Cyber Attacks are getting Bigger and smarter

Have you ever tried to buy tickets for a huge event and found that the seller’s website has collapsed under the weight of thousands of people all trying to do the same thing at the same time?

The ticket site falls over – usually temporarily – because the server is overloaded with traffic it doesn’t have the capacity for.

Criminal Distributed Denial of Service attacks – DDoS, for short – exploit the same principle.

When a DDoS attack targets a business, it floods it with internet traffic in an attempt to overwhelm the system and force it to fail.

This results in the business and its customers being unable to access services. That may trigger a temporary failure, or it could be more serious. Last year, the average DDoS attack lasted 50 minutes.

That may not sound like a long time, but it’s enough to create angry customers, or to bring business to a grinding halt. And downtime can be costly.

The really bad news is that DDoS attacks are not only lasting longer, but they’re becoming bigger, more sophisticated and more common.

Recently, the biggest ever reported DDoS attack was reportedly blocked. At its peak, it sent 71 million requests per SECOND to its target’s servers. Prior to that, the biggest reported incident stood at 46 million requests per second.

Worse still, more businesses are reporting being targeted by DDoS attacks where criminals are demanding huge ransoms to stop the attack.

What does this mean for you?

It’s important you check all your security measures are up-to-date and working as they should be. Are your firewalls up to the task, with DDoS monitoring and prevention tools set up? And is your team fully aware of the importance of staying vigilant?

We can help make sure your business stays protected. Just get in touch.

Published with permission from Your Tech Updates

Read more

Is you Cyber Security looking at the right things?

15th February 2023
Is your security focusing on the right things

When we look to protect our homes, we start with shutting and locking the doors and windows. Then we will add extra measures like alarms, security lights, fences etc.

But there’s no point going to all that effort if someone’s already broken in and set up camp in the basement.

Yet, by deploying the latest must have cyber security product to protect your business and it’s data that is exactly what you may be doing.

What businesses currently do.

Businesses generally do many of the right things. They invest in security software. They take a strong, multi-layered approach to security – including all the things we recommend, like multi-factor authentication, encryption, reliable backup systems and staff training.

But they don’t pay enough attention to detection and response. That involves constantly scanning systems for any sign that a crook may have gained entry somewhere, and having a process to stop an attack in its tracks.

A new study shows that only a third of businesses place detection as their main priority, while two thirds say prevention is their primary focus.

That means, they could be building 10-foot walls around their systems with intruders already inside.

In-house security teams might be super-confident in the security measures they’ve put in place. But the data suggests that they’re being too complacent. The study reveals that more than eight in ten businesses experienced more than one data breach last year – even with good security in place.

Criminals are constantly finding ways to evade security. That tells us that we need to take a rounded approach, with strong prevention AND detection policies providing the best protection against today’s determined criminals.

If you need world-class security, get in touch today.

Read more

Windows is the prime target for cyber criminals

18th December 2022
Windows is the prime target for cyber criminals

Windows is the prome target for cyber criminals, the bigget reason why is its huge dominance in the workplace. The bad actors are trying to steal your information, disrupt your business, or hold your data to ransom.

Tens of millions of attempted malware attacks were discovered throughout this year, and a massive 95% of those threats were targeted at Windows.

Although most of these are unsuccessful, those that are succsessful can cause havoc for the affected businesses. The best way to minimise or prevent this is by taking all possible precautions to protect your business and your data.

  • Hardware and software companies release regular updates to address threats to Windows users, as well as security patches designed specifically to deal with new risks. These should all be installed as soon as they become available.
  • Your people should be regularly trained in how to spot cyber security threats and what to do if they suspect one.
  • And because it’s not possible to protect every business from 100% of all threats, it’s also important that you have a strong resilience plan in place.

Resilience Plan

This should detail exactly how your business should react if it falls victim to a cyber attack and who should be notified to take action. Everyone in the company should have access to this document and know to report any potential attack as quickly as possible – that’s the best way to lessen its impact.

If you have an IT service provider, they’ll be able to make the best recommendations to keep your business safe and secure, train your people, and even provide monitoring to spot any potential danger before it becomes a problem.

This is something we do every day. So if we can help your business become more resilient, just get in touch.

Read more

Holiday Cyber Attacks

15th November 2022
Holiday Cyber Attacks.

Holiday time is coming and so are the Holiday cyber-attacks!

Before working in IT, and Cyber Security, I was in the Military, and whenever we were operating during holiday periods, we knew in the back of our minds that if something was going to happen it would happen during holiday time.

The same is true of cyber-attacks and cybercrime. This year we might see more than previous years, already in early October there was an attack on some of America’s largest airports websites.

It isn’t just the Christmas holiday period that we see the increase

  • Colonial Pipeline (Mother’s Day Weekend (US))
  • Kaseya 4th of July
  • Sony and Microsoft Christmas Eve)

Holiday Cyber Attacks, why and what you can do.

The bad guys are aware that during holiday periods there are fewer employees around to look after the infrastructure. Also we are all preoccupied with thoughts of the festive season. So may click on items that we might not normally do.

Security tips:

  • Train empolyees in cybersecurity and phisihing awareness.
    User error is still the number one cause of malware attacks, make sure all employees undergo an annual social engineering training.
  • What are the internal threats, including scanning and patching software?
    If you are able to make sure these are taken care of this will help in securing your organisation from exploits whilst there is limited supervision during this period.
  • Who has access to your Systems.
    Have you implemented a strategy to restrict who has access to data stores, and applications. Only allowing team members access to what they need and having the right levels of privileged access will help.
  • Protect the Network
    Although perimeter firewalls will assist in a strong defence, you should also deploy firewalls at the endpoint, and this should block applications and traffic, unless it is required.

Don’t get caught out this year! If you need any help on this please call 01752 546967 and we will be happy to help.

Read more

Malicious browser extension are you using them?

30th August 2022
Malicious Browser Extensions

There are hundreds of thousands of browser extensions designed to help us to save time, be more productive, and personalise our online experience.

And while the majority of them do what they’re supposed to, some are not designed to help you at all…

If you’re unfortunate enough to download a malicious browser extension without realising, it could harm your productivity and even flood your work with unwanted advertising.

This is known as adware. It’s a form of malware (malicious software) that’s designed to bombard you with unwanted adverts.

It can also change your search engine and send you to affiliate pages when you’re making purchases. These activities generate revenue for the extension’s creators.

In a recent report from a cyber security company, it revealed more than 4 million of its customers have been attacked by adware hiding in browser extensions over the last couple of years.

And often people didn’t realise they were under attack.

There’s a darker scenario where these malicious extensions are hiding actual malware which can infect your computer.

This can lead to sensitive data such as your logins or even payment details being stolen. And of course malware can spread across an entire network.

To keep your business and its data safe from the risk of malicious browser extensions, it’s important you only ever download them from reliable and trusted sources.

What to do

Read reviews and look at ratings. If a browser seems too good to be true it probably is.

As the business owner, you might also look into controlling which extensions can be installed by your team.

We can help with this, as well as looking at up-to-date software protection and (fun) security training for your team.

Published with permission from Your Tech Updates.

Read more

Are you under pressure to take action.

8th August 2022
Pressure to take urgent action

Phishing scams are one of the biggest security threats to your business right now. As we all get used to these emails the scammers are upping the pressure to take urgent action.

A massive 83% of organisations said they suffered successful attacks last year. And with just under a third of phishing emails being opened, the chances that someone in your business will be fooled are high.

But to make matters more difficult, cyber criminals have borrowed a technique from ransomware groups that is designed to panic people into taking action and giving away their login details.

This phishing attack begins like most others, then the pressure to take urgent action.

You get an email alerting you to potentially suspicious activity on your account. It might say someone is trying to login from a different location or device and the attempt has been blocked.

You’re then asked to click a link to verify your email address and password.

That’s worrying enough, right?

But what makes this phishing attack even more dangerous, is the countdown timer that appears on screen.

Typically, it’s set at one hour, and you’re asked to confirm your details before the countdown ends, otherwise your account will be deleted.

Yes, deleted! That catches a lot of people’s attention.

This is a powerful manipulation tactic designed to scare people into taking immediate action – and think later.

In reality, if that countdown hits zero nothing will happen. But watching the seconds count down can give you a sense of urgency that makes you forget to check whether an email is the real deal or not.

The page you’re entering your details on is fake. Criminals will steal your details and login to your real account. That’s a major problem you don’t ever want your business to face.

You’ll be at risk of data theft, financial loss, or malware, as well as potentially putting other accounts at risk (if you’ve reused your password).

Your login details may even be sold on the dark web, giving other cyber criminals the opportunity to break into your account.

Here are some basic phishing protections for you and your team.

Look at the email address the email was sent from. Make sure the spelling and grammar are both correct, and hover over links to see what website address they are trying to send you to.

If you think you’ve fallen for this kind of scam, it’s important you change your login details immediately. Don’t click a link in an email – type in the website address in your browser.

We’d also recommend using a password manager. This is software that creates long and strong random passwords that are impossible to guess for every account you have.

It will store these passwords for you. And autofill login boxes to save you time (yes, password managers detect when they’re being asked to fill in details on a different page, such as a fake phishing page).

Share this article with your whole team right now. And if anyone ever clicks a link they’re not sure about, ask us how to keep your business safe.

Published with permission from Your Tech Updates.

Read more
Recent Comments