YES! I’m Scared About the Security of My Company’s Data!

ghost

PLEASE Schedule a FREE Data Security and Backup Audit in My Name to Make Sure My Data is Protected from Dangerous Gremlins, Ghosts, and Goblins!

I understand that I am not obligated to do or buy anything by signing up for this offer. For free one of your technicians will schedule an appointment and conduct a data security and backup audit. Upon completion, I’ll receive a report that will show any problems, threats, or vulnerable areas that need to be addressed.

If a problem is discovered, I will receive a recommended action plan and fixed-fee quote to resolve it with no hidden fees. Again, I am under no obligation to hire you to do any work.

Need To Speak To Someone Right Away?

Call: 314-414-8400

This Halloween…Who’s Keeping An Eye On Your Computer Network?

Picture3Many business owners and managers we work with wait FAR too long to have us check and update their computer network’s health and security. Unless we are actively performing regular daily/weekly/monthly maintenance, a nasty virus, malicious hacker, unexpected software corruption, hardware failure or dozens of other problems could catch you off guard and result in extensive downtime, data loss and expensive data recovery efforts.

That’s because many businesses do not perform regular maintenance on their network and therefore are overlooking many serious threats that are increasing all the time. At some point, disaster strikes and they find themselves in a real mess, with a network down and employees sitting idle, waiting to get back to work.

By then the damage is done, and it can cost thousands of dollars to get the network back to normal, if that’s even possible. What saddens me even more is the fact that almost every one of these costly disasters could have easily been prevented if someone had checked their network’s security and health to remove these threats on a regular basis.

No More Excuses! Our Free Network Checkup Will “Exorcise”
The Demons Hiding In Your Computer Network

From now until Halloween (October 31st), we’re offering all clients and newsletter recipients a FREE Network Checkup ($497 value) so that you have no excuse for not making sure your computer network is safe and sound.

Schedule your FREE Network Checkup to “see” if you are truly safe from spyware, viruses, hackers and other SPOOKY disasters.

Call our office at 314-414-8400.

Email info@cioservicesllc.com.

OR visit the contact page on our newly redesigned website to ask for your FREE Network Checkup.

http://www.cioservicesllc.com/contact-us/

 

 

Fresh-Picked Gadget UP

up-by-jawbone-hires-004

UP is a system, wristband + mobile app that tracks how you sleep, move and eat so you can know yourself better, make smarter choices, and feel your best!

 

 

How To Pick A Good Password

whyWhat’s the most common password? You guessed it…“password.” Obviously this is not the best way to protect yourself against hackers and online thieves. But even if you don’t use the word “password,” you might be using an equally easy password to decipher.

We suggest you DON’T use the following passwords for really important web sites, such as your online banking web site or other financially related sites.

  • Your name or your spouse’s name.
  • Your children’s names.
  • Your pet’s name.
  • Your birth date.
  • The last four digits of your Social Security number.
  • Your phone number.
  • Your address.
  • A series of consecutive numbers, such as “1, 2, 3, 4.”
  • A single word that would appear in a dictionary.

Your best bet for creating a strong password: Use combinations of letters, numbers and special characters.

 

If Disaster Strikes, How Fast Could Your Company Be Back Up And Running?

You herror-101409_150ear it all the time from us—back up your data, keep your virus protection current, and install and maintain a firewall to protect yourself from hackers and other online threats.

However, while these precautions will certainly help you avoid problems, they CAN’T do anything if you don’t have a good backup and disaster recovery plan in place.

Are You A Sitting Duck?

We all know that an ounce of prevention is worth a pound of cure; yet, disaster recovery planning often takes a distant second to the daily deadlines and pressures of running a business.

  1. That means that most businesses, including your own, may end up offline and without your data after a simple lightening storm.
  2. Don’t think that could ever happen to you? Consider this: “data-erasing disasters” can also take the form of office fires and broken water pipes, not just earthquakes, floods and tornadoes. If a fire started in your building, the parts that weren’t burned beyond recovery would probably be destroyed by the firemen’s efforts. But even more common is software corruption, hardware failures and human error!

Disaster Recovery Questions You Need To Answer

A disaster recovery plan doesn’t have to be complicated, time-consuming or expensive. Start by asking yourself the following questions…

  1. Do you back up your company’s data daily to both an onsite and offsite location?
  2. Are you absolutely certain that your backup copy is valid, complete and not corrupt? How do you know for sure?
  3. If disaster strikes, HOW would you get your data back, and how long would it take? In many cases it takes days and often weeks; what would you do during that period of time?
  4. Do you have copies of all the software licenses and discs in a safe location that could be accessed in the event of having to rebuild your server?
  5. Would you and your employees have a way to access your network remotely if you couldn’t get to the office?
  6. Do you store important passwords in a secure place that company officers can access if you are unavailable?
  7. Do you have a UPS (uninterruptible power supply) device in place to keep your network and other critical data operations running during a power outage?

This is NOT a complete list, but it is a good start to get you thinking in the right direction!

 

 

1 Simple Step To Step Up Meetings

We have a new tradition at our meetings at CIO. We end every meeting with the question, “How would you rate this meeting?”

Meetings get a bad rap, and deservedly so – most are disorganized and distracted. But they can be a critical tool for getting your team on the same page.

~Justin Rosenstein

Sounds simple, and it is, but this one question has improved our meetings exponentially over the last few months. Really, it’s not just this one question that has the impact, it’s the follow up question that provides the real gold! We ask everyone to rate the meeting from 1-10. Then we ask, “what would have made the meeting a 10 for you?”

I get feedback like: “the discussion was great,” “the meeting started late,” “not everyone was prepared,” “the topic was really useful,” “we ended on time,” etc. Each answer, good or bad, shows me what each member of my team values in a meeting. In turn, that’s enabling us to make our meetings more valuable and effective.

But, here is where it turns to solid gold…

Answers like: “I wasn’t prepared,” “I was distracted,” or “I didn’t participate fully,” help each person realize their individual roles in making our meetings a success, with clear actions they can take to improve, as well as accountability. The entire team is now invested in making our meetings better!

The meeting ratings started in my mastermind group as a way to make our meetings more effective. But it works in any type of meeting, whether it’s a management meeting, staff meeting, project meeting or a quick lunch meeting. I haven’t tried it with clients yet, but wait and see…I may try it with you sometime soon!

wendysig

 

The Last Line of Defense: How Your Own Employees Can Put Your Company at Risk

alertYour employees have a huge impact on your company’s security. If they choose easy-to-guess passwords or reuse the same password on personal and business accounts, you may be the one who pays for their poor choices. The recent rash of security scares brings this risk more to light than ever. Here are the steps you need to take to protect your business.

Implement a Password Policy

The first action to take is to create and roll out a strong password policy. The standard for strong passwords is at least 8 characters, with some combination of letters, numbers, and symbols. Password changes should be required at least quarterly, and new passwords cannot be repeats or variations on previous passwords.

Most companies with Windows servers have the ability to configure and roll this out very quickly. It’s largely an automatic process, aside from helping people when they forget their new passwords. This will happen, a lot! Be sure to educate your team so they know what’s happening and why.

Limit Personal Use of Company Resources

Many companies are fairly relaxed about letting employees access the Internet and email for personal use. There is a hidden downside: your employees may surf sites that are unsafe, they may download programs that contain malware (malicious software), or they may open attachments on personal email accounts that contain viruses. You can lock down company resources, but when an employee is free to access their own websites and accounts, you never know what they might bring into your company’s network. You can minimize this with strong antivirus protection, firewall security, and web filtering. However, your employee may still click the wrong link or open the wrong attachment. Just like that, their computer and possibly more can be infected.

Scan for Malware Regularly

You should have antivirus software in place, with regular scans. Make sure you also scan for malware, which may be a separate program or security subscription. Malware is malicious software that runs on your computer in the background. It is usually fairly stealthy and not obvious, although if your computer seems to be running slowly that is often a symptom. These programs quietly log keystrokes, gather financial information, and/or collect passwords. This information can be used for a variety of purposes, none of them good.

If you want to be extremely strict you can set security policies that block employees from installing new programs on their computers. This will prevent the installation of malware. These policies tend to create other complications though, because then all software has to be installed by a system administrator. Some programs even require administrative access to run, so this won’t be possible. If you go this route, your IT staff will have to be on the ball so that they can handle the extra work this will create for them.

Terminate Use Credentials Immediately After Departure

When employees leave, disable their user accounts immediately. If you need an account to remain active – for example, to forward their email to another employee – at least change the password so the former employee no longer has access. This applies to anyone else who has company access, including consultants, contractors, vendors, interns, etc.

Monitor Failed Login Attempts

Set your systems to track failed login attempts. This could be remote logins for people working from home, email access on mobile devices, logins to web-based software applications, and any other core business systems. If you see a large number of failed attempts in a short period of time, either you have a very frustrated employee with a bad memory, or your company is under attack. You will need to assess the situation promptly and take steps to ensure that your security is not at risk.

Restrict Administrative Access

Your staff should never have full administrative access to your systems unless there is excellent reason for it. Administrative rights, or credentials, mean that a given user can do anything they want inside a system. They can add, change, or delete anything; they can even change other people’s security permissions. Outside the IT department, it is rare for anyone to have full rights. An individual may have administrative access to their own PC, but not to the network, to any of the servers, to your software systems, or anything else that’s not specific to them.

Consider Two-Factor Authentication

If you still have security concerns, check out two-factor authorization. This requires both a password (the “first factor”) as well as a code or number that’s randomly generated by a second device, usually an electronic token. The code is entered at login, along with the password. Since the token changes values all the time, it cannot be written down or passed along to someone else. This greatly increases security although it makes the login process slightly more time-consuming.

Use Password Management Tools

A great way to discourage use of the same password on all systems is to use a password management tool. These are available for individuals as well as entire companies. There are web-based applications, apps for your mobile device, and desktop programs. The whole idea is that by having a secure place to store passwords, you can use a greater number of them without fear that you will forget. Most include a random password generator and a cut-and-paste feature that eliminates the need to retype each password every time.

Conduct Security Awareness Training

All the measures in the world won’t help if employees don’t take these policies seriously. Many people still think – mistakenly – that there is little chance their noncompliance could ever cause a problem. Recent outbreaks like the Heartbleed Bug and Cryptolocker virus reveal that nothing is further from the truth. One employee’s weak password or accidental download can take down an entire company’s data network. Now that you understand this, you must train your employees so that they too can understand how important these policies are.