10 Things Great IT Providers Always Do

In the realm of IT support, there’s a stark contrast between mediocre service and the excellence that truly sets providers apart. At Mirrored Storage, we’ve observed a consistent trend: clients often switch to us not because they were unaware of their previous support’s inadequacy, but because they hadn’t experienced the true standard of exceptional support.

Today, we’re unveiling the core tenets that distinguish top-tier IT providers from the rest. It’s time to bid farewell to tech frustrations and subpar services that endanger your company’s security and productivity. Here’s what exceptional IT providers consistently deliver:

  1. Immediate Emergency Response: During emergencies, waiting is not an option. High-quality providers prioritize urgency, answering calls live or responding within 30 minutes to provide immediate assistance.
  2. Accessibility and Responsiveness: Exceptional providers are consistently easy to reach and highly responsive, addressing both emergencies and routine tech issues promptly to ensure minimal disruption.
  3. After-Hours Support: Recognizing the need for around-the-clock assistance, top-tier IT companies offer after-hours support, ensuring accessibility and rapid response regardless of the time.
  4. Proactive Network Monitoring: Instead of waiting for issues to arise, leading providers proactively monitor networks for potential threats, downtime, and inefficiencies, presenting proactive solutions to clients.
  5. Customer-Centric Systems: A customer-centric approach is reflected in user-friendly ticketing systems that streamline issue resolution. Top providers prioritize ease of use, ensuring seamless communication and efficient problem-solving.
  6. Comprehensive Cybersecurity Planning: Given the pervasive threat of cyberattacks, reputable IT providers devise and implement robust cybersecurity plans, safeguarding clients against evolving threats like ransomware and data breaches.
  7. Transparent Invoicing: Transparent billing practices are paramount. Top providers furnish detailed invoices, clearly delineating services rendered and associated costs, fostering trust and accountability.
  8. Comprehensive Insurance Coverage: To mitigate risks, leading IT teams carry cyber liability and errors and omissions insurance, protecting clients against potential damages, data loss, or workplace incidents.
  9. Regular Backup Testing: Ensuring data integrity is non-negotiable. Reputable providers conduct periodic test restores of backups to verify data integrity and readiness for disaster recovery scenarios.
  10. Timely and Budget-Conscious Project Delivery: Exceptional IT providers adhere to project timelines and budgets, swiftly addressing setbacks and proposing solutions to ensure timely and cost-effective project completion.

It’s time to elevate your expectations and demand superior IT support. If you’re ready to experience trustworthy, reliable service, we invite you to schedule a FREE, no-obligation Network Assessment with our expert team. Discover how we can optimize your network, enhance cybersecurity, and streamline your technology infrastructure.

To embark on a journey towards stress-free IT management, click here to book your FREE Network Assessment now or contact our office at 214-550-0550. Say goodbye to tech woes and embrace the peace of mind that comes with superior IT support.

Free Internet Access? Don’t fall for this one

Free Internet Access? Don’t fall for this one

One of the popular internet scams that has been doing the rounds since 2017 is the one about “Free Internet”. This scam seems to resurface and somehow manages to claim quite a few unsuspecting victims. Here’s how they catch you.
  • Ads are created on Google, Facebook, popular search engines and social media platforms advertising free internet hours.
  • The ads look professional and show up on general searches and on social media when surfing. This offers a sense of validity.
  • Once you click on the ad, you will be taken to their website, where you will be asked to perform an action, such as
    1. Filling out a form with your Personally Identifiable Information (PII)
    2. Sharing your credit card information, and though you will be promised that your card won’t be charged, you may end up signing up for something or subscribing to a service for which your card will be charged later.
    3. Sharing a few email IDs or phone numbers–basically contacts with whom you will be asked to share the message in return for free internet service.

How to stay safe?
As always, remember no one offers something for free. Whether it is free internet access or tickets to a concert, if it is something of value, then you will be expected to provide some value in return. Steer clear of offers that seem too good to be true. If you receive a message from someone you know and trust, please let them know that their link may be a problem. No matter what, don’t open a link from anyone if you aren’t entirely sure the links are valid.

Cyber-Attack Takes Omni Hotels & Resorts Offline; Here’s How To Travel Safely

Another day, another cyber-attack! In early April, Omni Hotels & Resorts was the victim of a cyber-attack that brought down the entire IT system and led to a company-wide outage. The organization took immediate action and brought the entire network offline to isolate the issue, protect its data and prevent further damage from occurring. Unfortunately, this process heavily impacted the hotel’s operations and day-to-day functions, such as managing reservations, unlocking hotel room doors manually and using point-of-sale (POS) systems in restaurants and shops within the hotel. Some estimates expect this attack to cost the Omni over a million dollars. While unconfirmed by the hotel, several sources speculate that the type of cyber-attack was a ransomware attack similar to what happened to MGM in Las Vegas several months ago.

I was at an Omni Hotel for a conference in Nashville when this was going on. If I wanted to park I had to have exact change CASH or port somewhere else. If I wanted to eat there they said the card would be held and charged “sometime next week”. I can’t imaging the lost revenue, damaged reputation, lose of confidence, etc. they had that week and with customer of the over-term.

While most customers were aware of the inconveniences of the Omni outage, many weren’t aware of the dangers associated with cyber-attacks. When a network is compromised, unless you have high-grade tools to protect you, every device you connect to is put at risk. When you’re traveling, it’s important to treat everything like a risk to ensure your safety. In today’s article, we’re sharing a couple of tips to keep you safe when you’re on the road for work or even on vacation this summer.

  1. Don’t connect to the public Wi-Fi in the hotel. Truthfully, this also applies to coffee shops, airport lounges, etc. If a network is compromised and you connect to it, you could be giving hackers access to your devices.
  2. Turn off the auto-connect feature. Even if you don’t actively connect to the hotel’s Wi-Fi, if a hacker has set up a fake Wi-Fi network and your device auto-connects to it, that could be a big problem. Shut the feature off and only manually connect to sources you trust.
  3. Use your phone’s hotspot. Instead of connecting to public Wi-Fi, most cell phones come equipped with a hotspot that allows your other devices to connect to your phone’s internet. If not, one call to your wireless provider can often add this feature.

These tips will help protect you, but if you travel for work or have employees who travel for work, it’s important that all work devices have professional-grade cybersecurity tools installed on them. You don’t want to send your sales team to a hotel-hosted trade show, and instead of bringing back a list of leads, they bring back malware that could shut down your company altogether.

There is one final lesson in this terrible incident that all SERVICE AREA business owners need to understand: No matter the size of the company, you can still be the victim of a cyber-attack. The Omni chain, which boasts over 50 properties nationwide, would likely have a large budget to defend itself from cyber-attacks and yet still fall victim to hackers. No system is 100% impenetrable, but small business owners who don’t have any security measures in place are putting a big red target on their backs.

If you don’t have a cybersecurity system in place, or if you do and someone else is managing it but you’d like a second opinion, we offer a FREE Security Risk Assessment. This assessment will go over every area of your network to identify if and where you are vulnerable to an attack and propose solutions to fix it.

Click here to book your Security Risk Assessment with one of our cybersecurity experts, or call our office at 214-550-0550.

3 Reasons to prepare a business continuity plan

3 Reasons to prepare a business continuity plan if you haven’t done so already

A business continuity plan is the blueprint you need during an emergency to keep your business running smoothly. If you don’t already have one, here are 3 key reasons why you should focus on creating one ASAP.

It helps retain clients
As a business, if you have problems functioning, it will definitely affect your clients. For example, if your servers are down or your supply-chain mechanism is affected or your delivery process breaks, you won’t be able to fulfill your promise to your clients. Even worse, in some situations you may not even be in a position to communicate about the crisis to your clients adding to their frustration. A business continuity plan addresses these issues beforehand and can help reduce client dissatisfaction.

Salvaging brand image and reputation
There are certain events that end up affecting only your business. For example, ransomware attacks, virus attacks, data leaks, etc., Having a business continuity plan that caters for such events can be a blessing in times of such crisis.

Minimizing revenue loss
A business continuity plan can minimize the revenue losses that occur as a result of a crisis that interrupts your business operations.

In short, a business continuity plan helps minimize the impact of the crisis on your client relations, your brand image and your revenue by equipping you with a plan to handle the situation better.

Online shopping? Watch out for these red flags

Online shopping? Watch out for these red flags

Who doesn’t like online shopping? Online shopping has opened up a whole new world to us. Get whatever you want, whenever you want, without wandering from store to store. It doesn’t matter if it is too hot to venture outside or if there’s a blizzard out there, you do your shopping from the comfort of your couch and the stuff at your doorstep. You get great deals, some are better than in-store specials. But, did you know cybercriminals love the concept of online shopping as much as you do. Cybercriminals are exploiting the growing popularity of online shopping to cheat unsuspecting buyers through techniques such as phishing, malware injection, etc. Here are a few tips that may work to keep you safe from being a target of cybercriminals as you shop online.

How to determine if the ad or shopping site is genuine?
As you browse the web, you will come across various ads targeted at your interests. Businesses engage in ‘Retargeting’ which means they use cookies to target you with very specific ads until you buy something. For example, look at a wallet and, you will see ads for wallets on various other sites you browse even if they are not shopping sites. Are those ads genuine? Before clicking on any ad you see online and making a purchase, be sure to verify if the ad is genuine. The same goes for shopping sites. Before you shop, you need to ensure the site is genuine, especially since you will be sharing your credit card details or Personally Identifiable Information (PII) such as your address. Here are a few things to check before you make that online purchase.

English: Keep an eye out for grammatical errors or spelling mistakes in the ad. Fake ads and sites may look a lot like the actual ones, but spelling mistakes or grammar errors may tell the true story. Scammers don’t have content writers to write great sales content!

Check the URL: When at a shopping site, always check the URL in the address bar to ensure it is genuine. For example, if you see www.1amazon.com or www.amazon-usa.com, you should know it is not the same as www.amazon.com. Checking the URL also lets you detect website cloning and phishing. Website cloning is one of the most popular methods used by scammers to fleece consumers. As the term suggests, the cybercriminal first creates a ‘clone’ site that looks exactly like the original one, barring a very minor change in the URL.

Don’t Get Phished!
Phishing is when you receive a message, usually through an email or a text message asking you to take an action, such as clicking on a link, filling out a form, logging into an account, etc., Such messages look as though they are genuine. But, the form fill, account login, or link will take you to a spurious site where your information will be captured for bad use. Checking the URL will help you detect phishing frauds as well.

Check before you download anything: Sometimes you may receive a link and asked to download a coupon or a gift card that entitles you to a sizable discount. It may be a fraud. In fact, it probably is.

Download only from legitimate marketplaces: With so many shopping options it is tempting to download every new app that you come across. But, only download from authorized marketplaces like Google Play Store for Android or the App Store for iOs.

At the end of the day, remember, there is no free lunch. If something seems too good to be true, it probably is.

The Safest Way To Shop For Mother’s Day Online

Are you planning on buying gifts for the special women in your life for Mother’s Day? If you shop online, there are a few ways to do it SAFELY. During the holidays, cybercriminals ramp up various scams to capitalize on innocent people looking for gifts online. These scams range from fake offers to sham giveaways, all with the goal of stealing your money and information. Times and technology have changed drastically in just the last year, meaning what kept you safe before is no longer enough. In today’s article, we’ll share the best way to pay for your online purchases, the common scams to look out for and the top online shopping best practices to keep you safe.

How To Make Online Purchases Safely

Should you use your debit card to buy online? No! Debit cards are linked directly to your bank account. If you make a bad purchase online, it can be very difficult to get your money back once you’ve alerted your bank. To avoid headaches, hours on the phone arguing with customer support, losing money and, if things escalate enough, legal fees, use your credit card or a third-party payment system instead.

Credit cards have extensive fraud monitoring systems, which can often catch discrepancies as they occur. These companies use statistical analysis and machine learning to track and analyze your transactions to quickly identify suspicious activity, allowing you to dispute the purchases and avoid being charged.

Some credit card companies, like Capital One, go a step further to keep you secure by offering virtual credit cards. These cards provide you with a random 16-digit number, a three-digit CVV and an expiration date that you can use for online or even in-store purchases. While these DO connect to your real accounts, retailers are unable to see your actual card details, keeping your information secure. Bonus: These can be “turned off” at any time, eliminating the hassle of canceling unneeded subscriptions without going through the merchant.

Third-party tools like PayPal are also a great option because no personal information is exchanged with the seller. The company you’re purchasing from does not receive your financial or banking information, keeping your data secure.

Online Shopping Best Practices

Using a credit card, virtual card or third-party payment tool is a great start, but it isn’t the only proactive step you should be taking to stay safe online. If you’re making purchases online, make sure you’re also:

Shopping from real websites – Cybercriminals will set up fake websites that look exactly like big-name websites. Go to the REAL website and search for the item you’re looking for.

Avoid too-good-to-be-true offers – If it sounds like a scam, it’s probably a scam! If you’re interested, go to the website and look up the deal to see if it exists.

Do NOT click on promo links in e-mails – Cybercriminals will set up spoof e-mails mirroring your favorite brands. When you click on the offer links, they can infect your network.

Use a VPN – This hides your location and web browsing information from snoopers.

Don’t save your information – Password tools are trying to make your life easier by saving your payment information, but they make you more vulnerable to having it swiped.

Use unique logins for loyalty accounts – Using the same e-mail and password combo for all your loyalty accounts means that if one is compromised, a smart hacker could break into all of them, and some will have your payment information available.

Set up alerts – Go into your banking system and enable notifications. You can request to be notified when any purchases or purchases over a certain amount are made, so you can quickly report any suspicious activity.

Cybercriminals will use any method they can to steal your information and money. To stay safe, you must take a proactive approach to protecting your financial information. This is equally true for your business. If hackers are willing to put this much effort into stealing money for low-dollar purchases, imagine what they would do to access your company accounts. Your customer data, employee information, trade secrets and more can be worth millions to them.

If you’re not sure if your company is as secure as it should be or you just want to get a second set of eyes on your system to make sure there aren’t any holes in your security, we’ll perform a FREE Network Security Assessment for you. We’ll go through our multi-step security checklist and let you know if and where cybercriminals can get into your network.

Click here to book your FREE Network Security Assessment now or call our office at 214-550-0550.

Business continuity planning: A must-have, not a luxury

Business continuity planning: A must-have, not a luxury

Business continuity planning is not an alien concept anymore. In recent times we have witnessed a lot of events that only serve to further intensify the need for business continuity planning. Examples include natural calamities like hurricanes, floods, wildfires, events like terror attacks or even pandemics like the recent Covid-19 outbreak.

While a business continuity plan cannot completely safeguard your business from all these events, it can certainly minimize the damage inflicted on your business. Top business consultants urge their clients to develop a business continuity plan as they consider it a part of the best practices for running a business. A business continuity plan can make the difference between survival and shutdown of a business during a crisis situation.

What is business continuity planning?
Business continuity planning is the process of creating a blueprint that helps your business respond and recover effectively from an unforeseen mishap. As discussed before, the unforeseen event could range from natural disasters to pandemics, or even accidents that affect just your place of business like a fire or even a cybercrime attack directed at your business in particular–basically, any event that can paralyze your business. A business continuity plan serves as a step-by-step guide that you can follow during an emergency to keep your business running smoothly.

True, a business continuity plan is not a sure shot method to survive a crisis, it won’t instantly eliminate the impact of the disaster, but it gives you the best chances of survival. If you are not sure of what a good business continuity plan entails , you can reach out to a reputable MSP to help you with the preparation and implementation of one.

DNS Cache poisoning: What every SMB must know

DNS Cache poisoning: What every SMB must know

In one of the most common poisoning attacks, the attacker poisons the DNS Cache with the aim of leading visitors to a fake website. In a DNS cache poisoning case, the attacker gains control of the DNS server and then manipulates cache data such that anyone typing the URL of the actual website is redirected to the fake one. This could be a phishing site where the attacker would have carefully laid out a trap to capture the unsuspecting victim’s personal data or secure information. For example, the visitor thinks they are logging into their bank’s website online, but are actually on the attacker’s phishing site, where they enter the login credentials.

Protecting yourself against DNS poison attacks
Here are some ways to protect yourself and your customers from becoming victims of DNS poison attacks.

 
 
  1. As discussed before, one of the most common poisoning attacks is the DNS attacks. Cybercriminals try to corrupt your DNS server using theirs. You can prevent this by bringing a trained professional onboard for your DNS server set-up. An expert will know to set up your DNS server such that it has a minimum relationship with other, external DNS servers, thus limiting your attacker’s ability to corrupt your DNS server using theirs.
  2. As a best practice, ensure that your DNS servers only store data related to your domain and not any other information. It is harder to corrupt the system when it focuses on a single element.
  3. Another best practice is to ensure that you are up-to-date on all DNS security mechanisms and are using the most recent version of the DNS.
  4. Ensure your site has, in layman terms, an SSL certificate and make sure it is HTTPS. Using encryption, a site with HTTPS protocol allows for a more secure connection between its server and the internet and is better at keeping cybercriminals out. Having an SSL certificate also ensures your site’s name shows up alongside the URL in the address bar. This is an easy way for visitors to identify if they are on a genuine site or not, thus helping them steer clear of phishing attacks and clone sites.

Data poisoning is one of the lesser-known and hence less talked about forms of cybercrime. But, it can inflict great damage–perhaps even more damage than the other obvious threats such as viruses and ransomware, because, unlike a Denial of Service (DoS) attack or a Ransomware attack where you know the moment the malware has hit your system, in a data poisoning attack, the malware is incorrect data that slithers into your system quietly like a snake and changes its overall functioning before delivering the big blow.

Protecting yourself against poison attacks

Protecting yourself against poison attacks

Data poisoning by way of logic corruption, data manipulation and data injection happen when the attacker finds a way to access your data set. The kind of poison attack varies depending on the level of access the attacker is able to achieve Here’s what you can do to ensure such access is prevented.

  1. The data poisoning attacks discussed above adversely affect your IT system’s machine learning capabilities. So, the first logical step would be to invest in a good machine learning malware detection tool. These tools are different from the typical anti-malware tools you get in the market and are specifically designed to prevent machine learning capability poisoning.
  2. Always follow general IT security best practices such as-
    1. Training your employees to identify spam, phishing attempts, and possible malware attacks
    2. Following good password hygiene, which means never sharing passwords and only using passwords that meet the required security standards
    3. Having a powerful IT audit process, tracking and version control tools, so as to thwart any possible insider attacks
    4. Ensuring the physical security of your IT systems by way of biometric access, CCTV systems, etc.,

Whether it is data poisoning or a malware attack, you certainly don’t have the time to look into all the security aspects yourself. Even if you happen to have an in-house IT team, this 24/7 monitoring may be too much for them to handle as you grow. Consider bringing a reputed MSP on board to help you with this, so you can focus on your business, worry-free, while they ensure your data is safe.

Poison Attacks: A quick overview

Poison Attacks: A quick overview

Smart technology is everywhere. Not just in our offices, but even in our day-to-day lives with tools like Google Home and Alexa becoming a commonplace. With technology becoming smarter every minute, the risks are increasing by the minute as well. Cybercriminals are finding new ways to corrupt our IT networks to disrupt our businesses, hold our data hostage and even clear our personal bank accounts. Some of the more overt, commonly known acts of cybercrime include hacking, phishing, and ransomware attacks. This blog discusses a lesser-known cybercrime–Poison attacks.

What are Poison attacks
Poison attacks are attacks on the ability of the system to make smart decisions. Think about this. How do systems make intelligent decisions? Based on the training or data they receive. This data is used to hone the artificial intelligence of the system to help make smart decisions. Poison attacks mess the very base–the training data set. Poison attacks basically skew the system’s data model in such a way that the output is no longer as intended. They create a new normal for everything. Poison attacks are primarily backdoor attacks. In a backdoor poison attack, the attacker creates a loophole in the core data rule and trains the system to adhere to that rule so it can be exploited at a later time. For example, let’s say, the access control for a particular file is set such that it will allow only those beyond the VP level to view the data. If someone changes the main parameter to include manager level in there, the core data set is violated and the system will not detect an intrusion by someone at the manager level, even if they log in with their credentials.

Unlike Ransomware, poison attacks don’t make much noise but cause far more damage as they can go undetected for a longer time. Follow our blog next week as we discuss the 3 common types of poison attacks

Watch out for these poison attacks!
Poison hamper the ability of the system to make smart decisions by disturbing the very core data set that is used to make a decision. Poison attack methodologies typically fall into one of the following 3 categories.

  • Logic corruption
  • Data manipulation
  • Data injection

Logic corruption
In logic corruption, the attacker changes the basic logic used to make the system arrive at the output. It essentially changes the way the system learns, applies new rules and corrupts the system to do whatever the attacker wants.

Data manipulation
In data manipulation, as the name suggests, the attacker manipulates the data to extend data boundaries that result in backdoor entries that can be exploited later. Unlike logic corruption, the attacker doesn’t have access to the logic, so they work with the existing rule and push data boundaries further with a view to accommodate them later.

Data injection
In data injection, the attacker inserts fake data into the actual data set to skew the data model and ultimately weaken the outcome. The weakened outcome then serves as an easy entryway for the attacker into the victim’s system.