16 Tips to Prevent Bank Fraud

With cybercrime and banking fraud on the rise, one of the best things you can do is to ensure that you review your banking processes and access controls. bank fraud

Here are 16 Tips to help protect your business:

-Cancel your debit cards; If you require deposits, get a deposit only card for employees.

-Have separate accounts for separate functions – i.e. sales tax account.

-Have a dedicated PC for online banking and DON’T use that PC for accessing any other web sites, e-mail access, social media sites or for downloading files and applications

-Sign up for Electronic Bill Pay – avoid checks

-Sign up for e-mail alerts from your bank whenever a withdrawal over $100 happens.

-Require YOUR signature for any wire transfers.

-Have your money spread out in multiple accounts to minimize the risk.

-Review your banking alerts and authorized users on a regular basis; recommend quarterly

         A) Review alert notifications

         B) Set limits on transfers or daily withdrawals

         C) Separation of duties – view only, move deposits only, authorized bill pay account

-Consider Positive Pay or ACH Fraud Filter Services

-Request Employee credit cards with embedded chip

-Check account balances daily and report unusual activity

-Set daily limits on Point of Sale transactions for employee credit cards

-Go paperless on bank statements

-Review ACH Account settings

-Employee Training (ongoing is best):

        A) Don’t email bank statements, copies of checks, credit card statements, to banks, outsourced finance/CFOs, CPA firms

        B) Verify unusual transactions or amounts

        C) Call and verify (not number in email); call main banker

        D) Banks don’t request personal information via email or text

-Review transactions daily

 

If you have not sat down and reviewed your online banking controls and authorizations, we recommend you have a meeting with your banker to review and ensure that you are protected.

If you have any questions or if we can help, please give Jennifer a call at 678-745-5109 or email jholmes@mis-solutions.com.

7 Tips for Creating a Secure Password

You’ve got one for every site and every application you use–e-mail, online banking, social media sites, and your CRM system, just to name a few. With so many password protected sites to keep track of, the inclination is to always use the same password for every site or to make it so easy you can’t possibly forget it (like using Password123). Unfortunately, this compromises all of your data and makes it easy for cyber-attackers to steal sensitive, confidential information.secure password

Studies have shown that password security is still the weakest link in keeping data safe. There are some simple things you can remember when creating a password that can help protect your information.

Here are 7 tips to consider:

  1. Use special characters and numbers.
  2. Mix up upper case and lower case letters.
  3. Make sure your password is a minimum of 10 characters.
  4. Be sure it’s not something that can be guessed easily (zip code, phone number, birthdate, your name).
  5. Randomly replace letters with numbers, e.g. shake becomes $h@ke.
  6. Pick a sentence or phrase, and reduce it to first letters of each word only, e.g. “A Golden Key Can Open Any Door” becomes AGKCOAD.
  7. Reverse the spelling of a word, e.g. partnership becomes pihsrentrap.

 

Not all cyber-attacks can be avoided, but don’t make it too easy for them. Be proactive and update all of your passwords so they meet the above criteria.

 

Cybercriminals Now Have A Bull’s-Eye On Small Business… Is Your Company’s Data At Risk?

In a December 2014 survey by the National Small Business Association, 61% of small businesses reported being victims of a cybercrime within the past 12 months.

The average cost to recover from a cyber-attack skyrocketed from $8,699 per attack in 2013 to $20,752 per attack in 2014. And, of the businesses targeted, 68% said they’d been hacked more than once.

Experts agree, as cybercrooks become ever more sophisticated, the threat to small businesses is going to get worse before it gets better…cyber attacks

So what can you do to beat the bad guys?

Here are three common ploys used by hackers – and how you can fend them off:

Phishing – A really legitimate-looking e-mail urges you to click a link or open a file that triggers a malware installation on your computer. Best Defense: Don’t let anyone in your company open files or click links in an e-mail unless they’re certain who it came from.

Cracking Your Password – Hackers can run programs 24/7 testing password combinations. The easier your password is to guess, the more likely it is they’ll crack it. Best Defense: Consider using a password manager that generates and stores tough-to-crack passwords. For extra security, use unique passphrases for financial accounts in case the manager gets hacked.

Drive-By Download – You visit what appears to be an innocent site; yet when you click, your device gets hacked – and you may never know it, until it’s too late. Best Defense: Make sure your browser is up-to-date, or use one that updates automatically, such as Firefox or Chrome. Internet Explorer users have been found to be most vulnerable to these attacks.

Unfortunately, these three examples are just a small sampling of the dozens of ever more ingenious ways cybercriminals are breaking down the doors and destroying unprepared businesses.

Let us help! Through Oct. 15, call our office  to receive a FREE 27 Point Cyber-Security Audit to uncover gaps in your company’s online security.

Our highly trained team of IT pros will come to your office and conduct this comprehensive audit. We’ll then prepare a customized “Report Of Findings” that reveals specific vulnerabilities and a Prioritized Plan Of Attack for getting any problems addressed fast.

To take advantage of this limited-time offer, call our office at 678-745-5109 or visit www.mis-solutions.com to schedule yours today.

Webinar: How Cloud Computing Can Cut Your IT Costs, Provide Automatic Disaster Recovery And Free You To Work From Anywhere On Any Device

When: Thursday, Nov 12, 2015data center

Start Time: 11:00 am EST

End Time: 12:00pm EST

OR until all questions are answered, whichever comes first.

On this webinar, you will learn: What is cloud computing in simple, non-geek speak language, FAQs about security, what does it cost, what happens if the Internet goes down, and top reasons companies are considering moving to the cloud. To register, call Becky or Kary at 678-745-5109, email bjoubert@mis-solutions.com or register at https://attendee.gotowebinar.com/register/3727376673900919553 .  After registering, you will receive a confirmation email containing Information about joining the webinar.

Space is limited and Registration is required.

 

How To Make Yourself “Invisible” To Hackers

There’s an old joke about two men hiking in the woods when they come across a big, grumpy black bear. Scared silly, one of the guys starts to run but notices his buddy stopped, bent-over, changing his shoes. He shouts to him, “Dude! What are you doing?!?! Why aren’t you running?” to which his friend replies, “I’m changing my shoes because I don’t need to outrun the bear – I only need to outrun YOU.”

  network locked This is a perfect analogy for what’s going on in small businesses: the “slow,” easy targets are getting nailed by fast-growing cybercrime rings that are getting more sophisticated and aggressive in attacking small businesses. Last year, the average cyber-attack cost a small business $20,752, a substantial increase from 2013, when the average was $8,699. That’s because most small businesses don’t have the security protocols in place or the manpower and budget to implement sophisticated security systems. While there’s absolutely no way to completely protect yourself other than disconnecting entirely from the Internet, there are several things you can do to avoid being easy pickings. Here’s how:

  1. Lock your network. While WIRED networks make you invisible to WiFi snoops because you have to access them by plugging into physical outlets or hacking modem ports, you can create a hidden or cloaked network on a wireless network. Simply disable the service set identifier (SSID) broadcasting function on the wireless router, and only users with the exact network name will have access. Small businesses like coffeehouses can also do this—just periodically change the network’s information and place a small sign near the register with the current network name and passcode.
  2. Encrypt your data. On your desktops, turn on the full-disk encryption tools that come standard on most operating systems: BitLocker on Windows-based PCs and FileVault on Macs. There is no noticeable performance lag; however, the encryption only applies when users are logged out of the system. So setting computers to automatically log out after 15 minutes without use is a good idea. And for mobile devices, use a VPN (virtual private network) to encrypt data traveling to and from your mobile devices and limit your employees’ access to only the company data that they must have to do their jobs.
  3. Install firewall and anti-malware applications on all of your equipment, including mobile devices.
  4. Disable features that automatically connect your mobile devices to any available network.
  5. Disable printer and file-sharing options on mobile devices before connecting to a hotspot.
  6. Check before connecting to hotspots. If there is an unusual variation in the logo or name on the login page, beware…this could mean it’s a fake hotspot designed to steal your data.

   Can you guarantee that the person across the hotel lobby isn’t looking at your data? Not really, but the chances of them being able to do that are greatly reduced if you take precautions to protect your business.

For More Information, Contact Us at 678-745-5109

 

3 “Gotchas” Most IT Pros Won’t Tell You When Selling You Their Cloud Solution

Are you using any cloud applications to store data? Then listen up! There are a few “gotchas” you need to know about 3rd-party cloud apps that most sales reps will NEVER tell you.

  1. They aren’t responsible for keeping a backup of your data. If you read the small print of your contract, you’ll see that in every way possible, your cloud provider is NOT responsible for data loss or backups – even if it’s their fault. In fact, Office 365 will only keep 3 days’ backup of your data; so if you delete or overwrite a file and don’t notice it until 4-5 days later, it’s GONE. If your data is important, you need to implement a backup solution that works with cloud applications.cloud-backup
  2. What you see may NOT be what you get. There’s nothing more frustrating than an incredibly slow application when you’re trying to work; and the salesperson demo’ing the application or platform is going to make sure you only see the BEST-case scenarios for performance. But there are a lot of things that can determine how fast your cloud applications run, such as the file size you’re working on, CPUs and RAM and storage, time of day, day of the week, your Internet connection and the number of users accessing the application. Make sure you get some verification of the speed in YOUR specific environment before spending a lot of money, time and aggravation moving to a new cloud application.
  3. What if they cancel you? Here’s a scary situation: what if your cloud provider decides to shut down your account because they go out of business or simply decide not to service you anymore? Or what if YOU want out? Make sure you have in writing what happens if YOU cancel your contract AND what your cloud provider can and cannot do if they go out of business, cancel your account or have any other issues that would cause service interruption. Moving a network from a cloud platform is NOT a simple task and you need to make sure you can get your data and that you’ll be given sufficient time to make the transition.

Need help interpreting any of these scenarios? Give us a call at 678-745-5109 and we’ll help you put in place a solid “Plan B” for any of the above issues.

IT Consulting Tip 8 – Two Factor Authentication

ServicesAllowing access to private business data is a difficult thing for business owners to do. You want to make sure that every piece of valuable information is protected against any form of theft or loss. One great way to protect your data is to establish a two factor authentication system.

A two factor authentication system is one in which you are asked for a secondary layer of information before you are able to access private information. For example, if you log into your company’s administrative portal, you will most definitely be asked for a password. Then, you would be asked for a secondary code or a piece of information that only you would know.

This, of course, makes your documentation more secure and makes it more difficult for someone to hack into your account. However, you should be very selective in regards to your password and the secondary code so that no one would be able to guess your answer.

As you spend time with employees over the years, they begin to learn things about you because you talk about your families and interests together. If you are someone who owns a boat, for example, and boating is your most favorite thing to do, your employees might know that about you. If your password is the name of your boat, that might be a little too easy for your employees to guess if they were trying to access your data. In addition, if your secondary authentication is your mother’s maiden name, your employees might know that too. Make sure all of your passwords and questions are things that only you would know for optimum security and protection for your data.

IT Consulting Tip 7 – Back Up Your Data

PerformanceImagine if your computer system failed, and you lost every piece of client information and financial information. For most businesses, this would be catastrophic. It would take weeks to months to recreate all of that data, and some of it would be lost forever.

It is impractical to trust your employees to manually back up your system as often as they should. They could forget, or they could just not feel like it that day. For many larger companies, losing one day of records would be a huge undertaking to restore. In addition, allowing your employees to back up your system gives them the ability to walk out the door with all of your data. How much can you really trust an employee with everything that controls your business?

Even if you had the most trustworthy employees on the planet, and they back up your system every single day, the back up can still be lost or damaged. If the back up is left at the company, and the office burns down that night, the entire back up is destroyed. If the employee takes the back up home with them, you risk exposure of personal information to unauthorized people. Of course, their house could also burn down too.

The only safe solution is to employ an off-site back up service that will automatically back up your data everyday and store it on their secure network. Then, you can rest better knowing your data can easily be restored in the event of theft or loss.

Give MIS Solutions a call today to ensure your computer’s data is backed up and able to be recovered in the case of a disaster.

IT Consulting Tip 1 – Disable Java in Browser

Crimeware is a concept that every single business owner should be familiar with. Most everyone has either heard of an instance of crimeware happening, or they probably have experienced it first hand. Crimeware is that email that has an attachment with it that when opened will distribute malware all over the computer system in an effort to gain access to private information. Or, it is the pop-up that tells the operator something is wrong with the computer system and to “click here” to fix it. Nothing good follows after the click here button is pushed.

Installing anti-virus programs on all computer systems is a necessary step to protect important data, but one should not assume that by simply installing an anti-virus program that they are protected from all forms of cyber-evil. The ones who want the company’s information have discovered ways to get around anti-virus software. This, once again, does not suggest that companies should not bother with anti-virus programs. They absolutely should because anti-virus does provide an enormous layer of protection. However, companies need to be aware that they need to do more to ensure their data is protected.

One thing that all companies should do is disable Java in the browser. This may be difficult with some software applications, but it is necessary. Java has created open spaces in security that allow access to unauthorized users. If it is disabled, that access is taken away.

Java in the browser can be the back door Atlanta companies don’t bother to look at in their network security protocol.  This is fast becoming one of the most common methods to launch a data attack against a company or individual.  Using Java in your browser carries more risk than bringing benefit at this point.

Give MIS Solutions a call today to discuss ways to protect your computer network from data security threats.

How IT Services in Atlanta Can Improve Your Security

Businesses tend to underestimate the value of their data. Cyber thieves use the fact that most companies fail to properly secure themselves from outside intrusion. This makes these businesses easy targets for both data theft and the heavy financial losses that can accompany it.

While it tends to be too expensive for a smaller business to afford adding enough IT professionals to ensure constant maintenance of their networks, it is possible to enable comprehensive security and network maintenance with IT services in Atlanta.

PerformanceIT services in Atlanta provide a cost-efficient way to secure your business against digital intrusion. Their qualified personnel can audit your network for security risks, patch up holes and provide a constant monitoring that will alert you of any security breaches as they occur. These services come together to create a comprehensive plan for defending your business’s sensitive data.

The security that they can provide isn’t the only thing that IT services in Atlanta can do. They can help you plan for integrating new technology into your business, aid in maintaining your hardware and software, and make delays from IT component failure become significantly less frequent.

Problems that would have otherwise gone undiagnosed can be spotted, repaired and prevent before they are able to put a halt to your business.

The most advantageous part about IT services in Atlanta is that their work tends to be provided on a pay-as-you-need-it basis. You’re paying for the work that they perform, rather than paying someone to be present at your company to tend to problems as they arise. This results in a greater cost-efficiency, which in turn makes these services affordable for businesses of every size.