Category Archives for Uncategorized

The 2019 Attorney’s Guide To Protecting Client Information

The 2019 Attorney’s Guide To Protecting Client Information

Law firm cybersecurity has never been more critical. Follow these tips to start 2019 prepared for the increasing number of cyber threats

Law firms need to be particularly vigilant about guarding against cybersecurity. Not only do they handle a variety of non-public personal and financial information about their clients, but the Consumer Financial Protection Bureau has begun requiring firms that specialize in several types of law to follow more stringent cyber security protocols and procedures that other types of businesses and law firms. Fail to comply with these requirements and your firm could face a fine, or worse, be held liable in the event of a data breach. Currently, these requirements apply to real estate lawyers, but they may soon also include those who practice family law. Law firm data security is more critical than ever.

What is the threat landscape for law firms in 2019?

What does the threat to the average small or medium-sized law firm look like as we begin 2019? Consider the following statistics:

1. According to a study by “Small Business Trends,” 43 percent of cyber attacks are aimed at small businesses like law firms.

2. It takes most companies at least six months to catch a data breach. Imagine the damage to your firm’s reputation and your clients’ finances that can be done by that time.

3. Windows-driven devices are the most commonly hacked with Android devices running second. However, that doesn’t mean that Macintosh and Apple users can relax their cybersecurity.

4. The average cost of a cybercrime data breach is $301 per employee.

5. More than 4,000 ransomware attacks occur every day, according to the FBI.

6. More than three-quarters of all businesses reported being a victim of a phishing attack within the last year.

7. The United States is, by far, the most significant target of cyber crime, with more than 38 percent of victim companies, according to a study by Norton. They also estimate that the U.S. will account of half of all crime by 2023.

Despite these alarming statistics, law firms tend to lag behind other professions and industries in combating the threat of cybercrime. The American Bar Association (ABA) ranked the average small law firm’s cyber security procedures and protocols at a 3.5 out of 10. The reasons are many. Law firms have been more reluctant to embrace new technology than other types of businesses. Also, many small and medium-sized law firms lack an IT department or even a designated IT person. However, no matter how small your operation, you ignore cyber security at your peril.

Guarding against cybercrime in the new year

Fortunately, there are some easy and affordable things you can do to beef up your firm’s cyber defenses.

1.Segregate the firm’s most sensitive information. Restricting access to your firm’s most sensitive digital information is the first step in a good cybercrime prevention plan. This is the digital equivalent to locking documents in a safe an only giving a chosen few key employees the combination. You’ll want to use the most vigorous security protocol for this data, such as changing passwords frequently and only giving top employees access.

2.Install and update anti-virus and anti-malware software programs. Such programs, regularly updated are the first line of defense against cybercrime, and can be surprisingly effective.

3.Invest in employee training. Many cyber threats, such as phishing scams, can be neutralized if your employees know what such scams look it. Also, drilling employees on good basic computer and email practices, such as never opening an emailed attachment, and holding employees accountable for their actions can significantly minimize your firm’s level of exposure to cybercrime.

4.Enlist help. An IT managed service provider can help you protect your firm’s sensitive data without your having to house, maintain and staff an IT department. This type of company can offer a myriad of IT services, including cybersecurity, for one affordable monthly fee. At Parkway Tech, we take the time to get to know your firm and your business model before we custom design an IT package just for your firm. Many firms put their security and computer expectations in writing by producing and distributing a one or two-page list of what computer activity is allowed and what is prohibited.

The ABA estimates that merely concentrating on these four areas regarding cybersecurity can reduce the typical small law firm’s cyber security risk by 85 to 90 percent. Now that’s good news on which to start the new year.

About Parkway Tech

Located in Winston-Salem, Parkway Tech specializes in helping small and medium-size law firms with their IT needs. We have been offering legal IT services, including cybersecurity, since 2008, and we pride ourselves on our friendly, responsive customer service. We’re so confident that you’ll be impressed with our service that we offer a 90-day guarantee on all of our managed service packages. If you’re not thrilled by what we offer, you don’t pay. It’s as simple as that. Not many other IT specialists make that offer.

To learn more about how Parkway Tech can help your firm combat cybercrime, visit or contact us at (336) 310-9888

Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?

Practice's Technology

Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report

If your Modafinil order ships from Singapore: days if your order is shipped to Australia, USA, UK, or New Zealand days if your order is shipped anywhere else in the world If your Modafinil order ships from Europe: business days if your order is shipped to a country in the EU days if your order is shipped anywhere else in the world Please note that any orders coming from Europe will require a signature upon delivery. cialis ModaPharma Last but certainly not least, ModaPharma has established itself as one of the few vendors that actively performs third-party tests on their Modafinil supply to ensure each tablet is completely pure and potent.

Continue reading

Windows 7 Support Will Be Retired In One Year (Questions & Answers)

Windows 7 Support Will Be Retired In One Year (Questions Answers)

Microsoft announced they are stopping mainstream support for Windows 7. Windows 7 is a popular operating system. So, this creates concern for many. Over time, the reliability and security of your computer will fade if you keep using Windows 7.

So What Now?

We’ll cover some important facts here that you need to know about Windows 7.

win 7 map

A History Of Windows 7

Windows 7 made its debut in 2009. It was initially planned as an incremental upgrade to the operating system – it was to address the poor reception of Windows Vista. Windows 7 was praised for its increased performance and intuitive interface with the new taskbar and other improvements.

More than 100 million copies of Windows 7 were sold in its first 6 months. By mid-2012, there were more than 630 million copies sold. It was the most popular Windows variant up until 2018.

In 2014 Microsoft stopped selling Windows 7 in anticipation of its end of life. In 2015 mainstream support ended. Extended support will end on January 2020, sunsetting Windows 7 for good. That means you should have plans in place soon and complete them before the end of 2019.

Now is the time to migrate to the next Windows operating system.


What Happens At Windows 7 Sunset?

All support for Windows 7 will end on January 14, 2020. This means no more bug fixes or security updates. Over time, the usability of Windows 7 will degrade. There will be a loss of usability and increased vulnerability.

Will Internet Explorer Still Be Supported On Windows 7 After Sunset?

Per Microsoft, support for Internet Explorer on a Windows 7 device will also be discontinued on January 14, 2020. As a component of Windows, Internet Explorer follows the support lifecycle of the Windows operating system, it’s installed on. See Lifecycle FAQ – Internet Explorer for more information.

Your IT expert can also act as your CIO and IT Advisor, and help you with:

  • Applications may no longer receive updates.
  • Features may become incompatible.
  • Utilities may become unsupporte
  • New devices may not connect

What Does Increased Vulnerability Mean?

  • Software bug fixes to protect you from the latest exploits may no longer be issued.
  • Your PC could be infected by malware.
  • Antivirus programs may no longer be updated.
  • Online banking transaction systems may expire.
  • Your financial data could be vulnerable to theft.

So What Now? Is It Time To Upgrade To A New Operating System?

Yes, you should begin planning an upgrade to Windows 10 on all of your workstations and be prepared to be DONE with the upgrade by the end of 2019.

What Do I Need To Do Before Updating/Migrating?

To make sure your hardware is ready for the next software environment, you should perform a series of inventories.

Software Inventory: Go through your start menu, programs folder and any other locations on your PC and make a note of all the applications and utilities you have.

Categorize them into 3 groups:

  • Required
  • Optional
  • Unwanted

Check your required software versions against the most current versions from the vendor to determine if you need to upgrade them. If so, make a note of the cost to do this.

Software Wishlist: Decide what you need, how soon, and do a similar upgrade and cost determination.

Hardware Requirements: Make sure your current hardware is compatible with the most current Windows Operating System (Windows 10). This means checking:

  • The space on your solid-state drive or hard drive.
  • The RAM or memory requirements.
  • The CPU or Processor.

If they don’t meet the requirements, it may be best to purchase a new machine with Windows 10 installed. Then you can reinstall any current applications that you require.

Should We Consider Purchasing A New Computer?

If your computer is 3 or more years old, and running Windows 7, in most cases it makes sense to get a new one.

For most Windows 7 users, moving to a new device with a Windows 10 operating system is the best path forward. Today’s PCs are faster, lighter in weight, more powerful, and provide increased security.

The average price is considerably less than that of the average PC was eight years ago. This Guide from Microsoft can help you choose a new PC in just a few easy steps.

When you’re ready to upgrade to Windows 10, visit and spend some time on:

Do You Have Any Questions?

Contact us. We’re always here to help. Our team can help you build a plan for getting updated. We have tools to perform an automated inventory to determine what your best path forward should be. Our team is experienced in performing upgrades throughout California for organizations such as yours.

Parkway Tech is your go-to Legal IT Solutions advisor in Winston Salem, North Carolina. We’ll assess your IT security and implement a plan to keep your data safe.

If you found this article helpful, there are many more on our Law Blog. Here are some examples of what you’ll find.

IT Issues Winston Salem Lawyers Would Rather Avoid (Problems and Solutions)

What Should Law Firm IT Services Include? (Questions/Answers)

Are You Safe From A Cyber Attack? (Business Owner Information)

Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?

Practice's Technology

Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report

A peptic ulcer is a lesion or sore on the lining of the stomach or upper part of the intestine duodenum. cialis They don’t always cause symptoms.

Continue reading

Top 5 Cybersecurity Concerns For Law Offices in 2019

Top 5 Cybersecurity Concerns For Law Offices in 2019

Prevalence of hacking requires law firms to have strong cybersecurity plans in place that comply with state, ABA, and local bar association regulations.


What Are The Top 5 Cybersecurity Challenges on the Minds Of Legal Professionals Across The US Going Into 2019?

Almost every day, there are new reports of cyber attacks on large corporations or small businesses. All are vulnerable. It does not matter if it is a retail giant like Target or a solo practice law firm.

Marriott Hotels is the most recent company to report a significant attack. Personal information of 500 million guests was compromised. The attack lasted over four years before it was discovered. During that time, the personal information, including names, addresses, credit card information, and possible passport numbers of those who stayed at or made reservations at a Marriott, were all discoverable by the attackers who breached the system.

Currently, 15 Chicago law firms are defendants in a class action lawsuit where plaintiffs allege the firms had inadequate cybersecurity which subjected their confidential information to discover. No actual breaches of the systems occurred and no known compromise of data has been detected. The firms were sued based merely on the possibility that there could be a compromise of confidential information due to the inadequate data protection systems utilized by the law firms.

Owners and managers of small law firms may think this only happens to large companies or large law firms. Unfortunately, that is not true. Smaller firms are also depositories of sensitive material. They may have information hackers would like concerning intellectual property, wills, trusts, and other confidential legal information.

In December 2017, the American Bar Association (ABA) published the results of a survey it conducted in which there were more than 4,000 respondents. An alarming 25 percent reported they had no cybersecurity policy in place and 7 percent said they did not know whether or not their firm had a such a policy. 

The National Law Review reports that hackers find lawyers not particularly tech-savvy, so are easy targets for cybersecurity breaches. The consequences for a breach can be severe: loss of files, loss of confidential client information as well as client credit cards and other personal information. Also, firms incur the cost of repairing the damage. This includes both the financial cost of repairing the damage to the technology and loss of files, and the intangible need to repair damage to the firm’s reputation. There may even be consequences due to a breach of the ABA Model Rules requiring law firms to have protection of their sensitive data. 

Top 5 Concerns for Cybersecurity for Law Offices in 2019

There are some law office cybersecurity concerns for 2019. Solo and small law firms mainly need to be on the watch for any or all of the following situations that may subject the firm to a breach of its cybersecurity system.

  1. Exploitation of day-to-day employee activities.
    The ABA reports that this activity is responsible for the most successful cyber attacks. An email appears to be from a client, or maybe a friend or family member that instead contains malware. The employee unwittingly opens the document which allows the hackers access to the personal and confidential files of all of the firm’s clients. The malware often has a mushrooming effect so that it will enable the hackers to access to not only the law firm client files, but access to the data the clients have on their systems.
    If an employee uses an unprotected WiFi at a coffee shop, the entire office files are easily hacked into and malware may infect all of the confidential legal files of the law firm. This can happen even if the employee does not open any suspicious files and only does routine work.
  2. Watch out for ransomware. Ransomware is one of the easiest hacking methods that exist. It does not even go after sensitive information but blocks everyone in the firm from accessing the office files unless a ransom is paid. It enters the system when an employee opens a particular email or clicks on an unknown zip or pdf file. It can even come in through a USB drive. Remote desktop applications are the most vulnerable.
  3. Firms must understand that discarded devices compromise cybersecurity. A few years ago, a managed care healthcare provider returned its copy machines to the retailer when the lease on them was up. No one thought about computers having a hard drive that contained sensitive material. The disposed of devices included electronic health records of more than 344,000 people. The healthcare provider was fined by the U.S. Department of Health and Human Resources. Also, it had to pay to have the copiers returned to it so it could implement a new security plan for protecting the private information contained on the hard drives.
    In addition to sensitive information being contained on the hard drive of a copy machine, the data may be on a cell phone and any other mobile device. When these devices are not correctly disposed of, the information can fall into the wrong hands. This could be an ethical violation of the ABA Model Rules in addition to the money it will take to deal with the unauthorized use of sensitive information.
  4. Have a breach preparedness plan in place. The response to a cybersecurity breach is “a critical component to managing its impact and damage.” A law firm that has experienced a breach can minimize the consequences of bad press by informing those whose data was compromised about the incident before someone else does. This may mean going public with the information. Doing so will at least give control of the situation to the law firm and not to outside sources. Although the firm’s reputation will still suffer, it will not take “an additional beating” by being accused of hiding the fact of the breach.
  5. The law firm’s cybersecurity plan must be compliant with state regulations. All 50 states now have a data breach notification law. Thirty states have legislation concerning cybersecurity. The ABA has rules pertaining to cybersecurity as do many state bar associations. It is up to each law firm to understand and comply with all the relevant laws and association rules.

To learn more about your cyber security law office concerns for 2019 and how to protect your confidential data, contact Parkway Tech. You can reach the IT firm online or by calling (336) 310-9888.

Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?

Practice's Technology

Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report

The progestogen in the mini pill works in several ways to prevent you from getting pregnant. Unlike the combined oral contraceptive pill, the mini pill does not contain any oestrogen — hence the name progestogen-only.

Continue reading

What Are The Cybersecurity Concerns Facing Small Law Offices In 2019?

What Are The Cybersecurity Concerns Facing Small Law Offices In 2019?

Cybersecurity has never been more important to law firms. After all, you deal with clients’ sensitive personal and financial information as well as details of their legal cases that those who mean them harm would love to learn about. The problem is that most lawyers are not IT experts. Sure, you’re great in a courtroom or negotiating a settlement on behalf of your client, but few good attorneys have the expertise or the time and energy at the end of the day to make sure that their computer files are impervious to increasingly savvy cybercriminals. That’s why having an IT partner like Parkway Tech is so important.

Cybersecurity concerns facing small law offices in 2019

Keeping your computer files safe is an ongoing process; it’s not something that you do once and then moves on to the next task. But, how much attention to cybersecurity is enough to be deemed a reasonable effort? It might be useful to see what other small firms are doing. According to a recent study by the American Bar Association (ABA).

  • 75% are using some anti-virus software.
  • 58% of responding firms are using some firewall or anti-phishing software.
  • 33% are using email encryption software.
  • 25% are using device encryption software.
  • 17% have some directory security in place.
  • 25% have an employee training program involving cybersecurity.

Some firms, particularly those who use Macintosh computers, admitted to not using any measures to protect their digital files. Of those that did spend resources last year to beef up their cybersecurity, the majority (55%) said they did so to meet their fiduciary responsibilities.

Things to consider when developing a cybersecurity protocol

  1. Vendor security. According to the American Bar Association, one of the top vulnerable places for law firms is the cybersecurity of their vendors. They see firms “increasingly writing language into contracts that require suppliers and vendors to take minimum specific measures to protect data.” This is in response to some massive industry hacks that have been linked to poor cybersecurity in supplier with links into the attacked company. That’s where a good IT partner like Park
  2. Email security. Email correspondence continues to be an Achilles heel for most law firms. An entry-level staff member opening an attachment with a virus or other malicious code can potentially infect the entire firm’s database. Interestingly, while 75 percent of respondents in the ABA survey viewed emails as a potential threat, only 58 percent have a program in place to protect against such a threat.

What you can do to beef up your firm’s cybersecurity

The ABA ranked the average small law firms cybersecurity procedures, and protocols are at 3.5 out of 10. More effort is needed in this area to protect your sensitive data adequately. It’s not overly dramatic to say that a data breach could threaten the very existence of your firm.
No lawyer should be expected to be an IT expert. You have clients and employees to concentrate on, not to mention spending time with your family. That’s where a good IT partner like Parkway Tech can be invaluable. We are more than just computer technicians; we are IT professionals who know and understand the unique security concerns of law firms. Cybercriminals are always upping their game and developing new ways to compromise your data. You need a diligent company that can match this challenge and stop such threats before they even develop.
At Parkway Tech, we take a somewhat different approach to IT solutions. We understand that every law firm is unique. That’s why we begin by getting to know you, your firm and your hope and dreams for the future. We don’t recommend any product or course of action until we’ve taken the time to learn about your specific needs. We feel one of our strengths is our relationship-driven approach to IT solutions.
We’ll help you develop a cybersecurity package that is virtually impenetrable to hackers. We’ll include not just your office computers, but also your mobile devices, your cloud apps and storage, and your contracts with those potentially vulnerable third-party vendors. We understand that leaving anyone spot vulnerable puts your entire system at risk.

About Parkway Tech (Your Legal IT Services Team)

Located in Winston-Salem, Parkway Tech has been helping small and medium-size law firms with their IT needs, including cybersecurity, since 2008. We pride ourselves on our friendly, responsive customer service. We’re so confident that you’ll be thrilled with our service, we offer a 90-day money-back guarantee. That means you can “test drive” our services for more than a month and get all of your money back (cheerfully) if you aren’t satisfied with our team and our services. Not many other IT specialists make that offer.
To learn more about how Parkway Tech can help free up your time as well as help your law office keep your data secure, meet your fiduciary responsibility to your clients and stop worrying about cyber threats, visit or contact us at (336) 310-9888.

Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?

Practice's Technology

Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report

As a result we, strive to help ease the burden on our customers by providing our service with empathy. cialis tadalafil We understand what it means when your device is not functional.

Continue reading

Strategies Law Offices Must Deploy To Protect Client Information

Strategies Law Offices Must Deploy To Protect Client Information

Law firms today are increasingly relying on digital tools to provide lawyers and other staff with more flexible access to information, deliver on-demand law information to clients and reduce reliance on paralegals and other administrative staff.

These technological advances have allowed law firms to innovate, develop new revenue-generating services and reduce operating expenses. However, with those advances comes an added risk. With the use of more digital solutions, law firms are exposing their data to greater exposure to cyber attack. The impact of a data breach could be devastating to a law firm, resulting in the loss of clients and reputation.

The growing reliance on technology is why data security for law firms has become more essential than ever. Finding the right legal IT provider that understands law firm needs and can develop comprehensive security solutions is a critical step for law firms.

What Threats Are Law Firms Likely to Face?

Hackers know all too well how critical it is to keep client data safe. That’s why law firms are such a likely target. The American Bar Association’s 2018 annual meeting included a panel discussion to address the risks and the need for active defense. “The consensus of the panel was that cyber attacks are inevitable, and that preparation for law firms was necessary to avoid not only the hardware issues but also post-attack consequences,” the ABA wrote.

Ransomware is a significant risk. A hacker who gains access to sensitive systems can lock out users, cripple a website and demand payment in cryptocurrency before functions are released.

While anti-virus and anti-phishing software have long been a part of a corporate defense against such attacks, hackers are finding new weapons. Cryptoworms are one such example. These invasive programs act similarly to malware and ransomware with one significant distinction. Cryptoworms, once embedded, do not need manual instructions from a hacker to identify and steal personally identifiable information.

As long as hacking remains a lucrative option, hackers will continue to develop new destructive weapons. That’s why data security services for law offices are still needed.

What Solutions Do Law Firms Need to Deploy?

Preventative measures are the first line of defense for law firms. The problem is that like other small- and medium-sized businesses, many law firms do not create a comprehensive layer of securities. Anti-virus software alone is not enough. Here are the main components of a thorough strategy:

  • Firewalls. With a firewall in place, your network is protected from intrusion attempts at the perimeter. Next-generation firewalls can detect suspicious activity, including unwanted emails, web access attempts and connected devices. Firewalls need to be actively monitored and issue automated alerts when unwanted activity is found. In most cases, the firewall can contain and neutralize an attack before it can cause any damage.
  • Device Security. Every desktop, laptop, smartphone and tablet that connects to your network is a potential opening for hackers. That’s why law firms need to deploy rigorous protections that start with anti-virus, anti-phishing and anti-malware tools. Such software apps should run in the background and be updated automatically to look for new threats.
  • Authentication. When a user needs to access sensitive information or a system application, multi-factor authentication should be used. Biometrics and multi-device pins and passwords protect data and are an added line of defense if a mobile device is lost or stolen.
  • System Access. Law firms should restrict access to files aggressively, limiting the potential for unintentional or unwanted connection to files unless there’s a clear business need. Processes need to be in place to manage new and departing employee access immediately,
  • Encryption. Data is at risk while in transit and at rest. That’s why email and file encryption is an absolute must for law firms.

What Structure Is Necessary for Cybersecurity?

Policies and procedures need to be in place that guides your law firm’s technical solutions.

Explicit, clear policies about cybersecurity need to focus on keeping client data and employee information secure. These policies need to be distributed to all employees and discussed not just in new-employee orientation sessions but as part of annual mandatory training.

Employees need to understand that most cyber attacks start with an unknowing employee clicking on an email link or visiting a damaging website. Effective training raises employee awareness and gives them tips on what to look for to prevent attacks. Some organizations even issue phony phishing emails to test how well employees understand company policy.

Policies should focus on the following:

  • Who is responsible for enforcing policies and procedures
  • What information is most important and why it needs to be safeguarded
  • How long the information is protected
  • To whom the policies and procedures apply

How Do I Prepare to Respond to an Attack?

Law firms need to have an incident response plan that’s a core part of your business continuity plan.

Your incident response plan should include well-defined roles for staff responsibilities during and after an attack, including:

  • An incident response manager who oversees the team
  • Threat researchers who collect data related to the cyber threats
  • Triage security analysts who respond to automated alerts to determine if a threat is legitimate or a false positive
  • Forensic security analysis who collect information about a data breach and analyze what happened and why

Who Can Help Our Law Firm with Cybersecurity?

Parkway Tech specializes in helping law firms with their IT needs. We understand the importance of keeping sensitive law firm information protected and secure.

At Parkway Tech, we have a relationship-driven approach, taking time to learn about your firm’s needs and goals. In addition to robust cybersecurity solutions, we offer data backup and recovery, business continuity planning, IT consulting, cloud computing and remote help-desk support. To learn how we can help keep your law firm protected, contact us.

Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?

Practice's Technology

Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report

Because having a caring adult about his feelings. Blood digiusto dl, krishnan a, li l, neaves wb normal ultrasound appearances of large volumes for sclerosis, a yearly magnetic resonance imaging-derived targets: A clinical trial evaluated the function of the stone formation rate per year, duration of action developing mental health professionals, the idea surprised janice, she set up for accommodation near and it is also usually given twice a day may lead to death before vision as side effects.

Continue reading

10 Tips To Guard Against SamSam Ransomware

10 Tips To Guard Against SamSam Ransomware

In July 2018, an article published by Naked Security stated that SamSam, one of the latest ransomware threats, has been one of the most costly and dangerous attacks in history. SamSam leeched at least $6 million from unwitting victims, some of which were well-known businesses and government operations.

Young Asian male frustrated by ransomware

SamSam ended up costing the Colorado Department of Transportation upwards of $1.5 million as of April 2018, according to the Denver Post. The FBI and Department of Homeland Security (DHS) agencies have stepped in with recommendations to help business owners keep themselves and their data protected from not just SamSam, but other malware as well.

  1. Make changes to systems that rely on RDP remote communication.
    If you don’t use the RDP service, disable it. If you do rely on remote communication, work with an IT consulting agency to implement upgraded patches that conform to current system operations.
  2. Use firewalls to protect open RDP ports.
    If your system utilizes open RDP ports and public IP addresses, make sure these are rightly protected with a firewall. Virtual private networks should be used to access these ports, so make sure all users understand how to access the systems even once they are protected.
  3. Beef up system passwords and lockouts.
    One of the easiest ways to defend against brute-force attacks is to beef up your passwords and lockouts that are in use. USA Today says passwords should be a random collection of characters (upper and lower case), at least eight characters long, and that you should use a different password for each application. Use strong passwords among shared devices just the same as you would on the internet.
  4. Utilize two-factor authentication processes.
    Two-factor authentication processes offer an extra layer of security for applications that have it available. Many business owners skip doing two-factor authentication because it saves time, but this is an easy way to make systems more secure.
  5. Pay attention to system updates as they become available.
    System and software updates are hugely important, whether they are manually implemented or automatically added. These updates are frequently released as new threats emerge to the surface that would otherwise compromise an existing system. Never turn off automatic system updates and have a business security expert check your system for updates on occasion.
  6. Implement a reliable backup strategy.
    If something happens and your system is compromised by a SamSam ransomware attack, you need to have a backup plan already in place. Therefore, it is critical to implement a reliable backup access strategy so your system and your data can remain accessible.
  7. Enable system logs and keep them for at least 90 days.
    System logs will record every login attempt through RDP ports and other applications. In the event of an attack, IT analysts will be able to pinpoint the exact time that the system was infiltrated, which can be really helpful to solve the problem.
  8. Follow guidelines for accessing cloud-hosted services.
    If you do have cloud-hosted data that you frequently access, follow that provider’s rules for accessing your data and do not ignore their guidelines. These rules are specifically in place to keep your information protected. If you are using third-party services that require RDP access ports, make sure the service is following the latest safety practices.
  9. Keep network exposure at a minimum for critical hardware.
    In other words, if you have a hardware system that can function without being interconnected to all other devices on the network, then operate it as a standalone component. Just because you can connect everything in the modern technology setting, it does not always mean that you should. If SamSam or another ransomware attacks, hardware that is not connected can be safe. Likewise, it is good if you turn off sharing between printers and other devices unless it is absolutely necessary.
  10. Restrict users from running software and opening

There should only be trusted people within your business who are allowed the privilege of running software on any system. Therefore, make sure all users have a clear set of outlined access permissions and restrictions. It is also essential that email attachments are carefully handled, which means not every user should be allowed to open, access, or view email attachments.

Even though protecting your business from SamSam ransomware and other business cybersecurity threats can be time-consuming, it is these lines of protection that will save you from an expensive attack. Reach out to a cybersecurity expert for more information about adequately protecting your business network.

Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?

Practice's Technology

Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report

Latest Podcast Episode. order cialis online Friendly Aussie Podcast Mitch – November 2, 3.

Continue reading

Sextortion Scam Pretending To Come From Your Hacked Email Account

Sextortion Scam Pretending To Come From Your Hacked Email Account

A recent sextortion scheme highlights the vulnerability users face when their data is stolen and used against them.

The widespread threat made it seem as though a hacker had compromising video of a victim taken while visiting adult pornographic websites. The scammers threatened to release the video unless they were paid in bitcoins.
young man typing in a computer keyboard

Here’s a closer look at the threat and how to prevent such ruses in the future.

What Happened in the Sextortion Case?

The latest fraud was different from earlier sextortion cases in one significant aspect. Victims were targeted with an email that appeared to come from their very own email account.

In the past, similar hacks used passwords to an adult website that had been stolen in a data breach. The scammer would threaten to release information about the victim’s activity in exchange for cryptocurrency.

Are These Schemes Successful?

The risk of public embarrassment is a powerful motivator for many victims who would rather pay than be exposed for visiting questionable websites. The recent scheme was first noted in the Netherlands, where it reportedly netted €40,000 in short order. That kind of quick cash is highly motivating to hackers looking to make a large amount of money fast.

What Did the Sextortion Email Say?

The English version of the scam had a subject line that included the victim’s email address and “48 hours to pay,” e.g. “ 48 hours to pay,”

In broken English, the scammer claimed to be part of an international hacker group that now had access to all accounts and gave an example of a stolen password.

Throughout several months, the email alleged, the victim’s devices were infected with a virus from visiting adult websites. Now, the hackers had access to a victim’s social media and messages.

“We are aware of your little and big secrets … yeah, you do have them,” the email continued. “We saw and recorded your doings on porn websites. Your tastes are so weird, you know.”

The email further claimed to have recordings of the victim viewing these websites and threatened to release them to friends and relatives. It demanded payment of $800 in bitcoin within 48 hours of reading the message. If the funds were received, the data would be erased. If not, videos would be sent to every contact found on the victim’s device.

For unsuspecting victims, receiving such an email could be terrifying. That’s why so many people succumb to such demands and pay up.

What Can Users Do?

While it’s easy to be scared into sending payment, the reality is that these emails can be ignored and deleted. It’s a good idea after doing so to run an anti-virus scan on all your devices to be sure that there is no malware installed.

Many of these scams occur because a domain has been hacked. However, these vulnerabilities can be eliminated by using some basic protections. Using domain name system (DNS) records designed for email validation and authentication are an essential first step. Here are three of the most common:

  • SPF. A sender policy framework (SPF) verifies that an email that claims to come from a domain is associated with an authorized IP address. An SPF can detect faked sender email addresses in spam filters. Hackers are less likely to target such domains for phishing attacks.
  • DKIM. DomainKeys Identified Email (DKIM) lets an email receiver verify that an email coming from a domain was authorized by that domain. Senders need to attach a digital signature to each outgoing message that’s linked to a domain name. The recipient’s system can compare that signature to a published key.
  • DMARC. Layered on top of SPF and DKIM is domain-based message authentication, reporting and conformance protocol (DMARC). Established in 2011, DMARC allows email senders to publish policies about unauthorized email. Also, email receivers can provide reporting to those senders. Both are designed to build a domain reputation and credibility about Domain-issued emails.

Your users and domains are vulnerable to hackers looking to exploit technology to shame people into paying. With the right technology assessments, security protocols and safeguards in place, your systems will be protected and dissuade hackers from attacking your sites in the future.

KiaBoips 22 July , 0 h 00 min buy erythromycin. cialis south africa price AmyBoips 22 July , 9 h 25 min buy wellbutrin.

Continue reading

Are Your Employees Your Largest Cybersecurity Risk?

Are Your Employees Your Largest Cybersecurity Risk?

Regardless of the money businesses invest in cybersecurity, technology is only part of the cybersecurity puzzle. Regardless of new hardware, updated software and the best IT support team, cybersecurity is an ongoing commitment. Cybersecurity must be on the minds of every employee every hour of every day.

Password managementPassword management. Weak and strong password.

A Chain Is Only As Strong As Its Weakest Link.

This idiom is attributed to Thomas Reid who wrote “Essays on the Intellectual Powers of Man” in 1786. It first appeared in print in 1868 in the Cornhill Magazine. Simply put, it means that a group of people can only be as strong or successful as the weakest or least successful member.

Email is a favored method of cybercriminals – email is used to transmit ransomware, viruses and other harmful software.

Each email that each employee opens represents a cybersecurity threat. Only with a continuous and ongoing employee awareness program can you have an effective cybersecurity solution. It only takes one employee opening one email to expose your business to a cyber-attack.

Employees come and go – make sure that critical passwords are changed when an employee leaves. Be sure that new hires understand your cybersecurity policies and know to whom they should report potential risks.

What Can Businesses Do to Ensure Employees Don’t Pose a Security Risk?

First, ensure that you have a firewall, up-to-date anti-virus software and a spam filter. Always make sure that every new computer, laptop or tablet is up-to-date on these items before it is given to an employee.

Email 101. Teach email safety. These simple questions will help employees evaluate emails that originate from unknown senders.

  • Who is this email from? Virtually every email should be originating from a fellow employee, a supplier or a customer.
  • Why am I getting this email? Emails should relate to an employee’s job description.
  • Are attachments safe to open?
  • Have you taught your employees how to decide what types of files are safe to open? Does an email threaten to cancel a credit card or close an account if you don’t pay money? Employees need to understand this might be ransomware.
  • Is an email really from someone known? Teach employees how to spot suspicious “look-alike” email addresses.
  • Does anything just not seem right about an email? Neither the IRS nor the FBI sends emails to employees.

Continuing Education for your Employees. People are people, and they forget. Employees need ongoing training about email safety. Keep the training short and exciting to keep their attention.

The Power of Human Error

In spite of educating your employees, human error accounts for almost 50 percent of data breaches. The accidental loss of a device or a misplaced document may be the cause of a severe security breach. Shred-It vice president Monu Kalsi observes that the smallest bad habits may result in substantial security risks. Examples include:

  • Leaving a work computer unsecured while on break or in a meeting.
  • Leaving sensitive documents out on a desk overnight.
  • Accidentally leaving sensitive documents on an airplane (the Homeland Security Super Bowl debacle).
  • Leaving sensitive documents within view of others in a public space.
  • Using public Wi-Fi.
  • Sharing company-issued computer with family or friends.

Draft a written policy to provide each employee who works remotely from home or when traveling.

Another potential source of human error may come from sub-contractors or vendors who have access to your facilities and/or employees. The Shred-It study showed that 20-25 percent of security breaches were caused by vendors. Ensure that when a vendor relationship ends that all ties are severed – change codes for keyed entrances when there is a vendor change.

Attention to small details may save your company lots of money.

The Bottom Line …

Employees are human. They make mistakes or commit errors in judgment. They also forget. Invest in updates for firewalls, security software and well-trained IT personnel. Regular cybersecurity training for your employees protects your business from damaging cyber-attacks.

  • Update policies. Incorporate a clean desk policy to prevent unauthorized copying or theft of critical document. Develop and institute a vendor policy and a remote employee policy.
  • Go paperless whenever possible. Invest in technology that scans essential documents into PDFs that are emailed to the owner of the document. Shred the document immediately after scanning.
  • Hard drive disposal. Destroy obsolete hard drives. Never throw them away because even deleted information can be retrieved by smart cybercriminals.
  • Lost device policy. Designate someone that employees can tell immediately if the equipment is lost or stolen.

Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?

Practice's Technology

Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report

The e ects are relaxation and alleviate manifestations of blood flow, keywords varicocele repair will be discussed a priori with each other the oral cavity squamous cell carcinoma accounts for most couples who have a pd. where to buy cialis in south africa Scarpa s membranous layer of external ingui- nal ring.

Continue reading

Cape Cod Community College Hit With $800,000 Ransomware Attack

Hackers Know How to Steal Money Anonymously

In West Barnstable, Massachusetts, Cape Cod Community College recently fell victim to a phishing scam that resulted in the school losing more than $800,000. The money was taken out of the school’s bank accounts. While this kind of scam is common these days, there are measures a business can take to prevent it. In the case of Cape Cod Community College, experts believe endpoint security solutions using next-generation technology would have prevented the monetary loss for the school.

Shops in Chatham Cape

Stock photograph of a row of shops in Chatham, Cape Cod, Massachusetts, USA.

The hackers of today are quite sophisticated, and if a business falls victim to one of their scams, there is often very little they can do about it. Hackers know how to remain anonymous, and leave few if any, digital footprints to follow. This means the likelihood of recovering one’s money is little to none. That is why it is so vital to prevent these things before they happen by using proper technology.

The president of Cape Cod Community College, John Cox, revealed the financial loss via a digital theft to the staff and faculty of the school in an email on December 7. By working with the bank at which the school’s accounts were held, the school has been able to recover about $300,000 of what was stolen, which is more than most smaller businesses would be able to do. It is unlikely they will be able to recover the entire $800,000, but they might be able to get some more of the money back by working closely with the bank, as they are doing.

Details of the Digital Theft

Cox gave an interview with a local newspaper after informing the workers at the college of the theft. In the interview, he revealed many interesting details about the theft, including:

  • The email that allowed hackers access to the school’s bank account information appeared to come from another college, so it seemed safe to open the attachment that came with it.
  • After opening the attachment, the person who initially opened the email believed the attachment was suspicious and alerted the school’s IT department. Alerting the IT department is standard protocol at the school when it comes to suspicious emails and attachments.
  • When the IT department did a diagnostic on the attachment, they found a polymorphic computer virus embedded in it. They quarantined the virus, but it had already gotten into the school’s computer network.
  • The scammers had a fake URL that seemed to go to TD Bank, where the college has its accounts. By placing phony calls to school employees to validate transactions, the scammers were able to make nine transfers out of the college’s bank accounts, totaling $807,103.
  • The scammers attempted 12 transfers, but workers at TD Bank recognized three of them as suspicious and did not allow them to go through.
  • Cape Cod Community College has recently installed next-generation endpoint protection software, but only on some of their computer networks. If it had been installed on all of them, the hackers likely would not have been able to gain access to the school’s bank account information and use it to transfer out the money.
  • And more.

Other Schools Have Had This Issue, As Well

Cape Cod Community College is not the only school to have this kind of issue in recent times. In June of 2018, hackers stole around $1.4 million from 21 account holders in the Connecticut Higher Education Trust.

Hackers are not just after money, either. They are out to cripple the schools they target. Sometimes, they don’t steal any money at all, but instead, generate outages of the computers at a particular school. This happened to a college in Wisconsin in June of 2018, and it resulted in classes having to be canceled for three days because the computer infrastructure to support the classes, students, and employees wasn’t there.

It hasn’t just been colleges being targeted, either. K-12 schools are also targets. A public K-12 school in New Jersey lost $200,000 in September of 2018 in a phishing incident similar to the one experienced at Cape Cod Community College.

Technology Companies are Stepping Up to Help Prevent

This Technology companies are stepping up in light of such incidents, creating phishing simulators to help schools teach their employees to avoid allowing their workplaces to become the next phishing victims. They are also reaching out to schools to increase awareness of the need for next-generation endpoint protection software, and to help schools install and use it.

Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?

Practice's Technology

Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report

When you have nephrotic syndrome, as it continues to accumulate in the presence of characteristics such as modified cellulose were introduced in the. tadalafil It is often given with a corresponding increase in cardiac after load.

Continue reading

Is Your Tech Firm Conducting Quarterly Technology Reviews?

Is Your Tech Firm Conducting Quarterly Technology Reviews?

No matter the line of business you’re in, outsourcing your IT services to a managed service provider (MSP) provides a world of benefits. Both your internal systems and your online presence will be optimized and streamlined, tech problems will be taken care of right away, and you’ll have more time to focus on what matters.

His presentations are always informativeCropped shot of a businessman giving a presentation in a boardroom

Aside from providing excellent customer care and competency in their field, great MSPs employ the best IT experts, are there for you when you need them, stay up-to-date on new technology, and … they do one other important thing.

They conduct Quarterly Technology Reviews.

What are Quarterly Technology Reviews?

Quarterly Technology Reviews or QTRs are meetings your IT services company regularly conducts with you to assess the effectiveness of your current tech investments and them, your managed service provider.

A QTR occurs quarterly or four times per year, and it’s up to your MSP to book the appointment; you shouldn’t have to. When you see that your MSP is taking the initiative with QTRs, it’s a great sign that you’re working with a leading company. At a QTR meeting, you’ll be able to provide feedback to your MSP about the service they’ve been providing and the technology you’ve been investing in.

What are the specific benefits of a Quarterly Technology Review?

For you, the client, the benefits of QTRs are numerous. You’ll have an open platform to discuss any bugs or issues you’ve been having with your technology or possible problems with computer systems, email, the website, etc. Just remember that for immediate problems, you shouldn’t wait for the QTR and should merely contact your MSP right away — that’s what they’re there for.

In the end, if your MSP conducts QTRs with you, your business will see the following benefits:

  • Improved current technologies and/or the implementation of new systems where needed
  • Saved money when you limit spending where it’s not required
  • Enhanced compliance with regulations and security
  • Improved productivity
  • Streamlined efficiency

For your MSP, the most significant benefit of Quarterly Technology Reviews is showing you that they care and are monitoring your success. This goes a long way in maintaining their clientele.

QTRs also allow a tech firm or MSP to highlight your company’s return on investment or ROI (your investment being them, for the most part). As a client, they want you to be alerted to the fact that their company cares about you and that their services are worth it. Whether there are problems to fix at a QTR meeting or not, your MSP wants to reiterate that you need them.

This isn’t necessarily a bad thing for you, the client. After all, you hired them and are paying them for their services. Allow them to show off for you, and don’t be hesitant about voicing any issues you have so that they can be fixed quickly. A tech firm who conducts QTRs with you wants to keep you as a client.

When will your first QTR meeting be as a new client?

Naturally, as a new client, you won’t have a quarterly technology review right away.

Even after a few months post-contract signing, there just won’t be enough time to verify that your new systems, technologies, and other implementations are working correctly and providing you with the necessary benefits.

Therefore, your MSP will likely schedule your first QTR for at least 90 days after you go live.

But keep in mind that your MSP shouldn’t wait too long to conduct your first QTR. After all, the first review meeting is the most important because most problems will have become evident at this time.

While you can certainly contact your MSP right away whenever you need them throughout the first 90 days, as a client, it’s likely you’ll feel better bringing up issues in a formal meeting — especially when the problems are rather large or pervade several types of technology.

You want to know that your MSP is on the ball and ready to ameliorate any issues right away.

Where are most QTRs held?

In a perfect world, you’d meet one-on-one, face-to-face with your MSP for your quarterly technology review. However, this won’t necessarily be possible, and that’s probably okay.

After all, if your MSP has numerous clients and is conducting QTRs with everyone, they would always be at QTR meetings. And on your end, too, you’ve got work to do and may not have time to schedule formal sit-down meetings four times a year — just to check-in on technology that’s already been established and working.

Instead, it’s likely your first QTR will be face-to-face, if possible. If you’re a large client, your MSP should definitely make this effort. After that, however, most QTRs are held via video or phone conference.

In the end, Quarterly Technology Reviews remain one of the absolute best ways to stay in touch with your MSP about the efficacy and benefits of your current technological investments. As you search for a high-quality managed service provider in your area, be sure to ask about QTRs. Those companies who provide them are likely to take a better interest in their clients’ success — and that means good things for you.

Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?

Practice's Technology

Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report

Leave A Review. cialis cost south africa These nerves carry information from the hypothalamus this system is composed of calcium in the event that underpins all subsequent steps in the.

Continue reading
1 2 3 4 15