Author: Data Systems Management

Phishing

Posted by on in SecurityLeave a comment

PHISHING

Do you love fishing?  Of course you do.  You know who else loves fishing?  Hackers!  Only, they spell it with a PH because it’s cool and looks “techy.”

And they can’t wait to send their phishing emails out because they know that the world is full of click happy rubes who won’t think twice about clicking on a link they supplied after warning you that your world is going to end if you don’t click on that link and sign in with your username and password.

You see, phishing is a social engineering technique.  The hacker might attempt to make the recipient believe that there is a problem with some account associated with the user.  They’ll send emails with attachments that look legitimate to the user so that he/she will click on it.  They might even make phone calls to try to get information from the user.

Phishing attacks are some of the most common cybersecurity threats going around.  Successful attacks can lead to identity theft, data breaches, financial losses, and falling victim to ransomware.

The moral of this story?  Don’t just click on links in an email… especially if the link is asking you to log into an account! Phishing doesn’t just happen with emails.  There are several different ways hackers attempt to coax information from you.

  • Email Phishing: Fraudulent emails mimicking trusted organizations.
  • Spear Phishing: Targeted attacks aimed at specific individuals or companies.
  • Smishing: Phishing via SMS or text messages.
  • Vishing: Phishing conducted over phone calls.

How do you minimize your chances of falling victim to these attacks?  Follow these simple rules;

VERIFY THE SOURCE.  If you not sure who’s asking you to click on a link or sign in to something, then verify who it is.  It goes without saying, so I’ll say it… DO NOT contact them using any phone number or email address conveniently supplied inside the email or text.  Contact them using addresses or phone numbers from their official website or official directory.

    DON’T JUST CLICK ON A LINK.  That site you go to might look legit, but it’s supposed to.  If you think you need to go to that website, then type the organization’s URL directly into the browser.  As for attachments… they might contain malware.  Verify the sender is legitimate AND that he/she sent you the attachment.

    KEEP YOUR SOFTWARE UPDATED.  Older software, including Windows versions and updates, are more susceptible to exploitation.  Many of these updates can be automated, so that leaves you plenty of time to play solitaire… you know… if you did that sort of thing at work… I’m not judging.

    USE MULTI-FACTOR AUTHENTICATION (MFA) when logging into… wait…

    Is it login to, log into, or log in to?  But I digress…

    So where were we?  Use two-factor authentication when logging into (we’ll go with that one) all accounts.  This also reduces the risk of unauthorized access to your account if your username and password gets compromised.

    USE COMMON SENSE.  If you get an email with generic greetings like “Dear customer,” or (especially) of you get some urgent message that you need to log in immediately or calamity will ensue, definitely question the request.  Also, most email services and browsers have built-in phishing protections.  However, the best software security is useless if you get all click happy in your email.

    JUST HANG UP if it’s a vishing attempt.  Don’t engage them, don’t try to figure out anything about them.  Many vishing attempt begin with a robocall, and many of those calls are designed to trigger after hearing the word “hello.”  If you answer your phone with some sort of greeting, you may only hear silence on the other side.  Also, the phone number is probably going to be spoofed and might look like a local number, so don’t rely on that for verification.

    So how do you prevent or minimize phishing attacks?

    • Train your employees on how to spot phishing attempts.
    • If you have the ability, simulate an attack to test your employee.
    • Ensure your software is updated.
    • Limit access to sensitive systems.

    CONCLUSION

    With the advancements in AI technologies, it’s easy to create and distribute professional-looking emails and professional-sounding phone calls.  Using a combination of cybersecurity awareness, knowledge, and vigilance will go a long way in keeping the phishing attacks to a minimum.  Caution, education, and technology are the ways to go!

    Maintenance

    Posted by on in Hardware/SoftwareLeave a comment

    Image result for images of washing your computer

    Maintenance.  Just the very word itself brings up dreary thoughts of things like home improvement, home maintenance, vehicle maintenance etc. etc. etc.  The list seems never ending!

    With the help of Data Systems Management, your system maintenance can be a breeze!  We are here to offer our help along with IBM and are here to keep your systems covered under a maintenance contract.

    Let’s be clear here,  There are actually several different maintenance contracts that need to be reviewed annually to ensure you are not left without coverage.

    Image result for images of software maintenance

     

     

     

    So let us begin with the most important one.

     

    Hardware Maintenance:

    What is it and how does it benefit me?

    To begin with hardware maintenance is the coverage you need should anything go wrong with your server.  You will need an IBM representative to show up and help diagnose the problem your machine is having.  Not having the maintenance coverage is not an option.  this coverage can pay for itself in one on site visit.

     

    Software Maintenance:

    What is it and how does it benefit me?

    Software maintenance is critical in the event there is an update that is done and requires a tad more expertise than your office has or should there be a bug in the update etc.  Again, the maintenance contract can pay for itself in one on site visit.

     

    DSM Software Maintenance:

    Again, any update done by DSM on our software may contain an element that does not work properly with your exact system.  Even though we extensively look at each client’s system and take all things into consideration, an older server can create a problem with an update that is totally unexpected.  so just like in the above statement, signing a software maintenance contract with DSM on an annual basis is an absolute must.  With laws that constantly change, programming has to constantly change.  Any of these changes could create a problem with your server and that is not the goal we are trying to reach.

    Wrapping things up:

    DSM Software Maintenance:

    In essence, the moral of the story is to keep your maintenance contracts under close supervision.  I know its just one more thing on your plate to think about so the changes I have made here at DSM promise to make this as easy as possible on the client.  Annually DSM sends out a letter asking for your DSM software renewal.    We ask that you read and sign the contract.  This will only take a few minutes of your time and it will increase your level of security in the event of a problem.  This is the software you work on everyday.  The software that operates your programs like payroll, tax, justice court, and your financial packages.  Think of your DSM software renewal as your daily insurance program.

    Server Maintenance:

    This one gets a bit trickier to keep up with, so I have created a system by which I track who has coverage and when that coverage expires.  It even tells me if the coverage is for 1 year, 3 years or 5 years.  It lets me know if you have 9×5, M-F coverage or if your coverage is 24×7 coverage.  As I stated it gets a bit trickier so I decided to take the bull by the horns and create a system for keeping you up to date on your coverage.  You will see a letter from me 90 days prior to your coverage expiring and each 30 days thereafter you will receive additional notifications letting you know that your maintenance is up for renewal.    This maintenance includes your actual hardware and your software.  The software I am speaking of here is the actual operating system software.  Think of this as a type of car insurance.  Just like your auto coverage, this contract covers your car and the engine so to speak.  the seen and unseen parts of your computer.

    Now that your understanding has been refreshed on the value of maintenance coverage, please feel free to contact me at 601-573-6130 or awalker@datasysmgt.com to find out when your particular coverage expires.

    I look forward to hearing form each of you very soon!