Monday, June 18, 2018

Cyber Security - Essential Advice for Small Businesses

Small business owners rely on the Internet for everything from ordering stock to keeping in touch with customers. Unfortunately, this brings exposure to the increasing threat of cybercrime. In addition to stealing money by fraud and deception, cybercriminals may set out to damage your reputation or put you out of business altogether. 

A business can never be completely safe from the threat of cybercrime, but most online attacks can be prevented by some basic security practices. Online security should be taken as seriously as the need to lock doors and store cash and valuables in a safe. Customers expect and have a right to the security of their data, and it's essential that steps are taken to prevent it falling into the wrong hands.

The following tips will increase your defense against online attacks. 

1) Use strong passwords. 
Strong passwords are an essential layer of protection. All staff should understand the need to have suitable passwords and the risks of writing them down or sharing them. A mix of at least ten letters, numbers, and other characters should be used to create strong passwords. Familiar words, names, and consecutive numbers are particularly vulnerable to hackers.

2) Use security software. 
A firewall and antivirus software can prevent the majority of cyber attacks. Don't cut corners with these protections as you put your business at risk if you connect to the Internet without them. Antivirus software must be updated on a regular basis to ensure the latest forms of malware identified and deleted.

3) Limit personal use of company IT equipment. 
Accessing personal email accounts and social media on company computers carries a high risk. Staff should be given clear instructions on their role in cybersecurity and the dangers of visiting websites not approved for company business. Viruses and worms can be hidden in online games, apps and attachments sent with emails. 

4) Protect your website. 
A company's website is a valuable resource, and it must be protected. Hackers may attempt to corrupt information on a website or take it down completely. Admin level access should be tightly controlled as this is one of the routes cybercriminals use for attacks. Hackers are continually scanning websites for vulnerabilities, so software and plugins should be updated regularly to make sure they are the latest versions.

5) Take a cautious approach. 
Cybercriminals are becoming increasingly sophisticated. Their methods are continually evolving, and security software can't protect against all of the strategies they use. For example, cybercriminals might copy the identity of legitimate businesses and use these to deceive you. Common sense and caution are as valuable as antivirus software when it comes to cybersecurity.

6) Plan for the worst. 
Cybersecurity experts advise that planning and preparing for an attack is essential. Do you have the expertise and resources to deal with a cybercrime within your business? If not, who would you call on after an incident? Having a recovery plan can make the difference between a couple of days loss of business or a long-term impact.

The threats are always changing in the age where the Internet and technology have become part of everyday life. Small businesses are regarded as soft targets by cybercriminals, and steps must be taken to protect against attacks.

Robert Blake
877.860.5831 x190

If you have question or need help securing your technology, please give us a call 877.860.5831 x190 or check out our website.

Monday, June 11, 2018

Just released our 20 signs that your business is ready for managed services e-book

file:///Users/reblake/Downloads/eBook email announcement1.html

We know, we know. You've already seen our website, and you know what Bit by Bithas to offer. Well, what we're emailing you about today is something totally new! If you or anyone you know is still curious about whether managed IT services is the way to go, we're releasing a free e-book: 20 Signs That Your Business is Ready for Managed Services.
This no-obligation download takes a tour through the network of an average small-to-medium-sized business to point out every way a managed services provider (MSP) can improve the way things work.
Think of this free PDF as a before-and-after photo for your technology. We've gone one-by-one through the most common pitfalls of underfunded IT departments show you what your technology could look like after switching to a managed IT services model.
  • Do you have a disaster recovery plan? Does it include everything listed in our e-book?
  • Can you select and deploy new technology and services as fast as we can?
  • Is your technology as scalable now as it would be with managed services?
After you've finished reading, if you still don't feel like our model is right for you, no problem! We just wanted to provide some free advice so that when you're ready -- you know whom to call.

Thursday, June 7, 2018

Quote of the Day

" We either make ourselves miserable or we make ourselves strong. The amount of work is the same."

- Carlos Castaneda

Monday, June 4, 2018

5 Reasons Why You've Chosen the Wrong Passwords (And Need to Change Them Pronto)

You have loads of passwords and are fairly happy they are good enough to keep your personal data safe. Still, a tiny part of you has reservations. You wonder whether you could have made better choices. Then again, who would want to steal your information, anyway? It's not as though you're a prime target, or so you imagine. Maybe it's time to think again. Everyday people lose valuable information to hackers. Here are five reasons your passwords are not as foolproof as you think.

Your password's the name of your pet

Come on, really? Everyone knows it's a bad idea to select your pet's name as a password, or do they? In truth, you're not alone. Plenty of people consider "Mr Fluffy" or whatever else they call their dog, cat, or gerbil an ideal password. After all, no one dodgy will figure it out.

Hang on a minute, though, do you call "Mr Fluffy" in from the garden sometimes or post Tweets about his antics? Enough said.

You chose 123456

Number sequences, especially those that start with one, are easily guessed. A few tries and most hackers with a brain will be able to retrieve your data. People often choose numbers because they are easy to remember. Unsurprisingly, they are also easy to uncover.

Avoid your birthdate too, or the birthday of your spouse or parents, as such data is simple to discover. Also steer clear of dates of other special events like when you purchased your home or got married.

Your password is password

"Password," "apassword4u," or anything remotely similar is a poor quality choice. You might as well use "grabmydata" if you're prepared to give up your privacy so easily. Lots of people make the same mistake and think they are clever. 

Oh, and "drowssap"--see what was done there?--although an improvement is almost as bad. What about adding "abc" to "123?" Is that helpful? Yes, but only for hackers.

Your password's full of sunshine

Don't you just love the sun? Plus, you've got a sunny disposition, so it makes sense to use the word sunshine as part of your password. Just typing it makes you feel good. You'll be upset, however, when hackers cotton on to your not so secret word. You see, sunshine is so popular it's always worth a try when you're a computer hacker making an educated guess.

You think "letmein" is a good idea

"Trustme," "letmein," and "mysafeword" are highly guessable passwords. Even if you add a digit, hackers will not find getting into your data a challenge. Any word relating to safety or data or safety and data is not a great choice.

Millions of passwords are hacked every day. If you don't want yours to be among them, take note of the tips mentioned. Select a unique sequence of letters, words, or characters, something no one else will guess, and keep your data safe. 


Please contact Bit by Bit at 877.860.5831 x190 if you need help with this or other technology solutions. 

Tuesday, May 22, 2018

Quote of the Day

Life is like riding a bicycle. To keep your balance you must keep moving. - Albert Einstein

Monday, May 21, 2018

Your Digital Assets Part 3

Your Digital Assets Part 3
The following is the final writing of a multi-part blog series providing helpful information to protect and pass on your digital assets.
The prior two blogs detailed the potential problems and concerns of ignoring your digital assets.
This blog provides you a bullet list of points on how to prepare now for the disposition of your digital assets.

1. Create an inventory. It is in your heir’s best interest for you to create inventories of your electronic data with log-on IDs and your passwords.  You need to keep the information somewhere safe, keep it current and secure.  Update the information regularly.  The items to include in the inventory are as follows:
· Computing hardware, such as computers, external hard drives or flash drives, tablets, smartphones, digital music players, e-readers, digital cameras, and other digital devices
· Any information or data that is stored electronically, whether stored online, in the cloud, or on a physical device
· Any online accounts, such as email and communications accounts, social media accounts, shopping accounts, photo and video sharing accounts, video gaming accounts, online storage accounts, and websites and blogs that you may manage
· Domain names
· Intellectual property, including copyrighted materials, trademarks, and any code you may have written and own

2. Use a password manager, such as LastPass, 1password or Dashlane.   And share that information with your executor.  Do not put log-in information or passwords in your will.  If you have the one password, that allows the executor to see all the sites that you log into on a regular basis.  It will be like having a digital net worth statement.
3. Consider an online vault, such as, Google Drive, Apple iCloud, Microsoft One Drive, Dropbox, Everplans. or ShareFile. is very collaborative and the best overall security.  Dropbox is the easiest to use and is cross software compatible.  If you passed away, the executor who had the power of attorney would have all the digital estate planning documents, insurance planning documents, tax returns, etc., so he / she could piece together the information needed to start the disposition of the estate.  Between the online vault and LastPass, if they have the correct password, the executor will be able to do their job easily.  You can also store this information securely with your attorney or in a locked file cabinet or safe.
4. Write your digital-asset plan into your estate documents. You must be very clear about it, do not rely solely on the generic powers of an executor or a general definition of assets to assume the powers will include your digital assets. The more specific you are about your intent and that you want your executor to have access, the better.  In wills and other estate documents it is helpful to add language to make it clear that the executor should have the same access as the account holder had during his/her lifetime for all digital accounts, specifically including access to content. Or some other broad way of saying that you want your executor to step into your shoes.  A new name for your executor may be your Digital Executor.
5. Consider writing both a broad statement of intent for digital assets as well as specific directions for each account.  You should create a memorandum addressed to one’s executor and heirs indicating the intentions regarding specific digital accounts.  To avoid the problem of forgetting to include an account, you need two statements. “Due to the dynamic nature of technology and the fact that an average American could have hundreds of accounts, I also recommend a general statement of intention to encompass all other accounts — past, present, and future — belonging to the decedent.”
6. Think carefully and be specific about what you want your executor to have access to. For example, will you allow your executor to read all your email messages?  If not, you should be clear about granting such power.  When an executor is granted the power to access a decedent’s online accounts, the executor’s authority might ought to be limited and specific in nature.  This way they are not allowed an extensive and invasive search of the decedent’s online records.
7. Pick your Digital Executor carefully. Consider what information they will have access to in your online accounts.  And this person needs to have some tech savvy skills to work with the accounts.  It is so very important nowadays to think about who that person is, because they’re going to have access to some very personal information.  Plus, they will need to have the know-how to work through the maze of accounts, logons, and passwords.  Otherwise they are not going to deal with it.
The task of dealing with your digital assets will be challenging.  To help motivate you, think about the mess you may leave behind for your loved ones when you are gone.  
There is much more that we have not touched on.  For instance, the gamers out there, we know there is much value in certain characters you have developed online as well.  An asset of value should be cared for.

This concludes my three-part blog series.  If you feel we have missed a certain segment or an important point, we gladly accept any additional thoughts or criticism. We can always blog more.

Corey N. Callaway
Investment Advisor Representative
721 N Fielder Rd., Suite C
Arlington, TX  76012

Securities offered thru Callaway Financial Services, Inc.
Member FINRA and SIPC

Never Share Your Security Access Information

Protect Yourself From Fraud
Because protecting your accounts and personal information from fraud is and always will be a priority, we want to make you aware of a recent scam and what you can do to protect yourself.
Recently, fraudsters have started "spoofing" or falsifying the phone number displayed on your caller ID to disguise themselves as a reputable company. The scammer pretends to be from a trusted source and asks for your account access credentials and uses them to directly access your account, your money and your personal information.
For your protection, we want to remind you that most providers you do business with, including Frost, will never call, email or text you to update, provide or confirm your account access credentials. Only you should know your account access credentials and as your trusted partner in banking, we would never reach out to you to ask for them.
Your account access credentials can include:
  • User ID
  • Password
  • Security questions
  • 4-digit password for the Frost mobile app
  • 6-digit debit card PIN
  • One-time passcodes delivered to you via text message
Under no circumstance should you provide your account access credentials to anyone over the phone, via email or text. Should you receive a suspicious call or believe you have provided your account access credentials to a fraudster, hang up and call us immediately at 800-513-7678.
To learn more about how we can work together to help protect you against fraud, visit our Fraud Prevention page.