“Florida city to pay $600K ransom to hacker who seized computer systems weeks ago”

One of the most terrifying new threats to organizations is ransomware. This type of digital attack is one of the most disruptive and costly things that can happen to an organization, as one city in Florida recently found out.

Rivera Beach, a small city of 35,000 people was recently targeted after an employee clicked on a malicious email link. After encrypting vital government systems like fire department and police computers, CNN reports that hackers demanded that the city pay a ransom of  $600,000. With no alternative, City officials recently voted to agree to the hackers demands which will be paid out of the city’s insurance money.  

Cybersecurity firm Recorded Future found that in the US alone, at least 170 county, city or state government systems have been attacked since 2013, including at least 45 police and sheriff’s offices. In 2019, there have been more than 20 major US public-sector attacks which typically force affected cities to quarantine their networks and provide most of their municipal services manually.

Attacks By Hackers Are On The Rise

You may be thinking that this is unlikely to happen to you or that your business’s data isn’t important enough to gather the attention of hackers. Sadly, this isn’t the case. Ransomware is so dangerous because hackers know how valuable your data is to you! Albertan organization are just as likely to be targeted for smaller attacks as any other place. We’ve recently helped a company in Edmonton recover from one such attack, which you can read about here. 

Many ransomware attacks start with an employee clicking a malicous link. We’ve created a helpful guide to share with your staff on ‘How to Diagnose a Phishing Email’. If you’re looking for help on how you can protect your business. Our IT team is happy to help you plan for the future.

Click the link below to book a meeting with our team!

Buying, Leasing, or Renting Computers: What Should Your Small Business Do?

Should You Rent, Buy, or Lease Your Company Computers

One challenging decision that new entrepreneurs or growing companies face is whether to buy, lease, or rent computers for your staff. 

It’s probably not a decision you realized you’ll need to make, but it’s an extremely important one to ensure the long-term productivity of your staff. 

In this guide, we’ll help you learn which option is right for you!

1. The Buying Option

Purchasing computers can be a big capital expenditure. In fact, it would be the highest upfront cost of the three options.  It also would give you a limited number of write-offs as a business.

On a positive note you would own the inventory and also be able to purchase extended warranty for the computers for 3-5 additional years just in case you need any parts or a complete replacement. 

Some business owners like to overlap this option, for example purchase 10 computers this year and 10 new computers next year to extend the upgrades. Typically, owners would do an image deployment of the operating system.  This involves customizing the operating system (OS), applications, drives and settings on a single computer and creating an image of it, then automatically deploying this image to all other computers. This usually saves time, effort and creates a standardization.

If this sounds like the option for you, our team can help you purchase computers at a discount and set them up. No long-term contract needed. Contact us to learn more.

“you may not realize that you’ll be required to undergo a credit check”

2.The Lease Option

Leasing computers allows you to have a lower upfront cost than option 1, but more ongoing costs. Typically leases are paid monthly or annually and you will continue paying until you have the option to purchase the machines at the end of the lease.

This option would also provide a 3rd party lease write-off as an operational expense.  Additionally, you would lease your computers from the manufacture and have their direct support. 

One thing you may not realize that you’ll be required to undergo a credit check. If you’re a new business, your company may or may not have established a credit rating yet, which could eliminate this option completely.

3.The Renting Option

Renting provides some comfort knowing that your provider is responsible for everything and the service and ongoing support will be provided to you for the term of your rental.  Renting is typically the same price as a lease option with a bit more overhead on each machine as they are loaded with all of the software, firewalls, and protection required. Additionally, this could be used as a business write off.

Renting has the additional benefit of allowing you to be nimble with your technology adoption. As your business changes, your technology requirements may change. Renting allows for a quicker change of your core systems. 

Managed Services providers like ARC typically provide access to all three options.

We hope you’ve found these tips helpful as you decide what to do. If you ever need any advice, our team is happy to help. We provide IT services for a wide variety of companies across Canada and over the last 21 years, we’ve seen it all. 

Contact us if you need a hand deciding on if buying, leasing, or renting computers is the right option for you! 

Case Study: A Firm Gets Attacked by Ransomware

Client Profile

The Organization:

Our client is an Edmonton-based design firm (for privacy reasons, we’re unable to share their name, just their story).  Their team of experienced architects specialize in many types of projects ranging from commercial retail and office, to national restaurant chains in Canada.

The Challenge:

When firm called us, they were in a full crisis mode. A hacker had installed ransomware on their company’s server and was holding their company’s data hostage. Their business was in grave peril.

"The hacker got through the unprotected firewall and installed ransomware and encrypted the firm’s data."

Some Background:

The firm called ARC Business Solutions previous to the security hack and requested an I.T. Audit.  We preformed the audit and identified the problem of an insecure firewall and provided solutions.  The firm at the time decided to hold off for the time being.  The security hacker got through the unprotected firewall and installed ransomware and encrypted the firm’s data.  The hackers held the company’s server hostage and requested ransom of $3000 worth of bitcoin.   The firm paid it in desperation and received nothing in return.

The Solution Highlight:

In situations like this, drastic measures need to be taken. ARC shut down and cut off all systems from the internet, and systematically cleansed the infection from the system. Although the situation was not ideal for the client to have all systems temporarily shut down, ARC was successful in preventing further threats. 

We isolated the server and were also able to recover valuable data and scrub the software from the database.  Lastly, the firm is now protecting against any future attacks as we have implemented security measures and modern firewalls. 

It is clear that the best way to respond to a ransomware attack is to avoid having one in the first place.  Other than that, making sure your valuable data is protected will ensure that your downtime and loss will be minimal or none. 

How to Diagnose a Phishing Email

All of us have received suspicious emails in our inbox.  Some of these messages can even fool our firewalls and anti-virus software.  It is very important that we know how to decipher these messages as a second line of defence from these security attackers.  In this post, we’ll show you what to look out for and how to protect your organization. 

Interested in a downloadable copy of this article? Click here.

An Example Of A Phishing Email:

1. Hover over from email address: John.Smith@abccompany.com

  • You can see what initially appears as an email address can be altered.  You need to hover over it to see the exact source. For example, it could actually be sent by hackeremail@differentdomain.com, rather than what it appears.
  • Ask yourself: is this email coming from a real sender?

2. Hover over the link: View project online link to see what the true URL link location is.

  • Ask yourself: is this is a trusted site?  Would the sender send me this email to direct me to another site? Is the domain trustworthy?

3. Be wary of links: “click here“, “your message is waiting“, “view project online“, these links are usually sending us to the outside world.  These links can be altered to read something other than the real link.  

4.  Main message – use common sense defensive questions: is this sender asking for money, passwords, or access, or viewing?  Would a real sender ask me this kind of message? (for example, if a phishing email is tailored well to have the Manager’s email address, would my Manager ask me to send him Bitcoins)?

How To Defend Against Phishing

  1. Spam filtering is the first line of defence. It will determine if the majority of the messages coming in are legitimate or not. If the email is well crafted it can fool spam filtering.

  2. If the email gets delivered to your inbox, then YOU are the second line of defence

    .
  3. If you mistakenly click an email or get sent to a site with malware, firewalls, anti-virus programs and a good IT team is your final defence.

If you do click on a link, a good firewall should be able to block the virus. The content would be blocked from being opened to your local machine.

Web filtering should also be enabled on your network. For example, if the link tries to take you to a website that is located in a suspicious country it should automatically be blocked.

A good Unified Threat Management (UTM) will determine if the source of the link is a good source or one that should be blocked.

It doesn’t matter if you have a very secure system in place. It only takes one untrained staff member to be fooled by a phishing attack. Make sure that both you and your staff understand the telltale signs of a phishing attempt.

How To Protect Your Business From Phishing Attacks

Download Free eBook

  • Learn what common tactics phishers use to trick employees
  • Learn what systems you can put in place to stop them before the inbox
  • Learn how you can protect your company today

Case Study: One of the Largest Theatre Companies in North America Needed More Than Managed Services

Client Profile

The Organization:

The Citadel Theatre is one of the largest not-for-profit theatres in North America, drawing over 130,000 patrons from a large geographic region. Their building features 5 performance spaces and  is home to three resident theatre companies: Catalyst TheatreRapid Fire Theatre, and Theatre Yes, in addition to creating partnerships with Edmonton theatre and dance companies, including Brian Webb Dance Co. and Firefly Theatre & Circus.

The Challenge:

When the Citadel came to us, they required much more than a typical managed services package. They needed to update the technology powering over 100 employees, implement a new network of digital signage throughout their facility, and introduce a company intranet to aid communications with staff, performers, and partners.

The Solution:

Due to the wide range of challenges the Citadel faced, we took a layered approach, rather than a one-size-fits-all solution.

Ticket Solutions – We sourced, installed, and trained the Citadel team on a new ticketing system that interfaced with website ecommerce, on-site printers, and financial systems

Staff Computers / Laptops – We provide desktop and laptop computers and service for over 100 employees 

Firewalls & Data Back-ups – We ensure employee data is secure and protected from hacking, phishing, data loss, and hardware failure

Customized Digital Signage – The Citadel team came to us with a challenge: they needed a new system of screens throughout their building to promote new performances, building announcements, and sponsor messaging. We sourced screens and developed a system to manage the screens centrally and within a user-friendly interface.

Day-to-day support – whenever a tech problem arises, our team is on site to help, day-in, day-out.

Mobile App / Light Intranet – The Citadel was looking to implement a company intranet to help communicate messages to employees, share internal events, book amenities, and coordinate company-wide news. We introduced them to our ARC Intercom system which was tailor-made to help groups of people, like organizations or communities, stay on the same page. Once they found out it could also save them thousands of dollars a year over competitive products, they jumped on board immediately!

In the ever-changing world of technology, solutions don’t always come in neat little packages. That’s why we’re here to help you find the best solution for your unique circumstances. We’re proud of our work at The Citadel, and we hope if you’re ever in Edmonton, you check out their excellent productions!

We’re here to help with your IT challenges. Contact us here and we can get started right away!

Why Your Company Needs An External IT Systems and Security Audit

Do you know if your firewall is up to date?

What about your network infrastructure? Ensuring that everything is current and secure takes up valuable time and resources. What you need is a clear picture of your existing technology environment, and where it should be, and a tech audit can provide that.

That’s why we offer a Free Tech Audit. Essentially, it’s an hour-long, on-site assessment of your environment. When you submit your request for an audit, we’ll contact you to set a date and time that’s convenient and give you a general idea of how the audit will be conducted. Then, one of our technicians will come on site to conduct the assessment.

The Process

While we do have a standard list of checks, our free tech audits are more personal and based on asking questions. We’ll start off with some basic ones to better understand your I.T. situation, such as:

  • Why did you request a free tech audit?
  • What are your current I.T. pain points/challenges?

Then, based on if your infrastructure is accessible, we’ll take a deeper approach and run through a list of specific audit questions to understand what your technology can handle. These include:

  • How many computers do you have?
  • How many servers and users do you have?
  • How old is your infrastructure?
  • Which applications and plugins do you use? Do you use any special software?
  • Are there any relevant policies or procedures we should be aware of?
  • Are there any relevant legal liabilities or government regulations we should be aware of?
  • Do you have a data backup process in place?
  • Do you have a disaster recovery process in place?
  • How detailed are your processes, and have they been tested?

After The Audit

Once the audit is complete, we’ll compile a report and series of recommendations based on our findings. Then, we’ll set up a meeting with you to go through the report. It’s important to us that you understand your current I.T. environment, and where it should be. Finally, we’ll put together a technology plan and proposal, and explain how they will address your I.T. problems. Simple as that.

You can think it over and decide whether our plan fits your needs. We won’t rush you. Contact us when you’re ready. The next step is up to you!

 

Are you interested in getting a free tech audit? Submit your request and get started today!

The Top IT Services Blogs to Follow in 2019

Blog - ARC Managed Services

We share our most bookmark-worthy IT blog sites for 2019

While there is no shortage of IT-related information on the web, not all that information comes from credible sources.  Yet now more than ever, business owners and other professionals need reliable, data-driven information they can trust.  This is especially true since 89 percent of companies expect their IT budgets to grow or stay steady in 2019.

Statistics like this make it clear that IT services remain in demand, and that businesses recognize the importance of remaining ahead-of-the-curve when it comes to IT-related decisions and strategies.  In fact, 85 percent of enterprise executives believe they have only two years to integrate digital initiatives before falling behind their competitors, which goes to show just how red-hot the tech market is. If you aren’t leading the pack, you’re at risk of fading to the background— a disadvantage that savvy business professionals want to avoid.  So, where can entrepreneurs and other professionals go to find the latest, most trustworthy IT information?  

We’ve decided to point you, our valued readers, in the right direction.

 

Here are the Top 5 I.T. Service Blogs To Follow In 2019:

 

1.Information Security Buzz

Information Security Buzz was an easy choice when deciding on our favourite information technology blogs. The site is a completely independent resource that focuses on all things “security”.  From the latest vendor announcements, to cyber attack updates and the latest industry research, this is a website that delivers quality content and actionable tips that business owners can implement to protect their data and systems.  We encourage you to check out their list of contributing authors, a great majority of whom have substantial experience in the IT security industry.

RECOMMENDED POST: 

 

2. I.T. World

ITWorld was created as an IT service blog where technology decision makers, business leaders, and other IT influencers could share information easily and conveniently, but it’s also an excellent place for business professionals from outside the IT industry to gain valuable insight into the latest techniques, tips, and methods.  Since the site is an online hub for IT experts who are highly proficient at what they do, readers can be sure they are getting top-notch content and information every time they visit this site— making it one of the most recommended IT blogs to follow in 2019.  As the site explains, all contributors to the site “have no other agenda except to share what they know, help you solve a problem and put context around recent news, a product announcement or the latest tech trend”.  It doesn’t get much more useful than that!

RECOMMENDED POST:

 

3. Recode – Enterprise

Recode is a technology news website that focuses on the business of Silicon Valley, and is a great place to go if you want to get the latest tips and information from some of the greatest thought leaders in the tech industry.  The enterprise section of their website, specifically, looks at the latest tech developments and focuses on how the impact these developments will impact businesses.

Contributors to Recode include Kara Swisher, who formerly co-hosted the Wall Street Journal’s “D: All Things Digital” (a major high-tech and media conference), and Peter Kafta, the former managing editor of Silicon Valley Insider.  With such noteworthy experts at the helm, there’s no question that the team at Recode knows what they’re talking about, making them a great addition to our list of information technology blogs we check daily.

RECOMMENDED POST:

 

4.MSP Business Insights

MSP Business Insights is a managed services blog where MSP business peers and MSP services vendors can provide IT marketing commentary, share tips and tricks, and discuss the latest industry trends.  The site is ran by Johannes Beekman, the Digital Marketing Director at MSP SEO Factory— a leading company providing IT marketing to businesses in the United States.

While the site is intended for MSP professionals, it is also a great place for business owners to familiarize themselves with managed services trends, and to learn more about the solutions their MSP should be bringing to the table. It truly provides an inside look at the managed services industry, and gives entrepreneurs a look at how MSPs should be engaging their clients.  After all, it’s difficult to hold your managed services provider accountable if you don’t fully grasp what they do or how they should be managing your company’s IT systems.

RECOMMENDED POST:

 

5. Laurie McCabe’s Blog

Laura McCabe has more than 25 years of experience in the IT industry to her name, and is currently co-founder and partner at SMB Group— one the world’s most reputable technology industry research, analysis and consulting firms.  Her blog is dedicated to the small-to-medium-sized business market, and discusses all the latest trends and developments that SMB entrepreneurs should be aware of.  McCabe likes to jam-pack her articles with straight-forward, easy-to-digest tips, and always provides her knowledgeable perspective, ensuring her readers get a no-nonsense version of the latest, most relevant tech topics.  Without a doubt, this is one of the most valuable IT blogs to follow in 2019, and one that we advise clients and professional contacts to browse regularly.

    RECOMMENDED POST:

We hope you find the resources as helpful as we do.  And, of course, if you haven’t already, we encourage you to read more of our blog posts on the ARC Business Solutions website.

 

Why Canada is a Prime Target for Cyber Attacks (And How Canadian Businesses Can Protect Themselves)

Canada Flag

We discuss what makes Canada vulnerable to cyber crimes and provide our best prevention tips

According to a study released by Risk Based Security last month, Canada was number three on the list of countries with the most cyber attacks in 2018— being surpassed by the United States and the United Kingdom only.  But what’s even more concerning than our world ranking is the fact that 12,551,574 Canadian records were exposed as a result of cyber security breaches last year alone.  That’s a massive amount of sensitive data that has been compromised and accessed by cyber criminals.  Yet many Canadian businesses (and individuals) still continue to underestimate the likelihood and the potential severity of cyber crime incidents.

For example, in Canada, the total downtime caused by a cyber attack was 23 hours on average in 2017.  That’s a significant amount of time to spend away from the day-to-day operations of your business.  Yet 41 percent of companies have more than 1,000 sensitive files that are open to everyone and vulnerable to being hacked.  Statistics like these highlight the complicated nature of cyber crimes in Canada, and shine a light on the fact that Canadians must become more proactive if they want to protect themselves from cyber crime incidents in the future.

 

Prevention Must Be A Priority 

Moving forward, Canadian businesses will face added pressure to invest in more advanced forms of IT security— with a specific focus on deterring cyber crime before it happens.  Some recommended methods of preventing cyber crime include:

  • Hiring a Managed Services Provider who is experienced and can address your IT concerns with a thorough knowledge of industry best practices.
  • Use two-factor authentication whenever possible.
  • Conduct security audits on a regular basis.
  • Routinely train employees on security best practices and implement clear policies on how information should be protected.
  • Update your browsers, operating systems, and anti-virus software regularly.

 

How ARC Managed Services Can Help:

At ARC Business Solutions, our Managed Services team offers 24/7 proactive support for businesses who require added manpower.   Essentially, when you hire us, you get an entire IT department that you can depend on at any time.  Our dedicated and qualified IT professionals are trained to handle technology issues of any magnitude, and always come prepared with proven innovative solutions that work.

Some of the ways we can strengthen your cyber defenses include:

  • Identifying your riskiest files and data
  • Providing real-time, automated security testing
  • Conducting a full inventory of all authorized and unauthorized devices that access your network
  • Implementing automated anti-virus and anti-malware software
  • Conducting vulnerability assessments

And more.