Category Archives: Uncategorized

Live Event: Brian Brammeier, HigherGround’s CEO Presents the Hack Action Plan

If your organization were hacked and its critical data held for ransom, would you know how to respond? No system is completely impenetrable to determined hackers, which is why every organization needs to be prepared with a Hack Action Plan.

Join HigherGround Managed Services CEO Brian Brammeier and the Chicago Bar Association for “You’ve Been Hacked! Now What?” from noon to 1:30 p.m. on Wednesday, October 11. Brammeier will guide you through the creation of a Hack Action Plan, including a process for mitigating the impact of a data breach and how to determine your firm’s overall risk map, along with some easy and low-cost action items that will make your organization a less attractive target in the first place.

This is a hybrid live/online event. Participants may choose to attend in person at the Chicago Bar Association, 321 S. Plymouth Court in Chicago, or via an interactive web portal. Advance registration is required.

Click here to register for in-person participation.
Click here to register for the virtual participation option.

BYOD: The Future of the Workplace and Classroom

BYOD, which stands for bring your own device, is becoming increasingly popular in both the workplace and in the classroom. Businesses and schools across the country are implementing policies requiring employees and students to purchase and bring a personal electronic device to perform necessary tasks everyday there is work or school.

This article takes a closer look at the advantages of BYOD and explains why so many businesses and schools are jumping on the BYOD bandwagon.

For many small business owners, the cost of supplying each and every employee with an electronic device can become a pricey. If your employees travel a lot, work remotely, or need to be electronically available, they will need access to a portable device such as an iPad or laptop to be accessible while on the go. The cost of purchasing portable electronic devices for all employees is often too high for smaller business owners operating on tight budgets. For them, requiring employees to BYOD is the perfect solution to keeping employees readily available and on task without having to take valuable financial resources away from core business development.

Even larger corporations are implementing BYOD programs so that employees are encouraged to work remotely and to be more accessible via email, teleconferencing, and other virtual applications.

Schools are also implementing BYOD initiatives across the country by requiring students to BYOD to the classroom and stipulating which types of devices students must purchase to meet required specifications. Many of these schools are signing up for virtual textbook programs where students can access the books they need via the web.

Teachers are also enthusiastically taking advantage of access to classroom material that can be read and completed online. Instead of bringing home stacks of papers to grade every evening, they can sign in to an account online and instantly view a student’s score on a test, quiz, or homework assignment that was completed online. Students can also submit essays via email to teachers to further reduce the amount of paperwork teachers must handle. Grades can be posted instantly and students can track their own progress online from their personal device.

While the initial costs of BYOD may seem high to employees and students mandated to purchase a device for the classroom or office, these initiatives are only gaining in popularity and being implemented by more businesses and schools every day. BYOD is the future of both the workplace and the classroom. All students and employees should be prepared to invest in a personal electronic device for use at school or work in the very near future.

Brian Brammeier, HigherGround’s CEO, is a Panelist at SSSBA’s 20th Annual Fall Meeting

On September 25th, the South Suburban Small Business Association (SSSBA) is hosting a panel discussion entitled: “Working Securely”: Business Continuity Planning at their annual luncheon. This luncheon is held for a twofold purpose: to educate attendees on a topic of current importance to them and to provide networking opportunities. This event will focus on SSSBA’s year long cyber security theme, with discussion, shared insights and actionable deliverables.

For more information and to register click here.

10 Hottest Tech Skills for 2017

Skilled IT workers are in high demand. The following tech skills round out Computerworld’s Top 10 list for the most sought-after skills by hiring managers during this past year.

#1 App Development and Programming – This is arguably the most in demand job in the IT world right now. Many existing companies are working on launching applications to compete in their markets and increase accessibility for consumers while numerous start-ups are looking to introduce fresh ideas into the app market. Application developers and programmers are seeing an influx of available job openings and higher wages.

#2 Technical Support Staff – An abundance of companies are looking to make improvements to their help desk and technical support call centers. In an effort to improve customer relations, provide shorter wait times, and utilize skilled workers capable of attending their customers’ needs, companies are looking to increase the number of trained workers for their technical support teams and improve their overall skillsets.

#3 Data Analytics – Technological leaps and bounds in data collection have necessitated a mass hiring of skilled data analysts in many fields. These businesses are on the hunt for skilled analysts capable of reporting the data they collect quickly and that can filter out the junk.

#4 Anything Cloud Related – Businesses are looking for skilled workers to help them upgrade to cloud networks. The industry itself has numerous openings for anyone with cloud related skills and experience to fill numerous positions. Cloud engineers and architects along with system administrators and engineers with cloud experience are currently in high demand.

#5 Security Specialists – As many companies prepare to invest millions in technological improvements such as updating to cloud storage, developing apps, and increasing their overall online presence, these companies also need to beef up their web security. Cyber threats are constantly evolving and highly skilled security specialists are in hot demand.

#6 Project Managers – Project managers have long been in demand for IT positions as many businesses are constantly looking for ways to utilize technology to grow their business. Project managers capable of managing teams, meeting deadlines, and with a proven track record of securing measurable results are highly coveted.

#7 Big Data Analysts – Companies are looking for big data analysts with experience in their respective fields in order to make the data they have been collecting profitable. Familiarity with specific software programs designed for certain industries increases desirability.

#8 Web Developers – While many companies have invested a lot of time and money over the past decade to increasing their online presence, web developers continue to be in high demand. Businesses want to remain competitive by keeping their social and mobile media accounts current and user friendly and making sure their website is in top shape.

#9 Database Administration – Database administrators possess a range of skills including: proficiency in data modeling and database design, and the ability to ensure database performance and data integrity.

#10 Mobile App Managers – This position differs from app developers and programmers. The goal of an app manager is to help the company carry out its strategy of delivering on mobile usability and helping to create the best user interfaces and user experiences. App managers ensure that the apps are operationally efficient, user-friendly, and that updated versions run smoothly.

HigherGround’s Kent Welch was chosen to judge the WACO “Best of the ‘Burbs” contest at Wingfest

On July 30, 2017 HigherGround’s Kent Welch was chosen to judge the Woodfield Area Children’s Organization (WACO) “Best of the ‘Burbs” contest at Wingfest. This fundraiser’s goal was to help WACO purchase more than 400 new winter coats and take approximately 500 disadvantaged children Christmas shopping in December. Kent said “It was an honor to be chosen for the final judging.  We tasted 15 different wings and rated them on appearance, aroma, texture, and overall taste.  My favorite was a smoked wing that had an incredible taste. It was nice to raise some money for this worthwhile children’s organization”.   
 
The Woodfield Area Children’s Organization is an all-volunteer, 501(c)(3) nonprofit. Since 1979 they’ve been dedicated to creating positive childhood memories, providing basic needs, along with educational support for children living at or below poverty level in Chicago’s northwest and western suburbs. A full 97 cents of every dollar they raise goes to help the kids. Visit their website @ http://www.waco4kids.org/.

Is Your Staff Ready for IoT?

Businesses are eager to start internet of things (IoT) initiatives, but efforts are hindered by shortages of workers with the latest skills necessary to progress with these projects. IoT platforms are designed to save businesses money, improve decision-making via access to new data resources, increase staff productivity, provide better visibility into the business and improve the overall customer experience. This article will help you identify which skills are important for staff to develop in order to effectively utilize IoT.

IoT devices can be used in virtually every industry to capture valuable data. According to IT trade association CompTIA, 6 in 10 U.S. companies have some type of IoT initiative under way — either formal or experimental — and a shortage of IoT skills ranks as the second most-cited issue holding companies back from IoT projects, behind initial costs.

IoT Skills Your Staff Needs:

#1 Security – Cybersecurity specialists are currently the most sought-after IT professionals, and these specialists will be in even greater demand as the influx of IP-enabled devices increases a business’s vulnerabilities. Your cybersecurity specialist needs to be well versed in vulnerability assessment, public key infrastructure security, ethical hacking, intrusion analysis, enterprise defenses, forensics and wireless network security.

#2 Hardware and networking – IoT allows for almost any device to be equipped with a sensor designed to gather, store, and transmit data. Your network will need to transfer all of that data and staff will be required to update your infrastructure to connect IoT devices.

#3 Software and connectivity – Software is required to make the data usable and to apply it to your business’s needs. Connectivity is required to share the collected data with the entire system. In a highly functional IoT environment, staff should be able to link multiple systems and know how to link the data from these systems to accomplish specific objectives.

#4 Analytics – Another important skill required to successfully complete IoT projects is a desire to make better decisions, and that requires comprehensive knowledge in analytics to present findings in a useful way. According to a recent survey conducted by LNS Research, some 60% of businesses said they don’t have enough internal expertise to launch an IoT or analytics project. Almost a quarter of the companies without analytics skills plan to use a consulting firm with analytics expertise, and one-third of the respondents said they don’t know how they’ll tackle the problem.

#5 Cloud computing – IoT initiatives are fueled by the need to generate and store data. Cloud-based systems will become the infrastructure for IoT initiatives and your business will need IT staff that are able to identify what data is important to track.

A Closer Look at Business Continuity Technology and Testing

Last month, our CEO Brian Brammeier presented on the importance of business continuity technology and testing at an Illinois CPA Society event. For a copy of this informative presentation in its entirety click here.

Some of the key takeaways from this presentation are:

What is a Modern BCP? – Backing up your files simply is not enough nowadays. Businesses of every size need to have a business continuity plan (BCP). While smaller businesses may think they can not afford to devote company resources or to outsource a professional to implement a strong BCP, simple mathematics sharply contradict this common misconception. When you quantify what downtime costs a small business in the event of a disaster, the truth is that many of them can’t afford to stay in business should a disaster occur. A modern BCP provides the most effective solutions to the constantly evolving threats businesses face.

BCP is Answering the “What If Questions” Before They Happen – What could possibly go wrong that could bring your business to a standstill? Viruses, ransomware, fire, flood, and theft are all common occurrences that could cripple your ability to conduct business as usual. Some of the lesser known causes are malicious employees and employees that divulge sensitive information accidentally.

Requirements for a Strong BCP – A BCP is a roadmap to navigate a crisis. Take a quick assessment of your current environment. Your business needs:

  • Two firewalls and two switches; keeping one in production and one in the box as a spare
  • A configuration plan to swap these out
  • Designated user roles and permissions
  • A lock on the server door and access control room
  • A written plan with assigned team roles and timing outlined and readily available

Analyze how your data is being backed up and the strength of the backup appliance you are using. Know where your data is being stored offsite and the necessary steps to restoring it. A strong BCP also requires continuous pressure testing and plan revision. You can also increase general security by installing cameras, having visitor’s sign-in on a log sheet, and password protecting phones.

Getting Started on a BCP – Pick a BCP relative to your company size and risk tolerance. The reality between taking several hours to recover after a disaster compared to several days could mean life or death for your business. Having a strong BCP helps your business stand out and ultimately adds value to your clients.

How To Prepare Your Business for a Ransomware Attack

While most businesses are aware of the threat of digital extortion, many lack the level of protection necessary to successfully combat an attack. According to a recently released report by the Financial Times, malicious attacks have surpassed human error as the leading cause of data loss.

Ransomware, a category of malware which takes sensitive information hostage until a ransom fee is paid, is directly responsible for a large percentage of this data loss. Ransomware attacks have become a billion dollar a year industry for cyber-criminals. Most people have heard of ransomware following some attacks against larger corporations and government agencies. However, what isn’t so widely publicized is that small to mid-sized businesses have also become a lucrative target for hackers. These smaller businesses don’t have adequate protection in place to prevent or protect against a ransomware attack.

Follow these steps to protect your business against ransomware attacks:

Step #1 Learn about ransomware attacks, and teach your employees to recognize them

Would your employees know what to do if a ransomware attack happened? Would they unknowingly surrender sensitive data such as account information and passwords to hackers? Take the time to learn about the various types of ransomware attacks that hackers use and train employees on what to do should they encounter an alert demanding a ransom to regain access to a device.

The best protection against ransomware is to avoid falling victim to them. In many cases, victims are infected by opening an email that contains malware or clicking on a link that takes them to a website that installs the malware on their system. Don’t open any suspicious emails or click on questionable links.

Step #2 Prioritize network and device protection

Keep your operating system up to date and purchase security programs that scan for malware and ransomware, filtering out any suspicious software. A managed service provider can offer your business the most effective cyber-security options available and make sure your protection is always up-to-date.

Step #3 Invest in the right backup appliance

Purchase a backup appliance with advanced capabilities so that your business can function normally even after a ransomware attack. If hackers were to lock you out of your computers and restrict your access to files, applications, and programs, what would you do? Maintaining businesses continuity in the event of a network hack should be a primary concern. The right backup appliance will allow you to switch over to a backup server within a few minutes and return to business as usual. Every minute that your business is down could translate to thousands of dollars lost.

Cyber-Security Should Be Top Priority for All Tech-Savvy Businesses

Businesses spend billions of dollars every year working on their websites and launching apps to increase their online and mobile presence. If you are going to invest that much money into growing your online presence, it is equally important to invest in adequate cyber-security to protect your interests. Without security, technology can be just as detrimental to your business as it can be beneficial.

Many small business owners don’t realize that they are just as at risk for cyberattacks as larger companies. Hackers often target smaller businesses because they do not have adequate protection. Business owners underestimate their risk level by falsely assuming they do not have anything that is worth stealing. In most cyber-attacks, the end goal of a hacker is to steal and exploit sensitive data, whether it’s customer credit-card information or a person’s credentials, which would be used to misuse the individual’s identity online. Many small businesses have this information stored in an online database.

What are the top cyber-security threats small businesses face?

#1 Phishing
Phishing is one of the most commonly used forms of cybertheft. It involves collecting sensitive information like login credentials and credit-card information through a legitimate-looking (but ultimately fraudulent) website, often sent to unsuspecting individuals in an email. Hackers can use the information obtained to login to user accounts and steal valuable information.

#2 Malware
Malware covers any program introduced into the target’s computer with the intent to cause damage or gain unauthorized access. There are various types of malware including: computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware and other programs. These programs can be used to steal sensitive or proprietary information or to completely shut down a user’s access crippling a business.

#3 Ransomware
Ransomware attacks are one of the fastest growing types of cyber-attacks against small businesses. Ransomware is a type of malware that infects your computer and demands a ransom. Typically, ransomware will either lock you out of your computer and demand money in return for access or threaten to publish private information if you don’t pay a specified amount in a specified timeframe.

What is the best way for your small business to tackle cyber-security concerns? Enlisting the help of a managed service provider to handle your business’s cyber-security is the most effective way to guarantee protection. Your provider will make sure that all of your devices are protected against these types of cyber-security attacks. A managed service provider will also protect your business by making sure that all of your important data is stored on a backup appliance so that your business doesn’t have to come to a halt in the event of an attack.

Hacking Your Mobile Phone Just Got Easier

Do you remember the first time you started getting random popups on your computer? That turned out to be spyware, requiring you to start running programs like Webroot and MalwareBytes to fix it. Now the same thing can happen to your mobile phone.

Who identified this new virus and how is it installed onto mobile devices?

Kaspersky Lab experts recently detected an unusual new Trojan being downloaded through the Google Play Store. According to a report published in The Register, this virus, which hid inside several games in Google Play for months and was installed by Android users over 50,000 times, “installs its malicious modules while also injecting hostile code into the system runtime libraries”.

The goal of this virus seems to have been to enable the installation of apps with root level permissions from third party stores. The Trojan is capable not only of obtaining root access rights on an Android smartphone, it can also take control of the device by injecting malicious code into the system library. This virus is also capable of serving ads and executing downloaded files delivered from a remote server.

Is the sensitive data stored on my phone in jeopardy?

According to Kaspersky, “The introduction of code injection capability is a dangerous new development in mobile malware. Since the approach can be used to execute malicious modules even with root access deleted, any security solutions and banking apps with root-detection features that are installed after infection won’t spot the presence of the malware.”

How does this malware work?

The Trojan installs itself onto a victim device in two stages. During the initial phase, the malware tries to gain root rights on the device. If successful, it installs many tools, some of which carry comments in the Chinese language. During the period of investigation, the malware did not receive any commands in return which has given experts an indication that this version is in an early testing phase.

In the main phase of infection, the Trojan launches a “start” file, checks the version of Android installed and decides which library to inject its code into. Then it overwrites the existing code with malicious code, which can cause the infected device to crash.

How do I know if my device has been infected?

Kaspersky Labs first encountered the Trojan back in April and reported it to Google, who subsequently removed it from the Play Store. The most obvious sign that you downloaded this virus is if you start receiving popups during tasks like video calls or phone calls. While all the apps carrying the virus were not named, Kaspersky recommends that if you use an Android device and have downloaded a game in the last few months that has been removed from Google Play, you should perform a data backup and factory reset as soon as possible.