Technology Insights

Is Your Company Giving Scammers Just What They Need?
Is Your Company Giving Scammers Just What They Need? 1200 628 Vyve Business

“Social engineering” describes the techniques used by criminals to manipulate people into doing what they want or providing information they shouldn’t. Social engineers look for information they can use to persuade their targets to cooperate, perhaps by gaining their trust or through the use of intimidation. These scammers can often find everything they need to succeed in a company’s website, in its employees’ social media posts, and auto-reply out-of-office voice and email messages.

Is your organization sharing too much?

About your website

Including on your public website the names, job titles, email addresses, and direct phone numbers of your key employees and supervisors is a bad idea. Scammers thrive on this kind of data. This is especially true if your site also includes things like information about other companies you do business with. Scammers will use the names, job titles, and email addresses of your employees to run scams that often victimize your organization and its customers.

The victims’ losses can be significant, as was the case in 2018 when a Texas county government ended up paying $525,000 to a scammer impersonating a representative of a road construction contractor. In that case, the scammer spent a great deal of time building a trust relationship via email with a member of the office of County Treasurer whose name, title, and complete direct contact data were on the department’s public website. Per the perpetrator’s instructions, the treasurer’s office eventually redirected payments meant for the road contractor to a new account that belonged to the scammer. During this process, the scammer also impersonated a county employee, assuring the contractor, via a fake county email account, that the payments were being made, but they just hadn’t hit their bank account yet. By the time the scam was discovered, over a half-million dollars had been lost for good.

Out of office messages

Whether they are auto-reply emails or voicemail messages, your employees should be careful about what they share in their out-of-office messages. In some instances, what is good practice for your company is also good practice for your employees. They should avoid providing information like details about their vacation plans or stating that they will be out of town for a specific period of time. Not only will this tell a scammer how long the window of impersonation opportunity will be open, but it also lets criminals know when the best time frames are for burglarizing your employees’ homes.

There are some good rules to follow when setting up out-of-office messages. Email applications like Outlook offer the capability to send a separate message to those within your organization and send a less-detailed version to anyone outside the organization. Messages to outsiders should include only necessary details. They should indicate that the person is unavailable and will get back to the caller or email sender as soon as possible. In email out-of-office messages, it is a good idea to omit the employee’s work phone number. Omitting the number could prevent scammers from repeatedly calling to determine whether the person has returned. You may wish to create policies that address what is permissible to be shared in an out-of-office message and what is not.

Social media posts

Whether these are social media posts created by the company or those created by individual employees using their personal accounts, it is recommended that you establish policies regarding what is acceptable to post about the organization and what is not. Policy recommendations for social media usage include prohibiting the posting of company passwords, proprietary information, company account numbers, and any information to identify vulnerabilities. Examples could be including information about broken windows or unsecured entry points, details regarding technical security issues, information about employees having personal problems that may indicate they are vulnerable to being targeted, or derogatory comments about the organization.

Without a second thought, people routinely overshare on social media, providing information that can be used against them and others. Finding names, contact numbers, email addresses, and job titles of key organizational employees on companies’ public websites is not unusual. And, without having any way of knowing who will call or email, employees will proudly announce in their out-of-office messages that they are going to the Bahamas for two weeks. Unfortunately, all of these common behaviors and practices create vulnerabilities that are successfully exploited by social engineers. The best defense against these scammers is an educated workforce. This, along with a set of policies that employees are required to follow, can help prevent scams like the one in Texas from being successful.

For more security tips, see our post on Cybersecurity or request a call from one of our Business Solutions Experts.

How Much Will Downtime Cost Your Business?

Recovery Time and Downtime Cost Calculator
Recovery Time and Downtime Cost Calculator 712 400 Vyve Business

The cost of a technology outage can cripple a business. Use the Recovery Time & Downtime Cost Calculator to focus on a handful of simple metrics that might come into play during a downtime event, and start a general analysis of what an outage could mean to your business. The results of this calculator are meant to help estimate loss, and does not calculate actual loss.

INPUT YOUR SPECIFIC NEEDS IN THE FIELDS BELOW FOR THE MOST ACCURATE INFORMATION. HOVER OVER THE QUESTION MARKS FOR MORE INFORMATION.

Recovery & Data Storage

?

In order to give your clients you a correct calculation we need to get an idea of how much data you have in your clients'your systems across theiryour organization.
How much data do your clientsyou have on critical business systems?

GB

?

What is the timeframe between each of your clients' your backups? E.g. every hour, once a day, once a week.
How often do you back up this data?

?

From when disaster strikes, how long does it for your end user to notify you, for you to assess the situation, access your backups, and start the recovery process? Think of this a your reponse time.
On average how long does it take your client to notify you of an issue and for you to start trouble shooting the downtime incident? On average how long does it take you to notify your IT Service Provider that there is an issue and for them to start trouble shooting the downtime incident?

?

Storing your data locally is designed for fast data transfers, however you are at risk if there is a disaster in the office such as fire, floods or theft. Cloud data is stored off-site, such as in a Datto data center, which brings an extra level of availability albeit at a slower speed for full bare metal restores.
Where is your clients backups currently stored?Where do you currently store your backups?

?

Speed of cloud recovery comes down to the amount of data you are trying to recover and your download speed. Devices with slower connections will take longer to recover.
What is the download speed from theiryour cloud backup location?
Unsure? Run a test here

Mbps

Downtime & Recovery Costs

?

Nearly every employee will be impacted by an IT outage and will not be able to perform their job obligations to a certain degree. We recommend including the entire staff in this field.
How many employees do theyyou have?

?

Even if the business stops due to an outage and employees are not able to perform some, or all, of their duties, employee wages typically are still paid. We are assuming yours will need to be paid, and this must be included in your cost of downtime calculations.
What is their average annual salary per employee?

{{currencyicon}}

?

All staff come with overhead costs like, gas, electric, rent, etc. Normally, this is about 50% of the average salary.
What is their average annual overhead cost of an employee?

{{currencyicon}}

?

For most businesses, an outage will halt the ability to product and accrue revenue. We are assuming that your revenue will case during an outage, and so annual revenue helps to calculate the average cost of lost revenue during downtime.
What is your clients' businesses annual revenue?

{{currencyicon}}

Results

Current Solution

?

It's critical to regularly test your backups. In the case that a backup isn't working, you could be looking at additional losses of {{perbackupdowntime}} per failed backup.

Time between backups

{{backuphrs}}hrs {{backupmins}}mins
{{backuphrs}}hrs {{backupmins}}mins
No Backup Taken

?

This is the time it takes for your data to actually be downloaded back to your original device based on your backup location. Local backups will be quicker, but because a local disaster could take out local backups, but it’s always vital to ensure that you have a cloud backup as well.

Recovery Processing Time

{{localrecoveryDowntime}}
{{cloudrecoveryDowntime}}
{{localrecoveryDowntime}}
{{cloudrecoveryDowntime}}
No Backup Taken

?

If you experience a ransomware attack, you may be able to recover quickly. If you're faced with a fire or flood, you could be offsite for days and face higher costs than what you see here. The results below are estimates for a local backup with a data transfer speed of around 500MB/s

Summary

Estimated Recovery Time & Loss:
{{localrecoveryDowntime}} {{cloudrecoveryDowntime}} Local: {{localrecoveryDowntime}} ({{localrecoverycost}})
Cloud: {{cloudrecoveryDowntime}} ({{cloudrecoverycost}}) ({{localrecoverycost}}) ({{cloudrecoverycost}})
Estimated Recovery Time & Loss:
No Backup Taken
Response Time you provided:
{{recoveryhrs}} hrs {{recoverymins}} mins ({{respondscost}})
Estimated Downtime & Loss:
{{displaylocalDowntime }} {{displaycloudDowntime }} Local: {{displaylocalDowntime }} ({{ localdowntimecost}})
Cloud: {{ displaycloudDowntime }} ({{clouddowntimecost}}) ({{localdowntimecost}}) ({{clouddowntimecost }})
Estimated Downtime & Loss:
Possible Business Closure
Warning: Having local only backups could leave you vulnerable to hardware failures, office fires, floods or even theft. It's vital to have an offsite backup to really protect your clients'your business.
Possible Business Closure

SIRIS Solution

?

The SIRIS BCDR solutions allow you to backup as frequently as every 5 minutes. They also allow for regular testing and validation of your backups, reducing your risk even further.

Time between backups

{{bcdrbackup}} mins

?

In case of a disaster, our solution can enable you to virtualize your backups, hosted in our cloud. On average, it only takes about {{bcdrrecovery}} minutes to access the client portal, find your backup copy, and to virtualize it.

Average Recovery Processing Time

{{bcdrrecovery}} mins* *Time to virtualization will vary depending on numerous factors including, but not limited to, the size of the SIRIS device, the availability and speeds of other local resources, the number of applications you are running, and server load.

?

Downtime will always cost your business money. However, you can reduce it with a business continuity/disaster recovery solution. Compared to your current solution, you could reduce your possible downtime losses by around {{ localcostsaving }} {{ cloudcostsaving }}

Summary

Estimated Recovery Time & Loss:
{{bcdrrecovery}} minutes ({{dattorecoverycost}})
Response Time you provided:
{{recoveryhrs}} hrs {{recoverymins}} mins ({{respondscost}})
Estimated Downtime & Loss:
{{displayBCDRDowntime}} ({{ bcdrdowntimecost }})
(-{{ localcostsaving }}) (-{{ cloudcostsaving }})

*all losses are merely an estimation of losses associated with technology, and does not reflect a calculation of actual losses to your business.

How long can your clients'your business survive?

With the information that you've provided, and using certain assumptions made based on how businesses today typically function, we have estimated your clients'your downtime losses to be {{displayhourlyRevenueCost}} per hour Calculation is made by taking Staff Salary, Overheads & Revenue and breaking that down to an hourly cost for a 40 week & 52 weeks of the year business, then multiplied by the number of staff..

With your clients'your current backup & recovery solution you could be looking at a estimated potential loss of around {{ localdowntimecost }}{{ clouddowntimecost }}Hourly Cost ({{displayhourlyRevenueCost}}) * Estimated Downtime ({{ displaylocalDowntime }}{{ displaycloudDowntime }}) due to {{ displaylocalDowntime }}{{ displaycloudDowntime }} of downtime. This is assuming that your clients'your recovery process works exactly as planned, and could be worse if you experience any further glitches. For this reason, it's critical to regularly test your clients'your recovery capabilities. If the recovery process fails, your clientsyou could be looking at additional losses of {{perbackupdowntime}} Estimated Downtime Cost per hour ({{displayhourlyRevenueCost}}) * Time between Backups ({{backuphrs}}hrs {{backupmins}}mins) per recovery attempt.

With the information that you've provided, and using certain assumptions made based on how businesses today typically function, we have estimated your clients'your downtime losses to be {{displayhourlyRevenueCost}} per hour.

With your clients'your current backup & recovery solution you could be looking at a estimated potential loss of around {{ localdowntimecost }}{{ clouddowntimecost }} due to {{ displaylocalDowntime }}{{ displaycloudDowntime }} of downtime. This is assuming that your clients'your recovery process works exactly as planned, and could be worse if you experience any further glitches. For this reason, it's critical to regularly test your clients'your recovery capabilities. If the recovery process fails, your clientsyou could be looking at additional losses of {{perbackupdowntime}} per recovery attempt.

With the information that you've provided, we have identified that your clients'your estimated downtime losses per hour would be {{displayhourlyRevenueCost}}. However, as a result of not taking data backups the impact could be much worse!

Are your backups at risk?

Local backups should be a key part of your data protection strategy for your clients. They allow you to recover data and restore operations quickly in the event of a primary server outage, data deletion, or a ransomware attack. However, local backup alone isn't enough. What happens if the local backup device is destroyed or inaccessible due to a fire, flood, or other disaster? That's why you need a secondary, offsite copy of backups.

Are your backups at risk?

Cloud backup delivers that secondary, geographically isolated copy. You might ask? Why do I need local backups at all? Well, restores from the cloud are slow. That’s why the combination of onsite backups with cloud replication has become so popular among SMBs and MSPs alike. You really need both—local for fast restores and cloud for disaster recovery.

How can you reduce the risk?

In contrast,The first step is to talk to your IT service provider about a back up solution. The SIRIS business continuity and disaster recovery (BCDR) solutions could reduce your clientsyour downtime to {{displayBCDRDowntime}} and thieryour overall downtime cost would fall to {{ bcdrdowntimecost }}. In the rare case that the first recovery attempt doesn't work, your costs would only increase by {{perdattobackupdowntime}}, as opposed to {{perbackupdowntime}}{{perbackupdowntime}}your businesses closing all together.

Even if you are experiencing an outage at your workplace, work doesn't have to stop. Our Business Continuity solutions can get you back to business in a little as {{bcdrrecovery}} minutes on virtual servers, which can be accessed anywhere you have working internet. Features like Ransomware Detection and Advanced Backup Verification let you rest easy knowing your backups will work in your time of need.

9 Cybersecurity Tips Every Business Should Follow

9 Cybersecurity Tips Every Business Should Follow
9 Cybersecurity Tips Every Business Should Follow 1080 1080 Vyve Business

A massive global shift to remote working environments has created an open-season for cybercriminals. No business—big or small—is safe. Small and medium businesses seemingly have a target on their backs, so strengthening your company’s cybersecurity is essential.

There are ways to protect business data against ransomware attacks.

Nine Tips to Help Boost Resilience to Cyber Attacks

  1.  Conduct a security risk assessment. Understand the most critical threats to your business, like system failures, natural disasters as well as malicious human actions and determine the impact they may have on your company.
  2. Train your employees. Conduct employee awareness training across your entire workforce to educate users on common scams and avoidance techniques. Also, because cybersecurity threats are constantly evolving, make sure your training curriculum is relevant and updated frequently.
  3. Use multiple layers of protection. Implement a password policy that requires strong passwords and monitor your employee accounts for breach intel through dark web monitoring. Deploy firewall, VPN, and antivirus technologies to ensure your network and endpoints are not vulnerable to attacks. Extras: Consider mandatory multi-factor authentication, ongoing network monitoring, and hard drive encryption.
  4. Keep software up to date. Unpatched or out-of-date software will allow some kind of threat to breach your security. Cybercriminals exploit software vulnerabilities using a variety of tactics to gain access to computers and data. Managed service providers (MSPs) can automate this for businesses just like yours, with a remote monitoring and management tool. Don’t forget to keep your mobile phones up to date as well.
  5. Create straightforward cybersecurity policies. Write and distribute a clear set of rules and instructions on cybersecurity practices for employees. This will vary from business to business but may include policies on social media use, bring your own device (BYOD), authentication requirements, and more.
  6. Back up your data. Daily (or more frequent) backups are a requirement to recover from data corruption or loss resulting from security breaches. Consider using a data protection tool with your MSP’s help that takes incremental backups of data periodically throughout the day to prevent data loss.
  7. Enable uptime. Choose a powerful data protection solution that enables “instant recovery” of data and applications. In fact, 92% of MSPs report that clients with business continuity disaster recovery (BCDR) products in place are less likely to experience significant downtime from ransomware and are back up and running quickly. Application downtime can significantly impact a business’ ability to generate revenue.
  8. Know where your data resides. The more places data exists, the more likely it is that unauthorized individuals will be able to access it. Use data discovery tools to find and appropriately secure data along with business-class Software-as-a-Service (SaaS) applications that allow for corporate control of data.
  9. Control access to computers. Each access point poses an individual risk, so limit employee access to specific data they need to perform their jobs. Plus, administrative privileges should only be given to trusted staff.

Partnering with a managed service provider will alleviate your cybersecurity concerns. Working with an MSP will give you access to quality advice on what technologies you need to protect your organization in the fight against cybercrime.

To learn more about our services, connect with one of our Business Solutions Experts.

 

10 reasons to move cloud

10 Reasons Businesses Are Moving to a Cloud Voice Solution
10 Reasons Businesses Are Moving to a Cloud Voice Solution 1080 1080 Vyve Business

Cloud (or Hosted) business voice service isn’t just today’s mainstream alternative to the on-premise phone system, it’s a must-have productivity, communications, make your life easier modern technology tool that drives your organization forward.

If you’re still not convinced, here are 10 more reasons businesses move to Cloud Voice Solutions.

Increased Agility

Cloud communications enables businesses to act nimbly and rapidly react to ever-changing market conditions. Work anywhere, instant office moves and easy expansions are common reasons to move to the Cloud.

Embrace Mobile

From simple mobile integration to powerful smartphone apps, users can embrace mobile and escape the confines of their cubicles! Customers get better service and employees are happier and more productive.

Lower Total Cost of Ownership

Pay-as-you-use scalable subscription model with functionality mapped to personas. Plus, never worry about system obsolescence, maintenance, unplanned upgrades or costs to install new servers.

Business Continuity Even Through A Disaster

Stay open for business and sleep soundly at night knowing your Cloud communications service is naturally immune to any troubles at your premises – be it fire, flood, network or electrical outage.

More Control

Business owners and managers can focus on strategic business projects rather than managing telephony infrastructure. Intuitive user interfaces and analytics keep you in the driver’s seat.

More Functionality, Customized User Experiences

Cloud communication services tend to offer more useful features and easier business application integrations than the average on-premises telephone system. With persona-based packaging and pricing, you can even tailor features and functionality to each user’s needs.

Increased Resilience

Get high levels of resilience and security most businesses could not afford if they had to invest in their own system infrastructure.

Scale Up, Scale Down

Tailor-made to the size of business whatever the season or business cycle. Scale up and down without the worry of dimensioning your own in-house system to match peak periods.

Future Proof – Platform Upgrades made by the Service Provider

BroadSoft-based service providers have access to feature-rich platforms and roadmaps to keep your business ahead of the pack.

Focus on Your Business, Not Your Infrastructure

Invest time and money in running your business, not the phone system. Your Service Provider takes care of system dimensioning, maintenance and upgrades. Think of it like a gym membership versus buying and maintaining all your own fitness machines!

Do you have more questions about moving your business forward with a Cloud Voice Solution? We have experts ready to answer all of your questions, just fill out this form real quick, and we’ll be in touch!

Password Security

Creating a Strong Password Policy to Keep Your Business Secure
Creating a Strong Password Policy to Keep Your Business Secure 2309 1732 Vyve Business

In today’s technology-driven marketplace, data security is a major concern for businesses of all sizes. Consumers also place a lot of importance on the security of the businesses they patronize, being that identity theft and data breaches continue to become more common and can have devastating effects. One of the first steps to data security and having a secure environment at your business is creating a strong password policy. Such a policy will help every member of your workforce know exactly how to keep their data private. Here are key aspects to include in your new password policy.

Allow Paste-In Passwords

In the past, it was standard policy to not allow users to copy and paste their passwords into password fields. This has changed, however, due to the need for longer passwords and the increased usage of password managers, where people can store, organize and easily access their passwords when needed. Copy and pasting passwords help your employees keep a different password for each online account they use, which improves security by reducing the chances of one hacked account quickly turning into multiple breaches across a wide range of accounts.

Character Counts

Setting a proper minimum and maximum character amount for all passwords used in your business is a critical part of any effective password policy. A high minimum character count keeps employees from choosing short, simple passwords that are easy for hackers to guess. A high maximum character count encourages them to use longer passwords, which is now more convenient than ever thanks to secure password managers.

Search Compromised Passwords

Hackers use lists containing millions of successfully compromised passwords when they try to get access to an account. The best way to ensure this doesn’t happen to anyone on your staff is to have them search any of the numerous online databases for previously-cracked passwords before choosing a password of their own. Have them search for a password option until they find one that hasn’t already been indexed by hackers. It’s also important to re-check for compromised passwords periodically, as the lists of hacked passwords constantly changes and growing over time.

Limit Login Attempts

Limiting the number of times a person can unsuccessfully try to access an account is an extremely effective way of preventing data breaches within your business. One of the most popular ways hackers attempt to crack passwords is through an automated script that tries thousands of passwords in succession until one works; limiting login attempts makes impossible. Be sure your workforce is aware of your limited login attempts policy, as it will encourage them to be more diligent about their passwords and not waste any time by exceeding their login attempt limit.

The Power of Multi-Factor Authentication

Multi-factor authentication is used to enhance account security by requiring users to provide additional forms of authentication other than their passwords. Examples of multi-factor authentication methods include PIN numbers, captchas, swipe cards, fingerprint recognition, personal security questions and more. The implementation of multi-factor authentication alone will greatly reduce the chances of data being compromised at your business, and it’s a simple addition to make to your existing login processes. Detail what multi-factor authentication is in your password policy, and push your employees to take such precautions seriously as they access and manage their various accounts.

These are just a few of the most important steps to creating a strong password policy. By embracing multi-factor authentication, limiting login attempts, allowing paste-in passwords, setting appropriate character limits and avoiding compromised passwords, you are one step closer to keeping your business and all of its data will be safe.

Are you interested in learning more about data protection and other managed services to secure your business? Click to connect with one of our Business Solutions Experts.

Vyve Phone Image

9 Questions To Ask Before You Upgrade Your Phone System
9 Questions To Ask Before You Upgrade Your Phone System 1200 900 Vyve Business

Buying the correct phone system can make a difference in the success of your business in the next 5-10 years. Choosing the right system could mean hiring less staff, winning more contracts, worrying less about disasters and yes, saving you money.

Take the time to find answers to the 9 key questions outlined below before upgrading your new phone system.

  1. Costs – Check what is included and not included in the minutes bundle. Are there any exit clauses in the service contract? Do you have to rent the phones for longer than the service contract?
  2. Flexibility – Can you add or remove users during the service contract? Do you have to pay for devices or for users?
  3. Disasters – Can the system divert calls to tablets or mobile phones when the access network is down? Are there restrictions in the features when people are remote?
  4. Consistency – Are all the features available to remote workers or do some get removed? Is the quality the same – for example, some mobile systems only use a technology called VoIP when remote, which can hurt voice quality if the network is congested.
  5. Usability – Are the features the same on the phone, PC and mobile devices or are they different? Do you still have to rely on a telephone?
  6. Professionalism – Does the system support features such as an auto-attendant, music on hold, automatic call distribution, call queuing, so you never miss a call.
  7. Productivity – Does the system have features like conferencing, room-based collaboration and instant messaging and presence?
  8. Mobility – Does the system support iOS and Android devices? Can it support all the productivity features above when mobile.
  9. Maintenance – Does the system have web-based user self-administration and allow you to control powerful features from a single web page? Does the service support diagnostics so the service provider can quickly identify any issues that you may run into?

Be sure to ask about the underlying technologies that the service providers have in place that allow them to innovate rapidly and drive the biggest impact on your business. The fanciest features or the lowest price won’t do you much good if the quality, reliability and security are not core components of the service provider’s platform upon which your service relies on.

Do you have more questions about upgrading your phone system? We’re happy to help, simply click to request a call from one of our Solutions Expert.

Enter your
text here