Latest News

Do you wanna cry when you read the news the last few days?

Posted on May 16, 2017

You’d be hard pressed to turn on the evening news or pick up a newspaper the last few days and not hear about the cyberattack currently sweeping the globe. As an IT company, we get lots of questions about it, so we thought we’d answer a few of the most common ones:

The thing we have been asked the most is “Do I have the patch from Microsoft installed on my system?”

Let’s break this down a little first. This cyberattack (also being referred to as Ransomware or by its name: “WannaCry”) is often initiated through an email. The email contains an attachment which when opened infects the target computer. Once the computer is infected, the program begins to encrypt files on the infected computer while simultaneously setting about spreading itself to other computers in the network and on the Internet. It is at THIS point the Microsoft patch becomes relevant. If you open the attached file of a malicious email, you get infected even if you have the Microsoft patch installed.

So let’s start at the beginning. As a first line of defense, let’s continue to try to teach people to recognize and avoid fake emails. Those who know us well know that we put on a monthly security webinar and we have covered this exact topic in the past which you can get from our YouTube channel (look for the one titled “Avoiding Email Scams”).

Next, let’s talk specifically about the patch Microsoft issued back in March which protects you against having the ransomware spread inside your network as well as to/from the Internet. This is referred to as the MS17-010 patch. If you are a customer of ours, this patch has been installed on every system our tools are installed on. If we manage all of your servers and workstations (you’d know because there is a little blue circle with “it” in it down by your clock) then you’re patched. If we only manage your servers and not your workstations or if there are ANY computers on your network without our tools, then we don’t know whether the patch has been installed on any computer we don’t manage.

Now let’s expand our horizons a bit. There is a best practice in the security industry called “defense in depth”. In English, that simply means that we don’t rely on just one tool or technology to protect your network. We have multiple layers of security implemented, EACH ONE of which is capable of stopping this attack at the perimeter of the network. For those customers that are fully aligned with our standards, here are the points where you are protected IN ADDITION to the MS17-010 patch:
1. Any customers with a SonicWall that has an active TotalSecure license (this is the only way we sell SonicWalls) is protected.
2. We have implemented an additional security software called Cisco Umbrella in the networks where we manage every device. That tool protects against this ransomware.
3. Any PC that has our tools installed on it has Kaspersky Antivirus installed on it which also protects against this malware.

So bottom line: If we are responsible for managing every PC on your network, and you are fully aligned with our standards, you are protected about 4 times over. If we are only managing part of your network, or if any PCs don’t have our tools installed we’d recommend you update your Windows patches ASAP and also consider some of the other technologies mentioned above to construct a defense in depth strategy. Finally, train you folks! Our resources are free – the second Thursday of every month at 11:30 am we do a new webinar (sign up here), and past webinars are pushed to our YouTube channel.

We have fortunately not had any customers affected so far. Feels good when customers realize how effective our strategic guidance is!

Hacking the Human Video Series: Passwords

Posted on February 9, 2017

Get yourself an account on irs.gov before the bad guys do it for you

Posted on March 25, 2016

The Federal Trade Commission recently announced that they received more than 490,000 identity theft complaints in 2015, a 47% increase over 2014. FTC Chairwoman Edith Ramirez said tax refund fraud was “the largest and fastest growing ID theft category” tracked by the FTC. What can you do to keep yourself from becoming a victim? There … Continue reading Get yourself an account on irs.gov before the bad guys do it for you »

Amazon announces two factor authentication

Posted on March 9, 2016

Just in case you missed it, Amazon recently announced (finally!) support for two factor authentications. Anyone who knows me knows I am a HUGE advocate of two factor authentication anywhere it is available. I’d recommend you take a few minutes and set up two factor authentication for your Amazon account ASAP. Here is a link … Continue reading Amazon announces two factor authentication »

Are Your Employees Suffering in Silence?

Posted on October 28, 2015

In my last post, I talked about nagging IT issues that never seem to go away. What I didn’t really dive deeply into, however, is the cost of those issues – not just in dollars and lost time, but in the morale of your employees. I think we can all agree that dealing with a … Continue reading Are Your Employees Suffering in Silence? »

Why Some IT Problems Never Die

Posted on October 6, 2015

Almost EVERY single person that works with technology on a regular basis has at least one or two nagging issues at any given time that never really seem to go away. They report the issue to their IT person and that person comes in to ‘fix’ the problem. The fix works – for an hour, … Continue reading Why Some IT Problems Never Die »

Technology Friction is Causing You to Leak Money

Posted on September 22, 2015

In our previous post on technology friction, I talked about some common places to look for friction in your organization. I want to dive a little deeper and identify the costs associated with various sources of friction. More specifically, I want to identify the top 3 most costly points of technology friction. Once identified, my … Continue reading Technology Friction is Causing You to Leak Money »

Removing Technology Friction From Your Day

Posted on September 8, 2015

Rather than defining a mission at itSynergy, we instead refer to the reason why we do what we do as our ’cause’. For us, our cause is what gets us out of bed in the morning and inspires us at a deep level to come into the office every day. Our cause is to remove … Continue reading Removing Technology Friction From Your Day »