Bryley Systems Ranks #5 in Top IT Service Providers by the Worcester Business Journal

Worcester Business Journal
October 15, 2018

Each year, the Worcester Business Journal (WBJ) compiles and publishes a list of IT Service Providers throughout Central Massachusetts. The list, published on October 15th, ranked Bryley Systems #5 in the organizations surveyed.  Bryley has consistently ranked well on the WBJ list for the last 4 years.

If you are looking for a business partner to help you navigate the ever-changing technology and cybersecurity landscape, we’re here for you. For more information about Bryley’s full array of Managed IT Services, Managed Cloud Services, and Cybersecurity Services please contact us at 978.562.6077 or by email at ITExperts@Bryley.com.

Keep Your Electronic Devices Protected – Power Strips vs. Surge Protectors

With all the electronic devices that are used in homes and offices in today’s high tech world, oftentimes there just aren’t enough electrical outlets to plug them all into. Power strips offer a solution which enables a single outlet to handle multiple devices. But if you don’t choose one that also offers surge protection, you could be putting your devices at risk.

Cybersecurity – Don’t Overlook These Risks Within Your Organization

It’s easier than you think for organizations and their leaders to overlook cybersecurity.  Unfortunately, the nature of the threat means some of the biggest worries for your organization might actually be out in plain sight. Here are five cybersecurity risks that are regularly overlooked.

  1. Inconsistent or Nonspecific Cybersecurity Training. In many cases, people are the weakest link.  “From falling for phishing emails, and clicking on links or downloading documents that turn out to be malware, to being a victim of business email compromise scams that end up losing the company a lot of money, employees are a company’s greatest liability when it comes to cyber security.”1   More specifically, it’s how well and how consistently they’re trained on security essentials.  Since you don’t want to assume any one employee is automatically better versed on digital security than another, it makes good sense to standardize the training. Everybody should be on the same page about the reality of the risks and how necessary a good human element is these days, even with all the anti-virus and anti-malware software available.  The understanding of what a phishing email looks like comes in handy just as much at home as it does in the office.  Even though most employees don’t like the idea of extra meetings, specific cybersecurity training helps employees feel a greater sense of ownership over the company and its processes and assets.
  2. Passwords.  Ensure that any accounts associated with your organization are secured by a strong password, and two-factor authentication, if possible. It is always recommended that employees cannot reuse passwords from other online accounts for any of their work accounts. You can make it part of your IT policy that employees must change their passwords within a specific time limit.  Communicate with your team that they should not share their passwords with anyone else.
  3. Patch Management. Keeping software patches up-to-date is a critical component to keep your company network safe from newly discovered vulnerabilities. The importance of keeping software updates current was underlined in a dramatic way during the WannaCry and Petya outbreaks.  The primary way both of those attacks were spread was by exploiting a critical vulnerability in the Windows operating system known as Eternal Blue. Eternal Blue allowed the malware to spread within corporate networks without any user interaction, making these outbreaks particularly virulent.“The WannaCry outbreak occurred in May; the patch for the Eternal Blue vulnerability had been released by Microsoft in March. If the patch had been widely applied the impact of WannaCry, which mostly hit corporate networks, would have been greatly reduced. You would imagine that a high-profile incident like WannaCry, which underlined the importance of keeping patches up to date, would have ensured people and companies did just that. However, despite all the publicity the WannaCry outbreak received when it occurred in May, the Petya outbreak in June was still able to use the same Eternal Blue vulnerability as one of the ways it spread.”2“To be fair to the IT managers in the various companies that were hit due to the Eternal Blue vulnerability being exploited, updating software on company networks is not always entirely straightforward. IT managers can often be fearful that updating one part of the system could cause another part of it to break, and this can be a particular concern in, for example, healthcare organizations, which were heavily impacted by WannaCry.” 3 However, incidents like the above do underline the importance of protecting vulnerable systems, and patching is a key way to do that. The point is not that clicking refresh on software updates all day long will prevent every possible instance a cybercriminal could exploit a vulnerability or back door.  Setting everything you can to auto-update at a convenient time, daily, does stand a chance of keeping you safer.
  1. Other Companies. A problem that many businesses encounter in the current business climate is that it is not just their cyber security practices that they have to worry about: they also have to worry about the cyber security protocols of other businesses they work with. Your company may have stringent cyber security practices implemented, but if a third party your company deals with is compromised then attackers could potentially gain access to your network. Network segmentation, or dedicated servers that vendors can use so that they do not connect directly into your company’s network, can help safeguard against weak links in third parties’ cyber security. If that isn’t possible, it is wise to at the very least have a conversation with potential vendors before doing business with them to ensure they take cyber security seriously, and have appropriate practices in place.
  2. Unsecured Personal Devices. “BYOD culture — or bring your own device — is a great thing for employees and employers alike. It lets employees perform their duties in a digital workspace they already know and feel comfortable in. On the employer side, the lack of a serious learning curve and the small bump in productivity are welcome.   What’s less welcome are the cybersecurity risks that BYOD culture brings. It’s possible to permit and even encourage your teams to work on their own laptops and tablets, but this shouldn’t be done without a comprehensive and robust BYOD policy drawn up by your IT team. At a minimum, you should require that users access on-premises internet connections using VPNs and that all accounts are equipped with two-factor authentication.”4

In today’s connected workplaces, here’s no single department within an organization whose job it is to ensure cybersecurity.  In fact, that’s the major message all across the digital landscape: No matter how large or small the organization, it’s vital to speak and act as one when it comes to protecting digital assets and company property.  As with so many of the issues mentioned on this list, employee education is key: employees need to understand what good cybersecurity practices are, and the potential consequences for the company if they are not followed.

 

References:
1-4:  Symantec Security Response Team:  Cybersecurity Weak Links. www.symantec.com/security-center – Bryley Systems is an SMB Specialized Symantec partner.
www.bitsighttech.com
https://www.us-cert.gov/

October is National Cybersecurity Awareness Month

Connected devices are essential to our professional and personal lives, and criminals have gravitated to these platforms as well. Many common crimes—like theft, fraud, harassment, and abuse—are now carried out online, using new technologies and tactics. Others, like cyber intrusions and attacks on critical infrastructure, have emerged as our dependence on connected systems revealed new vulnerabilities.

The Value of Communication – An Inspirational Moment Shared…

Oftentimes, when you come across an article that someone is raving about as a ‘”MUST READ – Changed my life”, you glance through it with some skepticism, and then realize that it won’t change your life. However this time I came across one of these “life changing” articles and wow – it peaked my interest! It gave me an entirely different perspective on how to approach a conversation.

FTC Warning: Beware of Card Skimming at the Gas Pump

The Federal Trade Commission recently posted an article advising consumers to keep an eye out for card skimmers when paying for gas at the pump.

Skimmers are discrete devices which can be attached to payment terminals, allowing criminals to capture your credit card information.  Once they have your information they will either sell it to another party, or use it to make purchases on their own.

Unfortunately these devices are hard to spot and tend to blend in, especially when our attention is focused on pumping gas.

By educating yourself on what to look for, however, you stand a good chance to avoid becoming a target of criminals employing this technology.

The FTC has several examples posted on their website of what to look for.  They also advise:

  • Look for a seal (sticker) on the gas pump.  If the seal is broken or appears to have been tampered with, use a different pump and alert an attendant.
  • Check to see if the card reader at your pump looks different than the readers at other pumps.  If it does, move to a different pump and let an attendant know.
  • Keep a close eye on your credit card statements.  Be sure to report any fraudulent charges to your bank or card issuer.

Click here to read the full article on the FTC’s website.

Bryley Systems welcomes Beverly Wheeler to the team

Bryley Systems Inc. welcomes Beverly Wheeler as Technical Services Dispatcher/Administrator. In this newly created position, Ms. Wheeler will work directly with Bryley Systems’ Technical Services department, dispatching team members and assisting clients.

“Beverly’s extensive experience in managing, scheduling and supervising service technicians will be an asset to our team.” Garin Livingstone, Director of Professional Services, stated: “We have built high-value, long term relationships with our clients for over thirty years and as we continue to grow, so does our technical services team.”

Ms. Wheeler has held positions as office manager, administration assistant and customer service supervisor in the construction, automotive accessories and background music fields.

“I am proud and excited to be working with the professionals at Bryley Systems,” said Beverly. “Being able to service clients and provide support to the technical services team is very rewarding.”

Bryley Systems has been providing Managed IT, Managed Cloud and Managed Security services since 1987.

Virtual reality and zombies!

This years’ summer outing was a big hit with the Bryley team, the 20 somethings right up to our senior grandparents. What better way to spend a Friday afternoon but at the Apex Entertainment Center in Marlboro defending fellow co-workers against killer zombies. Eric and Myk from our technical team were the top scorers and each won a zombie chia head. But of course everyone was a winner and a good sport.

September 11, 2001 is a day we shall always remember

Thousands of Americans died in a terrorist attack on our nation and today is a day to honor their lives.

It’s a day to honor all first responders who came together in a courageous effort to save lives.

Our nation fell silent as we watched the horrific events that unfolded that day.

Pain, sorrow and families torn apart by such massive destruction.

Set time aside today in silence…

Take this day to give thanks to those who were there to help and comfort others.

Pray for the people who lost their lives and for those families who lost their loved ones.

9/11 — We will never forget.

Let Trusted Eyes Watch Over Your Network

A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and an untrusted external network, such as the Internet.  Firewalls block unauthorized access to your computer network from hackers, malware and viruses. They monitor data as it passes between your computer, your server, and the Internet to make sure that nothing harmful or unintended slips through. A firewall may block certain downloads, or require system administers to grant authority before opening files that fail to meet their security standards.

Firewalls are a critical component to effective security, and so is the configuration. A poorly-managed firewall can block legitimate activity, causing workflow errors and excess frustration for the end user. Or, a firewall with overly lax restrictions could miss harmful data packets, lending the user a false sense of security while malware and viruses penetrate your network.  If firewalls are not managed and implemented properly, it can leave gaping holes in your security and give hackers the keys to your kingdom.

A firewall should always be properly configured.  Knowing when to override its rules and let data through, as well as to understand how to respond in case of an alert, are judgement calls that require specialized knowledge and experience.  Fortunately, a trusted IT partner like Bryley Systems will not only recommend the proper firewall, but configure, manage, and support it so that your network is locked down.

Regardless of your organizations size, no business owner wants the horrible consequences that a security breach can bring.  Larger organizations often have greater resources to dedicate towards security. If you are a small to mid-sized organization, you generally have fewer resources and smaller budgets, and having your IT network brought down by a cyberattack can bring an organization to its knees.

Unauthorized access to your system files can result in the loss of important data, the leak of confidential client information, or the compromise of other security features.  A properly managed firewall can nip this problem in the bud.

Internet usage has become a surprising sore point in employer-employee relations, as they are often used to block access to certain sites online. While some employees feel that blocking access to popular social media sites and other types of Internet browsing during work hours is simply a way to micromanage personal habits, many business owners feel it is necessary to cut down on the type of distractions that eat up productivity, as well as open up security issues at the office.

There are definite pros and cons to each side, but by prohibiting access to all but a select group of websites (or by using strict controls to determine what other websites are permissible) business owners can safeguard against employees accidentally visiting a dangerous website by mistake. This type of protection can prevent an unsuspicious employee from falling victim to a phishing scam or from entering important information into an insecure website.  A managed firewall/Internet-security solution that provides website filtering can help your organization identify which websites your employees need to be able to access, based upon the type of organization you are, and what the employee’s job role is.  It can even create a custom configuration of settings to block problematic websites for safer Internet browsing.

Having your firewall and Internet-security solution managed properly by an IT partner dramatically reduces the disruption of your day-to-day business tasks while providing you with the protection you need. Your managed IT service provider will maintain proper system configurations and monitor your network for potential security threats and will respond to alerts in a timely manner. Furthermore, your managed IT provider should be up-to-date with new technology, proper certifications, and security compliance regulations that might affect your organization. While you focus on running your business at peak efficiency, your managed IT provider also ensures your software and hardware remains up-to-date.

Educate your staff about the importance and significance of firewall protection and other Internet-security measures. This training can also help your employees spot potential scams before they fall victim to them.

Your organization should also consider other safeguards, such as monitoring software that can spot suspicious activity, or programs designed to detect and remove viruses from your system.

One of the most secure ways to protect your most valuable data is by limiting user access. Make sure to store your most secure files in as few locations as necessary. Only allow access to those employees who need it, and protect it with encryption and strong passwords.

If you would like a more thorough audit of your current security network strategy and needs, please Contact us at 978-562-6077, or by email at ITExperts@Bryley.com to learn more. We are here to help.