How to Securely Dispose of Old Computers
Getting new computers for your business is exciting, but what happens to the old ones? Depending on the age, some people sell them, others throw them out. That’s the easy part. The problem is the sensitive data on them. There are passwords, account numbers, license keys, customer details, medical information, tax returns, browser history… the works! Each computer, whether laptop, tablet or desktop, contains a treasure trove of sensitive information that cybercriminals would love to get their hands on.
Unfortunately, hitting delete on your files doesn’t actually make them disappear, nor does waving a strong magnet over the drive. These mistakes have cost businesses millions of dollars over the years.
Most businesses are unaware that specialized data cleanup is necessary, others think calling someone to collect the computers will cover all the bases. A 2016 experiment proved just how dangerous the situation can be when they bought 200 used hard drives and found 67% held unwiped, unencrypted sensitive data, including sales projection spreadsheets, CRM records, and product inventories. Frighteningly, they didn’t need any special hacking skills to get this data, it was all right there and helpfully labelled. It’s also not surprising that with simple data recovery tools, people have also been able to access British NHS medical records and missile data, all waiting patiently on a discarded hard drive.
Why hitting delete doesn’t help
Data on a hard drive works like a book with an index page. Every time data is written, it pops a quick entry into the index so when you need it again, it knows where to look. The index is used for files you create as well as system files you can’t even see. Sensible, right? Except if you delete a file it’s more like changing the index to say nothing is on page 10 and you can write something else there when you’re ready. But if you manually flip to page 10, you’ll find the information is still there - the file still exists until it’s been written over - it’s the index reference that got deleted.
Wiping data before disposal
There are software tools you can get to do it yourself, as well as dedicated security firms, but your best option is to choose an IT business you know and trust. With that in mind, a methodical approach is required to ensure not a single drive is left untreated. You don’t want to leave data behind, or even clues that a motivated person could extrapolate any private information from. The approach might include using checklists to maintain security, or dedicated processes to guide each step in decommissioning. Careful records should also be kept, including who signs off on completion of the retirement, and where the computers are sent afterwards. A proper inventory and auditing process may slow the rollout of the new computers slightly, but it’s always better than having your old data come back to haunt you.
We can migrate any needed data, back up the information to your server or external drive, then wipe or destroy the hard drives for you. We can assess the age of your old computers and either dispose of them for you or point you in the right direction of computer recyclers. Plus, the quicker you dispose of your old computers, the easier the process will be. Recyclers will be able to send less of your equipment to landfill, and you’ll be less likely to forget how valuable the drive contents are.
Upgrading your business computers should be a happy time for you and your employees, so with a little forward planning, you’ll be able to keep everyone smiling and all your data secure.
Need help with your old business hardware? Call us today at 614-233-1648!
Who knows what evil lurks in the dark recesses of the Internet? As the old radio show warned, “Only the Shadow Knows.”
It’s time that you see what hackers already know about your business.
At Nice Guy Technology, we’re so committed to protecting the security of your business that we’re offering you a complimentary Dark Web Scan. This is part of our celebration of adding a Cyber Security Expert to our team and our recent designation as a Managed Security Services Provider (MSSP). As a MSSP we can offer an advanced level of security monitoring and protection for your business. Together, we’re on a mission to keep your business compliant, keep your data secure and keep hackers out!
Only 33% of businesses are taking the proper steps to protect themselves from a cyber attack. In fact, 60% of small companies are out of business within six months of a breach.
Are you doing all you can to prepare your business for the inevitable? Show your business some love and get started with a complimentary dark web scan. ❤️
Business owners, learn from my mistake. Be careful where you try to save money!
Hey there, it's Mary from Nice Guy Technology. I'm going to tell you a little story. So lately I've been trying to watch my personal spending, cut out some things that could save a few dollars here and there. So the last several months I've skipped a few trips to the salon so my bangs have been down in my eyes and you know, gray hair is peeking out a LOT.
So last night I got all fed up with it. I grabbed a drugstore box of hair color (it was half price with a coupon) and some scissors I found in the drawer. Seemed like a great idea at the time. I don't know what color this is but it's not mine. Well then I guess it's mine for a while.
So what I did with my hair is exactly what lots of businesses do with their technology. They slap some antivirus on the computers and hope for the best. Why spend money if you don't have to, right? Think about this though. If all of your company's computers were wiped out today, how long would it take you to become operational again? How quickly can you replace that equipment, your software, your customer data, logins, passwords? How much would that downtime cost your business? Or even worse you experienced a data breach. What's the worst that could happen? You face fines, lawsuits, you lose customers and your great reputation that you've built over the years.
Here's a scary statistic: 60% of the companies that experience a cyber attack are out of business within six months. They don't last six months after that attack! So eventually my bangs will grow out. The color will fade. But here are some lessons I've learned and I hope you do too. Do what you're good at. Hire a skilled professional for everything else. And you get what you pay for. (half price with a coupon)
I'll see you next time.
Join us for our January lunch & learn - Cyber Security: Is Your Business Prepared?
Presented by Nice Guy Technology and Grandview Insurance
When talking about the risk of a cyber attack on your business, it’s not a matter of "if" but "when”. Join us for lunch as we discuss the critical topic of cyber security and how to protect your business.
During this lunch & learn we'll answer these questions:
Each attendee will be entered to win one of several door prizes including a Google Home Hub, Google Home Mini, and various Gift Cards (must be present to win).
When & Where?
Wednesday, January 16, 2019 from 11:30am to 1:00pm
Smokehouse Brewing Company, 1130 Dublin Road, Columbus, OH 43215
What's included in the cost of my $10 ticket?
Lunch and beverage, Dark Web Scan, Presentation and Materials
What's for lunch?
Check out the Smokehouse Brewing Company Menu
How can I contact the organizer with any questions?
Email: email@example.com Phone: 614-233-1648
Top 5 Cloud Advantages for Small Business
Cloud technology has created a revolution for small business, changing the way you store, share and backup files. While ‘the cloud’ is often hard to understand because it’s neither in the sky or in a single location, there’s no arguing that it’s driving growth across the board. Storage concerns are a thing of the past as small businesses like yours embrace the flexibility, cost savings and protections of cloud solutions. We’ve done the research for you and identified 5 ways small business in particular benefits from making the move.
Budget is always a limiting factor for businesses, many of which are further constrained by pressure from higher up. Some regard investing in cloud solutions as a large expense that can be put off indefinitely. In most cases though, making the switch to cloud storage costs a fraction of the price. Compared to maintaining and powering servers, scaling to keep up, and repairing in emergencies, cloud storage offers extraordinary savings. With one decision, you get access to high-end infrastructure and dedicated support, plus a healthier bottom line. Cloud solutions were specifically created to meet your needs, which means you only pay for what you use. Costs remain capped while the benefits continue to rise, a clear advantage for the budget-conscious business.
A lot of people like having their data where they can see it. But that’s not always the safest option. Natural disasters seem more frequent than ever, break-ins are a worry, and employees are always losing laptops and phones, or have them stolen. More often though, someone simply makes a mistake and deletes important files, or accidentally infects the system with malware. Cloud storage mitigates every single one of these risks, with storage in ultra-secure locations, protected against disasters, and committed to robust backup systems. In recent times particularly, we’ve seen many small businesses survive ransomware attacks purely because their critical data was secure in the cloud with clean backups available.
We know medical businesses and services need to follow certain regulations when it comes to patient data. This includes security as well as data integrity, plus backups and auditing. Many cloud providers acknowledged this need early on and made sure to offer compliance guarantees. They therefore keep abreast of changing regulations, often implementing new requirements before you’ve even heard about them. With cloud storage systems, you essentially slash your compliance workload and let your provider do the worrying.
One of the key benefits of cloud storage is your ability to collaborate remotely. In the past, this would have involved multiple file copies that need to be merged back together, often confusing employees as to which is the ‘right’ file. With cloud storage, your staff can work on the same file, using the same interface and real-time updates. Even having different versions of software is no longer an issue. Employees can work on a file in the office and then securely access the same file from their smartphone, laptop or other location, without needing to buy additional software or worry about version corruption. Sharing and collaborating becomes easier, more desirable and more secure, which helps puts your business firmly on track to reach goals in record time.
It’s Easy to Migrate
One of the biggest concerns we hear is that it will be too disruptive to migrate to cloud solutions all at once. That’s okay. We don’t have to do it all in one day, we can migrate it in parts. For example, you can move your email to the cloud, or just remote file storage. As your various servers and systems age out or need repair, we can help you move each to the cloud, which means your downtime is minimal to non-existent. You can also actively choose a hybrid approach to keep your legacy applications, with no pressure to move them to the cloud. Our technicians can help ensure smooth integration across your entire business, making sure all your systems work seamlessly together, whether in-house or in the cloud.
Call us at (614)-233-1648 if you have any questions regarding the cloud. You have a business to run. Managing your IT is our business
Why Periodic Security Assessments Should Be Your New Normal
By now you know that building up your cyber security is just as important as building up your cash flow. Both are essential to your success, but while most businesses keep an eye on the financials, they tend to think cybersecurity is something they can set and forget. Unfortunately, cybercriminals are constantly coming up with new methods of attack and the security you had in place yesterday may not be sufficient today.
Instead of reacting to breaches and taking on the costs of downtime, lost files and destroyed trust, a periodic security assessment can identify blind spots that place you at risk. Once you know about these problems, you’re able to proactively setup adequate protection before cybercriminals strike. It’s best to use independent IT experts who can audit your security from an outside perspective, often seeing risks that would otherwise be missed.
Regulations change - Are you affected?
Many businesses are kept to strict government regulations around the way they store, process and protect data. Their operating license depends on staying as secure as possible. All regulations require regular security assessments but they vary in scope and timeframe. As regulations change, so do the security assessment requirements. You can imagine how much stricter they are now compared to just 5 years ago. Our team can ensure your business is meeting the relevant regulations, diving deep to be certain you’re safe.
Security patches and updates are vital
It’s so easy to fall behind on your security patches, after all, it seems like there’s a new update every week and each one takes precious time to apply. What we’re seeing though, is that cybercriminals are targeting any business running late, and it’s basically easy pickings for them. If you’re unpatched where it counts, it’s like inviting them in. When we conduct your security assessment, we take a look at your history and see if your business has a robust patch plan in place and make sure you’re up to date. If there’s an issue that’s placing you at risk now, impacted you in the past, or will in the future, we’ll find it.
Viruses are always evolving
Just like the human variety, computer viruses are nothing to welcome into your workplace. They’re constantly evolving to skip past anti-virus scans and do damage in new and interesting ways. Cybercriminals know people are more aware of the traditional infection methods like downloading an attachment or inserting an infected USB, so they’re getting more and more creative. Your security assessment doesn’t just include ticking that you have the latest anti-virus, it includes identifying where you’ve had the most breach attempts and where your biggest vulnerabilities are. This type of precise awareness has a lasting impact on reducing your risks.
Your business may have changed
As your business has grown over the years (or shorter if you’ve experienced a recent surge), your entire setup has changed. More employees, expanded remote access, additional vendors, supplementary locations... the list really is endless. With each change has come a new risk, particularly if your security has been growing around you. It might be that your password policies haven’t been updated since you began, or that you still have the old voicemail system even though phones are within easy reach of customers. This is perhaps one of the most useful areas a security assessment can help with, as you and your employees are accustomed to the business working in a certain way, whether that way leads to risk or not. Our experts will be able to see things from a different perspective, particularly as we make sure to think the same way a cybercriminal would.
What to do with your assessment results
While many experts might present you with a long list of problems and leave you feeling overwhelmed, our team ensures you have a benchmark for progress. You’ll know exactly what you need to do, how we can help, and perhaps most importantly, which actions take priority. Moving ahead, future security investments will be smarter as you focus on the high-payoff areas. You’ll also know exactly what you’ve done well and where your security strengths lie. Employees will see how much you value security, which helps to create a stable culture, and you’ll be able to report your commitment to customers, confirming they’re making the right choice by staying with you.
Curious how your business is doing with security? Schedule a complimentary Security Assessment with Nice Guy Technology.
You may have noticed many business websites now have a green padlock in the address bar next to the letters ‘https’. Until recently, you’d only see that on shopping or banking sites, but it’s now become the expected norm for all business websites - even if you don’t ask people to log in or enter credit cards. Simply put, the ‘s’ in https stands for secure and means any data sent/received by the visitor is encrypted. Clearly, it’s an essential feature for e-commerce sites, but why have all the info-only websites started using https too?
The New Google Rule
As of July 2018, Google will mark your page as insecure unless you’re using https. It’s a movement they started a few years ago to make the internet a more secure place by default. Since Google pretty much rule the internet search and increasing security is always a good idea, businesses have been gradually switching over. Without https protection, someone with access to your internet connection, whether from digital eavesdropping or hacking, could intercept the information. They could also place malware onto otherwise legitimate sites and infect innocent visitors. That’s why eighty-one of the top 100 sites online have already switched to https and a strong majority of the web is following suit.
The Browser Bar Says It All
In the same way a green padlock in the browser bar indicates a trustworthy site, you can expect non-https sites to be marked with a “not secure” warning. Previously, users had to click an information symbol to actively investigate non-secure sites. The shift to plain sight markers will be most noticeable on Chrome, however it’s expected that other browser developers will follow suit. Visitors may then be alarmed by landing on your site and seeing that the connection isn’t secure.
The fact that you may not be asking them to log in, enter personal details or payment is irrelevant. You may not be asking them to enter anything at all, but perceptions matter. Eventually that warning will be changed to an alarming red as Google declares war on unsecure sites. As the common understanding is that a warning = bad, you may get more visitors bouncing away within seconds or even contacting you to report that your site has a problem.
Boosts for Secure Sites
Google is taking its commitment to safe web browsing further by favoring https. That means the search algorithm is taking your site security into account, preferring to display results that it knows will protect users from hackers. Since https status gets the nod, you may find yourself climbing in the ranking while other businesses scramble to catch up. It really is a win-win situation.
What to Do Next
In an ideal world, your site would have a secret switch on the back-end you could flick over and suddenly be https, but it’s a little more complicated than that. In fact, you may have already noticed some sites experiencing trouble with the migration. When the setup goes wrong, users don’t see your website with a little warning in the corner, they’re blocked by a full page error and offered a return to 'safety' (away from your site). The easiest way to make the move to https is to contact your IT technician or web developer, as they’ll be able to make sure you’re keeping Google happy and rolling in the green.
If you need some help, we can migrate your site to https - call us today at 614-233-1648.
Increase Your Productivity with Dual Monitors
Conventional wisdom states that cluttered workspaces lead to a disorganized mind. Mess prevents productivity and begins to hamper professionalism. Shouldn't that apply to the computer desktop too? The simplest way to clean and organize your digital desktop is to add more space. Just adding a second screen doubles the available room and makes organization a breeze. Getting work done with a single-monitor setup is a balance of poor compromises. There never seems to be enough space and the little space available is full of clutter and mess. Switching between windows or tabs wastes time and distracts from work to be done. Stacking windows together, side-by-side, or top and bottom wastes valuable screen real estate. The resulting clutter of windows makes it hard to focus on what is important. While most tasks can be tackled feasibly with a single monitor; two makes the same tasks faster, simpler, and much more enjoyable.
Two Monitors, Many Uses
Data entry with two monitors is far easier than data entry with one. Having source data on one screen, laid out in large type, and the destination on another makes the job a breeze. By eliminating the need to scroll tiny windows or switch tabs, forget and repeat; the same job can be done in a fraction of the time.
Graphic design, image manipulation, and editing are key areas that make the most of a dual screen setup. Stacking one image on each screen allows you to make quick comparisons to make sure your work is going in the right direction. Organizing your editing space is made simple too. Stacking your tools, menus, and options on one monitor with your image maximized on the other helps to stay focused and finish the task.
Beyond Just Two
Having more than a single screen helps you to track tasks you need to keep on the back burner. A team chat window to keep on top of collaboration, status updates for business-critical services, or the latest stock price. These windows and dialogues can remain open and serving updates on a secondary screen while you keep your work focused on your first. It is not uncommon for stock traders or financial analysts to maintain 6 or more screens running from a single computer. Many use this to track various stocks or indices so they don't miss a beat.
Setup How You Like It
Multiple monitors can be arranged in almost any practical configuration imaginable. While most monitor setups are normally horizontal you can arrange them vertically, a combination of the two or try using 3, 4, or 5 monitors to help your workflow. This setup is used often by software engineers, editors, and users reviewing large amounts of text. Multi-screen setups, no matter how they are arranged, behave the same as if all the monitors were just a single screen. Mouse input moves from one monitor to another as if there was no difference between them. From the user's perspective, there is no difference to how they interact at all.
A Boost to Productivity
There is a scientific advantage to multi-monitor setups too. A survey by Jon Peddie research found that adding an extra monitor boosted a user’s output by as much as 20 to 30 percent. A productivity advantage of even 10 percent is prized and very hard to come by in the business world. Receiving a productivity reward of over 20 percent for just the cost of adding a second monitor is something few firms can afford to pass up. The satisfaction of de-cluttering your digital desktop and keeping your focus in the zone is worth it alone.
Protecting A Business from Internal Threats
When considering IT threats to your business many articles focus on hackers, viruses, and attacks from external threats. These dangers are real, constant, and easily identifiable. In many cases, however, the largest threat to a firm comes from inside the business itself.
People inside the firm often pose the largest single threat to systems and security. These individuals often have trusted access and a detailed working knowledge of the organization from the inside. Employees therefore deserve the largest security consideration when designing a safe business system.
It is important to first distinguish the type of dangerous employee we want to defend against. We're not talking about an otherwise model employee accidentally opening a malicious email or attachment. Rather, a disgruntled employee seeking to damage your business.
Some firms, particularly young businesses, grant employees system-wide permissions from day one. This can make administration appear simple, preventing further IT requests in future. Granting system-wide access is an inherently risky strategy.
Private information relating to the business should be restricted access information. Many types of files need to remain confidential, often as a legal requirement. Human resource files, salary information, and employee documents should be limited to only a select few employees. Yet, businesses often keep confidential information in public places on the network.
Granting system-wide access can appear to save time short term. It is, however, a security policy which only serves to cause security, administration, and potentially legal troubles in the future.
The Principle of Least Privilege
The principle of least privilege is a vital tool, helping you to handle internal IT security. It defines a security policy which ensures staff can access only the resources, systems and data they require to carry out their job.
The policy protects the business from many different types of threat in day-to-day operations. Even where malicious attachments have been opened by accident, the damage is limited only to the work area of a single employee. This results in contained damage, less time needed to restore from backup, and drastically reduced downtime for the firm.
Along with limiting accidental damage, malicious employees looking to destroy or steal data are limited too. With restricted access, an employee with a grudge or profit motivation can only damage or steal from their own area of operation. This helps to ensure that no single employee can damage the entire firm's operations.
Security Policy In Practice
A member of staff within Human Resources, for example, may have read and write access to the employee database. This will likely include payroll information and sensitive data. This same member of staff would have no need to access sensitive client data, such as sales information, in normal working conditions.
Likewise, a staff member from the sales department should have no need for accessing sensitive HR records.
Using the principle of least privilege, each employee may only have full access to systems that are directly related to their role. Similarly, some systems may be visible to a wider group of staff members even if they can only be edited or removed by one or two people.
In some cases, a security policy may be defined by even finer details than a person’s role within the organization. An HR employee should not be able to edit their own file to change salary information for example. An employee file might only be edited by their superiors in such a case.
Additional parameters can be used to assign privileges to enable the business hierarchy to work within the IT network. Seniority, physical location, and time are all examples of factors that can restrict access to critical systems and secure data.
We can tailor your network to your business, locking down your data to ensure data is only accessed on an "as needed" basis.
Call us at (614)-233-1648 for all of your IT needs. You have a business to run. Managing your IT is our business.
Companies that suffer security breaches nearly always have one of these IT security problems.
Is your company guilty of any of them?
A shocking number of businesses are not backing up their data properly. According to market research company Clutch, 60 percent of businesses who suffer a data loss shut down within six months. Not only should every business be fully backing up their data, but their backups should be regularly tested to work too. It's a step that businesses miss surprisingly often. Many businesses don't find out that their backup can't be used until it's already too late.
Reactive and not proactive
The world is constantly changing. The IT world doubly so. Attackers are always figuring out new ways to break into businesses, hardware evolves faster than most can keep up, and old systems fail due to wear and tear far quicker than we would like. A huge number of businesses wait until these issues impact them directly before they respond. The result is higher costs and longer downtime.
By responding to hardware warnings before it fails, fixing security holes before they're exploited, and upgrading systems before they are out of date: IT can be done the right way. Being proactive about your IT needs means systems don't have to break or be compromised before they are fixed. The result for your business is less downtime, fewer losses, and lower IT costs.
Insufficient Staff Training
Humans in the system are commonly the weakest point in IT security. Great IT security can be a bit like having state-of-the-art locks on a door propped open with a milk crate. If staff aren't trained to use the lock, it's worth nothing at all.
Often times businesses can justify spending big on security for the latest and greatest IT defenses. The very same firms may exceed their budget and spend almost zero on training staff to use them. In this instance, a little goes a long way. Security training can help staff to identify a threat where it takes place, avoiding and mitigating damage, often completely.
A surprising number of people will use the password "password" to secure some of their most important accounts. Even more still will write their own password on a post-it note next to their computer. In some cases, many will even use no password at all. Strong passwords act, not only as a barrier to prevent unwanted entry, but as a vital accountability tool too. When system changes are made it's often essential that the account that made changes is secured to the right person.
With an insecure password or worse; none at all, tracking the individual responsible for reports or accountability becomes impossible. This can result in both auditing disasters on top of technical ones.
Weak Data Controls
Some companies can take an ad-hoc, fast and loose approach to storing professional data. Often crucial parts can be spread across many devices, copied needlessly, and sometimes even left unsecured. Client data can be found regularly on employee laptops, mobile phones, and tablet devices. These are famously prone to being misplaced or stolen out in the field along with vital client and security data.
It can be easy for both employees and firms to focus on the costs of devices and hardware purchased for the business. The reality is that the data held on devices is almost always worth many times more than the device that holds it. For many firms, their approach to data hasn't been changed since the firm was first founded. Critical data is often held on single machines that haven't been updated precisely because they hold critical data. Such machines are clearly vulnerable, outdated, and prone to failure.
Common problems with simple solutions
Each of these common issues have simple solutions to secure against IT failure. With a professional eye and expertise in the field, every business should be defended against IT issues that risk the firm.
If you need help securing your IT to protect your business, give us a call at 614-233-1648.