Should Companies Consider Banning Email?

If you could guess, how many times have you checked your email so far today? With smartphones, tablets, and laptops, email seems like a perfect way of communication throughout the office because it can be accessed from anywhere at any time of the day. This leads to people checking their inboxes religiously. Because of the easy availability of email, many employees and employers resent looking at their inboxes. The use of email adds more additional work, wastes time, which then stresses everyone out. The average employee spends 23% of the workday on emails, which in turn increases their stress level. With that much of the day being wasted, and the stress it causes employees, should companies consider getting rid of email? There are businesses that have started doing this and have seen positive results.

With email, employers or colleagues can just dump another task onto your plate. Almost everyone has done this at some point in time during their career. You send them an email about something you want them to do (even though it may be a small task) without considering everything else that person may have on their plate. Email makes it so easy to pass tasks down to someone else. Even though that person may have twenty other tasks to do for the day, they now have to add another one to their workload. Sometimes the tasks are something that needs to be done right away, which then puts them behind on their original tasks. 

There have probably been times where you have been emailing a coworker that was in the office next to you or across the hall. Even though emailing may seem quicker, it’s really not. The amount of time it takes to read, respond, and wait for another reply could be cut in half if you would just go next door or across the hall. Having a conversation face to face can be much quicker and people can clarify what they are saying much better than through an email. Banning email means that employees can enter a conversation on their own time instead of potentially getting interrupted every couple of minutes.

It’s hard to get away from your email since it can be accessed almost anywhere. This is a big contributor to stress. Employees cannot get away from work when they have their email connected to their phone or tablet, because as soon as they hear the “ding” or see the notification they immediately look at it. As discussed previously, email can lead to more demands for employees, which leads to stress and impacts their ability to work. By banning email, employees may be able to get their work done more efficiently. Employees won’t have the stress of lost time from responding to emails and receiving requests to take on much more work than what they currently have.

Banning email may seem like an intimidating task and you may think your company would not last if email wasn’t used, but you will see positive results. More employees will be communicating with one another face to face, which will help save time. They will also be able to get more of their own work done instead of receiving tasks from others that put them behind. There won’t be as much stress either because they won’t constantly be checking their emails. If you are worried about banning email completely, try doing it every Friday or even for part of the day. This will lead to more productivity throughout the company.

How to Know You Are the Victim of Email Phishing.

Have you ever received an email that looks just a little bit different than all the others? Or maybe you have recently received an email from a sender that looks out of the ordinary or that you are not familiar with. If this has happened to you, we at N-Tech Consulting suggest that you DO NOT proceed with clicking any links, replying, or any other action the email asks you to do. Our suggestion is to immediately contact us or your technology provider and follow their guidelines to ensure you and your technology ecosystem are protected.

In a previous post we discussed What is Email Phishing, to educate on a technique used heavily by cyber criminals to attempt to gain access to sensitive business information, passwords, and even credit card information. Not to be confused with actual fishing, a cyber criminal uses the same technique by putting out bait and seeing who will bite and fall into their trap. 

We at N-Tech want to make sure you are never lured into the trap of Email Phishing. In this post you will find early insight on how to detect if you are at risk to becoming the victim of an Email Phishing attack, and how to prevent these attacks from happening.


Below are questions to ask yourself if you feel you are the victim of an email phishing attempt.

Does the sender look suspicious, or is an address you don't recognize?

Many times a phishing attempt will replicate someone you have previously been in contact with via email, that is why is is very important that you check the actual domain of the sender, to further understand who is actually sending you that email.

EmailPhishingBlog_From

Does the subject line require an action or perceive as a threat to you?

It is important to pay close attention to what the subject line reads. If the subject line reads anything that may seem persuasive, demanding, or aggressive think twice about opening the email and taking action. This is especially true if the subject line reads something that you have no previous knowledge of. More times than none if your boss or supervisor wants to inform you of important information there will be some kind of precursor or they will tell you in person.

EmailPhishingBlog-Subject

Is the greeting generic and and not particular to you?

Typically someone who is attempting a phishing attack will send a multitude of emails out at one particular time. This strategy results in efficiency of time on the end of the phisher, but increases the likelihood of a victim from preforming action on the attack. There are also phishers who will personalize the greeting. If this is the case, refer to the other guidelines to determine a phishing attempt. 

EmailPhishingBlog-Greeting

Are there grammatical or spelling errors within the email?

With texting being a consistent form of communication comes the use of abbreviated grammar and acronyms. If you see within the copy of the email the usage of 'u', instead of 'you', or the word 'send', where the word 'sent' should be, then this should raise question as a potential phishing attempt. Other inconsistencies include extra spaces in between words, and the use of symbols to attempt a clickable action by you, the user.

Are there links within the email?

Before clicking any link within an email use this helpful tactic to justify the legitimacy of the link. Place your mouse cursor on top of the potential threatening link, (it is important to note NOT TO CLICK the link upon doing so). After holding the cursor on-top of the link for a few seconds, the actual destination of the URL will appear. If the destination of the URL is different than what is shown in the email, there is a great likelihood this is an attempt at phishing.

EmailPhishingBlog-Links

Is there an attachment that requires a download?

Does the suspicious email you just received have an attachment included, and you are eager to open it to see what it could potentially be? As tempting as it may be to open that attachment we at N-Tech urge you to hold off, as that attachment may house the vulnerable link within the attachment instead of the email body itself. 

EmailPhishingBlog-Attachments

Should I be worried about an email that looks branded by a reputable company as being a phishing attempt?

The answer is YES, you should absolutely be wary of branded emails, especially if it is a service that you may have never heard of before or are not a user of. If you are on the fence on if that branded email is legitimate or not, please refer to the above areas of emphasis to determine if you should proceed or not with that email. As always if you are unsure reach out to N-Tech or your technology provider.

To see a real life example of a phishing attempt that replicated an email from Netflix, visit What is Email Phishing and How Do I Prevent it?

EmailPhishingBlog-Images

Not sure if that email from your boss is legitimate or not? Well, press that shiny new button installed in your Outlook application to report it for review. Security awareness platforms like Ironscales (which happens to be the one we use) also provide IT staff the ability to launch their own fake phishing campaigns. These are designed to present end users with real-world examples, without the risk, of course, and can act as a method to direct them to train if needed.

Why is Backing Up Data Important?

When saving data on a device, it normally doesn’t cross our minds to back it up, meaning to have a duplicate copy in case the original is damaged. Most of us believe that saving data once means that it's safe and could never be lost. This is not the case! Even though some of us may question what the odds are that it happens to them, what we don’t realize is all the possible ways it could be lost. A computer infected by a virus, hard drive failure, or even having a bad installation of a program are a few causes for lost data. Backing up all the data files on a computer is extremely important just in case something goes wrong.

An operating system and its applications can be reinstalled, but it might be difficult to recreate the original data that was lost. That’s what makes data the most important part of your computer. Your important, personal, or critical information should always be backed up with a plan for recovering just in case a system failure happens. Sometimes losing data may not even be because of a virus or a system failure, but from a personal mistake. 

We are known to make mistakes from time to time. One of the biggest causes for lost files is because of our own doing. There has probably been a time where you’ve accidentally deleted a file, not saved your changes, lost a disk, failed to update anti-virus, or even spilled a drink on your computer. It happens, we all make mistakes. You could bring it to a computer repair specialist and see if they are able to recover your deleted files or destroyed ones, but it’s not certain that they will actually be able to recover them. Backing up your data beforehand will make you rest easier and save you money when something like this occurs.

Using temporary storage devices to save data may make you believe it is unnecessary to back up data. Temporary storage is not good as a long-term solution, but it’s a good short-term solution for saving data. Numerous people lose valuable files because of trusting a temporary storage device. Imagine losing all of your data because you thought the device you were using was good enough to hold it. You can prevent this by backing up your files.

Remembering to backup all of your data may seem like a pain, but in the end it will be worth it. Work can be redone, but if you would happen to lose files that you cherish, like family photos, these would be gone for good and no one wants that to happen. When backing up your data, remember to try and back it up to a separate location, just in case of a complete computer break down. An even better place would be to back it up online, if something would happen to your computer, you would still have access to your files from any computer that has internet access. If an accident occurs to your device causing you to lose your data and you backed up your files, you will be very happy you did it.

What is Ransomware?

Millions of people use a computer every day. What users don’t know is that they could be at risk of being a victim of ransomware. Ransomware is a type of software that prevents or limits users from accessing their system, either by locking the system’s screen or by locking the users’ files unless a sum of money is paid. Ransomware is considered “scareware” because it forces people to pay a fee by scaring or intimidating them. Recently, ransomware was responsible for the biggest cyberattack the world has ever seen. The threat can be encountered by users through a variety of means.

Ransomware can reach your computer many ways. It can reach users when they unknowingly visit malicious or compromised websites. Imagine surfing the web and going onto a site that is infected with ransomware. It would be awful. Ransomware can also reach you by being dropped or downloaded by other malware. Some are known to be in attachments from spam email, dropped onto vulnerable systems, or through advertisements that are used to spread malware. Once ransomware is in your system it can either lock the computer screen or it can encrypt predetermined files. In the first scenario, an image or notification will pop up preventing victims from using their systems. In the second scenario, the ransomware prevents access to critical or valuable files.

To get your files back you will have to pay whoever encrypted it. Sometimes there may be ransomware help desks, where they will give victims a few files back for free, so they know they are not being completely conned. The price of ransomware vary varies; it depends on the ransomware variant and the price or exchange rates of digital currencies. The average cost is $300, and the hackers usually prefer the payment in bitcoins. Three hundred dollars doesn’t seem like a large amount, but having an affordable price means the hackers are more likely to get paid. Recently, alternative payment options such as iTunes and Amazon gift card have been listed. It is important to remember that even though you may pay the ransom, that does not guarantee users will be able to regain access to their system or files.

Ransomware attacks are not a recent threat. The first attack happened in 1989 and the payment demanded was $189, according to Symantec. It turned out to be unsuccessful because very few people had personal computers and the internet was mainly used by science and technology experts. Looking at how things are today, a large amount of data is stored on computers, people are on the internet via various devices, and sending money internationally is common. The use of computers and the internet is what makes a ransomware attack so painful. Everyone would panic if they got locked out of their computers, companies would lose productivity, and hospitals would be locked out of patient files.

N-Tech can help prevent this issue by recommending security options to clients based on their needs. No one wants to pay for files that they took hours working on or photos that they cherish. To protect yourself from a ransomware attack, you want to make sure that you are always staying alert. Make sure you do not click on links that you are unfamiliar with. You also need to avoid downloading files from people you do not know. In addition, start getting into the routine of backing up files and to regularly saving the copies. This is to be safe in case your device does get infected, then you won’t have to worry about losing the files. It’s better to be overprotective of your files than it is to lose them all because of a compromised website or spam emails.

How RingCentral Can Improve Internal & Client Communication

Have you ever tried to communicate with your team, while everyone is working remote or using multiple devices? If so, you'll know that collaboration can be challenging when the entire team is not working in the same building. So… what do you do? Many people have found success by using RingCentral. There are a few things you should know before you purchase and implement a new communications platform, and ensure productivity remains a stronghold. This post will tell you what you need to know when you select RingCentral as your hub to bring staff and clients together in one place.

If you’re looking for a one-stop-shop for your staff’s communication needs, the best method to ensure you end up with a product that allows you to remain productive, even while some are working remote, is by looking for these three items:

  1. Make sure your communication platform allows you to collaborate in a multitude of ways, over various devices. If it doesn't, you'll have trouble communicating and sharing within your organization.
  2. Ensure your communication platform has a video chat & screen share function so you can effectively collaborate with one another, even while working remote.
  3. Any good communication platform should let you allocate tasks to individuals within your team. This is important as it will drive maximum productivity towards project completion.

While not necessary, some great bonus features of RingCentral are video chat & screen sharing, project task allocation, and enterprise-grade security.

Now that you know what RingCentral is all about, you're ready to implement without worrying how your team will communicate effectively again.

How MSPs Can Protect Their Clients By Protecting Themselves

Managed service providers (MSPs) offer IT solutions for their clients’ businesses. MSPs act as an internal IT department that would set up and maintain your technology solutions and ensure that your information is secure. To do so, MSPs need to establish connections to all their client’s networks, and because of this, they increasingly find themselves a prime target for ransomware. With a single attack, the hacker can capture the critical data of not just the MSP but all their clients’—and then hold that data for ransom at a very high price.

Ransomware attacks are gaining popularity. Global cyber insurance provider Beazley reported a 37% increase in ransomware attacks in the third quarter of 2019 compared to the previous quarter. Particularly worrying is that a staggering 25% of all incidents were against MSPs. 

MSPs need to take extra preventive and curative measures to protect themselves against the massive threat posed by ransomware. If they don’t, they are not only putting themselves and their reputation at risk, but their clients’ business as well. Here at N-Tech, we understand the gravity of what it means to be managing your business and take every precaution to ensure we not only keep your system secure but ours as well. 

Before you enter into an agreement with an MSP, we would encourage you to ask what measures they take to protect themselves. If your current MSP isn’t taking these precautions, or if you are looking for one that does, schedule a consultation call with us today. 

Here are a few of the security precautions we currently take: 

  1. Firewalls & Security Software

We practice what we preach and then some. Just like how we outfit our clients with top-notch security solutions, we have fortified ourselves as well. 

  1. Network Segmentation 

To prevent a hacker from gaining access to all our clients’ networks by merely accessing our own, we utilize network segmentation. We divide our system into smaller sub-networks and implement policies to control traffic flow and access to them. 

  1. IP Filtering 

We use IP filtering like a firewall to protect our clients’ sub-networks from intruders. With IP filtering, we control the IP traffic in and out of the network and have set rules to restrict unwanted users from entering.  

  1. Reauthentication Protocols 

Utilizing Microsoft 365 filter down policies, we frequently force the reauthentication of a user via multifactor authentication. If a password becomes compromised, the tools will quickly block access until the multifactor authentication is completed. 

  1. Regular Security Penetration Tests 

We work with an outside security firm to regularly run penetration tests on our internal systems. We understand the importance of having our work checked by another professional and identifying our gaps before a cybercriminal can.

Save Time and Money: Know When & Who To Ask For When You Need Help

Business owners often attempt to handle their own IT management internally, when in reality, they don’t have the experience, the staff, or the time to do so appropriately. In the long run, time is wasted trying to learn everything necessary to provide system upkeep, and money is lost due to diverted attention from profitable tasks.

Partnering with a quality Managed Service Provider (MSP) can help reduce this headache, ensure that your operations are uninterrupted by technical issues, provide expertise on how to best leverage technology tools to improve your business, and ultimately save you money. 

Our goal here at N-Tech is to provide you with relevant solutions backed by reliable support while maintaining complete transparency. We offer you what you need- nothing more and nothing less. Here are some ways we ensure that we meet this goal: 

  1. We are straightforward. 

All-inclusive does not always mean cost-effective, especially when it comes to IT Management, so we don’t do all-inclusive monthly retainers. We structure our contracts to include the necessities with the flexibility to add more services if the need arises. You will know that every invoice is for services provided, not services that should have been provided.  

  1. We are focused on the why.

We are not interested in providing cookie-cutter solutions. Our process is what makes us different. We take a strategic approach to crafting solutions. We discover, design, develop, and deploy solutions that achieve your business objectives. 

  1. We value transparent communication. 

You will always know exactly what we are doing, why we are doing it, when it will be done, and that it will work. Our team keeps you in the loop by providing consistent and thorough updates. We want to give you the information needed to feel confident.

If you think it’s time to ask for help, stop wasting your time and money, book an introductory call with us. We would be happy to provide a helping hand.

6 Ways Leveraging Technology Can Grow Your Dental Practice

Is your dental practice taking full advantage of technology — or are you just making do with what you have? From treatment technology to information technology and even the office equipment that your front desk team uses, here are six ways the right type of technology can help grow your dental practice.

  1. More efficiency means more patient appointments. Outdated hardware and software slow everything down. If the technology you rely on to run your business is down, you run the risk of losing patients' trust and overall credibility - not to mention revenue. Without current X-ray technology, for example, you may have to redo X-rays over and over to get them right, annoying patients and stressing your staff out. Updating your practice so that all your tech tools work seamlessly together will streamline treatments and help you get patients in and out of chairs faster. It will help patients refer. It will ensure your business keep humming along with new patient appointments. 
  2. It helps educate patients on treatments they need. Have you ever had a patient put off a serious treatment for years, like a cavity? 62% of patients put off serious treatments simply because they are not educated on the importance of the treatment, the next steps, or the impacts. Dental practices that use high resolution cameras and LCD screens to educate patients on treatments they need find they are more successful with encouraging patient to schedule in a return appointment and take care of the problem immediately. Educating patients is now a responsibility for dentists - and finding a technology partner that can help you leverage technology to do this effectively is the first step. 
  3. Your staff members are enabled to drive new business. When equipment isn't functioning properly or technology that adds unnecessary effort to processes, your staff can't focus on the patient experience. Helping patients make new appointments, confirm existing appointments, suggesting follow up appointments- these tasks are all essential to recurring revenue. Having an outsourced resource that can be held accountable 100% for technology can free up your front desk staff and ensure your practice is focused on the patient. 
  4. Your patients, and your reputation, is protected. Outdated software and poor cybersecurity practices can put your patients' personal health data at risk of being stolen — and put your practice at risk of noncompliance with HIPAA regulations. You should never skimp on technology that provides security for your office’s networks, computers and devices. If your dental practice suffers a breach, like many do, you will not only have to pay enormous unexpected fees, but your patients will never trust your practice with their personal information again. 
  5. It makes your practice more profitable. You may be leery of investing in expensive new technology for fear it will hurt the bottom line. However, if you run the numbers and consider the increased efficiency that new technology can bring to your office, you will generally see that the return on investment in new technology will happen sooner than you think. Working with a technology partner that provides quarterly ROI reports can help you determine just how much to invest in technology on a regular basis. 
  6. It improves patient response and show up rate. Up-to-date technology software helps ensure that patients never miss an appointment. Communication apps can track when patients are due for hygiene appointments, send them automatic reminders about upcoming appointments, and even contact dormant patients to get them back in the office. Plus, you can communicate with patients by email, text or voice — however they prefer. You could be missing out on new and recurring patient appointments simply because you didn't follow up. Working with a technology partner can help set up these tools so your staff can automate patient communication.

What is email phishing and how do I prevent it?

What is Phishing?

Phishing, not to be confused with actual fishing, is a common form of internet scam designed to gather information from its recipients. Cybercriminals use social engineering, often in the form of fake emails or pop-ups, to bait and lure people into giving up sensitive information such as passwords and credit card information.

While many of these phishing campaigns come in the form of low effort emails telling you that an account you don’t even have has been compromised, a growing number of phishing campaigns come in forms that are almost indistinguishable from companies legitimate communication. Phishing is on the rise. The FBI estimated that in 2019 US citizens lost a whopping $57 million to phishing attacks, so it’s easy to see the importance of being able to identify these attacks.

What does a phishing campaign typically look like?

While they can come in many forms, some of the most commons forms are:

  1. netflixscreenshotFake invoices
  2. Claims of an account problem (ex. Netflix needs to verify your payment information)
  3. Suspicious Activity Claims (ex. A suspicious login was detected, update your password now!)
  4. Offers that are too good to be true (ex. You’ve won a free TV! Act now to claim your prize.)
  5. Government communication (ex. The IRS has discovered an issue with your tax refund.)

Often these attacks come littered with grammatical errors, generic greetings, and questionable links, but as mentioned earlier, sometimes a phishing attack isn’t always apparent. 

Here are a few ways that you can identify a phishing attempt before getting lured in:
  1. Is the email address recognizable? Before taking any action, take a quick look at where the message is coming from. Make sure the domain matches the sender, a legitimate email from Netflix would most likely be from something like example@netflix.com, not netflixsupport@gmail.com.
  2. The email includes a link, but does it match a site associated with the sender? For example, an email that is supposed to be from the government is leading to an unrelated site. Pro tip: hover your mouse over the link before clicking on it; this will expose the entirety of the linked address.
  3. Does the message look legitimate? Take a quick look at the message you have received and be skeptical. Does this look like communication you have received from the sender before? Have you ever received communication from them?
  4. If a link has been clicked and is asking you to login, does the login page match the site? An Amazon link almost certainly won’t bring you to an Office 365 login page.

While it is important to know a few quick ways to identify phishing attacks, the most crucial aspect of prevention will always be training. Training presented by your IT provider is a great way to get users in your business aware of the dangers and common patterns in phishing campaigns. Often these training platforms come with useful tools to help end-users identify and report phishing attacks before they become a real problem.

Not sure if that email from the CEO is legitimate or not? Well, press that shiny new button installed in your Outlook application to report it for review. Security awareness platforms like Ironscales (which happens to be the one we use) also provide IT staff the ability to launch their own fake phishing campaigns. These are designed to present end users with real-world examples, without the risk, of course, and can act as a method to direct them to train if needed.

Firewall? We don’t need no firewall!

You need a next generation fully featured security appliance!

If you’re still using a traditional firewall to protect your network, you may be leaving yourself vulnerable to attack. Traditional firewalls are OK at preventing traffic from making it to your network. At least the traffic they can see...

Did you know that SSL protects over 72% of all traffic on the Internet?

And honestly, that’s a great thing! But can your traditional firewall see what threats are contained in that traffic? A lot of modern day firewalls can review this traffic, which is a must these days. But much of the time, these features are turned off because of the impact on performance.

Don’t hit a wall!

You don’t have to choose between security and performance.

Watchguard

You should be able to use all the features on your firewall, without crippling your performance. WatchGuard Firebox series next-gen security appliances are one of the few in the industry that publish real world throughput metrics. You’ll know ahead of time exactly what to expect for each model.


So this requires another license?

Nope!

Watchguard TotalSecurity includes all the features you could need in a security appliance. It’s why we decided to partner with them in the first place. Unlike Sonicwall, WatchGuard won’t charge you for each feature you want to enable. Application Control, Web Filtering, Data Loss Prevention to name a few, are all included.

So can you just 'Set it and forget it'?

That sure would be nice, wouldn’t it? The threat landscape changes every single day. New attacks are released, new, and novel approaches at convincing your users to give up information. A fully managed security appliance, with centralized monitoring and support, puts your organization worlds ahead in protecting your company.

Ask us how we can help protect you and your company!