Our Blog

As a small business, it is important to have a plan in place that allows you to act strategically and swiftly when a cybersecurity incident occurs, like data loss or service outage that threatens daily work.  An Incident Response Plan is a written set of instructions to help your staff detect a security breach, know how to respond to it, and what protocols to follow. The plan should encompass different types of cybercrime that could happen and what to do in each scenario. The plan may also include a list of personnel with their respective responsibilities. In addition to IT staff, the list of personnel may include legal, human resources, and public relations members.

There are generally six factors that will impact an Incident Response Plan:

• Preparation: Performing a risk assessment to prepare for potential cybercrimes
• Identification: Identifying the significance of the problem
• Containment: Isolating the problem so it doesn’t affect anything else
• Eradication: Upgrades and replacements
• Recovery: Restoring data and normal services
• Review: Lessons learned on how to prevent the problem from happening again

By developing an Incident Response Plan, you are taking proactive steps to protect your company and your customers’ data, maintain a healthy reputation in the community, and avoid having to pay large amounts of money in the case of a ransomware attack.  With cyberattacks up over 300% since the onset of COVID-19, having a plan allows you to have peace of mind knowing that a strategy is in place for keeping the business running in the event of a breach.

Many small businesses often don’t have the staff and expertise to come up with and maintain an Incident Response Plan. ICC can help you understand and put a comprehensive plan together so you can rest assured knowing you are prepared. ICC can also play a critical role in the implementation of the plan, technology, and any future troubleshooting.

For more information, or to get started, call ICC at 970.821.8592 or visit our website at iccusa.net.

If you or one of your employees opens the wrong email or clicks on the wrong link, it has the potential to be catastrophic to your business. Unfortunately, phishing has become harder and harder to detect. Phishing is an attempt by cyber-criminals to obtain sensitive information by disguising themselves as a trusted source through an email or text.  It only takes one click of the mouse on the wrong email link or file to give a hacker the access they need to bring down an entire network or enable a virus.

ICC can help to properly educate your employees on what to look for to prevent anything like that from happening. ICC’s Phishing Tests are an effective training tool that helps employees know how to identify malicious emails before they click on anything. The fake tests provide hypothetical real-life situations so employees can become vigilant towards such attempts.

Here also are a few tips employees can use to detect hazardous communication:

• Check Sender’s Email Address: Does the sender’s email address match the company name? If not, do not proceed to click on anything in that piece of communication.
• Investigate Before Clicking: Hover the mouse over a suspicious link to see where the link leads to. If the web address looks to have nothing in common with the email, best not to click it.
• Be Suspicious of Urgent Requests: Bank or credit card companies may ask for immediate action in some situations, but most of the time, be wary of requests for personal information in a quick timeframe.

Employees are a major contributor in your overall cybersecurity strategy. If they do not know how to identify possible attacks, they may click on the wrong link which may result in a hack or breach. Be sure to enroll in ICC’s Phishing Tests. By arming employees with the knowledge of cybersecurity best practices, your business can significantly reduce its exposure to attacks.

To learn more about our fake phishing tests, check out our latest video https://www.youtube.com/watch?v=rONaMSSkUVY

You can also call us at 970.821.8592 with any questions.

The reminders you see pop up on your computer screen to update software and applications should never be ignored. Those updates – also known as patches – ultimately serve to enhance the computer’s security and improve its stability. Patches are corrections to programming vulnerabilities found in the computer’s operating system, applications, and firmware. Hackers and malware exploit any vulnerabilities to illegally gain access to the system. Ignoring update notifications can lead to identity theft, data loss or damaged software. When the security patches are applied, they become a part of your line of defense in cyber protection and hackers/malware are no longer able to exploit this particular method of entry.

How often updates need to be installed greatly depends on the application or operating system. Some patches are released monthly and others vary as needed.  It is important that the patches are applied in a proactive manner so security policies are kept up to date. So, as tempting as it is, even when you are in the middle of working on a project, try not to put off the updates by choosing “remind me later.” When you do that, think of it as leaving your computer in a vulnerable state. Make sure to read the notification before clicking “Yes” or Install.”

Keeping your computers and software updated is an essential piece of cyber security. If you are unsure how the security patches are being managed for your company, or you don’t have the manpower, or even time to stay on top of system updates and maintenance, give us a call. We’ll start with a risk assessment and come up with a plan to make sure your computers are stable and protected.

For more information call ICC at 970.821.8592 or visit our website at iccusa.net.

Many businesses think they are too small to be affected by a cybersecurity attack. The reality is 58% of such attacks are directed at small businesses, and of these, 60% go out of business within 6 months from financial losses resulting from theft of banking information or disruption in their business.

Small businesses are an appealing target for cyber criminals because they don’t usually have the security in place that a lot of larger companies do. Many don’t have the proper cyber protection in place because they either feel they don’t need it, are using outdated cybersecurity strategies or they don’t want to make the investment. But isn’t your business worth protecting?

With many company employees working remotely these days, it’s more important than ever to think about cybersecurity. When more employees are using devices like laptops and iPads there’s a greater risk, and there’s a false sense of security working from home.  An email may look like it’s coming from a legitimate source, but it could very well be a phishing scam and lead to serious malware/ransomware on your device.

Performing a cybersecurity risk assessment is the first step in developing an updated strategy.  This allows vulnerabilities to be identified and discussed in order to develop a strong plan moving forward. Educating employees on what constitutes a dangerous e-mail and reminding them not to share passwords always helps. Installing security software and keeping software up to date can be effective in preventing a cyberattack. It’s also important to regularly back up files. If a cyberattack should happen and your data is compromised, files can be restored from backup files.

With small businesses being a prime target to attackers, having a sound cybersecurity plan in place is critical. ICC can perform a cyber security risk assessment that shows your risk levels and recommend ways to drastically lower your exposure.

For more information or to help you get started protecting your business, call ICC at 970.821.8592 or visit our website at iccusa.net

From computers to cell phones, tablets, and more, we are constantly connected and sharing data with the world. With October being Cybersecurity Awareness Month, our team here at ICC have gathered some tips to make sure you stay on top of your cybersecurity measures to keep your data protected.

1. Think before you click

Hackers will send emails disguised as shipping confirmations, past due notices, or emails from your boss. Take a second to think before you click, check the email address, and make sure nothing looks out of the ordinary.

2. Use multi-factor authentication (MFA)

Multi-factor authentication is an extra layer of protection when accessing your data. Once you enter your password, a code is sent to confirm your identity. MFA makes it harder for hackers to access your account.

3. Keep up with updates

Make sure to stay on top of all updates so your system isn’t left vulnerable to hackers. Outdated security measures and technology can put your system at risk or may cause crashes or downtime. An assessment conducted by the ICC team will help to ensure that your business’ software is up to date and secure.

4. Back up your data

Anything could happen at any time and it is best to be prepared! Back up your system often to improve restore times and accuracy. Work with our IT professionals at ICC and they will help you set a plan for backing up your data that suits your needs.

5. Ensure you understand all policies and procedures

Joining unsafe networks from your personal device when accessing company information could put your data at risk. Speak with us about safe ways to access this information and how to manage your risk.

6. Don’t overshare on social media

The information you post on social media is easier to find than ever. Be careful what you share for hackers are always on the prowl for easy access to data.

7. Ensure your security awareness training is ongoing

ICC is here to help! We have training sessions that can teach your employees how to recognize suspicious emails or activities.

8. Use your mobile devices securely

Open or public Wi-Fi networks can expose you to cybersecurity threats. When possible, use your own personal hot spot for internet access or your cellular data.

9. Look out for phishing scams

Phishing emails are the number one-way malware/ ransomware is delivered. We can provide email phishing training to your employees to lower the risk of opening unwanted emails and attachments.

10. Properly dispose of electronic media

ICC can help dispose of electronic hardware and devices, so it doesn’t fall into the wrong hands.

11. Create a cybersecurity friendly culture

Our team at ICC is here to help your team navigate the world of cybersecurity. We value our relationships and want to create the best plan of action according to your budget and needs.

12. Monitor your credit and financial statements

Keep an eye out for any suspicious charges or activity on your credit card or financial statements. Make sure to follow up with your financial institution if anything looks suspicious and update your passwords.

13. Don’t underestimate a hacker’s interest in your data

58% of cybersecurity attack victims are small businesses. Let us help protect your data and create a personalized I.T. strategy today.

14. Virtually and physically secure sensitive information

In our 20+ years of business, we have come across unlocked server rooms, servers placed out in the open, and passwords written on sticky notes. Data breaches aren’t always online so it’s important to keep your data protected and secure.

The ICC team is available to assess your business’ security, technology, and overall IT plan. Contact us today to learn more 970.821.8592.

Technology is everchanging, and as businesses continue to evolve and adapt in the world, they must keep up. From the cloud to updated software and new applications, updating your technology is essential. If you do not update your technology, there are many risks that can affect your business such as security, system downtime, higher support costs, and trailing behind the competition.

Security

The most important risk factor for outdated technology is security. With the capabilities of the internet, and technology today, security is a number one priority in keeping your business safe. With new online scams popping up every day, outdated software and security tools can compromise your business operations. A proper assessment will ensure your systems are safe.

Crashes and system downtime

Nowadays, business takes place 24/7, 365 days a year. Computers and operating systems are important to your daily business and must always be working efficiently and effectively. If your security or software applications are not updated, you may experience crashes and system downtime. Software updates become outdated and may not be readily available if your system unexpectedly comes to a halt. That is why it is important to stay on top of security patches.

Higher support costs

A risk of using outdated technology is the cost you can incur maintaining and repairing it. Older technology is less energy-efficient than today’s technology and uses more power. It also takes more time to keep older systems up and running. In addition, updates may not be readily available with an older system. Although new technology may be more costly upfront, the cost will balance itself out with less need for maintenance and repair as time goes on.

Sets you behind your competition

Older technology may not produce results as quickly, leaving your business operating slower and not functioning at its full capacity. Time is money, and an updated system will help produce work faster and keep you in line with your competition. If your competitors continue to advance their technology and you trail behind, your business will be left trying to catch up.

If you have questions about your systems technology and would like the ICC team to assess your needs, contact us at 970.821.8592 or at info@iccusa.net.

We are proud to announce Josh Layton as our newest employee here at Integrated Computer Consulting (ICC). He will be working in the Business Development department to assist in growing our clientele here in northern Colorado.

Josh comes to us from Limon, Colorado. He studied Finance at the University of Denver and has held various positions in multiple industries before becoming an IT technician and then moving into sales. Josh has experience in healthcare IT solutions and with a background in finance can assist clients in understanding their system and cost analysis.

Josh will bring professionalism, attention to detail, and great communication to our clients to make the overall sales process an enjoyable experience.

When Josh is not selling IT solutions, he enjoys spending time with his fiancé, Jennifer, and his 9- year old daughter, Adilynn as well as going to the gym, golfing, hiking, and wake surfing. He also has four pets: a 2.5-year-old puggle named, Henri, a 7-month-old golden retriever named Dug, and two fish names Glowie and ‘Merica.

We are so happy to have Josh Layton on our ICC team!

With the majority of work being completed online with access to company information, assessing your cybersecurity risk is critically important for keeping your company’s private and valuable information safe.

What is a Cyber Security Risk Assessment?

A Cyber Security Risk Assessment is a service that ICC provides to assess the data that is at risk when a cyber breach occurs.

What does a Cyber Security Risk Assessment entail?

ICC uses leading assessment tools that run in your environment for a period of days to gather information. ICC will compile the results and present this information in an easy to understand format. ICC’s assessment includes:

Data Risk Assessment – Data such as PHI, payment info, health records, photos, addresses, names, SSNs, etc. will be assessed. If that data is not properly protected or destroyed if not needed, it can lead to serious financial implications.

Fake Phishing Test – Since 91% of attacks come though employees clicking on malicious links, phishing tests are important for assessing risk.

Patch Management Status – The status of an operating system and application patches is a huge factor in the overall strength of a network’s ability to ward off attacks.  If the operating system is outdated or the patches are not current, this is a huge vulnerability and can leave your business exposed to malware/ransomware.  Additionally, updates for applications like Java and Adobe are two avenues hackers will use to gain access.

Dark Web Scan – What data has been compromised from employees and the business.

Scanning Network Port and Service – Yes, if certain ports are left open, someone can gain access to your network simply by typing an IP address in their browser’s address bar.  ICC examines the vulnerable ports which can allow access to sensitive information.

Network Mapping – ICC will provide a network diagram for you to see how the network is connected and where the emphasis should be directed.

Reporting – ICC will compile a detailed report of all findings as well as any recommendations for a secure computing environment.

Incident Response Plan – This is an additional service ICC can provide to your cybersecurity assessment.  ICC will outline a very detailed set of instructions in case of a variety of scenarios such as a breach, physical theft, server crash, cyber-attack, or even natural disasters. This service is not included in the assessment.

The I.T. landscape has changed and a cybersecurity risk assessment is critical.  Cyber-attacks have increased by 72%, especially with COVID-19.  With technology being such a crucial component of any business’s ability to operate, proper management and security practices are important for the health of a business’s network and the safety of patient/client data.  Many businesses feel as though they are not a target or simply choose not to employ the resources to protect themselves against an attack. This will have a significant financial impact when data or the network are compromised. For more information on ICC’s cybersecurity risk assessment, give us a call at 970.821.8592 or contact us at info@iccusa.net.

With working from home being the norm these days, it is important that you keep your home WiFi network safe. Many remote employees are accessing onsite servers and cloud resources or other important and confidential information that if leaked, could cause harm to their work and their company’s business. Here are a few steps to make sure that your home WiFi network is updated and secure.

Change the Administrator Password for Your Router

Administrator passwords are different from the one you use to connect to your router and WiFi. Administrator passwords are fairly common and any novice or advanced hacker can easily find this password. Changing this password will help to keep your WiFi network safe.

Follow these steps to change the administrator password:

1. Look for the label on your router with the IP address, administrator username, and password
2. Open a new tab in your web browser
3. Enter the IP address in the web address bar
4. Enter the administrator username and password on the login screen
5. Look for the administration area and change the password. Make sure you set a long password using a variation of letters, symbols, and numbers.
6. Make sure to disable remote administration. This allows someone from outside your home to connect to your WiFi and access information.

Update Firmware

When you are logged in to change your administrator password, make sure to update your router’s firmware. There may be fixes or updates needed since it was last updated. It is essential to update your router’s firmware to protect it from threats. In the administrator window, you should be able to locate where to perform this update. We recommend setting your router to auto update if possible.

Configure WiFi Security Settings

There are three settings that you should make sure to check: SSID, encryption method, and WiFi password.

1. WPA3 is the newest wireless encryption standard but most routers offer WPA2 encryption so that is the best selection. Be sure to select WPA2-PSK, WPA2-PSK (AES), or WPA2-personal.
2. Be sure to change your wireless password to something more complex using letters, symbols, and numbers.
3. Change the SSID or name of your wireless network to something generic and hard to identify.

If you have any additional questions about how to keep your home WiFi network secure or if you need any assistance, contact the IT team at Integrated Computer Consulting (ICC) at info@iccusa.net or 970.821.8592.

Working from home these days is slowly becoming the new normal. With the recent virus threat, majority of businesses have sent their employees home to work from a more safe and comfortable space. However, when working from home, employees don’t have access to some of the hardware needed to conduct business effectively on a daily business. They are also scrambling to set-up an in-home office to create a productive and reliable workspace.

Integrated Computer Consulting or ICC has seen an influx over the last week for remote phone systems as more people are working from home. Voice over IP or VoIP phone systems use the internet and not a traditional phone line, so you can access to your office’s phone system anywhere with an internet connection. VoIP systems have many benefits that allow you to continue to work remotely and conduct business as usual. The benefits include:

• Setting up a fully functional phone system in less than a day.
• Installing the computer application and mobile application allows employees to make and receive calls through their computer or cellphone app without revealing their cellphone number.
• Voicemail can be sent to email as an audio file or transcription.
• The ability to set up a custom call flow.
• Calls can be parked or transferred.
• Calls can be recorded if you wish to do so.
• Instant messaging and video conferencing (up to 50 users) allows for an easier way to communicate with our employees and hold meetings.
• Once you are back in your office, the same configurations can be set but with the use of a new desk phone.
• Compliant with HIPAA.

VoIP or remote phone systems are an easy way to keep your employees connected and to keep your company doing business. Now through June 30, 2020, Polycom is offering a $35/phone rebate when you purchase more than 5 phones. If you are looking for more information on remote phone systems or VoIP, call ICC at 970.821.8592 or email us today at tylerharnden@iccusa.net.