These days everyone is concerned about data security, and with good cause. Not surprisingly, Microsoft has been a leading player in security, along with reliability and user productivity. When they took the Office productivity suite to the cloud with Office 365, they also took a giant leap forward in terms of being able to secure your most important and confidential information.

But let’s make one thing perfectly clear: your data is yours and it belongs to you alone. Office 365 gives you extensive control over privacy and visibility in terms of who has access. You manage these controls and you can customize them to fit the needs of your company. In the unlikely event that you choose to leave Office 365, you take you data with you and it is completely removed from the Microsoft cloud. Let’s look at some other features:

Secure Identity Controls

Office 365 allows you to manage users through access control, identity management and password authentication, which fully supports 3^rd party identity providers. Through the use of multi-factor authentication, you can choose the level of ID control that works best for your organization:

• Enabling and enforcing end-user multi-factor authentication
• Using a mobile app (one-time password) as your 2^nd authentication
• Using a telephone call as the 2^nd auth factor
• Using an SMS message as the 2^nd factor
• Separate passwords for non-browser baser software, such as Skype for Business

In other words, Office 365 gives you options from fairly basic to extremely advanced and you are free to choose what works best for you.

Infrastructure Security

Microsoft spans the globe and their sheer size allows the use of techniques and strategies for defense against attacks on their network that few service providers can offer…certainly far above the ability of the typical small to mid-sized business.

Threat Management

Microsoft uses threat management controls that identify intent, determine capability of achieving that intent, and the likelihood of that threat successfully exploiting a vulnerability. This protection includes email spam, malware, viruses, and protection of Exchange.

Mobility

Your people are on the move. They work from home, in airports, hotels, clients’ offices…in town and around the world, and they take their devices, both self-owned and company provided, wherever they go. Whether they use Apple, Android or Windows platforms, the Office 365 mobile device management system identifies, monitors and protects your company’s sensitive information.

Incident Response

Stuff happens. Microsoft has a highly-advanced incident response program that includes multiple dedicated teams to prevent security incidents from happening, but when they do occur, they are immediately detected and immediately responded to.

Multi-Tenant Security

This is a fancy way of saying that multiple clients share the same infrastructure, which sometimes leads to a concern about keeping one client’s date secure from another client. Microsoft works under the assumption that any single client may have bad intentions and has created an enterprise level of security that insures privacy, confidentiality and integrity of files. It would be next to impossible for any single company to achieve this level of security on their own. By the way, it is this multi-tenant structure that enable small companies (although large companies do this as well) to have enterprise level infrastructure at affordable costs.

Physical Security

All Office 365 clients’ data is stored in data centers located around the world, using multi-layer “defense-in-depth” security protection. These centers are constructed to withstand natural disasters, or unauthorized access and have extensive power and internet backup systems. Geo-redundancy (co-locating in multiple centers) with automatic failover provides still further protection.

So as you can see, Microsoft Office 365 provides extensive security controls. We hope this information will give you a strong level of comfort, but if you have any questions, please give us a call.

DynaSis has been a Microsoft Partner since 1993 and specializes in Office 365 installation. You can find us online at 678.373.3716 or www.DynaSis.com.

By The DynaSis Team

In late 2013, Internet security firm Fireeye discovered that a string of sophisticated, seemingly unrelated malware attacks had all been built on a common infrastructure of malicious services and applications. After further research, Fireeye concluded that multiple criminal entities and operations were working together, pooling and sharing resources and logistics to make it easier and more efficient to develop and launch highly sophisticated but distinctly separate attacks. A few months later, security firm McAfee announced that 20 to 30 cybercrime groups—all in the former Soviet Union — had reached "nation-state level" capability.

At the time, DynaSis reported on this trend, urging business owners to increase their security efforts. Knowing that strong cyber security is beyond the technical capability of virtually all small and midsized businesses (SMBs) we recommended that SMBs work with security-focused IT consultants or IT services firms to achieve better protection.

Fast forward to 2016, and the situation has only gotten worse. In fact, the continued evolution of the Deep Web, (also called the Dark Web)—a “hidden” Internet where illegal activities flourish—is accelerating the threat.  According to an Infosec Institute report, security firm TrendMicro’s analysis of the Deep Web identified major cybercriminal ecosystems operating in Germany, Russia, Japan, China, the United States, Canada and Brazil.

News headlines about Russian and Chinese cybercrime organizations are fairly common. However, the media report less frequently about the U.S. cybercrime ecosystem, which Tom Kellermann, chief cybersecurity officer at Trend Micro, characterized as, “A gun show for everyone as long as they can participate and are willing to pay.” These cybercrime groups, Kellerman noted, “primarily cater to customers within the region…most of the offerings (stolen accounts, products and services, and fake documents) are U.S. based.”

We hope that anyone reading recognizes that the threat of becoming a victim has reached epic proportions. In fact, no prudent managed IT services or IT support provider—even those that emphasize security—guarantees to completely prevent all threats from reaching corporate systems. Rather, the focus is on monitoring, detection and swift elimination.

Here at DynaSis, we have always followed security news, and we continue to enhance our own security offerings to incorporate the most modern, successful approaches. It’s a scary world out there, and it only takes one breach to bring an organization to its knees. To learn more, we invite you to download our white paper, Cyber-Security 2016, or browse our blogs and white papers at “The Latest.”

DynaSis has been Atlanta’s premier IT support services provider for more than 23 years. As an IT company working with small to midsized businesses (10 to 150+ users), DynaSis has developed a unique 12-layer approach to network threat protection, ransomware prevention and crypto virus threat elimination. The DynaSis Business Cloud functions through a highly secure environment with full real-time data backup. Please contact us at 678.218.1769 or visit our website at www.DynaSis.com.

By the DynaSis Team

Every day, small and midsized business (SMB) owners are bombarded with seemingly conflicting messages regarding how IT solutions can help them best run their businesses. With so many options to consider regarding corporate security, productivity and cost efficiency, it is not surprising that some of them stick their heads in the sand and do nothing.

Unfortunately, with SMBs becoming favorite targets for cyber attackers, and with corporate competition increasingly fierce, that is the worst possible way to operate. Here’s one example:

A business owner has been operating with a “break-fix” mentality, which means he or she only makes technology purchases when something breaks. This is a reactive operating strategy, but many business owners take this path because they believe they cannot find the time or budget to manage their technology proactively.

This approach has always been financially inefficient and detrimental to productivity, and DynaSis has long recommended that business leaders team with a knowledgeable, trustworthy IT consulting partner, such as a managed services provider or an IT services firm, to help them create and implement a technology roadmap that includes staged upgrades and improvements.

Today, however, the break-fix approach has become more than inefficient. Outdated, network-connected equipment, such as networked printers, likely has no built-in security protections. Such machines are more likely to be operating with open Internet connections, and hackers know that. Furthermore, competitiveness in today’s market relies on providing workers with modern technology. Organizations that persist with the break-fix model invariably fall behind.

In other words, making smart, planned technology improvements helps organizations foster productivity, security, cost efficiency and competitiveness—not to mention employee satisfaction. The question then becomes: how does the business owner know which improvements are smart?

To help our readers, we have prepared a chart of technology Do’s and Don’ts, in terms of best practices. The list only scratches the surface, but it’s a good place to start.

These are just a few of many examples where smart technology choices are beneficial to your company, its personnel and its bottom line. If your technology environment is inadequate or outdated, your employees cannot achieve their missions, and customers may perceive your physical space—and your firm—as dated. Similarly, if your approach is too lenient, you could be throwing away money, productivity and security. A knowledgeable, expert IT support company can help you evaluate your options, minimize your risk and keep your equipment operating in peak condition.

Selection of an IT outsourcing company is a very important business decision. For almost a quarter century, Atlanta’s small to mid-sized businesses have relied on DynaSis’ for managed IT services, internet security, and 24 x 7 x 365 helpdesk support. Today, with cybercrime becoming an ever-increasing threat, DynaSis has become an industry leader in network protection and ransomware prevention. Please take a tour through our website at www.DynaSis.com or speak with a technical expert at 678.218.1769.

By the DynaSis Team

With bad news about cybercrime appearing daily, many small and midsized business (SMB) owners may be wondering, “How vulnerable am I?” After all, most of the news accounts of data breaches and other attacks relate to major companies, governmental entities, and other very large targets.

Unfortunately, the reason SMBs aren’t making headlines is because they don’t make great news, not because they aren’t favored targets. A quick Internet search will turn up dozens of stories about the vulnerability of SMBs, as a group. In 2011, Symantec’s annual Internet Security Threat Report found that companies with fewer than 250 employees constituted 18 percent of targeted attacks. In the 2016 report, that figured had risen to 43 percent, with SMBs being the most heavily targeted group.

Why are SMBs so attractive? Major corporations have big security budgets, and they can afford to implement the latest techniques to protect their networks. Many have teams of security specialists whose primary tasks are to keep cybercriminals at bay. SMBs don’t have these types of resources, and hackers know that.

Nevertheless, the vulnerability of SMBs wouldn’t be enough, by itself, to make them targets. If hackers had to expend days, or even hours, finding and attacking a vulnerable SMB in exchange for a handful of proprietary information, they wouldn’t do it. Fortunately for the hackers, they don’t need to.

An entire ecosystem of cybercrime tools now exists, and many of them are freely available. Hackers have also learned they can turn groups of vulnerable systems into “botnets.” Here, multiple computing devices are interconnected and used to scan the Internet, looking for compromised websites to hijack, open corporate network connections to infiltrate, and other inadequately protected resources. Making matters worse, cybercriminals continue developing new attack tools and approaches, and even large organizations have a hard time keeping up.

For SMBs, becoming a victim at some point is a near certainty. In fact, most experts no longer counsel organizations that they can completely prevent a breach. Rather, the goal is to mitigate the damage when one happens.

Fortunately, it is neither expensive nor complicated to secure your firm and its resources and substantially reduce your odds of attack. It is also possible to implement automated mechanisms that will detect penetration and stop it, quickly. However, these tools are sophisticated and it is usually neither practical nor cost effective for in-house IT support teams to manage them.

For most SMBs, contracting with a managed services provider or an IT solutions firm is the most effective way of implementing and managing stringent IT security. However, not all IT consulting or IT support companies are created equal. Some are more security focused than others, with certified professionals and the latest technologies at their disposal.

To help organizations better understand cyber security and the considerations for hiring outside IT security assistance, DynaSis has developed two white papers: Cyber-Security 2016 and Managed IT Security. Both are complimentary downloads on our site. In future blogs, we will drill down into greater detail about cyber security, so stay tuned!

Selection of an IT outsourcing company is a very important business decision. For almost a quarter century, Atlanta’s small to mid-sized businesses have relied on DynaSis’ for managed IT services, internet security, and 24 x 7 x 365 helpdesk support. Today, with cybercrime becoming an ever-increasing threat, DynaSis has become an industry leader in network protection and ransomware prevention. Please take a tour through our website at www.DynaSis.com or speak with a technical expert at 678.218.1769.

The ROI of Outsourcing

By the DynaSis Team

If you are a small or midsized (SMB) business owner, how many times have you wondered, “Would it be less expensive to outsource a job rather than to retain staff in house?” For some functions, such as legal advice or trash collection, outsourcing is an obvious choice. For other roles, ranging from accounts receivable to marketing and beyond, the evaluation is more difficult.

A variety of “resource costing” tools, which SMB owners can use to calculate the hard costs of many functions, are available online (see one example, here). To arrive at a figure, most determine the time it takes an employee to perform relevant tasks and then multiply that number by the blended (pay plus benefits) rate for the job. Some include other factors that might be minimized or eliminated by using a professional (or an automated solution) to perform the work. These include the cost of space, supplies, and training, and even the cost of errors or other failures. Once the total cost is determined, SMB owners can compare it against the quote from a third-party provider to determine if there is any savings.

The problem with this approach is that it cannot account for benefits that are not quantifiable, nor can it project the gain or loss from things that do not happen. In our experience, nowhere are these intangibles more prevalent than with outsourced IT.

As a professional cloud and managed services provider, we sometimes hear from SMB decision makers that having in-house IT staff is less expensive than outsourcing IT services and IT support.

Invariably, the business leader is making his or her calculation based on hard costs, alone. They haven’t considered financial impacts that cannot be quantified or predicted. Consider these two examples:

• If a firm’s ecommerce website goes down at 2:00am and an employee doesn’t discover the problem and fix it until 9am the next morning, how much existing customer good will—or how many potential new customers—will the organization lose? Lost revenue can be calculated based on historical figures, but these other two factors are impossible to determine.
• If a sales pro wants to fine tune a proposal at 5am but the network is down and he cannot gain access to the corporate system before his 8am meeting, will the lack of last-minute polish impact the prospect’s opinion of the firm? Whether or not he lands the business, no one will ever know for sure.

With IT solutions, there are many such variables that firms should consider when determining the ROI of outsourcing. Following are just a few:

• Lost negotiating power from not proactively managing vendors.
• Added costs of hardware equipment failure for not planning staged upgrades.
• Reduced employee satisfaction and productivity caused by desktop computer problems.
• Lowered gross revenue (and productivity) from network outages.

Although highly competent, in-house IT professionals can minimize some of these issues, those workers  come at a high price. Furthermore, rarely can SMBs afford to keep their IT staffs fully updated on all certifications and training. As a result, most lack the know-how to deploy the automated monitoring and maintenance solutions proven to substantially reduce downtime compared to traditional IT approaches.

For some business functions, keeping the work in-house may be the most cost-effective approach. For many others, and especially for IT, outsourcing provides strategic business advantages that are beyond the reach of SMBs with in-house staffs. Increasingly, progressive SMB owners are recognizing the value of assigning critical functions to the experts.

For small to midsized business owners and executives who are concerned about managed IT support services and network threat protection, DynaSis is one company that has been at the forefront since 1992. In this ever evolving world of cybercrime, crypto virus and network access protection have become critical to every company’s security. DynaSis also provides 24 x 7 x 365 outsourced IT services, with its own trained staff for helpdesk, real-time monitoring and the DynaSis Business Cloud, for highly secure data storage and backup. You can find out more by calling us at 678.218.1769, or checking out our website at www.DynaSis.com.

[featured_image]

By the DynaSis Team

In today’s IT-driven business world, networks have become the arteries that keep information pumping through a company. Yet, the technology of the networks themselves—what makes them operate most efficiently—is still a mystery to most people who use them. The good news is that there are now monitoring tools that can tunnel through networks, pinpoint their issues and often resolve them without human involvement.

Unfortunately, many companies still don’t use them. A study of 547 US and European-based network and security operations professionals found that 45 percent of IT staffs monitor network and application performance manually, instead of implementing network monitoring tools. As a result:

• Seventy-seven percent accidentally reported incorrect information to management teams.
• Eighty-seven percent reported the cause of a network event they weren’t certain was accurate.
• Seventy-three percent had currently unresolved network events.

This isn’t surprising, because networks are incredibly complex. They are webs of network hardware—firewalls and routers, for example, connected to dozens (if not hundreds) of endpoint devices, from desktop PCs and tablets to printers.

Furthermore, network hardware has become so adept at resolving or bypassing conflicts and other glitches that a few problems might not cause an outage. The issues mount until an outage occurs, at which time IT support staff must unravel a tangled web.

Even the most dedicated IT services experts cannot manage the current generation of networks (and their systems) manually, which is why monitoring tools were developed. They are fast, efficient and inexpensive, and they work with virtually no load on the system. More important for network security, monitoring tools can pinpoint network dangers that are not technically faults, such as unauthorized devices operating on the network.

Minimizing System Slowdowns—and Outages

So, what do monitoring tools do to help with network stability? They identify and monitor all connections and their relevant information and activity. They can also automatically fix a variety of minor problems that impact network speeds—before they become major problems.

To help ensure business health, monitoring tools can identify issues that require manual intervention before they cause an outage. They provide ongoing alerts and reports that properly trained IT solutions professionals can act upon. Any number of elements can cause an outage or significant slowdown, from excessive connection attempts that might indicate malware is attempting to penetrate the corporate firewall to an improperly configured device that an employee slips onto the network. Some can be resolved automatically, but others require attention, and fast.

Of course, like any tool, monitoring tools are most helpful when they are used by a qualified professional. For this reason, business leaders often work with a managed services provider (also called a managed IT services firm)—even when they have an internal IT department—to deploy these tools and follow up on any issues they detect. Such assistance not only reduces the incidence of system downtime dramatically; it also has been proven to free business resources, fostering innovation and a greater competitive edge.

DynaSis has been Atlanta’s premier IT support services provider for more than 23 years. As an IT company working with small to midsized businesses (10 to 150+ users), DynaSis has developed a unique 12-layer approach to network threat protection, ransomware prevention and crypto virus threat elimination. The DynaSis Business Cloud functions through a highly secure environment with full real-time data backup. Please contact us at 678.218.1769 or visit our website at www.DynaSis.com.

[featured_image]

By the DynaSis Team

For many small and midsized business owners, cybersecurity is a maze with no apparent exit. Bad news arrives daily, and “recommended” or “best practices” solutions can differ from one IT solutions provider to the next. As a managed IT services firm that helps companies navigate this maze on a daily basis, we understand how confusing cybersecurity can be. Even so, that doesn’t mean business owners can afford to ignore the threat landscape and hope it will go away. It won’t.

Last week, we read the annual Data Breach Digest from Verizon, an incident report that identifies cyberattack trends. To pinpoint the trend lines, a team of investigators explored more than 500 cybersecurity incidents from 2015 and then analyzed them with data from the two previous years.

Some of the results were unsettling, to say the least.

• Human error is still responsible for a large percentage of data breaches (30% over the past three years). Among breaches caused by human error, phishing (spoofed emails or websites that look real, to which users respond and become infected) accounted for 72% of those breaches.
• Initial compromise is happening the same ways it has for a decade, including email, social media, and infected thumb (USB) drives.
• Perhaps most disturbing, the report found that 80% of all data breaches--even those not officially assigned to human error--involve exploitation of stolen, weak, default or easily guessable passwords.

Since the dawn of corporate computing, experts have been urging companies to require secure passwords—and to teach employees how to keep them safe. The fact that 80% of breaches involve compromised passwords surprised even us.

Human gullibility will never be eliminated, which is why cybercriminals rely upon it. However, organizations can teach employees how to recognize danger—and avoid giving into their gullible natures.

In addition, requiring strong passwords throughout the organization is one of the single easiest steps a business owner can take to secure his firm and its assets. Even if you don’t think you can afford an advanced threat detection and mitigation solution or don’t have the time to conduct a “safe IT practices” training session for personnel, it is business suicide not to enact and enforce a password policy.

If you do not have a password policy, we urge you to create one, now. Issue a memo about passwords with a deadline, and identify a trusted management or IT staffer to follow up and ensure compliance. To get workers excited, sponsor a contest, and offer a gift certificate or other perk to the person with the best password and the one that reaches compliance first.

To help you get started, here are a few pointers:

• Passwords must contain at least eight characters; 14 is even better.
• Passwords must not contain the user name or parts of the user’s full name, such as a first name.
• Passwords must use at least three of the four available character types: lowercase letters, uppercase letters, numbers and symbols.
• Passwords must be changed at least every 90 days, and personnel should receive a task reminder via email, calendar, etc. that won’t go away until they confirm completion.
• Passwords for company resources must not be shared with anyone—even other employees—not should they be transmitted to other devices via email or other method “for safekeeping” or any other reason.
• The firm should have a written, enforced policy that states failure to adhere to password guidelines may result in termination.

Many data storage solutions incorporate strict password policies, and a number of affordable security solutions police them. After you get everyone on board with password management, consider working with an IT consulting or IT support firm to adopt a technology-based enforcement mechanism. It will pay for itself, quickly.

DynaSis has been Atlanta’s premier IT support services provider for more than 23 years. As an IT company working with small to midsized businesses (10 to 150+ users), DynaSis has developed a unique 12-layer approach to network threat protection, ransomware prevention and crypto virus threat elimination. The DynaSis Business Cloud functions through a highly secure environment with full real-time data backup. Please contact us at 678.218.1769 or visit our website at www.DynaSis.com.

By the DynaSis Team

[featured_image]

IT consultants for many firms, whether they promote themselves as IT support companies or managed service providers, will tell you they are going to “monitor and manage” your systems and/or network. Others may say they specialize in “network and systems administration.” As a business owner seeking the most protection for your IT systems—and value for your investment—you likely wonder, what does this mean? Are all these types of services the same? How do they protect me and my company?

These are important questions you should ask of any current or prospective IT provider. To help you evaluate the answers you receive, here is some background.

From a generic perspective, network and system monitoring and management means keeping an eye on your network (and potentially its devices) and your servers or other IT hardware, to enable intervention before or after problems arise. Network and systems administration, generically, means the same thing, although some providers who “administer” do not “monitor.”

For a reactive IT solutions provider, this could mean looking at weekly or monthly logs (reports) of system “error codes” to see if anything might be going wrong. If the provider notes any obvious problems, they might notify the customer and ask if they want follow up (often for an additional fee). Alternately, they might not report the aberration but instead will note it, in case problems occur down the road. Neither of these approaches is cost effective in the long-run, and they also don’t promote system stability.

A proactive managed IT services firm, on the other hand, will likely provide remote monitoring. The service will scan the network and systems for problems, analyzing traffic and other information using advanced processes to identify signs of impending trouble. It will also create alerts for changing conditions, such as the need for system updates. The IT provider’s staff will have access to real-time performance data and can intervene to troubleshoot, respond to alerts and more, which helps to avert serious trouble before it occurs. (We call this issue avoidance.)

Proactive versus reactive IT service is an important distinction, as the examples above show. Some IT providers follow what we call a “break-fix” model—“If it breaks, we will come fix it.” Firms like this are at the far end of the reactive spectrum. They rarely have the ability to perform any automated monitoring or proactive troubleshooting and issue avoidance. Providers such as these may try to minimize the value of proactive services, asserting they are not worth the expense. Some will even mislead potential customers with obscure service descriptions.

In our experience, proactive network and system monitoring can dramatically increase system uptime, more than paying for itself in productivity gains. For small and midsized businesses hoping to grow and thrive, it provides another benefit. Per a study conducted by IT automation firm Kaseya, using remote, automated monitoring tools for both routine tasks and problem avoidance enables personnel to spend more time on strategic projects that drive productivity—and the success of the business.

DynaSis has been providing managed IT support services to Metro Atlanta’s small to midsized businesses since 1992. We provide Availability – making sure your network is up and running; Mobility – allowing your employees world-wide access to your network; and Security – as an Internet security company, we resolve “issues” before they grow into problems. If you want to learn more, please visit www.DynaSis.com, or call us at 678.218.1769.

By the DynaSis Team

When we speak with companies for the first time, one activity we always suggest is an IT Assessment. Unless a firm has recently had an assessment—or is so well organized and disciplined that it’s systems and network are always up to date and running at peak condition—an IT Assessment can be an instrumental planning tool.

Yet, some business leaders don’t understand the value of an IT Assessment, or they are worried it will be too disruptive to their business. Others are concerned that the true purpose of the assessment is to sell them expensive upgrades they cannot afford.

If you have refused an offer of an IT Assessment for these or other reasons, and you have never experienced the benefits of an IT assessment, we hope you will read this article. In the rapidly evolving world of technology, firms simply cannot decide where they want to go, and then plan to go there in a cost-effective, practical fashion, until they have had an IT Assessment.

Many companies work with technology every day without any idea of the condition of their IT networks and whether their systems are functioning at an optimal, or even an acceptable level. Most do not fully know what IT assets (hardware and software) are in use. Without this information, a business decision maker cannot possibly prioritize and manage the technology initiatives that minimize downtime, security holes and other operating problems. An IT Assessment provides exactly the insight and visibility that organizations need to gain this knowledge and prepare for a brighter technology future.

As was pointed out in a recent article on IT complexity and reliability (an interesting, if fairly high-level read): “Since it is impossible to avoid failures in IT systems, modern IT operations strive to minimize the impact of failure by increasing the responsiveness of systems (i.e. automatic failover) and people (i.e. incident response) when problems arise.”

There is no better way to start the process of increasing system responsiveness, and to gain beneficial insight into the problems that affect people (and are caused by them), than with an IT Assessment. Best of all, the most proficient Managed IT Service providers can conduct an IT assessment with minimal disruption to the workforce or corporate operations. Much of the information gathering can be handled by running an assessment tool that only collects system and inventory information and does not collect any company data, causing little to no system impact.

DynaSis recently released a white paper entitled “The Value of an IT Assessment.” It offers more information on how organizations benefit from IT Assessments and details what they should expect when they engage in them. We invite you to read it at your convenience.

DynaSis has been providing managed IT support services to Metro Atlanta’s small to midsized businesses since 1992. We provide Availability—making sure your network is up and running; Mobility— allowing your employees world-wide access to your network; and Security—as an Internet security company, we resolve “issues” before they grow into problems. If you want to learn more, please visit www.DynaSis.com, or call us at 678.218.1769.

[featured_image]

By the DynaSis Team

In Greek mythology, Pandora was a woman who accidentally unleashed all the ills of the world because she couldn’t resist opening the box that was holding them captive. For small and medium-sized businesses (SMBs), administrative access at the user level―letting untrained employees have full access to their desktop and potentially the company’s IT systems at the administrative level―is the Pandora’s Box of technology. Making matters worse, many employees don’t even know they have access to the box, so they open it unwittingly.

Here’s how this happens. Windows automatically configures the default user account as an Administrator. A Windows Administrator account is an unrestricted account that can make system-wide changes to the computer with no additional authorization or privileges.

SMBs that install new PCs for their personnel, or allow them to work from any PC or mobile device outside their scope of control, may unknowingly empower these individuals with Administrator access. Administrative accounts provide a direct pathway to root (hidden, low-level operating) settings and other built-in mechanisms for making any system change―not just beneficial ones.

If cyberattackers get access to a PC with an Administrator account, perhaps through a phishing email, infected site or other mechanism, they can then execute scripts, launch exploit kits (malicious toolkits that exploit security holes) and perform other actions at the root level. Many, if not most, actions running at this level will not alert the user, so destructive activities can continue, unchecked, potentially for the life of the PC.

If a device with Administrator privileges is authenticated to connect to the company network, the cyberattackers can easily penetrate the network, as well, potentially taking over the entire network for use as a bot (a form of automated attendant) to spread more phishing messages, stealing data, and infecting other connected devices automatically and decisively.

For every PC on the network, unless a user or an IT pro intentionally sets up a user account without administrative privileges, this can occur. This is a crucial, but often overlooked, step in securing any corporate defenses. Making matters worse, many “IT-aware” (but not IT-trained) business owners and employees have heard that the hidden Administrator account built into the Windows OS is disabled by default due to security concerns. This measure, in place since Windows Vista, was an important, needed change but it does not provide any protection for the default Administrator account at the user level.

Administrator-level users (called superusers in the IT world) are a primary mechanism for infection among SMBs. Given that the rate of targeted attacks against SMBs has more than doubled since 2011, and the ratio of data breaches to company size is 15 times higher for SMBs than for larger firms, the default Administrator account is something every SMB should address as soon as possible. To learn more about cyber security or discuss scheduling a security assessment to determine your level of risk, please give us a call.