Computerease

GET A QUOTE
The 3 Critical Reasons To Only Buy A VoIP Phone System From An IT Company

The 3 Critical Reasons To Only Buy A VoIP Phone System From An IT Company

Why would the owner of an IT company write an article telling you only to buy a VoIP phone system from an IT company? The motivation behind writing this article is NOT to help me sell more VoIP phone systems.  Recently, we had a single week where 3 client’s networks were negatively impacted by the repercussions of VOIP providers making changes or installing new phone systems. My team has been called in many times to correct issues caused by a VoIP phone company after they tried to install a VoIP phone system which they sold to our client. These problems were caused by inexperienced phone technicians trying to make their VOIP phone system work.  In this article, I’ll share one VoIP installation nightmare with you and also detail the exact reasons why it’s in your best interests to only buy a VoIP phone system from an IT company with extensive networking experience. What is a VoIP? VoIP stands for Voice Over Internet Protocol which is a relatively new networking technology used for voice communications. Each VoIP phone is a network device that operates within your computer network alongside all of your other network devices including your firewall, switches, server and computers. Phones and networking technology have converged and the knowledge required to install and support VoIP phone systems is now about 85% networking and 15% phones. Almost every phone system made and sold today is a VoIP phone system and the traditional phone system companies have been thrust into the world of networking and VoIP.  Traditional phone system companies were experts in installing legacy phone systems, which were isolated systems with their own separate wiring.  However, today’s VOIP systems require complicated network configurations which must co-exist with the client’s computer network.  Given their lack of network and IT skills traditional phone system companies are now in well over their heads trying to integrate their VOIP phones with your computer network. A VoIP Installation Nightmare The first sign of trouble for one of my clients was when they called us saying that their VPN’s weren’t working. When we researched the problem, we discovered that we couldn’t communicate with the firewall on their network.  When we asked the client to power cycle their firewall they discovered that there was a different firewall in place.  About an hour earlier, the client had a new VoIP phone system installed by a VoIP phone company who switched out my client’s firewall with a lower quality non-security firewall without telling anyone.  It should be noted that before installing the VoIP phone system, this VoIP company told my client that they wouldn’t change anything with the network. So, the installation technician either was ignorant of the ramifications of removing their firewall or grossly negligent for removing my client’s firewall to suit his phone system’s needs without the client’s permission.  Either way, removing the clients firewall without permission was astonishingly brazen and dangerous to our client as it removed all of the security which was provided by their newly removed firewall.  And, all of the other functionality of the firewall, such as the VPN, were also lost.  This was a major disruption to our client’s business just because the phone system vendor wanted to install a firewall that they could make work with their phone system. Here’s the three reasons to choose an IT company over a VoIP phone company to recommend, install and support your new VoIP phone system. VoIP phone systems require specific network configurations One of the biggest reasons for VoIP failure, poor sound quality and dropped calls is that the VoIP phone system is not configured properly to take into account your company’s firewall, routers, network traffic or internet speed. Managing the traffic for VoIP phones can also require creating a VLAN which is a more advanced networking concept. Phone vendors simply don’t understand many details like this because there’s no requirement that they know advanced networking skills. They’ve always sold phones and they still sell phones, but now the VoIP phones are completely different. Improper installation causes VoIP and network issues When it comes to installing a VoIP phone system a VoIP phone company will install with the singular goal of making their phones work. They will ignore the client’s more advanced networking settings and install their phone system the way that they think is best. On the other hand, when an IT company installs a VoIP phone system, they know the intricacies of the network and install and configure the VoIP phones within the network to have ALL the network devices work, not just the phones. The worst offense by a VoIP phone company is after they install the VoIP phones and discover that they don’t work as promised in the business’s specific network environment, they blame the problems on the client’s network. Ironically, the issues are generally caused because the VOIP phone company doesn’t understand networking.  This generally leads them to contact the actual VOIP provider who will then work with the client’s IT Company to actually configure the network properly.  The introduction of this third vendor is the “Bermuda Triangle Of VoIP Phone Support.” Maintain the integrity and security of your network Installing and supporting a computer network today is very complicated compared to 10-15 years ago. Your computer network is the backbone of your business and having a properly functioning network not only keeps your team and business productive but it also protects your company’s data and client information from cyberattacks and other malicious cyberthreats. Your firewall, switches, VPN’s, server and computers are all configured in a very specific way and advanced networking knowledge is required to correctly add a new network device such as a VoIP phone. Additionally, the security risks introduced by incorrect network settings could be disastrous. If you are considering replacing your phone system with a new VOIP system be sure that the VOIP phone company you choose will at the very least work closely with your IT provider.  Ideally, you will purchase your VOIP phone system from

Read More
Technology & Remote Work Expand Business Owner’s Options During Hiring Shortage

Technology & Remote Work Expand Business Owner’s Options During Hiring Shortage

For the first time since January 2020, the number of job openings exceeds the number of job seekers. As of July 2021, there are over 10 million job openings but only around 8.4 million unemployed people actively looking for work. We’re in the middle of a hiring shortage, and it’s a job seeker’s market. Business owners are feeling the pressure of not being able to find people they need. Industries are affected differently, but no one is immune to feeling the pains of this hiring shortage. Savvy business owners and managers are thinking outside the box and realizing the numerous advantages that remote team members represent. There are several advantages for a business when considering having remote workers as part of the team. Out of all the job openings you currently have in your business, how many can be performed remotely? Have you fully considered the benefits of adding remote workers to your team? Benefits of Embracing Remote Workers Larger Pool of Applicants When you’re looking for the right person, it’s a benefit to cast your net into an ocean of people instead of a small pond. When you open your job search to include remote workers, you’ve automatically increased the number of applicants who will apply, making it more likely that you will find the right person to add to your team. Specialized Knowledge Are you looking for specific experience or specialized skills with your open position?  Casting a wide net to a much larger pool of possible candidates is sure to yield a much larger response of applicants who have the specific skills your position needs. Less Overhead Cost For each team member that you add to your onsite team you will need more office space.  And, as we know, office space can be extremely expensive.  Large and small companies have found that they can realize significant cost savings by reducing the amount of office space required when their team members work remotely. With today’s competitive market, you need to make strategic decisions for hiring and technology. This gives you an edge over the competition when adding new people to your team. The smallest decisions for your technology can make a huge difference in how your team functions in a hybrid or remote work setting. Thankfully there is a lot more technology available that can make it seem like a remote employee is just down the hall in their own office. These technologies include: Zoom or other video-based collaboration tools Cloud-based VoIP phone systems Microsoft Teams – cloud-based collaboration Cloud-based email – Microsoft 365 Cloud-based file sharing – OneDrive, SharePoint I haven’t shared any new or earth-shattering information in this article. You’ve likely read similar advice in many other places, especially after the rush to remote work environments with the pandemic. The technology solutions that allow remote workers to be as productive (if not more efficient) than office workers have been around for a few years. Many of our clients have embraced the remote-working trend which was catapulted to the forefront during the beginning of the pandemic. At first, many of our clients sent employees who worked in the office home strictly for health reasons.  Now, many employees are back in the office, but some have made the permanent switch to remote work.  One of our clients saved over $10,000 per month in rent with a smaller office for only a few people after transitioning their team of 25 to a mostly remote work environment. The strategic use of technology can help not only streamline your operations but enable an environment where remote work can solve many other business challenges.  We are well versed in all of the technologies necessary to enable your business or organization to strategically leverage the new remote work phenomenon.  If you would like to explore the possibility of adding remote members to your team we can provide all of the technology solutions to allow for efficient remote work.

Read More
How One Compromised Password Caused Colonial Pipeline’s Shutdown From Ransomware

How One Compromised Password Caused Colonial Pipeline’s Shutdown From Ransomware

Colonial Pipeline, a company with a 2020 annual revenue of $1.32 billion, fell victim to a ransomware attack from a single compromised password. Despite spending $200 million over the past 5 years on total IT costs (including cybersecurity), the cybersecurity protections in place fell short and left the company vulnerable for a cyberattack. This article will explain two aspects of cybersecurity, multi-factor authentication and the dark web, that played a role in Colonial Pipeline’s ransomware attack. The aftershock of this ransomware attack reverberated through the southeast part of the country, shutting down a main gas supply line for the entire east coast. There were runs on gas stations causing shortages, and increased prices. When a cyberattack happens, it’s not just the company that feels the effects. Colonial Pipeline faces investigations, fines, lawsuits, reputational damage, lost revenue, and immense financial losses. This cyberattack is a national crisis! All this damage was caused by a single compromised password. Colonial Pipeline Chief Executive, Joseph Blount stated in his testimony to a U.S. Senate committee, “It was a complicated password, I want to be clear on that. It was not a Colonial123-type password.” Security experts don’t know the exact way the Colonial Pipeline password was compromised. However, most compromised passwords are easily accessible on the dark web, a black market for stolen credentials. What exactly is the dark web? The dark web is a portion of the internet that is only accessible to the most advanced internet users. There are some legitimate parts of the dark web, but the majority is illicit activity. You can purchase passwords for corporations, social media platforms, bank accounts, and any website needing a password. Credit card numbers, drugs, guns, and counterfeit money can also be purchased. It’s also possible to hire hackers or purchase a ransomware virus to attack a computer or network yourself. For a hacker, there’s endless possibilities with information available on the dark web. In the case of Colonial Pipeline, once they got hold of the compromised password, there was nothing holding them back. Multi-Factor Authentication Could’ve Stopped The Attack Once hackers got their hands on a compromised password for Colonial Pipeline’s system, they had unlimited access. The password was used for a legacy VPN (virtual private network) system that allows remote access to a computer or network. In the IT world “legacy” means an older version of a system that’s not been upgraded. In the case of this legacy VPN system, the only access required was through a password. Updated VPN systems operate with multi-factor authentication, an industry-recommended cybersecurity measure. In multi-factor authentication, another step is involved to be able to access a system. Typically, a cell phone text message code, key fob, or authentication app is used as the second layer of security. A person accessing a system with multi-factor authentication enabled needs BOTH the correct password, and the correct code from another source. Large Corporations and Small Businesses Face The Same Cybersecurity Risks There’s many differences between a large corporation like Colonial Pipeline and your business when it comes to cybersecurity. Colonial Pipeline has access to more financial resources and there was a nationwide impact from them shutting down. Government agencies sprang into action to come to their aid. If and when you are faced with a ransomware attack, you might have some support from local law enforcement however, you won’t have the same support from the FBI like Colonial Pipeline. Unfortunately, your business is equally at risk for hackers. Artificial intelligence and bots have multiplied threats previously perpetuated by individual hackers. Cyberattacks are systemized and prolific, meaning that every single computer and network is at risk. Hacking rings like Darkside are motivated by the huge rewards and financial gains from cyberattacks. It’s a VERY profitable business! Some business owners aren’t sure about where to start for cybersecurity. It can be overwhelming to think about all the different vulnerabilities facing your business, so they just push it off. Colonial Pipeline pushed off implementing a multi-factor authentication security step for their legacy VPN system. The first step to improving your cybersecurity strategy for your business is to get a baseline for your existing vulnerabilities. We offer free dark web scans for our clients to determine if any of their passwords are for sale on the dark web, so that they can be changed ASAP. Also, we offer free cybersecurity awareness training for our client’s employees so that they can be aware of risks of a cyberattack. As an owner of a 2nd generation family-owned business, I’m dedicated to helping entrepreneurs protect everything they’ve built. I’m offering a free dark web scan and cybersecurity awareness training to any business owner who wants to take a step towards protecting their business. It’s incredibly important for all business owners to learn lessons in cybersecurity from scary stories like the Colonial Pipeline hack.

Read More
Breakdown Of An Almost-Disastrous, Highly Targeted Email Phishing Attack

Breakdown Of An Almost-Disastrous, Highly Targeted Email Phishing Attack

It’s most common to hear stories about businesses falling victim to a cyberattack and the devastating aftermath involved. This is a different type of story. It’s a detailed account of how a proactive cybersecurity solution, email SPAM filtering, saved the day for one of our clients targeted by an email phishing attack. Here’s the details of how it all worked. Hacked email at a vendor: A hacker breached the email account of one employee at vendor of our client (our client’s email was not breached).  We’ll refer to this vendor employee as Employee A. The hacker read through many different emails in Employee A’s account and determined which contacts would be most valuable to target. Hacker studied emails looking for his victims: Then, the hacker took time to carefully craft emails to Employee A’s key contacts that would be the most lucrative. This list included one of our client’s employees, we’ll refer to this person as Employee B. It’s important to realize that Employee A and Employee B have a long-standing history of working together and corresponding mostly by email about important matters regarding finances and employee data. Hacker carefully writes a phishing email: With a simple search of the compromised vendor email account for Employee A, the hacker knows the language and topics commonly emailed between vendor Employee A and our client Employee B. Since the hacker has access to the complete email history between these two individuals, writing a convincing email is very easy.  The only real difference between a legitimate email and the hacker’s version is one link. The hacker replaces a single link within the email from Employee A to Employee B with a malicious link.  The goal of the hacker’s email to Employee B is to convince Employee B to click on the malicious link, thereby infecting Employee B’s computer. Target is tricked by phishing email:  Because the hacker has control of Employee A’s email mailbox on an otherwise legitimate, trusted and spam-free email domain, the hackers email passes the initial spam filter tests for legitimacy and is delivered.  Employee B received the fake phishing email sent by the hacker, and because of their relationship with the now hacked Employee A, clicked on the malicious link. Why not, right? There were no red flags for Employee B. Employee A is a trusted and known person that sends regular emails. This most recent email was seemingly just another typical business email. This is exactly what makes this type of email so incredibly dangerous! Target clicks on link in phishing email: Employee B clicked the link in the email. Here’s the message Employee B saw on her screen after clicking the malicious link. SPAM email filter catches malicious link, disaster avoided: Employee B called us because she thought there was a problem and she needed to get the information in the malicious email from Employee A. We quickly looked into her problem and we were surprised with what we found. We realized that the link and email sent to Employee B at our client’s office was a highly targeted phishing email. Then, we celebrated when we realized that our email SPAM filter had worked exactly as designed to prevent disaster! Hacking activities discovered: We advised Employee B that this was in fact a fake phishing email and that the link was malicious. A short while later, Employee B received a call from the vendor and Employee A stating that her email account had been hacked. The hacker had been sending out fake phishing emails for at least a few hours, including the one sent to Employee B at my client’s office. Here’s what could’ve happened: Luckily for our client, we do have a number of other security layers in place which are designed to stop these types of infections.  Normally, the combination of these other layers is highly effective and likely the clients attempt to click on the malicious email link would have been blocked by their firewall, DNS filter or our advanced endpoint protection platform.  However, cybersecurity is a cat and mouse game of sorts.  Hackers just need to find one way to get their foot in the door, and if they do it can be game over for the hacker’s victim. For a company which is not properly protected, as our client was, this situation would likely have ended very badly.  They could have been compromised with ransomware which locked their entire computer or company network.  They could have banking credentials stolen which could lead to tens or hundreds of thousands of dollars being siphoned from their business bank accounts.  If they were in the healthcare industry, they could have had patient data stolen and been subject to significant government fines.  These are just a sampling of what could have happened if a client was not using the types of security measures that we recommend. If you are not confident that your business or organization is secure from cyber thieves, contact us for a free security assessment.

Read More

Contact Us Today To
Schedule Your Discovery Call