Search Results
5 items found for ""
- Computer Repair in Las Cruces
What do you look for in a professional computer technician? Many today agree that IT Technicians need to balance technical knowledge as well as the ability to effectively communicate to their clients in a simple manner. We know that customers computer needs range from relatively simple fixes to multiple day projects. Whether you have hired a computer company in the past or are looking to make a switch, here are some important topics to consider when choosing your IT guy! A good IT company can be hard to find... but not impossible! We are confident that our computer repair services are a perfect fit your your business in Las Cruces. But if you are still on the fence here are some things to consider: Hopefully we were able to help clarify the importance of choosing a professional and reputable company for your computer repair services. We help dozens of businesses in the Las Cruces area to manage their networks and devices. Additionally we offer some adjacent services that our customers have grown to love. This includes: cabling, network engineering, security camera installation, business phone setup and installation. If you are in need of any of these services please don't hesitate to schedule a site survey/ free consultation. Don't just look to hire the cheapest IT company in town, make sure you hire the BEST in Las Cruces! * Note: Our company offers services for existing and new commercial clients only. If you are seeking residential computer support we recommend searching the following on google: "Computer Repair in Las Cruces" or "Laptop/Desktop Repair in Las Cruces"
- Employee Training is Critical to Security
As a business grows, so does its network security requirements. Most threat actors know that employees oftentimes are the weakest link in today's modern office. How do you keep your employees from being compromised and opening up attacks on your business data? Employee Training is CRITICAL. Let's explore some reasons why. Basic Education in Risk Management An employee’s knowledge of computer systems can range widely, especially if your industry is not IT related by nature. This does not mean that you shouldn’t spend some time educating your staff on the importance of following guiding principles for the company. You can find many resources for example the National Initiative for CyberSecurity Careers and Studies (NICCS) has made their Federal Virtual Training Environment (FedVTE) free to the public! (Link: https://niccs.cisa.gov/education-training/federal-virtual-training-environment-fedvte). Frequency of Training Typically, the industry standard for cybersecurity awareness training is 4-6 months. This allows you to reinforce company policies and help with employee retention of material. We recommend that you spend some time during the onboarding process of new employees to provide some training right out of the gate. CyberSecurity training is also a great topic to add in your weekly team meetings (if applicable). Citation: https://www.isaca.org/resources/isaca-journal/issues/2023/volume-2/considerations-for-developing-cybersecurity-awareness-training Practical Steps Having your employees follow company security policies is only as effective as the quality of the policies themselves. Here’s some great jumping off points to consider when crafting yours: · Password Complexity · Spotting Phishing Attempts · Common Vulnerabilities in the workplace · Social Engineering Awareness · Malware – Definition & How to spot · Ransomware Remediation · Email Security · Incident Response · Device Protection · Data Protection · Prohibit Unauthorized Software Take-Always Your company data is extremely valuable. Running with a principle of least privilege (LINK: https://en.wikipedia.org/wiki/Principle_of_least_privilege) will allow you to make sure that only authorized users have access to the data they require. Nothing more. We hope this article helps you to consider the importance of cybersecurity in the workplace. OnPoint Computer Solutions values our customers cybersecurity. We have been providing Managed IT Services in Las Cruces to our clients for decades. Find out how we can help manage your network and help train your employees to stay safe while online. If you have mission critical data that you can't afford to lose than this is for you! Give us a call! (575) 222-4900 RESOURCES: https://www.cisa.gov/sites/default/files/publications/Cybersecurity%2520Workforce%2520Training%2520Guide%25207.28.21%2520508c.pdf
- IoT Risks and Mitigation Strategies
IoT or Internet of Things refers to the smart devices/appliances that we are beginning to see more and more. While these devices certainly can bring a measure of convenience and enjoyment, they do carry some inherent risks. Let’s explore how these devices can be exploited, and how you can mitigate your risk if you choose to deploy IoT devices. IoT Overview IoT devices are everywhere. They can be found in refrigerators, watches/health trackers, smart home/business security systems and even in refrigerators. Some people are completely open to the convenience these devices bring while others are terrified at the pace these devices are encroaching on our lives. Securing IoT Most IoT do not contain the latest and greatest from a security standpoint. IoT devices can collect a lot of sensitive information about its users. For example, this could be Personally Identifiable Information (PII), Financial Data, Health Data and more. Hackers can exploit these devices and even use the devices themselves to carry out malicious activities without you even knowing it. That being said we recommend you secure your networks by: Back up your data. Setup IoT devices with long and complex passwords. Make sure your anti-malware/anti-virus is installed and monitoring for suspicious activity. Secure your Access Point/Router/Modem/Gateway (See our blog "Securing your WiFi"). Some IoT devices require firmware updates. If this is the case make sure you are running the latest firmware as this usually contains security updates. Use the most secure WiFi standard you can with your device and deploy network segmentation to separate vulnerable IoT devices on their own network. (See our blog "Securing your WiFi"). Use MFA. This is an important step to make sure unauthorized individuals don’t access your account. Cheaper does not always mean better. Oftentimes to cut costs, some manufacturers forgo safety standards when building cheaper quality similar products. This may save you a couple bucks now, but may end up costing your entire businesses if you’re not careful. Deploy good quality Firewalls & Routers. These devices can monitor activity on your network and protect you from suspicious network activity and even block unwanted traffic altogether. Definitely a plus when considering security for your location. Decide not to use IoT. Yes, this is the most effective way to mitigate IoT attacks. While you may not have as many conveniences by summoning your favorite “smart assistant” to order you 12 more boxes of cookies for the break room, you may just sleep better at night knowing you don’t have to worry about potential IoT exploits. By following these mitigation strategies, you can significantly reduce the risks associated with IoT devices and ensure the security of your connected devices and data. It is important to stay informed about the evolving landscape of IoT security and be proactive in implementing necessary security measures. OnPoint
- Out "Phishing"- Protect your business from phishing attacks
Phishing is the act of sending emails, calls or other communications with the intent of retrieving unauthorized information while posing as a reputable source. Put simply, phishing is when you pretend to be someone you’re not to get access to something you’re not supposed to have. Read more to find out how to protect yourself from this common attack. Phishing Overview Phishing is very serious since it can lead to financial loss and even identity theft. Phishing is one form of social engineering that threat actors deploy to get unauthorized access to information or even credentials that open a path to further exploitation. Taking time to identify and train staff is an important step to mitigate this risk. Types of “Phishermen” Just like fishermen, phishers hope that you (potential fish/phish) will be hooked by a convincing email or chat. Here are some types of phishing attacks seen today: (Click to expand each section) How to avoid Phishing Attempts Fear not, it’s possible to protect yourself from these types of attacks, and even spot them in the wild once you know what to look for. It’s strongly advised to train all your employees of the potential dangers of phishing attacks (See Blog “Employee Training Critical to Security”). Additionally, we recommend looking out for the following: Check all incoming attachments and links in every piece of communication. Even if its in an ongoing thread. Make sure to verify all senders/recipients are correct and you know who you are communicating with. Be careful with all requests for personally identifiable information (PII), or financial information. Be careful with all links. Especially short links that may be used to disguise the final destination URL. Images, Attachments & unauthorized software that once downloaded/deployed can potentially compromise your network. Sense of urgency or time constraints Threats if you do not comply Unrealistic Scenarios In short, if it seems FISHY it's probably PHISHY. Utilization of some common tools and software can greatly help mitigate the risk of getting phished. Make sure to use tools such as spam filters for email, Multi-Factor Authentication (MFA), Antivirus/Anti-malware, etc. We hope this information helps you see how to protect yourself and your company from phishing attacks. Remember to think before you click! OnPoint REFERENCES: https://www.ibm.com/topics/phishing https://www.phishing.org/what-is-phishing https://www.cisco.com/c/en/us/products/security/email-security/what-is-phishing.html
- Securing your WiFi - Common Best Practices
WiFi is a common technology found is many small-large businesses. Over the years many vulnerabilities have been exploited by threat actors to sabotage company data and infrastructure. This has caused much grief for business owners. So if you deploy WiFi on your business network, how secure is it? What is WiFi WiFi (Wireless Fidelity) is a common networking technology made popular for its simplicity of use and wide range of compatibility for wireless devices. It allows our wireless enabled devices to access the internet. Many companies decide to include an Access Point (AP) in their business network to connect anything from work laptops, desktops, printers, tablets, etc. If you have WiFi deployed at your business we’d like to share some great tips on securing your network. Steps to securing your WiFi network: 1. Make sure your router is in a safe location Individuals seeking to do harm on your network may be able to patch in simply due router misplacement. Always choose a more secure location rather than convenient (For example: Add your router in a network closet/rack instead of by the front door left unattended.) 2. Use strong passwords on your networking gear Believe it or not using the default credentials on networking gear is more commonplace than you would think. Not only are these passwords typically not very complex, but also everyone else deploying similar hardware may have the exact same password (Example User=Admin Password=Pa$$word!). Hackers know these simple default passwords as well. It’s a simple yet crucial step to replace these passwords with ones that are as long and complex as you can make them. 3. Update your gear often Many routers and firewalls have automatic updates turned off by default. These updates can carry vital security updates and crucial firmware fixes. Even if you enable automatic updates on these components, make sure you are checking frequently that auto-update is enabled and the firmware is the most recent version. Of course, if your network is managed by IT Administrators, make sure to check with them first. 4. Use Secure WiFi Standards Many modern routers allow for modern security encryption. Encryption is the step where plain text is converted (encrypted) so that people cannot easily see what you are doing on your device. Typically using the latest WiFi encryption standards is the best way to go since each next iteration usually contains huge security benefits. Usually, you will see options such as: WEP->WPA->WPA2->WPA3. As WiFi advances, so does its security. At the time of this article being written WPA 3, despite not being completely impervious to threats, is widely considered the most secure wireless protocol available today. 5. Separate Devices on your network Some modern routers have the ability to separate or segment your network. This means having the ability to create separate networks for different devices. Some common ways to use this technology is if you have any Smart Devices, assistants or appliances connect to a “Smart Appliance” network which is separate from, say “Accounting” or “Administrators”. One benefit to doing this is in the event of a breach for example on the smart appliance, its much harder for the attacker to easily see your other devices on your other segmented networks, and provides ample time for you to address the security breach. 6. Wireless Configuration Make sure to spend some time setting up your network and network name (SSID). One common security flaw happens when companies use sensitive information in the network name. Remember this is usually able to be seen by any WiFi enabled device. Never have any elements of your company passwords included inside your networks name. Unfortunately, this is more common than you might think. 7. Use a Guest Network Similar to network segmentation, if your company provides internet access to customers or the public, make sure to use a separate guest network. This helps segment network traffic away from internal devices and workstations. These steps are a great way to begin hardening your network to thwart potential attackers from infiltrating company data. We recommend always keeping yourself up to date with the latest in WiFi technologies to help keep your business safe. OnPoint Computer Solutions References: https://vectorsecuritynetworks.com/7-ways-to-secure-your-business-wi-fi-network/