Centrend

Author name: Mary Ann Velasco

The CrowdStrike Outage: How To Avoid A Future IT Crisis

When 8.5 million Windows devices, including those at airlines, banks and hospitals, suddenly displayed the “Blue Screen of Death,” people began to panic. “We are under a cyber-attack!” most speculated. Fortunately, that was not the case, but the real reason behind the outage is alarming and something every business owner should be concerned about. So, What Happened? On July 19, 2024, millions of Windows devices crashed, triggering an endless reboot cycle and an unresolvable blue screen. This issue caused massive global disruptions. Airlines had to ground flights, leaving thousands of passengers stranded in airports and unable to book new routes home. Electronic health record software was knocked offline, forcing providers to cancel or delay nonemergency procedures, surgeries and medical visits. Several major banks also went offline, leaving customers unable to access their accounts. These were just some of the significant issues caused by what is now labeled the largest IT outage in history. Almost brings back those Y2K fears, doesn’t it? If It Wasn’t A Cyber-Attack, What Caused It? Many worried that the outage was due to a cybersecurity attack, but the source of the problem was a botched software update from CrowdStrike, a leading cybersecurity company. The team behind their endpoint detection and response (EDR) platform, Falcon, configured what should have been a routine sensor update. This update, specifically for Microsoft Windows, unknowingly had a flaw, and due to its tight integration with Windows OS, it resulted in widespread system crashes when it was pushed through. How could a multibillion-dollar organization release an update with such a serious flaw? Representatives for the company later explained that it was due to a gap in their testing software. The issue stemmed from a flaw in the content validator tool, which failed to detect the problem in the update, leading engineers to believe everything was ready for release. As a result, the update forced Windows systems to enter an endless reboot cycle, displaying the infamous Blue Screen of Death. As the situation unfolded, CrowdStrike immediately acted to fix the issue, but the damage was already done. Reports from insurers now estimate the outage will cost US Fortune 500 companies upward of $5.4 billion. Why Should This Concern You? This event reinforces how integrated technology is in our lives and underscores the significant impact a single software flaw can have on global IT infrastructure. When it comes to your company’s technology management, there is no substitute for having three things: Don’t wait until you’re hit with a crisis to take action. Ensure your business is prepared by partnering with an experienced IT team. We offer a FREE, no-obligation Network Assessment where our team of experts will evaluate your current systems, identify potential vulnerabilities and develop a comprehensive plan to safeguard your business against future outages. Your company’s security and continuity depend on it. Call us at 774-421-8600 or click here to book your FREE Network Assessment today!

The CrowdStrike Outage: How To Avoid A Future IT Crisis Read More »

The Hidden Dangers Of Shortcuts In IT Security

The National Cancer Institute in Maryland recently analyzed data from three major US health studies that gathered information on people’s daily multivitamin use. They discovered that people who took daily multivitamins had a 4% higher mortality rate than those who didn’t. This surprising result echoes a scene from the movie Grumpy Old Men, where a character explains that, despite never exercising and having unhealthy habits, he has outlived many who followed strict health regimens. This highlights a crucial point: shortcuts to achieving meaningful, difficult goals often backfire. In various aspects of life, including diet, we see that seemingly easy solutions can lead to significant problems. For example, “fat-free” or “sugar-free” labels might encourage overconsumption, negating their benefits. The Atkins diet, promising easy weight loss by avoiding carbs, led to various health issues due to an imbalanced intake. Similarly, weight-loss drugs like Ozempic have resulted in serious health complications, reminding us of the dangers of quick fixes, like Fen-Phen in the 1990s. In the IT world, shortcuts are equally perilous. Many businesses attempt to meet compliance requirements or protect themselves from data breaches by taking the easiest, cheapest routes. It’s a common mistake to rely on free antivirus or firewall software found through a quick search, underestimating the risks. Small businesses often believe they are too insignificant to be targeted, but cybercriminals target precisely these businesses, knowing they are less likely to have robust protections in place. Another frequent error is entrusting IT management to an acquaintance or someone with basic tech knowledge but lacking professional expertise. When businesses upgrade to professional IT services, numerous inefficiencies and vulnerabilities are typically discovered. The issue is not the intent but the lack of necessary skills and resources, which significantly increases risk. Not all shortcuts are detrimental, though. Entrusting IT matters to an experienced managed services provider can be the optimal “easy button.” By partnering with professionals who understand your industry and its specific requirements, you can achieve compliance, security and operational efficiency without the associated stress. Choosing the right IT provider is crucial. History shows us that experts can be convincing even when wrong, as demonstrated by past medical practices like lobotomies or financial scams like Madoff’s Ponzi scheme. Therefore, it’s vital to thoroughly vet potential IT partners, ask pertinent questions and seek testimonials from other clients. When deciding which IT provider to let handle your network, take it seriously and don’t blindly follow anyone’s advice. It’s not your responsibility to know every technical thing that needs to happen with your network, but it is your job to ask questions, request testimonials from other clients and hire someone trustworthy. Your company’s security, reputation and, possibly, future depend on you not letting the wrong person come in and muck up your business. That’s one of the reasons I created a FREE guide that you can get here that lists out 16 questions you need to ask anyone before you let them touch your network. It’s a great resource for every business owner to have. If you’re ready to hand off your IT to a reliable team of experts, our team of experts is ready to manage your network so you can focus on growing your business while we focus on what we do best: protecting it. (You can even check our website for real client reviews!) To get started and find out what you need, give us a call at 774-241-8600 or click here to book your FREE Cyber Security Risk Assessment now.

The Hidden Dangers Of Shortcuts In IT Security Read More »

Recent Cyber-Attacks Highlight The Urgency Of Strong Cybersecurity For All Businesses

If the software your organization used to close deals and pay employees unexpectedly went down and you had no idea when it would be fixed, what would you do? Could you continue doing business? How much money would you lose? Unfortunately, in June, this happened to over 15,000 US- and Canada-based car dealerships when two cyber-attacks occurred on the popular industry software provider, CDK Global. This software attack shut down the sales, financing and payroll systems for thousands of dealers, forcing them to either stop business or revert to the old-fashioned pen-and-paper method. This incident should be a wake-up call for all small business owners, highlighting the importance of robust cybersecurity measures. What Happened? The initial attack occurred on the evening of Tuesday, June 18. Once it was detected, CDK Global immediately took the correct action, bringing the entire system offline to investigate the issue. The system was up and running again the following day until a second incident occurred, which resulted in the company bringing the system back offline. It’s thought the system was brought back online prematurely, before all compromised areas were discovered, resulting in a second attack. Cybersecurity experts are saying it could be weeks before the system is back to being fully operational. While some businesses were able to revert to manual processes, this incident highlights the vulnerabilities that come with relying on digital systems. In our ever-advancing digital world, where most transactions are a couple of clicks away, significant issues arise when systems go offline. Critical parts of the business process, such as completing transactions, managing payroll and interacting with financial institutions, can come to a standstill. This means that until the systems are back online, many business operations cannot be fully completed, leading to delays and potential financial losses. Business owners know that there is no sale until the check clears the bank! So, What’s Next? CDK Global didn’t disclose the exact cause of the attack. Whether that was intentional or they are still unsure remains to be seen. Their security team will need to meticulously comb over every area of the business to determine exactly what was compromised. It’s often difficult for large companies to get the details about cyber-attacks 100% correct after the first review because they may not be able to determine the extent of an attack’s network penetration if there are multiple points of vulnerability. In the meantime, businesses need to take a hard look at their systems for selling and operational continuity. Will they be prepared to continue doing business if and when this happens again? This incident should serve as a wake-up call for all business leaders. If you don’t have a business recovery and continuity plan in place, you’re putting yourself at risk. And if you do, you need to ask yourself if it is high-quality, tested often and able to handle a large-scale attack where multiple operational systems are disabled. If the answer is no, it’s time to do something about it. We’ll do a FREE Security Risk Assessment that will achieve two important things: To get started, call our office at 774-241-8600 or click here to book your FREE Security Risk Assessment now.

Recent Cyber-Attacks Highlight The Urgency Of Strong Cybersecurity For All Businesses Read More »

Vacation Travel Scams Are Up 900%

Summer is a popular time for vacation travel. If you’re looking to squeeze in any last-minute travel, there is a scam circulating that you need to be aware of. As costs for everything from food to travel continue to increase, the logical step is to search for the best deals online to book a memorable trip without breaking your budget. According to Booking.com, cybercriminals have decided to capitalize on this need and are now using one scarily convincing, AI-generated phishing e-mail that can cost victims way more than their vacation fund. Booking.com’s CISO, Marnie Wilking, shared that the organization has seen a 500% to 900% increase in travel-related scams in the past 18 months using this malicious tactic. How are these scammers doing it? Phishing e-mails have existed since the dawn of the Internet, but AI tools like ChatGPT are making it increasingly easy to create realistic and professional scam e-mails that are more likely to trick readers. In the past, phishing e-mails were riddled with red flags such as spelling and grammatical errors. With the rise of AI, it’s easier for cybercriminals to pump out dozens of seemingly legitimate e-mails that often go undetected by software and readers. Here’s how they work: Scammers will use sites like Booking.com or Airbnb.com that allow people to list their places as short-term rentals. The scammers send out e-mails offering incredible rates or time-sensitive deals on nonexistent properties. After someone pays, the cybercriminals will either disappear with the money, leaving the renter without a place to stay, or use follow-up e-mails to collect additional “fees” or “charges” before vanishing. To be clear, these vacation-focused phishing scams are NOT new. The problem now is that, with AI, more people are falling for them because these e-mails are becoming more convincing. What can you do? Vacationers can take several key steps to ensure they’re not being duped. The most important thing is to stay vigilant. Analyze every e-mail offer you receive and follow cyber security best practices. Standard security software can help detect some of these scam e-mails, but often not all of them, so it’s important to be cautious and look for red flags. Personal scams may ruin a vacation, but business breaches can cost you and your family their livelihood. To keep your network secure, call us at 774-241-8600 or click here to book a FREE 10-minute discovery call with our cyber security experts, who can help you create a plan that protects you. We are here to help! Enjoy a well-deserved break this summer, and remember to be cybersmart.

Vacation Travel Scams Are Up 900% Read More »

Outdated Technology Is Costing Your Organization Money

Is your organization currently bleeding money due to its reliance on outdated technology? The answer is likely yes. A recent survey by Deloitte revealed that a staggering 82% of companies failed to meet their cost-reduction targets last year, with an inefficient technology infrastructure being the primary culprit. The 2024 poll of nearly 300 business leaders on business margin improvement and technology transformation efforts revealed that challenges with their technology infrastructure are the biggest barrier to organizations seeking to improve margins by cutting costs. This same study found that over 50% of the respondents reported that leveraging data and generative AI strategies for improving margins would be their focus for 2024. What does this tell us? Organizations are looking to adopt new, automated, AI-powered ways of doing business to save money and improve efficiency but are held back by antiquated technology. Why Should Businesses Upgrade Their Technology? Legacy systems, typically categorized as technology that’s at least a decade old, can quickly become expensive to maintain. They are slower, need constant updates and patches, and don’t leverage new features as they’re developed. As a result, businesses struggle to keep up with their tech-savvy competitors in every area of the organization, from scaling and cloud usage to human resources and customer service operations. But that’s not the only issue. Outdated technology increases your risk of cyber-attacks. Old technology typically cannot keep up with the rapidly changing world of cyber security. As new, more malicious threats emerge, older technology eventually becomes incapable of keeping up with the latest updates required to keep your network secure. So, why do business owners put off updating technology when the data clearly shows that it will positively impact productivity and the bottom line? There are a couple of reasons, the main one being sticker shock. Seeing the price of updating technology infrastructure can feel overwhelming. Smart business leaders run through risk-related questions like “What if something breaks?” or “What if it doesn’t work like they say it will?” However, the data shows that maintaining old technology could be more costly. A separate Deloitte study of CIOs in 2023 found that respondents spent an average of 55% of their technology budget on maintaining their existing systems. There’s also the cost of switching. What will bringing systems down and transitioning to a new system cost? What will the cost be to train employees to use the software? These are all questions your IT team can help you answer BEFORE you start upgrading your technology. An experienced technician will help you analyze your system to see what needs to be updated and when, and map out a plan to upgrade your system in the most efficient way possible. It’s easier than most business leaders think and pays off in increased productivity and profitability. If you’re looking to upgrade your technology or are just tired of slow, outdated tech and want to see what the next step could look like, we’ll do a FREE Network Assessment. Our techs will dig into your system and determine what you need to get technology that helps you run your business better. To book your assessment, call us at 774-241-8600 or click here to schedule now.

Outdated Technology Is Costing Your Organization Money Read More »

Dangers Of LinkedIn: 4 SecurityFeatures To Use TODAY

A recent report from Check Point Research revealed a shocking statistic – the Microsoft-owned business platform LinkedIn is impersonated in nearly half of all phishing attacks globally. One of the ways scammers leverage LinkedIn to deploy their phishing attack is when they zero in on anyone seeking a new job or career change. While e-mails like “You have 1 new invitation” or “Your profile has been viewed by 63 people” can be authentic, it’s critical to verify the e-mail address it’s sent from to ensure that it’s genuinely from LinkedIn. These impersonators will send e-mails that look identical to the real ones, with links to fake LinkedIn pages that will rip off your information as soon as you enter it. Another way cybercriminals leverage LinkedIn is by creating fake profiles and messaging people about job opportunities. Once you’re on the hook, they’ll either ask for a small payment upfrontto process your application (that you’ll never see again) or send you a link to a form you must fill out that’s actually a phishing link in disguise. LinkedIn is aware of the problem and is working on developing advanced security features to protect its users. Here are three of the current security features it has already deployed:

Dangers Of LinkedIn: 4 SecurityFeatures To Use TODAY Read More »

The Microsoft Outage: A Wake-Up Call for Incident Response Planning

The recent global outage of Microsoft services, caused by a faulty software update from CrowdStrike, served as a stark reminder of how vulnerable even the largest tech giants can be to unexpected disruptions. Airlines, businesses, and countless individuals relying on Microsoft’s vast ecosystem felt the ripple effects, highlighting the interconnected nature of our digital world. The Importance of Incident Response Plans While the outage is mostly resolved, the incident underscored the critical need for comprehensive incident response plans. These plans, often overlooked or underestimated, provide a roadmap for organizations to navigate crises efficiently and minimize downtime. A well-structured incident response plan includes: Small and Medium Businesses (SMBs) at Risk If a tech giant like Microsoft can be disrupted, the potential consequences for small and medium businesses (SMBs) are even more significant. SMBs often lack the resources and infrastructure to recover quickly from outages, making them more vulnerable to financial losses and reputational damage. Developing a comprehensive incident response plan is not a luxury for SMBs; it’s a necessity. By investing in preparedness, SMBs can: Moving Forward The Microsoft outage serves as a valuable lesson for all organizations. By developing and regularly updating incident response plans, businesses of all sizes can mitigate the impact of future disruptions and ensure their continued success in an increasingly interconnected digital landscape. Key Takeaways: Let’s not wait for the next outage to take action. Let’s make incident response planning a top priority today.

The Microsoft Outage: A Wake-Up Call for Incident Response Planning Read More »

Travel Smart: Essential Cybersecurity Practices For A Hack-Free Vacation

Summer is a popular time for business owners and employees to step out of the office and take a well-deserved vacation. Even if their “out of office” e-mail responder is active, many people will periodically check in on work at least once while traveling. Unfortunately, studies show that working outside of the office – whether it’s a few simple check-ins on vacation, connecting to the Internet at a local coffee shop or even business travelers out on work trips – can lead to major cybersecurity issues. If you or your employees will be answering urgent e-mails from the airport or accessing network documents in the hotel lobby, it’s essential to maintain strong cybersecurity best practices to avoid exposing the company’s network to hackers preying nearby. In this blog post, we’ll cover what cybersecurity best practices are necessary for you to take before and during any trip to keep your network secure from hackers. Why Cybersecurity Matters While Traveling Cybersecurity might not be at the top of your vacation checklist, but ignoring it can turn your dream getaway into a horrible nightmare. Cybercriminals know summer is a prime time to attack because people are more likely to let their guard down while on vacation. For most vacationers, the focus is on enjoying time out of the office instead of ensuring they’re following cybersecurity best practices, making them an easy target for hackers. To minimize the risk of a cyberattack while traveling, here are a few best practices to cover with anyone on your team who might connect to the Internet while on vacation. Before you go: While traveling: You should be able to relax on vacation. Taking these simple precautions can help you keep your device secure so you can enjoy your time off and don’t have to worry about dealing with cyber issues when you get back to work. However, it’s important to know that these steps aren’t fail-proof. To truly ensure that your company’s cybersecurity measures are up to standard, it’s important to work with a professional IT team that can monitor your network 24/7, patch any vulnerabilities that pop up (which happens regularly) and alert you if something seems suspicious. To help you prepare for your vacation and have peace of mind knowing your business is secure while you or your employees are working remotely, call us at 774-241-8600 or click here to schedule a FREE IT Security Risk Assessment with our cybersecurity experts today. We’ll evaluate your current cybersecurity solutions, identify potential vulnerabilities and help you implement a strategic security plan to keep your company safe.

Travel Smart: Essential Cybersecurity Practices For A Hack-Free Vacation Read More »

Massive Layoffs In 2024 Create A Serious Threat To Your Cybersecurity

The massive wave of layoffs in 2024 brings a cybersecurity threat that most business owners aren’t focusing on – offboarding employees. Even big-time brands that you would expect to have top-of-the-line cybersecurity systems, processes and procedures in place fail to adequately protect themselves from insider threats. This August marks a year since two disgruntled Tesla employees went rogue after being let go and exposed the personal information – including names, addresses, phone numbers and even the Social Security numbers – of over 75,000 people, including employees. And, of course, the issue is expected to get worse. According to NerdWallet, as of May 24, 2024, 298 US-based tech companies have laid off 84,600 workers and counting. This includes major layoffs at big companies like Amazon, Google and Microsoft, as well as smaller tech start-ups. In total, around 257,254 jobs were eliminated in the first quarter of 2024 alone. Whether or not you’ll need to downsize your team this year, having a proper offboarding process in place is essential to every business, big or small, because it’s more than a routine administrative task – it’s a critical security precaution. Failing to revoke access for former employees can lead to serious business and legal implications later. Some of those issues include: A study by Osterman Research revealed that 69% of businesses experience data loss due to employee turnover, and 87% of employees who leave take data with them. Most often, the information you worked hard to gather is sold to competitors, used by them when they’re hired by the competition or used by the former employee to BECOME a competitor. Any way you cut it, it screws YOU. Do you have an airtight offboarding process to curb these risks? Chances are you don’t. A 2024 study by Wing revealed that one out of five organizations has indications that some of their former users were not properly offboarded, and those are the people who were astute enough to detect it. How DO you properly offboard an employee? These are only a few ways your IT team can help improve your offboarding process to make it more efficient and secure. Insider threats can be devastating, and if you think this can’t happen to you, think again. You have to be proactive in protecting your organization. To find out if any gaps in your offboarding process expose you to theft or a data breach, our team will do a free, in-depth risk assessment to help you resolve it. Call us at 774-241-8600 or click here to book now.

Massive Layoffs In 2024 Create A Serious Threat To Your Cybersecurity Read More »

Frustrated With BAD Tech Support? You’re Not Alone

A recent stream of Reddit comments emerged detailing a series of poor customer service experiences with tech support. While I typically try to stay clear of Reddit and its gang of chronic whiny-pants commenters, I scrolled through a few, you know, for research purposes since I’m in the industry. A few of the complaints sounded so outlandish – like the lady who claimed the technician took a bathroom break in her attic – that it almost seemed impossible they could be true. However, other more common issues on the thread I’ve experienced myself, and to be candid with you, they sucked! When you are experiencing a tech emergency – be it a broken printer, hardware malfunctions, Internet connectivity issues, login troubles or something similar – poor tech support only worsens the irritation. It leaves you with frustrated employees who can’t efficiently get their jobs done because they’re troubleshooting their tech and on hold with an IT company that is “looking into it” and irritated customers who just want a smooth process when dealing with your organization. This can result in losing customers and A-player employees to your competitors that don’t have these same daily issues. At first, it might seem dramatic that a few unresolved “tech issues” could cause such a stir, but as these problems continue to repeat themselves, with no solution in sight, resentment grows and will eventually result in these people seeking organizations that don’t have to deal with such headaches. What can you do to get ahead of the problem? Start by polling your employees. Ask them questions that will help you “grade” your current IT company to see if they’re dealing with your team as fast and efficiently as they should. Here are a few questions to ask: These questions take only a few minutes to answer and can help you gain valuable insight into whether or not your current IT team is properly handling issues or if there is trouble brewing within your organization that you weren’t aware of. If you would like to see what good IT support actually looks like, we’ll do TWO FREE hours of support for your organization. Here are SOME of the ways you could use your time with us: To get started, give our team a call at 774-241-7600 or click here to book your call now.

Frustrated With BAD Tech Support? You’re Not Alone Read More »

Scroll to Top