Category Archives: IT Security

Why choose HaaS to launch or scale your business faster

hardware as a service

Why choose HaaS to launch or scale your business faster

Why choose HaaS to launch or scale your business faster

25 Nov, 2020

Starting and growing a business is hard work, and the investment to get it off the ground can be crippling.

This is why many business owners choose to lease, not buy, the majority of their business items:

Commercial premises? Leased.

Company car? Leased.

Plant, machinery and equipment? Leased.

Without this option, the outlay to purchase everything that’s needed could quickly surpass the $1million mark – making many businesses unviable before they’ve even had a chance to get off the ground.

With modern technology now a vital component in every business, the cost barrier to fully equip a new office with sufficient IT infrastructure can also be prohibitive. From servers, switches, routers and firewalls to desktops, laptops and phones, the expense is simply too high.

Coupled with the ever evolving nature of technology, and the business efficiencies that can be gained from leveraging the latest advancements, leasing IT equipment instead of purchasing it outright has soared in popularity.

What happens when you lease your IT equipment?

Leasing your IT hardware is otherwise known as “Hardware as a Service”, or HaaS.

The process is very similar to leasing a car or office space in that you:

  1. Select what you want
  2. Get a quote
  3. Sign a lease agreement
  4. Use the item(s) until the lease agreement ends

Once the agreement ends, you can opt to enter a new agreement with the same items or replace them with newer ones. Often you’re also able to purchase them at a fair market price.

The only difference with HaaS is that lease agreements are often coupled with a Managed IT Services agreement. This ensures the hardware is well cared for by IT professionals during your lease period, and any issues can be addressed quickly.

Why lease your IT equipment?

In addition to potential tax advantages, there are 5 key benefits that make HaaS an attractive option for small to medium enterprises.

These include:

  1. No up-front payments, so you can launch your business faster
  2. No-fuss repairs, because it’s all taken care of in your Managed Services agreement
  3. Fast scaling, with the ability to add new hardware to your agreement any time
  4. Professional installation and ongoing maintenance, included in your agreement
  5. Access to the latest technology, with no need to shell out for upgrades every time a new model is released

At Empreus IT, we also find that our clients love HaaS because it forms the foundation for an ongoing relationship with a trusted outsourced provider.

Instead of worrying about their IT set up, maintenance, security and costs, they are able to concentrate on delivering for customers and growing their business.

To learn more about HaaS and our tailored Managed IT Services agreements – including the benefits they could deliver for your business – simply contact us.

Get ready: Why IT security may soon be mandatory for your remote workforce

IT security for remote workers

Get ready: Why IT security may soon be mandatory for your remote workforce

Get ready: Why IT security may soon be mandatory for your remote workforce

23 Jul, 2020

Remember the days when working from home was a novelty? Employers keen to engage a modern workforce developed flexible working arrangements that allowed staff to spend a day here or there working remotely – usually via VPN or on files saved to their laptops.

With the rise in cloud computing, remote working has gained a little more traction in recent years. Businesses that invested in the technology quickly saw the cultural benefits of enabling staff to work from home, even if it wasn’t actively encouraged.

When the coronavirus pandemic hit however, organisations with and without cloud technology were forced to enable remote working for every employee almost overnight.

This presented enormous challenges for a lot of companies, and the speed and magnitude of the transition created substantial security risks – many of which likely went unnoticed.

With the rise in advanced hacking methods in an unstable global economy, the risk of valuable data being stolen and sold or shared is also higher than ever.

Recently we saw a wide range of public and private organisations in Australia come under cyber-attack by malicious unknown entities. Prime Minister Scott Morrison labelled the attacks “sophisticated” and noted that cyber-security is “a constant issue for Australia to deal with”.

What this means for you

We believe that the combination of increasing numbers of remote workers and increasing numbers of sophisticated cyber-attacks will inevitably lead to a government mandate on IT security requirements for all businesses.

What these requirements will be is yet to be seen, but they will likely complement the Privacy Act amendments for data security that were introduced in 2018.

If government does introduce requirements, your business may need to prove compliance – perhaps via third-party certification that proves your infrastructure and security policies are up to scratch.

This could include:

  • Passwords and two-factor authentication
  • Endpoint protection (anti-virus)
  • Firewalls
  • Backups and disaster recovery
  • Security practices and procedures

For those businesses that don’t comply – either intentionally or unintentionally (i.e.: they’ve had the same IT company managing their systems for over a decade and the IT company has become complacent), there could be significant fines.

In addition, things like professional indemnity insurance may be hard to come by for those businesses that cannot prove compliance.

How we can help

Besides potential fines stemming from future regulation, securing your IT systems to facilitate the future of remote working is essential.

Until you have an expert examine your set-up, policies and practices, you cannot be sure that you are as secure as you need to be.

Your data is your most valuable asset (and according to recent research, is now worth more than gold). Even if you have an IT firm already looking after you, it pays to get a second opinion just to confirm nothing has been left up to chance.

This includes a full review of the types of programs, websites and apps your staff are allowed to access. Consider the recent uproar about TiKTok, where it’s alleged that the application scrapes data from users’ phones and sends it overseas.

At Empreus IT, we stay on top of the latest industry news and best practices so we can keep our clients informed. We also conduct comprehensive security audits, and put measures in place to monitor security performance in real time. If there’s an issue, we can alert you immediately and generally fix it quickly and remotely.

For an obligation-free chat about your business’s IT security, or to engage us for a security audit, call (02) 6189 1322. 

Moving to remote working? How Empreus IT Support can help

remote work during covid-19

Moving to remote working? How Empreus IT Support can help

Moving to remote working? How Empreus IT Support can help

27 Mar, 2020

When we celebrated the start of 2020 just a few months ago, I don’t think anyone could have foreseen the situation we all face right now.

But as COVID-19 ravages the globe and puts people’s health and livelihoods at risk, individuals have been forced to isolate and many businesses have been forced to close.

For those businesses able to transition staff to a remote working arrangement, the past couple of weeks have been hectic as home offices and dining room tables across the country are set up to prepare for a new way of working.

We know technology and IT support are critical at this time, so we wanted to give you an update on our services and how we will continue to support our clients in this time of need…

Our office is still open

Our office in Fyshwick remains open to ensure you can still access our computer repair services or purchase computer supplies.

We are observing all government guidelines around sanitisation and physical distancing, with hand sanitiser available when you walk in.

If you wish to drop off hardware for repair, you’re welcome to call ahead and let us know. Then simply ring the bell, leave the item on the counter, and we will attend to it.

We sell computer hardware

Due to increased demand and supply chain disruptions, there is a growing shortage of computer supplies.

We want to reassure our customers that we still have plenty of items in stock, and strong relationships with trusted local suppliers that we can source from as needed.

View our online store to see our full range, or contact us to chat about your requirements.

We can support your employees to set up their home office

Your business is your livelihood, and not having a physical presence does not mean it needs to stop.

As experts in remote working solutions, we offer:

  • Full hardware set up
  • Virtual Private Networks (VPNs) for remote access
  • Cloud set up (Office 365, Google Cloud, and more)
  • VoIP phone set up
  • Routers
  • Printers

We take cyber security very seriously

A rapid change from a secure working environment to an unsecure home network has its risks. This concern is particularly relevant if your business manages confidential customer data.

We can assist you in setting up reliable barriers and protocols that prevent hackers from taking advantage of your company during this vulnerable time.

This includes:

  • Advanced anti-virus and malware protection
  • Firewalls
  • Group policy management
  • Email screening
  • Old IT hardware disposal

We can also run cyber security awareness training remotely to employees if you wish to share specific measures to help them avoid risky IT behaviour.

We offer ongoing Managed IT Services and IT support

Just as staff would encounter IT issues in the workplace, they will also encounter them while they work from home.

This could include anything from a problem with physical hardware, to difficulty logging onto the company network or running certain software.

IT support may be one of the most critical services you require over the next few months, and we’re here to help. Contact us to discuss our flexible Managed IT Services agreements, with the option to include real time remote IT support services that are entirely local (no overseas call centres).

We’ll get through this together

We all have one thing in common: our ancestors lived through times that were undoubtedly more difficult than this. That means we are all survivors.

At Empreus IT, we’re working incredibly hard to support our local business community. We want our clients to do more than just “get through” this – we want them to profit and thrive as they adjust to this new way of working.

Let us help with your IT, so you can focus on serving your clients. To chat with us about your requirements, call (02) 6189 1322.

IT security 101: Why SSL certificates are so important

SSL certificates

IT security 101: Why SSL certificates are so important

IT security 101: Why SSL certificates are so important

20 Jun, 2019

If you’re a regular internet user, you’ve undoubtedly noticed the increase in websites with a https address, rather than a http. The S stands for “secure” and shows that the website has an SSL (Secure Sockets Layer) certificate.

A few years ago, search engines began cracking down on websites that didn’t have this protection for users, while web protection software also began flagging them as a security risk. Afraid to be penalised and have less website visitors, most companies now have SSL certificates installed.

This is good news for businesses and web users who are at an ever-increasing risk of malware as hackers get smarter and more innovative than ever before.

What is an SSL certificate?

Security certificates establish a secret connection between two parties. They use clever algorithms (such as the Diffie–Hellman key exchange) to encrypt communication, including actions and messages, so others can’t see them.

Certificates can be used wherever there is sharing of information, including via Virtual Private Networks (VPNs).

Unfortunately hackers are also getting better at breaking certificates; including SSL certificates where they attempt to add spy bots to a website so they can harvest data from unsuspecting visitors. This is why the Diffie–Hellman algorithm is often used in conjunction with “Salt” security. Salt constantly changes the “flavour” of a connection, which reduces the possibility that it can get hacked.

How do you get an SSL or other security certificate?

Security certificates for VPNs and apps can be added to your computer by creating a certificate and a private key on the server. This should be done by an experienced IT professional, as it’s not a simple process and can be disastrous when done incorrectly.

SSL certificates for websites are now provided for free by most hosting providers because they are considered an industry standard.

It’s important to know that you are getting a genuine certificate and not one that has been re-issued from another domain. This is a serious issue that has plagued some digital security companies and caused widespread problems for companies and their website visitors alike.

The technical complexity of certificates is not something a user (be it a staff member or web visitor) ever sees, but it does ensure their safety. And keeping people safe when they are using your IT is paramount to building trust, complying with data collection regulations, and protecting your business’s proprietary information.

For more information on how to increase security using certificates in your business, call Empreus IT Support on (02) 6189 1322 or contact us now.

IT security 101: Remote working with Virtual Private Networks

IT for remote working

IT security 101: Remote working with Virtual Private Networks

IT security 101: Remote working with Virtual Private Networks

29 May, 2019

** Please note this is about VPNs for business-related file sharing. Not VPNs that let you use an IP from another country to watch Netflix!

Working the 9-5 in an office is fast becoming a thing of the past, with more people choosing to work from home or a booth in a trendy café than ever before. And with a rise in remote working comes a need for business owners to modernise their IT systems and enable remote working.

To do this, some companies house their work files on a Cloud server so staff can access them from anywhere at any time. Azure, Google and Amazon all offer variations of Cloud servers, which are now the norm in companies that have adopted a Cloud-only or hybrid Cloud approach.

But for companies that aren’t ready, willing or able to move part or all of their private files to a Cloud server, Virtual Private Networks (VPNs) offer all the same advantages without some of the perceived disadvantages of Cloud.

What is a VPN?

A VPN extends a local network (i.e.: the network in your office) across a public network (but in a private way) so staff can work as though they were sitting right there in your office.

There are many benefits to adding a VPN to your business, including:

  • Allows remote working
  • Facilitates collaboration
  • Connects offices in different locations
  • Makes it easy to access files in an emergency
  • Provides a secure way to share files rather than by email

Progressive organisations see VPNs as essential, because they make it easy to offer flexible working arrangements. For example, new parents can work from home half a week and spend the other half in the office – allowing them to save on day care while continuing their career (which is mutually beneficial).

How does a VPN work?

When we set up a VPN for your business, we create a new private network by configuring your server. We then provide staff access with their own unique logins.

The staff member can then:

  • Install the VPN software
  • Connect securely to the VPN
  • Connect to their desktop via a secure remote desktop connection

And presto! They are working on the server just as they would be in the office, with access to the same desktop, email and folders they usually work in.

Are VPNs safe?

When set up correctly, a VPN is very safe as it is not front-facing (part of the World Wide Web) and can incorporate a variety of security measures to ensure hackers do not penetrate the network.

For example, if someone tried to logon to the server, the session would timeout and they would have to start their hack attempt again. This double layer of security is essential and acts like a firewall to keep unsavoury characters away from your private data.

You can also add extra security such as “Salt” which could include 2-factor authentication. Like the salt you eat, this clever software changes the “flavouring” of each VPN connection – adding a unique variable that changes constantly so hackers find it incredibly difficult to get in.

To set up a VPN (Cloud or server) in your business, call Empreus IT Support on (02) 6189 1322 or contact us now.

IT security 101: physical security

security to protect your IT

IT security 101: physical security

IT security 101: physical security

17 Apr, 2019

At Empreus IT, we want to help you keep your business and its critical data secure. That’s why we’ve been running a series of articles called IT security 101.

So far in the series, we’ve covered the importance of firewalls and anti-virus, and their roles in defending your business data from inevitable threats.

Using the analogy of your business as a castle, we have explored the idea that:

  • Firewalls are a moat that surround the castle and limit the number of attackers that make it onto castle grounds
  • Your anti-virus is the castle guards that detect and eliminate threats swiftly and effectively

In this third article, we want to explain why it’s essential to have good physical security to protect your IT hardware. In keeping with our castle theme, think of physical security as the heavy duty locks and latches on your castle door.

What is physical security?

Physical security is the tangible barrier you place between people and IT systems. It makes it physically difficult to get to your IT systems and damage, steal or break them.

Physical security can include:

  • Locks
  • Keyless doors (requiring a fingerprint)
  • Security systems
  • Server cages

There are many options to choose from, including revolutionary new Cloud technology systems that monitor and store security data and camera feeds in the Cloud (so they cannot be edited or deleted easily).

Why is physical security important?

Critical IT hardware (such as your server) houses your business’s confidential and critical data.

Whether or not it’s intentional or accidental, if people can touch your IT hardware, they can break it. For example, if your server sits in the same area as your staff and someone accidentally spills coffee on it, it could be destroyed….along with all of your data.

Imagine that – all the documents you have worked countless hours to create, gone in an instant!

Keeping expensive and critical hardware in a separate room and ensuring that room has security is the best way to avoid accidents, protect your proprietary information, and reduce the risk to your business.

How can Empreus IT help with physical security?

While we do not supply locks, bolts, cages or cameras, we can advise you on:

  • The physical security you need for your specific business
  • Where to buy it
  • How to install it (some systems will require an electrician)

We are experienced in mapping camera networks and ensuring full functionality, as well as setting up access rules and monitoring IT systems for integrity and longevity.

For a confidential consultation on adding physical security to your business castle, call Empreus IT on (02) 6189 1322 or contact us now.

IT security 101: anti-virus and web protection

anti virus and web protection

IT security 101: anti-virus and web protection

IT security 101: anti-virus and web protection

14 Mar, 2019

Last month, we talked about the importance of firewalls and how they add valuable security to your IT network. Comparing your business to a castle, we explored the idea of a firewall as a moat – reducing the number of attackers that make it onto your castle grounds.

In keeping with this metaphor, this month we want to explore additional layers of security that help keep your greatest asset (your data) safe.

Most people are well aware of the benefits of anti-virus for their computer or devices. This clever software aims to prevent viruses from penetrating your system that can:

  • Steal personal information
  • Stop your computer from working
  • Lock you out of your own data
  • Force you to pay money to have it released

But how does anti-virus software really work? And how do you know which anti-virus software to choose?

Here’s our low-down on anti-virus and web protection…

What is anti-virus and web protection?

If you imagine your business castle, anti-virus and web protection are the soldiers that stand on the castle walls ready and waiting with their arrows pointed.

They aim to take out any offender identified as foreign and threatening to the ecosystem, protecting everyone in the castle (your data) from danger.

How does anti-virus and web protection work?

If a literal virus were to plague humanity tomorrow, scientists would work round the clock to understand how the virus works so they can develop a vaccine.

Technology viruses are essentially no different. When hackers create a new virus, security software companies such as Norton, McAfee, Symantec, and so on work tirelessly to understand how these viruses operate.

Once they understand them, they can define the parameters needed to identify and block them. For example, if a virus does X then Y then Z, it is a Trojan. With these parameters defined, your computer will quickly pick up on a Trojan’s attempt to get into the system and quarantine it.

Web protection works in a similar way. If a website attempts to run a command or execution that has been identified as risky, the web protection software jumps in and marks it as malware. This stops you from clicking through to the website and unknowingly downloading a virus.

Viruses on websites can happen if the website has been compromised by hackers (unknown to the company that owns it), or if the hackers have intentionally created a fake domain for when people accidentally type in the wrong URL.

How do I choose the best anti-virus?

If you are a home user, a standard subscription to a reputable anti-virus software product should be sufficient, such as:

  • Bitdefender
  • Norton anti-virus
  • Kaspersky anti-virus
  • ESET anti-virus
  • Webroot anti-virus

At Empreus IT, we recommend Bitdefendor as we have found them to be good value for money and superior to other anti-virus products. If you run a company, enterprise anti-virus software will give you faster updates and more support, and occasionally offer cyber security insurance with your subscription.

The reason we do not advise our clients to use free anti-virus software is because they often do not update as regularly as paid software. This means you may be protected from viruses that were current 2 years ago – not viruses that are a risk to you today.

When you do pay for an anti-virus subscription and install it, you need to ensure “automatic updates” are turned on so that it constantly updates with the latest measures to combat the latest threats.

That being said however, new viruses come out every single day. So you should always exercise a high level of caution when clicking links in emails, visiting unknown websites, or downloading files.

Staying on top of computer viruses and malware

As your outsourced IT department, Empreus IT offers a valuable Managed IT Service to keep your company and its data better protected.

We consult to help you choose the right level of anti-virus software, install it onto every device (and server if applicable), and then monitor it 24/7 to ensure it is up to date and working efficiently. If the system flags a virus, we are straight onto it – finding out what has happened, making sure it is quarantined, and helping you implement measures so that it doesn’t happen again (such as better staff training on the dangers of unsolicited emails).

To order your own private security advisor who will walk the grounds of your castle 24/7, call Empreus IT on (02) 6189 1322 or contact us now.

IT security 101: What is a firewall and why should you care?

firewall moat

IT security 101: What is a firewall and why should you care?

IT security 101: What is a firewall and why should you care?

18 Feb, 2019

Knowing the possible devastation that results from malicious hackers penetrating your private computer systems, wouldn’t you be willing to do just about anything to prevent it?

In our last post, 2019 tech predictions you don’t want to ignore, we talked about the increasing threat of malware due to advancements in tech, and the effect this can (and does) have on businesses large and small.

With this in mind, we’re embarking on a series of blog posts to help you understand the main elements that combine to create effective IT security. Implementing each of these elements (properly) will improve your chances of avoiding these hacks.

So without further ado, let’s start with the first port of protection every business needs: a good firewall.

What is a firewall?

A firewall is a little black box that connects directly to the device that connects to the internet. Its job is to filter incoming traffic and prevent unauthorised users from accessing your network.

If you imagine your business as a castle, a Firewall is the moat that surrounds it and provides a first line of defence.

It eases the burden on the second and third lines of defence (archers who stand on the castle wall, and then soldiers inside the castle) by reducing the number of attackers who make it onto the castle grounds.

How does a firewall work?

When you send out a request for information via the internet (i.e.: you “Google” something), the internet sends the information back to your computer via your network port. Think of your network port like a road that leads to your castle.

There may only be one real road in, but there are thousands of other roads (ports) that attackers will try to take to get to your castle. This is why you need a good firewall, or moat, to stop them in their tracks. The firewall basically rejects any user who is trying to come through via the wrong port.

There will be a lucky few who do come down the right road and find a bridge over the moat, but this is where your other defences need to kick in and do their job.

Which firewall do I choose?

This depends on how deep you want your moat to be!

For basic home users, the firewall inclusion in a standard router is usually sufficient. This works in tandem with firewall software included in most anti-virus applications installed on the computer, and will do a reasonable job of preventing attacks.

For a business however, more users spending more time on the network increases the risk. The consequences of failing to protect data can also be more severe from a financial and reputational perspective.

Business users need a strong and intelligent firewall that can adapt to our ever-changing tech environment and pick up on sneaky attackers who are using unique ways to try and get through (such as parachuting over the moat!).

At Empreus IT, we recommend Juniper, Cisco and Watchguard firewalls. Each have their own advantages and disadvantages, depending on the size and nature of your business. To find out which one is right for you, give us a call for a friendly chat and we can discuss your options.

Once your firewall is in place, we can also manage it for you via a Managed IT Services agreement. This is where we take on the role of security advisor for your castle, and walk the grounds 24/7 to make sure all of your defences are working as efficiently and effectively as possible.

To chat with us about getting a firewall or Managed Services for your castle, give us a call on (02) 6189 1322 or contact us now.

2019 tech predictions you don’t want to ignore

2019 tech predictions

2019 tech predictions you don’t want to ignore

2019 tech predictions you don’t want to ignore

21 Jan, 2019

2018 was a massive year for tech advancement, with new developments making communication, collaboration, and systemisation much faster and simpler than ever before.

As we head into a year filled with the promise of even greater technological achievement with AI, blockchain, robotics, Cloud, 5G communications and more, we appear to be edging ever-closer to the futuristic worlds that awed – and sometimes scared – us in movies such as the Fifth Element and Minority Report.

With new changes creating new risks, we wanted to shine a light on a few areas we believe will have a direct impact on SMEs this year.

Here are our top 4 tech predictions for 2019 that you shouldn’t ignore:

Cloud rules…but at what cost?

Cloud was on everyone’s lips in 2018, as business owners looked for any and all ways to jump on the bandwagon and incorporate Cloud into their business.

And while there are numerous benefits to Cloud technology, some businesses were shocked to find that the cost of moving to Cloud storage far exceeded their expectations (and their budget).

The market is dominated by a small number of major players who all offer similar pricing structures, so it can be difficult to find a stand-out deal on Cloud storage. For those businesses that require a lot of storage, the monthly fees can add up to more than the outright cost of a beefy in-house server over just one year.

Does this mean you should do away with Cloud altogether?

No. It just means that before you take a leap into a new technology – even when everyone is touting it as “the next best thing” – you should understand the costs and make an informed decision that’s right for your business.

There are multiple cloud strategies, including staged and hybrid approaches that may be more appropriate for you. If you’re not sure, ask us to do an objective analysis on your business so we can help you make a sound decision.

Hackers will get better

Many people read about the Marriott’s Starwood hotels hack that may have resulted in the private data of as many as 500 million guests across 4 years being compromised. Essentially, the hackers could have obtained enough information about a single person to be able to verify 100 points of ID (allowing them to assume your identity and run up horrendous bills).

Most recently, it was also reported that an incredible 773 million email addresses and passwords were hacked and released to a hacking forum.

With increasingly clever tech at their disposal, hackers are only getting better at finding ways to penetrate systems and steal company data.

If you don’t invest in proper security, you are at risk. If you don’t train your staff on how to be security-conscious when opening emails, visiting websites, or downloading files, you are at risk.

Security management of IT requires diligent monitoring and a dedication to keeping commercial-grade antivirus software up-to-date and working effectively.

Don’t waste money on tech that will quickly be superseded

Before upgrading any devices (phone, tablet, laptop, etc.) this year, first check to see what new technology may be just around the corner.

For example, if you plan to upgrade your phone you may want to hold off until your favourite manufacturer incorporates 5G-compatible hardware. 5G communications will be turned on around the country from as early as 2019, and will allow you to send and receive data faster than ever before.

New phones will likely be 4G and 5G compatible, whereas older phones are 3G and 4G compatible. If you can wait until the former becomes available, you should get a much better return on your investment. 

Anti-encryption laws open the door to trouble

Australia’s new anti-encryption laws require tech companies to give “backdoor access” to government security agencies so they can essentially read any text message or instant message you send over private networks such as WhatsApp, Slack and Facebook.

According to the Bill, companies should only create the backdoor if it doesn’t compromise security – however we know that any backdoor to software is a security risk. Hackers purposefully seek out backdoors to steal private information. So it’s going to be very difficult for these companies to comply with the laws and ensure 100% confidentiality for the messages you send.

If you are a tech company affected by this law, you may want to discuss it in depth with your lawyer or advisor so they can help you be compliant, but also go as far as possible in protecting users’ security.

Stay ahead of the pack

If you want a more proactive approach to IT management and security this year, ask us about Managed IT Services.

Managed IT Services means you’ll always have IT knowledge at your fingertips, plus 24/7 security monitoring, assurance on software updates, and much more.

And if you sign up for a Managed Services agreement before February 15, 2019 we’ll give you the 12th month FREE.

To learn more or to get Managed Services for your business, please call Empreus IT Support on (02) 6189 1322 or contact us now.

How to prevent and recover from cryptoware

cryptoware

How to prevent and recover from cryptoware

How to prevent and recover from cryptoware

06 Jun, 2018

Cryptoware (aka Ransomware) is one of the most dangerous, annoying and frequently experienced attacks on home and business computers.

Whereas once we were afraid of viruses that upset the functionality of our computers, or monitored what we were doing in the background, this new age of sophisticated viruses takes complete hold of our entire system – locking away our files until we agree to pay a “ransom” to unlock them.

If you treasure your family photos, your university papers, or your business documents, falling prey to cryptoware can cause huge headaches for you. And unless you have proper backups of everything on your computer, you have a serious decision to make:

Do you pay the ransom, or lose all of your files?

What cryptoware looks like

If you’re attacked by cryptoware, it’s unlikely that you’ll know about it until after you restart your computer. Or while you’re working, your files or documents may start to play up.

Once you restart, your computer may open to a message like this (or have a file that contains a similar message):

ransomware

You won’t be able to access any of your files, or create new files. If you were accessing a shared folder on a network (housed on an external server), it could also be locked.

You may find a text document on your desktop with instructions on how to pay the ransom to an anonymous cryptocurrency wallet.

The initial ransom could be around USD$1500. And it can be tempting to pay this and move on. But unfortunately, that’s usually not the case. While you may get your files back in the interim, the virus still sits on your computer, monitoring everything you do. A few weeks, or even a month, may pass before they lock everything down again and ask for more ransom.

What to do if you’re attacked by cryptoware

If your computer is compromised, there are only 3 ways to recover:

  1. If you have an effective backup, you can hire an IT company to re-format, reload and restore your computer to its original state.
  2. If you don’t have a backup, you can choose to pay the ransomware, or lose all of your files.
  3. If you’re happy to pay a highly experienced security specialist, they may be able to decrypt your drive.

If you haven’t been impacted by cryptoware yet, you still have an opportunity to protect yourself against the likelihood of a future attack.

How to prevent against cryptoware

The best way to prevent against Cryptoware is to do regular, thorough backups and be extremely careful of anything you download online.

Perpetrators often use email as a way of sending links that either contain a dangerous download, or a send you to a website that then encourages you to download the virus.

These emails may mimic emails from other service providers, or even government departments. The ATO, for example, is notorious for falling prey to copy-cat emails that tell you to view or download a document that relates to your tax.

The other way you can fall prey to dangerous downloads is when hackers compromise an otherwise trusted website. For example, you may go to a real estate agent’s website, or a major car company website, and attempt to download a brochure. Unknown to you, the brochure has been compromised and actually contains Cryptoware.

To prevent against Cryptoware, you should:

  1. Never, ever click a link in an email without thinking. Look at the email address the email has come from, and hover over the link until it shows where the link will take you. If it seems suspect, DON’T click it.
  2. Get yourself enterprise-quality anti-virus software. General consumer products can be poor at detecting and preventing illegal downloads.
  3. Backup, backup, backup.
  4. Hire an IT company to actively manage your security. At Empreus IT, we are alerted in real time to any attacks on our clients’ computers, and may be able to prevent them before they cause serious damage. We also perform regular, thorough backups to ensure the integrity of all of your data files.

The expense of any of these preventative measures is nothing compared to what you will have to endure if you’re attacked by cryptoware.

Our managed antivirus solutions are available from just $50 per computer per month, and will give you peace of mind, and potentially save you thousands on recovering from a cryptoware attack.

For more information on how we can help you prevent against cryptoware, or recover from cryptoware, please call (02) 6189 1322 or contact us now.