Microsoft Office 365 includes a wide range of cloud applications that can revolutionize productivity, collaboration, and work mobility. In this Tech Talk, Sebastian Igreti tours Office 365 and discusses how it can transform the way businesses leverage the traditional Office software stack.
If you’re looking for a better way to do employee performance reviews, consider taking a look at Trakstar. In this Tech Talk, Sebastian Igreti covers how we use Trakstar to measure, track, and report on employee performance, and why we love how it helps us manage performance reviews and maintain a customer-focused company culture.
You can learn more about Trakstar on their website: https://www.trakstar.com/
At TechMD, we believe that finding the right people for the job is central to the success of our business. On this episode of Tech Talks, Sebastian Igreti discusses how we leverage SparkHire to streamline our hiring process and help us find the right candidates. SparkHire allows you to reduce the need for time-consuming phone screens, gather quality information about candidates before meeting them in person, and easily collaborate between hiring managers.
You can learn more about SparkHire at https://www.sparkhire.com.
TechMD Ranked #5 among Best Places to Work in Orange County
At TechMD, we care about investing in others, doing IT right, and creating a fun-loving and positive environment for our team. This mindset has been a major contributor to our success, as it has allowed us to hire and retain excellent people and, in turn, take great care of our clients.
This approach to doing IT right has paid off again: we are excited to announce that TechMD has been named as one of 2017’s Best Places to Work in Orange County in the Medium-Sized Employer category!
About Best Places to Work
The Best Places to Work award was created in 2009 as a project of the Orange County Business Journal and Best Companies Group. The county-wide survey and awards program was designed to identify, recognize, and honor local companies that benefit the county’s economy, its workforce, and its businesses.
Organizations from across the county entered the two-part process to determine the Best Places to Work in Orange County. The first part consisted of evaluating each employer’s workplace policies, practices, and demographics. This part of the process was worth approximately 25% of the total evaluation. The second part consisted of an employee survey to measure the employee experience. This part of the process was worth approximately 75% of the total evaluation. The combined scores determined the top organizations and the final ranking. Best Companies Group managed the overall registration and survey process in Orange County and also analyzed the data and used their expertise to determine the final ranking.
The ranking of the winning organizations will be released via a special section of the Orange County Business Journal’s July 24 issue.
Looking for a better way to facilitate employee engagement and improve morale? In this Tech Talk, Sebastian Igreti covers how OfficeVibe enables businesses to capture feedback from team members, provides improved visibility over employee engagement and morale, and helps business leaders address festering issues before they affect company culture.
Threats and attack vectors from cybercriminals continue to evolve, and businesses need to stay on top of the changing cybersecurity landscape to ensure their critical business and customer data is protected. On this episode of Tech Talks, Sebastian Igreti discusses five essential steps to keep your business safe from cybercriminals.
Microsoft recently announced their Azure Virtual Desktop Solution, which allows organizations to move their entire IT infrastructure into Microsoft’s first-class cloud environment. If you’re interested in learning more about what’s on the IT horizon and how it can benefit your organization, check out this episode of Tech Talks, where Sebastian Igreti discusses the latest in cloud technology.
MSP Mentor Recognizes TechMD
We are excited to announce that TechMD was ranked among the world’s top 501 managed service providers by MSPMentor!
The MSP 501 companies ranked this year include organizations from around the world and from diverse technology and business backgrounds. Collectively, they amassed $14.48 billion in total revenue (based on 2016 results), up more than 15 percent from a year earlier. We are proud to be included among these companies, and we are looking forward to continuing to innovate ways to help our clients protect their business from cybersecurity threats and move into the cloud the right way.
“On behalf of MSPmentor, I would like to congratulate TechMD for its recognition as an MSP 501 honoree,” said Aldrin Brown, Editor in Chief of MSPmentor. “The managed service provider market is evolving at a rapid pace and the companies showcased on the 2017 MSP 501 list represent the most agile, flexible and innovative organizations in the industry.”
The complete 2017 MSP 501 list is available at MSPmentor.net.
WannaCry Ransomware Causes Global Security Breach
You may have seen the news this weekend: cybercriminals released a new strain of ransomware that can automatically spread itself across all computers in a network. It’s been dubbed “WannaCry” and it’s causing a global epidemic. More than 40 hospitals in the UK were shut down over the weekend. Spanish telecommunications firm Telefonica reported 85% of their systems went down because of the cyberattack. And those are just a few of the victims: this monster has infected hundreds of thousands of systems in more than 150 countries.
This piece of malware is particularly dangerous because it only requires one person to make a mistake: if someone opens a phishing email attachment, it will not only infect their computer but will immediately spread to everyone else’s computer on their network.
Each infection demands a $300 bitcoin payment to unlock that computer’s files, leading to massive downtime while breached companies attempt to make payments and wait for unlock keys to come back from the cybercriminals.
Steps TechMD Has Taken:
IT Security has always been a top priority at TechMD. We know there’s no silver bullet when it comes to IT Security, so we have invested in the following layers to protect our clients:
- Patch Management: we regularly update computers under our management with the latest security patches, and typically we do this work in the middle of the night while our clients are sleeping. Back in March, Microsoft released a patch to protect against the vulnerability exploited by WannaCry, and our team worked around the clock to deploy the update.
- Email Filtering: emails sent to our clients are filtered for spam and malware. We block thousands of emails every day from reaching our clients’ inboxes, helping to reduce the threat from these types of attacks.
- Antivirus: all the computers under our support have antivirus software that we install and manage. Our team monitors this critical layer of protection and work tirelessly to keep your antivirus software working and updated.
- Training and Awareness: individual users are by far the most important security layer in protecting themselves and their organization. Our weekly training videos and cybersecurity email alerts are helping to educate and train our 6,000 end users.
- Backup: we know there’s nothing anyone can do to guarantee security, and that’s why it’s critical that our clients have a robust backup strategy. In case all else fails we will use the backups to recover any lost data and reduce downtime.
In addition to these layers, TechMD has developed hundreds of best practices over the past 15 years. We have a team dedicated to deploying and managing these policies that are critical to keeping our clients safe from cyberthreats.
What Should You Do About This?
We have been working behind the scenes to protect your organization from this breach, but we still need your help. Here are a few things you can do to make sure WannaCry doesn’t infect your company network:
- Remain Cautious with Email Attachments: be very careful when you get an email with an attachment or a link, especially if the email is unexpected. Opening attachments can immediately infect your computer, and following malicious links can give cybercriminals access to your computer and data. Remember: “When in doubt, throw it out!”
- Don’t Wait, Alert TechMD: if you think you have been infected, or if you accidentally opened a suspicious-looking attachment in an email, don’t wait! Let us know ASAP by calling 888-883-2463.
For a quick refresher on how phishing attacks work and how to avoid them, check out this One-Minute Wednesday episode:
How Can You Protect Yourself at Home?
Although we only support the computers at your office, we want to share some steps you should take to make sure your personal computers are protected:
- Patch Your Computer: the vulnerability exploited by WannaCry does not exist in Windows 10 however, the vulnerability is present in all prior versions. If you haven’t already done so, make sure your computer is patched with the latest security updates. Please refer to this article from Microsoft for more information.
- Check Your Antivirus: check to make sure your antivirus software is working and fully updated. If you don’t have an antivirus on your home computer, here’s an overview of the top 2017 antiviruses.
All Quiet at TechMD
Although it’s too early to spike the football, as of today TechMD has had zero reported infections across the 6,000 workstations we manage. Our goal is to make sure your technology is seamless so you can stay focused on your day. That means we’ve made security a top priority, and we will continue working around the clock to respond to the ever-changing threats posed by cybercriminals. All that’s to say: don’t worry, we’ve got your back!
Have a productive week, and thank you for partnering with TechMD!
Make sure you change duplicate passwords immediately!
On Thursday of last week, website security provider Cloudflare announced a major security vulnerability affecting their service. This vulnerability has caused sensitive user data to be exposed across a number of popular websites, like Yelp, Uber, and others.
To protect yourself, make sure you are not reusing any passwords on multiple accounts. If you are reusing passwords, we suggest changing them to unique passwords immediately. People often get into trouble when a breach compromises one of their passwords, and they also use that password for their bank account, credit cards, or other sensitive logins.
We know it’s tough to make sure every single password is unique, so we recommend using a tool like LastPass. To learn more about LastPass, check out this article and One-Minute Wednesday video on our favorite password manager. You can also watch the video below:
Tax season kicks off with W-2 phishing and wire transfer scams
These days, most of us are probably aware of CEO fraud, where cybercriminals impersonate high-level executives and trick employees into wiring company funds to an external account. And you may remember hearing about W-2 phishing during last year’s tax season, where scammers impersonated CEOs to extract employee tax forms from unsuspecting finance employees.
Recently we’ve been seeing these two scams combined into a one-two punch. The IRS has released a security alert warning that scammers have started W-2 phishing much earlier than normal this year. Scammers have already extracted W-2 data from a number of U.S. companies, which have subsequently been used to file fraudulent tax returns. What’s worse is that these scammers are following up on their W-2 scam emails with a second set of phishing attacks, where they send a spoofed “executive” email to someone in the finance department demanding an urgent wire transfer.
“This is one of the most dangerous email phishing scams we’ve seen in a long time,” IRS Commissioner John Koskinen said. “Although not tax related, the wire transfer scam is being coupled with the W-2 scam email, and some companies have lost both employees’ W-2s and thousands of dollars.” A recent Federal Trade Commission report indicated that tax fraud contributed to a 50% increase in identity theft in 2015, and we think the upward trend will likely continue.
What should you do about this?
Most importantly, we suggest you send this email to anyone you feel may be at risk, whether employees, friends, or family. Feel free to modify the email to fit your needs:
[ALERT] Cybercriminals are starting their tax scams early this season! They are now combining two scams into a strong one-two punch. First, they ask you to send them the W-2 forms for all employees, with the email looking like it comes from the CEO or a C-level executive. Next, they follow up with an urgent request to transfer a large sum of money to a bank account controlled by these cybercriminals.
Remember: requests like this should raise a red flag. You should verify that the request is legitimate by calling the sender directly or, better yet, talking to them in person. These scam emails are often pushy and urgent, but don’t be afraid to spend five minutes verifying them, even if it’s the CEO making the request!
To learn more about how to spot phishing attacks, check out this helpful video. Cybercriminals are out in force this tax season, so make sure you stay alert and think before you click!
After educating your team, make sure you report any suspicious emails. According to the IRS, organizations receiving a W-2 phishing email should immediately forward it to firstname.lastname@example.org with “W2 Scam” as the subject line. Anyone receiving phishing scams or falling victim to one should also file a complaint with the FBI’s Internet Crime Complaint Center (IC3).
If you think your W-2 form has been stolen: you should review the Federal Trade Commission’s recommendations at www.identitytheft.gov or the IRS’s steps at www.irs.gov/identitytheft. If your tax return was rejected because of a duplicate (likely stolen) Social Security number, you should immediately file a Form 14039 Identity Theft Affidavit with the IRS.
Finally, we suggest filing your taxes as soon as you can this year—a fraudulent tax return will be rejected if you beat the cybercriminals to the punch.
If you’re not sure whether your company is protected from the latest cybersecurity threats, we’d love to help you assess your vulnerabilities and then work with you to take action. Click here to make an appointment to discuss your security assessment. And don’t forget to stay safe out there!