How to protect your business from Phishing Attacks

How to protect your business from Phishing Attacks:
From the Help Desk
at Trivium Technology

Did you know that 1.4 million imposter websites are created each month? Fake versions of Google, your bank’s websites, your credit company’s websites and even fake versions of Microsoft’s many app websites are floating around on the web. Attackers create these fake websites with the intent on spreading them to unsuspecting users, usually through email. This is called phishing.

But how does phishing affect your business? Well, when a user is asked to type their password into a fake website, the attacker now has a copy of that user’s login information, bank information, or whatever they are trying to get. Sometimes, all they need is to infect your computer or Office 365 account with a fake attachment (looks like a real PDF invoice), but it’s really a cyber-attack!

Cyber security is only as good as the user. If the user “invites” an attacker in by going to a wrong web address or typing their password into a fake website, without proper protection and security techniques in place, the damage to your business could be irreversible.

So, how do you protect your employees and your business? We recommend starting with a three stepped approach:
1. WatchGuard Firewall (Blocks attempts from an attacker to get into your network)
2. Our ESET Antivirus business solution (Combination of Antivirus protection and Microsoft Outlook add-in technology to filter out harmful emails and attachments)
3. User Training
4. Hovering over links before clicking them in an email
5. Not opening attachments from unknown sources
6. NEVER send money through wire transfers without verifying first
To learn more about how to protect your business and technology assets, give us a call at Trivium Technology: 978-219-2500 Option 2

The Adoption Of More Sophisticated Security Technologies

by Frank Leonarad
There are a number of new technologies emerging that may start to see wider adoption in 2018. For example, the use of “remote browsers” can be helpful for isolating a user’s browsing session from the network/endpoints.

Deception technologies, which work by imitating a company’s critical assets, act as a trap for attackers looking to steal this data.

There will also be an increase in the use of solutions which can detect and respond to anomalous behaviour. Firstly, there are Endpoint Detection and Response (EDR) solutions, which can monitor endpoints and alert sysadmins of suspicious behaviour. Secondly, Network Traffic Analysis (NTA) can be used to monitor network traffic to help determine the type, size, origin, destination and contents of data packets.

Thirdly, and very importantly, more and more companies are starting to adopt sophisticated real-time change auditing solutions, which can help companies secure critical assets in numerous ways. For example, they can help detect and respond to user privilege abuse and suspicious file/folder activity — either based on single event alert or threshold condition. They can detect account modifications, deletions, inactive user accounts, privileged mailbox access and a lot more.

“BAD RABBIT” RANSOMWARE

Last week, a new form of ransomware began making its rounds through Eastern Europe and has spread to several other countries. This new ransomware is similar to the WannaCry and Petya outbreaks that happened earlier this year. At this time, it is unclear how far this threat has or will spread. Trivium Technology is staying on top of its activity and wants to ensure all of our clients are protected.
For our WatchGuard clients, there are several things that need to be done to ensure you are not susceptible to this new threat.
• WatchGuard has released a signature to identify Bad Rabbit through Gateway Antivirus. It is important you ensure your GAV is updated with the most recent signatures.
• APT Blocker was immediately able to identify the threat when it was released, if the service is configured correctly.
• Threat Detection & Response (TDR) can detect Bad Rabbit files on the network and can quarantine them if the service is configured correctly. Also, the Host Ransomware Prevention (HRP) portion of TDR has been updated to identify these files.
If you do not currently have TDR or APT Blocker licensed on your device, please contact us so that we can assist you in adding them to your licensing. If you do currently have these services and want to ensure they are configured correctly, please Contact Us so that one of our WatchGuard experts can review your configuration and ensure your network is properly secured.

Trivium Selects Connectwise as it’s new monitoring tool

For immediate release:

Trivium Technology the provider of Acctivate and Managed IT Service has selected Connectwise as it’s monitoring software for Managed IT Service division. “After a long comparison of most of the existing tools that are out there we have chosen Connectwise because of it capability to deliver a real return on the customers investment” said Frank Leonard Managing Partner. “The tools we can now deliver will allow us to do a much better job with monitoring our customers and knowing there is a problem before it becomes a serious problem” said Rob Leveille C.T.O and Partner

Eliminating Hidden Costs for Managed Security Service

Security is vital for small to midsize businesses, but they lack the security expertise, budgets, and staff with dedicated security expertise. At the same time, the lack of security expertise, smaller budgets, and the difficulties inherent in hiring and retaining dedicated security professionals is contributing to an ever-growing demand for managed security service providers (MSSPs). As a result, many traditional IT Service vendors are transitioning into MSSPs in order to provide SMBs with security services alongside their standard offerings.

At the same time, security vendors are challenged with enabling and arming their value-added resellers as they transition into managed security. MSSPs seeking best-in-class products and solutions from multiple vendors to provide security services to their customers can face significant hidden costs because of the TCO associated with deploying, managing, and maintaining joint solutions. It  is not enough that networks are being managed the entire enterprise needs to be managed from the endpoint to every workstations and servers. The small to midsize business today is way to venerable to Ransomware and other attacks that have a profound consequences on there day to day business.

Ease of Deployment, Management, and Maintenance

Trivium Technology delivers enterprise-grade security solutions that enable our Customers to make a smooth transition into managed security. To help reduce the total cost of ownership, apart from the bundled enterprise-grade security services, we focus on ensuring that our products and services co-exist in an ecosystem of solutions from other technology vendors. We gather continuous feedback and prioritization from our Customers to not only deliver best-in-class security with simplified setup and ongoing management, but to add value by integrating with technologies that exist within the network.

How to Evaluate a CRM Package

HOW TO EVALUATE A CRM SYSTEM

The primary concern of any CRM system is to improve relationships with customers and generate higher revenue for your business. Your CRM implementation can track the efficiency of sales and marketing and help build strong relationships with your customers.

CRM ROI

Any CRM system should provide measurable ROI, help calculate real business benefits, and enable accurate budgeting and reduced resources.

Ease of Use

A CRM solution should simplify customer relationship and business process, provide a user-friendly interface, and allow ease of CRM navigation.

Customization

The efficiency of any CRM implementation lies in flexibility to change the default setup, provision to mould the CRM to your business process, and options to roll back to the default setup.

Simplified Workflow

A CRM system should help users perform tasks easily, present simplified workflow logic, and encourage easy user adoption.

Support

No CRM system is complete without user help documentation, online support, an active user community with similar needs, and notes and tutorials to complement documentation.