By Michael McCool
Do you currently use a password manager? If not, you are probably reusing the same password or variations of the same password for every site you visit. This is a really bad idea. It’s not really a matter of if one of the sites you visit will be hacked, but when.
The site haveibeenpwned.com was created by Troy Hunt, a “white hat”, or what’s known as an ethical hacker. He has collected the various usernames and passwords which have leaked from numerous site breaches over the years. His site provides an easy way to see if your credentials have become known.
If you are wondering if your credentials have been stolen, the answer is almost certainly “yes”. So, think about it for a minute… If your credentials were stolen from a site and you use that same password on multiple sites, all of the data contained on every site is now vulnerable. By using a password manager, you can stave off reuse of passwords and provide a way for unique passwords without you needing to remember each and every password.
It doesn’t matter if you use a simple notebook to store your passwords, or an electronic password book (Keepass, 1Password, Lastpass, etc.), but you need to use one. Some may laugh at the idea of writing all the passwords in a physical notebook, but let’s look at it this way—hackers who are online looking for your passwords likely don’t have physical access to wherever you keep your password book. They try to hack into your accounts from half-way around the world. If you use unique passwords for every site, when one is breached, the data at every other site is still safe. Thieves breaking into your home are not looking for the passwords to your online accounts. They’re looking for TVs, jewelry and quick or easy ways to make money. They won’t be looking for a password book.
If you prefer to use an electronic password manager like 1Password, Lastpass, Keepass or another password manager, there are various guides that can show you the best way to use those. They show how to integrate them into your web browser so, when you visit a site, the password manager fills in your unique password for the site automatically. That’s a whole other article. Just use a password manager. You’ll be relieved when the next data breach happens and you know you’re safe.
For more on online security and password safety read here
Two municipalities were hit by ransomware last month and forced to pay approximately $600,000 each to regain access to city email and computer systems. One city, Riviera Beach, Florida, has roughly the same size population as the Kirkwood-Des Peres area where our offices are located. For three weeks, Riviera Beach’s email and computer systems, were crippled by what is dubbed “Triple Threat”. Systems included those at City Hall, City Port as well as those that control city finances, water pump stations, testing systems and more.
This latest high-profile instance of ransomware displays how easily someone can hijack your business or city. Officials say the infection started when a city worker clicked on a link in a malicious email. Because of one erroneous click, staff couldn’t work for 3 weeks, a small city is out $600,000 and most of the city operations came to a screeching halt.
More than 50 cities across the United States, large and small, have been hit by ransomware attacks during the past two years. Among them: Atlanta; Baltimore; Albany, N.Y.; Greenville, N.C.; Imperial County, Calif.; Cleveland, Ohio; Augusta, Maine; and more. The Atlanta hit cost the city an astounding 17 million dollars.
The other city most recently affected was Lake City, Florida where authorities also say an employee opened an infected email. Although their IT staff disconnected devices within just 10 minutes of the attack, it was too late. Thankfully, in this case, the police and fire departments operated on a different server, so they were unaffected. Because of the city’s insurance policy, most of the payment was covered although a portion was paid with taxpayer dollars.
Typically, experts advise organizations not to pay ransom but, in some cases, a target may not have a choice. Paying the bad actors encourages more instances of crime and doesn’t necessarily guarantee getting files back. The best defense for a municipality is to have robust up-to-date backups of all important and required data. Also, consistently educating employees on the ever-changing dangers of cybercrime is of utmost importance.
The Miller Group has provided extensive backup and disaster recovery solutions for cities and businesses across the St. Louis region. We also work with our clients to continuously educate staff about how to spot cybercrime before it’s too late. Often an employee is the weakest link when an entity is hit with ransomware, but it doesn’t have to be that way. For more information on our security and recovery service visit here.
12th Annual MSP 501 Identifies Top Forward-Thinking Global MSPs & Leading Trends in Managed Services
The Miller Group has been named as one of the world’s premier managed service providers on the prestigious 12th annual Channel Futures MSP 501 rankings.
Every year, MSPs worldwide complete an extensive survey and application to report their product offerings, growth rates, annual total and recurring revenues, pricing structures, revenue mix and more. MSPs were ranked according to a unique methodology that weights revenue figures according to how well the applicant’s business strategy anticipates trends in the fast-evolving channel ecosystem.
Channel Futures is pleased to name The Miller Group to the 2019 MSP 501.
“Being included on this list again is fantastic. What’s most impressive is that we are able to achieve it based on our size,” said Joe Svoboda, CEO of The Miller Group. “There are quite a few larger MSPs included in this selection, ones that have offices in multiple cities and staff that number in the hundreds. It is a result of the hard work our staff does on a daily basis. I truly do work with some smart, dedicated people.”
In the 12 years since its inception, the MSP 501 has evolved from a competitive ranking list into a vibrant group of service providers, vendors, distributors, consultants and industry analysts working together to define the growing managed service opportunity.
“The 2019 MSP 501 winners are the most elite, innovative and strategic IT service providers on the planet, and they stand as a model of excellence in the industry,” says Kris Blackmon, Content Director of Channel Partners and Channel Futures and lead of the MSP 501 program. “As the MSP 501 Community grows, leagues of managed service providers learn from the successes of these winning companies, gaining insight into the best practices, strategies and technologies that elevate an MSP to the level of the 501 winners. Our heartfelt congratulations to the 2019 winners and gratitude to the thousands of MSPs that have contributed to the continuing growth and success of both the 501 and the thriving managed services sector.”
The complete 2019 MSP 501 list is available at Channel Futures.
The 2019 MSP 501 list is based on data collected by Channel Futures and its sister site, Channel Partners. Data was collected online from March 1 through May 31, 2019. The MSP 501 list recognizes top managed service providers based on metrics including recurring revenue, growth and other factors.
About Informa Tech
Channel Futures, Channel Partners Online, Channel Partners Conference & Expo and Channel Partners Evolution are part of Informa Tech, a market-leading B2B information provider with depth and specialization in the Information and Communications (ICT) Technology sector. We help drive the future by inspiring the Technology community to design, build and run a better digital world through our market-leading research, media, training and event brands. Every year, we welcome 7,400+ subscribers to our research, more than 3.8 million unique visitors a month to our digital communities, 18,200+ students to our training programs and 225,000 delegates to our events
On January 14, 2020, Microsoft will no longer offer support for Windows Server 2008 and 2008 R2, meaning they will no longer release additional security patches and updates. If your business runs off Windows 2008 you have some serious choices to make.
- Do Nothing – For a lot of small businesses this is a serious consideration- one that causes people in my industry to lose sleep. I understand the thinking, “A server is a big investment. It has been running for years without any issue. None of these horror stories will happen to us.” I’ll be honest. The truth is, it’s a gamble. But we have history to look back on. Five years ago we went through this with the end of life for Windows 2003 Server. We had some clients that, for a variety of reasons, chose not to upgrade or replace their servers. Two small businesses are no longer in operation as their data was compromised by an encryption virus. Three other businesses suffered significant downtime due to hardware failure of their old, dying servers. Then, adding insult to injury, they were hit with a pretty hefty service and hardware bill to get them back up and running. The others eventually replaced their servers. You have poured your heart and soul into your business… is this something you want to roll the dice on?
- Buy a new server – This can be a no-brainer for some companies. If you run client-server type applications or have a complex infrastructure that would be a nightmare to migrate to the cloud, then purchasing a new server might make sense. Odds are your current server hardware is over 5 years old and you will see an immediate improvement in performance. Plus Windows Server 2016’s support will run through 2027, thus kicking the can down the road.
- Migrating to the cloud – Oh the cloud, such a magical word. Actually vague, the cloud can mean so many things. The cloud is basically anything on a computer or server that is not local to you. The cloud has always been there. Your website for instance, has most likely always been in ‘the cloud’. Migrating your server to the cloud could happen in a few different ways. You could take an exact copy of your server, virtualize it and host it with Microsoft in their Azure environment. Or, let’s say you run Quickbooks on your server, you could migrate to Quickbooks Online. Perhaps you have a SQL database on your server, you could host that in the cloud. However, for most small businesses, you are just using your server for file sharing. The good news is, you might not even need a server anymore. Especially if you have Microsoft Office 365, you can utilize Microsoft Teams and transform the way your company communicates.
In the end this is a business decision, just like the hundreds of others one that you have to ponder throughout the year. The Miller Group is always here to assist you with any questions.