Simpleworks and Datto—Allies in the Battle Against Ransomware

, , ,

Ransomware attacks are constant and indiscriminate. Whether you run an SMB or a multinational corporation, your network is being actively targeted.

A survey conducted in 2021 by cyber security firm Sophos found that nearly 37% of all businesses worldwide had been affected by a ransomware attack in the last year. The average ransom paid to successful attackers was $170,000, and, on average, businesses were only able to recover 65% of their data. Among the attacked organizations were

  • Accenture
  • City of Tulsa
  • Fujifilm
  • Kia Motors
  • NBA
  • NRA
  • University of Colorado.

As a managed service provider, Simpleworks prioritizes its clients’ cyber security. That’s why we’ve partnered with Datto, a leading backup solution, which allows us to provide our customers with the best business continuity and disaster recovery (BCDR) available today.

Not All Backups are Created Equal

With 11 patents and over a million clients, Datto is one of the most trusted BCDR solutions. Simpleworks’ partnership with Datto means our customers get all the following benefits.

  • REDUNDANCY | Key to Datto’s backup technology is its redundancy. They provide both hardware and cloud-based solutions so a catastrophic loss of property won’t put your data at risk. Snapshots are taken hourly and backed up both onsite and at two locations in the cloud.
  • BLOCK-LEVEL BACKUPS | Datto takes a snapshot of your computer at the block level, which means your devices can be returned to the exact same state they were in when the shot was taken—apps, permissions, documents, all of it.
  • DATA SECURITY | Datto has an entire department of 60 people devoted to network security. Active monitoring, regular bounty programs, and back testing ensure their cloud is an impenetrable storehouse for your data.
  • RAPID RECOVERY | 24/7/365 customer support means no matter when an attack occurs, Simpleworks and Datto will have your data restored ASAP. Recovery is usually possible within a few hours but can even be as fast as a few minutes.

Can Your Business Survive Data Loss?

As a managed service provider, we are all too familiar with the damage ransomware attacks can have on Colorado Springs businesses that fail to take cyber security seriously. Don’t put your data—and your customer’s data—at risk. Contact us right away to learn more about the business continuity and disaster recovery services we provide—powered by Datto!

How to Manage Your Passwords

, ,

two examples of bad passwords

Admit it—you have at least one password that is “passw0rd.” Or your address. Or your birthday. Or your daughter’s birthday. We’ve all done it. And in the early days of the Internet, you might’ve gotten away with it. If not, you likely didn’t have sensitive data online for a hacker to exploit. But the world has changed. Hackers now have the power to ruin lives, destroy businesses, even ransom large corporations and governments. Password security remains the primary attack vector for these threats.

Here is what you can do to protect yourself and your business.

Create a Strong Password

So if you can’t use “passw0rd” or “123456,” what can you use? Strong passwords have several principles in common.

  • Length – Ideally, your password should be 8-12 letters long. The longer the better, but 12 is plenty long enough if the password has the next two traits.
  • Complexity – Mixing capital letters, numbers, and symbols and/or using a string of small random words will make your password sufficiently complex.
  • Easy to remember, but not easy to guess – Try to come up with a system that you can remember for creating different passwords for different purposes that you can remember but that a hacker (who may have some personal data about you) would not be able to guess. Information like addresses, birthdays, and social security number sequences should certainly be avoided.

You also want to be careful about how you answer security questions. If you are prompted to give your mother’s maiden name, for example, don’t use it. A hacker could easily find that information. Perhaps make up a name or use a completely unrelated word like “flowers” that would be nearly impossible for a hacker to figure out.

Use a Password Manager

An all-star password still must be remembered to be effective. Writing down sensitive information comes with its own set of risks, especially in an office. So many people use password managers like LastPass to create and store all their passwords. There are several benefits of doing this:

  • Complex password generation – LastPass and others can create complicated passwords that you won’t have to know or remember.

  • Memory decluttering     – The only password you’ll have to keep in your brain’s long-term memory is the one to open LastPass. As long as you can remember that, you can get into everything else with the click of a button.
  • Cloud storage – No more sticky notes on monitors. Everything is stored in the cloud on an encrypted network.

Activate Multifactor Authentication Everywhere

Multifactor authentication adds a second or third layer of security to your password. Having to enter a code received by email or text message means that a hacker would need more than just your password to break in – they also need access to something you have, like your phone or email account. Authenticator apps like Google Authenticator or Duo Mobile are free and relatively easy to set up.

Implement a Password Management Strategy

Any network is only as secure as its weakest link. This means that if you run a business, a password policy should be in place to ensure best practices are followed. Several steps should be taken to ensure compliance:

  • Craft a password policy – The policy should be widely distributed and instruct employees that they should not write passwords down or share them with anyone. Controls should also help them to avoid creating weak or generic passwords.
  • Use a password manager – Password managers can be set up with individualized accounts and to protect passwords needed by multiple people.
  • Multifactor authentication – MFA needs to be a requirement for every device with access to the company’s network.

Learn More about How to Manage Passwords

Check out our video blog for more information about password management, multifactor authentication, and a variety of other IT support questions and trends. New episodes are released weekly on YouTube and major podcasting platforms.