Coleman Technologies Blog

It’s not a secret that departmental cooperation is increasingly central to the workflows of today. Businesses need to stay agile, which means more has to be done with less. As more people take on more responsibilities, there needs to be better communication, and ultimately trust, if a business’ goals are going to be met. This has businesses of all sizes looking for tools that will help their staff be more collaborative, more efficient, and meet those benchmarks that will allow for organizational growth. 

Obstacles to Collaboration

It seems ironic that a strategy that most businesses need to foster, is actually getting harder to achieve. Today’s workforce is different in many ways, but one of the most glaring weaknesses of the modern workforce is that their needs supersede that of the organization they work for. This is not wrong per say, but it can be a major problem for smaller organizations that need collaborative initiatives to fuel their products and services. With the gig economy growing rapidly, and the cost benefits of hiring contract and outsourced workers, it makes it harder than ever to get a staff of people on the same page. 

There are several more barriers to collaboration, including:

• Differences in opinion
• Lack of respect and/or trust
• Internal competition
• Lack of solid project management

When you are asking people to work with others for a common goal, personalities can get in the way. That’s not to say that there shouldn’t be some semblance of professionalism and workplace decorum, but the truth is that some people just don’t like working with other people. If you are running a small business petty squabbles are unacceptable and can really hurt your chances of success.

It is important that every member of a team knows exactly what is expected of them, but it’s the decision makers that need to understand who works well with who and what type of collaboration to use. There are three different types of positive workplace collaboration. They are:

• Simple Collaboration - The most basic form of collaboration. This is your typical information and document sharing. If someone needs an answer, someone else provides it.
  
  
• Document Collaboration - Document collaboration is a significant step because it means that people are actually working together on a single document towards a common goal. Giving multiple users the capability to work as though they were side-by-side without regard to the actual distance between them is not being integrated into many software platforms nowadays.
  
  
• Structured Collaboration - This is the type of collaboration in which people need to work together to complete a predefined goal. If they aren’t able to work together, there will be no product or service. Essentially, anyone that has worked on a project with someone else has taken part in a structured collaboration. 

Collaboration and Technology

Most businesses use technology to bridge the gap between departments, teams, and employees. Technology is making it more possible than ever to collaborate, and many of a business’ technology investments are made with collaboration in mind. The idea is that if employees are expected to use centralized management software like a Customer Relationship Management tool or a document management and storage system like Microsoft SharePoint, that all the information and resources are then available from one place, making collaborative work more possible. 

Today, there is new software that simplifies the process. Software like Microsoft Teams and Slack are designed simply as an instant messaging-fueled forum that integrates with many of the major CRMs and other management solutions, creating a central hub to speed up communication and collaboration. These applications allow teams to be more agile and more productive. 

Collaboration is a huge part of doing business in the information age. If you want to learn more about how technology can fuel your business’ productivity, reach out to the IT experts at Coleman Technologies today at (604) 513-9428. 

First, it will help to briefly review how each attack works.

How Ransomware Works

Imagine if you tried to log into your computer, only to be presented with a message that your entire computer had been encrypted, and that (unless money is transferred to the perpetrator, often through cryptocurrency, within a period of time) the contents of your device will be wiped. This is precisely the experience of someone victimized by a ransomware attack.

How Phishing Works

Remember those old scams, where the target would receive an email from some nobility or long-lost relative that asked for a sizable loan or investment (all to be paid back with interest, of course)? These are phishing scams, known as such because the scammer responsible simply distributes a message and waits for someone to take the bait. As time has passed, these schemes have become much more effective - and harder to spot.

These Attacks Can Easily Cooperate 

Cybercriminals have taken to pairing these attacks together to help them take advantage of as many targets as possible. Let’s run through a fairly typical scenario that someone using both may subject you to, and how you can spot these kinds of joint efforts.

Let’s say you open your business email to find a message that appears to come from the Microsoft Support team - which, unnoticed by you, actually reads “Micrrosoft Support” in one or two places. According to the email, there’s a hugely serious security issue affecting systems across the board, which is why Microsoft is supposedly sending out these emails, with the necessary fix bundled in as an attachment.

Trouble is, this isn’t actually a fix to an issue - it’s actually an executable file that installs ransomware when you try to apply the “security fix” and creates a huge problem.

This is exactly why these two distinct attacks combine so well… by incorporating phishing strategies into the distribution of their ransomware, a cybercriminal has the ability to boost how successfully their ransomware can infect the users that are targeted.

How to Spot Phishing to Avoid Ransomware

There are assorted warning signs that a message is a phishing attempt that you should always keep an eye out for in order to protect your business. For example:

• Details are off - In keeping with our above example, how likely do you think it is that “Micrrosoft” would send out an email in which they misspelled their own name? While this is admittedly happening less in phishing emails, the same goes for the small things that are easily overlooked. Was the email in question sent from “user at example.com”? Or, was it actually sent from “user at exarnple.com?” Tricks like this are common ways that cybercriminals will try to pull the wool over a user’s eyes.
• There’s excessive urgency - To keep users from paying too much attention to the minutiae of the email - like the “off” details we just discussed - many cybercriminals will write their phishing messages to instill a sense of urgent panic. If an email starts to make you panic, collect yourself and look at it more objectively.
• There’s a link or an attachment - As the preferred means of delivering a ransomware payload or other issue, attachments or links to websites present no small amount of risk, especially if they are received unexpectedly. If at all possible, avoid accessing these without reaching out to the sender to confirm their legitimacy through another method of communication.

There are many other steps you need to take to protect your business from these insidious threats - from keeping a comprehensive backup to user training to applying spam filtering to your email. Coleman Technologies can help you implement them - give us a call at (604) 513-9428 to get started.

One crucial component of any successful cybersecurity practices is the active effort to eliminate risk wherever possible. Here, we’ve compiled five practices that will contribute to your business’ capability to recognize where its threats come from. While these aren’t exactly policies to help protect your data, they can help you collect the data you need to form these policies.

1. Inventory All of Your Assets

When you resolve to protect everything, as many business owners do, it helps to know what exactly “everything” includes. Maintaining a comprehensive inventory of all of your technology-- each wire, additional peripheral, and software title your business has acquired--makes managing your technology far simpler and more efficient.

2. Push Cybersecurity Best Practices

Your staff, being the ones with their hands on your business technology, need to be trained on how to maintain its security. As it happens, this training should transcend just security and cover their cyber hygiene as well. The more they know about how to better secure their use of your technology and identify threats and issues, the more secure your business will be.

3. Address Shadow IT Head-On

Shadow IT is an insidious problem that many don’t even consider an issue. The phrase “shadow IT” basically serves as a blanket term for any software that an end user has downloaded without the knowledge and approval of the IT administrator. While there are many potential issues with shadow IT, the worst of them likely comes from the vulnerabilities that unapproved and unpatched software can bring into the network. By enforcing a policy of utilizing only the solutions that IT has vetted and approved, you can protect your business from one of the least expected threats there is: the employee who was just trying to do their job.

4. Ensure the Proper Tools are Implemented

Cybersecurity, on paper, isn’t such a difficult process. The issues come from the fact that everyone involved needs to understand the threats facing them and why the practices and tools they are expected to utilize are so crucial to security. Unfortunately, if the reasoning behind using antivirus and anti-malware, firewalls, spam blocking and content filtering (among other security tools) is never addressed, their use is more likely to be taken for granted, and ultimately neglected. Not only should these tools be in place, there needs to be an organizational commitment to using them… otherwise, threats are more likely to be an issue.

5. Keep IT Refreshed

As a general rule, the older your technology gets, the less effective it is at serving its intended purpose. This can be resolved by making a point of systematically and strategically patching, updating, and upgrading the technology you rely on to operate. More up-to-date solutions have better security and can better keep your assets safe, threats less of a consideration (but still one to be consideration).

Coleman Technologies can help you put these practices in place for the betterment of your business and its security. Reach out to our team for improved cybersecurity by calling (604) 513-9428 today.

Meet xHelper, The Malware That Refuses to Go Away

As of right now, it is suspected that xHelper has infected around 50,000 devices, which is a big number, but relatively low when it comes to malware of this type. The big names in cybersecurity, Symantec, Malwarebytes, and the like, don’t have any clear answers on how to actually remove the threat. If that’s not enough, deleting everything on your smartphone and doing a factory-reset won’t remove the malware either. Once you set your device back up, the threat will be back.

What Does xHelper Do?

We have good news and some bad news. The good news is that right now, it seems that xHelper just gives you annoying pop-up spam and notifications. It’s goal? To get you to install more applications, and likely these applications could come with additional threats.

It is also suspected that xHelper can download and install apps on its own. It hasn’t been officially detected doing this in the wild yet, but if it could do that, then you would essentially lose control over your device.

Don’t Forget, You Can’t Get Rid of xHelper Once You Get It

As of right now, there is no way to uninstall xHelper, and even resetting your device to factory settings keeps the malware installed. There is essentially no help for you other than getting a new phone, or waiting for Google or one of the major players in cybersecurity to figure out a way to remove it. This could take a while…

For Now, All You Can Do is Avoid Getting xHelper

The malware seems to get installed from scammy websites. The app isn’t found on the Google Play Store (at least at the time of writing this). Only install apps from the Google Play Store, and never from any other website. Google has a vetting process that keeps most apps on the Google Play Store relatively safe (it’s not a perfect system, but it does weed out most of the danger).

When it comes to cybersecurity, the best place to get started is being aware of the threats and employing safe habits. That, and ensuring that your business data is thoroughly protected. Don’t wait for a problem to happen, give Coleman Technologies a call at (604) 513-9428 today.

Upgrade Your Hardware and Migrate Over Your Data

Unfortunately, this option has two considerable downsides: it’s going to be pretty darn expensive, and since there is a very limited amount of time to get it done, you’ll likely have to pay even more to expedite the process. Furthermore, despite the professionalism and skill that our consultants at Coleman Technologies will bring to the table, rushing this normally slow and controlled process is bound to create complications. Sure, Windows Server 2008 R2 and Windows 7 may still work, technically speaking, but it will only become harder to find the other components that play nicely with the software you rely on - not to mention riskier to even attempt.

Before you bite the bullet and replace all of your hardware, you may have the option to simply upgrade the solutions present in your infrastructure already. Windows 10 has a few fairly attainable benchmarks. They include:

• Processor - 1 GHZ or faster
• RAM - 1 GB for 32-bit or 2 GB for 64-bit
• Hard disk space - 16 GB for 32-bit or 20 GB for 64-bit
• Graphics card - DirectX 9 or later with WDDM 1.0 driver
• Display - 800 x 600 resolution

Having said that, these are the minimum points for Windows 10 to work, so don’t expect your users to break any records using it with those specifications. Instead, we recommend that you have a dual-core processor rated to at least 2 GHz, anywhere from 4-to-8 GBs of RAM, and a 160 GB hard drive at the minimum.

Virtualize Your Data Via the Cloud

Of course, you also have the option to simply use virtualized solutions, rather than acquire new in-house hardware. Not only are virtualized servers more cost effective than purchasing a new in-house system, you have much more flexibility in the types of servers you can host. Microsoft Azure, for instance, offers virtual machine capabilities that cover the gamut of a business’ needs.

It also should be said that virtualization also assists with budgeting for your IT, as the purchases you would have made otherwise are turned into predictable operating expenses, rather than a pricey capital expense; plus, with services like Azure, your solutions are maintained as a part of the cost, so when compared apples-to-apples, virtualization could easily be the less-expensive option for you to go with.

Empower Your Team with Microsoft 365

Admittedly, while Microsoft 365 won’t do much to resolve your difficulties with Server 2008 R2, you can implement it quickly, which helps when you’re trying to beat an End-of-Life deadline. As it offers a comprehensive assortment of key solutions--including Windows 10, the Microsoft Office 365 productivity suite with Microsoft Teams, Outlook, and OneDrive--supported by the tools you need to keep your data secure and under your control, you could certainly do worse than implementing Microsoft 365.

Microsoft 365 Business takes these benefits even further than other cloud systems, while never losing sight of the productivity benefits that you are looking for from your business’ chosen solution. Additionally, with easily scalable licenses, this is likely a great choice for your organization to implement.

While Windows 7 and Server 2008 R2 were once the standard for businesses to utilize, those days are long past. Don’t let their lack of support create problems for your business. Call Coleman Technologies today to ensure that all of the solutions that you leverage in your operations are able to serve you well. Give us a call at (604) 513-9428 to learn more.