How “Cheaper” IT Providers Sneak In Expensive Hidden Costs

Is your company looking to hire an IT firm? Unfortunately, unless you’re tech-savvy or experienced with IT contracts, there can be hidden costs that you wouldn’t expect or know to look for. While it can sound appealing to go for the cheapest firm, that decision can end up costing you more in the long run due to carve-outs and hidden fees in the contract. Cheaper IT firms will omit certain services from the original agreement and later nickel-and-dime you to add them on or by quoting you inadequate solutions that you’ll later need to pay to upgrade.

To help you weed out these companies that are not the bargains they advertise themselves to be, there are a few key elements to consider determining if your quote is insufficient, overpriced or underquoted.

Insufficient Compliance And Cybersecurity Protections:

A ransomware attack is a significant and devastating event for any business; therefore, it’s imperative that the IT company you’re working with isn’t just putting basic (cheap) antivirus software on your network and calling it a day. This is by far the one critical area most “cheaper” MSPs leave out.

Antivirus is good to have but woefully insufficient to protect you from serious threats. In fact, insurance companies are now requiring advanced cyber protections such as employee cyber awareness training, 2FA (2-factor authentication), and what’s called “advanced endpoint protection” just to get insurance coverage for cyber liability and crime insurance. We provide those standards in our offering, so not only do you greatly reduce your chances of a cyber-attack, but you also avoid being denied an important insurance claim (or denied coverage, period).

Inadequate Recovery Solutions:

One thing you also want to make sure you look for in your IT firm proposal is that they do daily backups of your servers and workstations, as well as any cloud applications your company uses (Microsoft 365, Google Workspace, etc.), because online applications do NOT guarantee to back up your data. You also need to make sure your backups are immutable or unable to be corrupted by hackers. Again, most insurance companies now require immutable backups to be in place before they’ll insure against ransomware or similar cyber events.

Transparency About On-Site And After-Hours Fees:

This might take you by surprise, but most IT firms will charge EXTRA for any on-site or after-hours visits. We include ALL of this in our agreements, but ‘cheaper’ MSPs will intentionally leave this out and add it on later to make the sticker price appear lower. Make sure you understand what is and isn’t included in your service agreement before signing.

Nonexistent Vendor Liaison And Support:

Will they help you with all of your tech, or just select pieces that they’ve installed? Some IT firms will charge you hourly to resolve tech support issues with your phone system, ISP, security cameras, printers and other devices they didn’t sell you but that still reside on the network (and give you technical problems). These fees can stack up over time. As a client of ours, you get all of that INCLUDED, without extra charges.

Cheap, Inexperienced Techs And No Dedicated Account Managers:

One way some companies cut costs is by skimping on customer support and expertise. Many of the smaller MSPs will hire technicians under a 1099 agreement or find cheaper, less experienced engineers to work on your network and systems. The more experienced and knowledgeable a tech is on networking and, more specifically, cybersecurity, the more expensive they are.

Further, many smaller MSPs can’t afford dedicated account managers, which means you’re depending on the owner of the company (who’s EXTREMELY busy) to pay attention to your account and to look for problems brewing, critical updates that need to happen, upgrades and budgeting you need.

Good account management includes creating and managing an IT budget, a custom road map for your business and reviewing regulatory compliance and security on a routine basis to make sure nothing is overlooked. You get what you pay for, and this is NOT an area you want overlooked.

BEFORE you sign on the dotted line, it’s important to make sure that you fully understand what IS and ISN’T included in the service you are signing up for. It’s VERY easy for one IT services provider to appear far less expensive than another UNTIL you look closely at what you are getting.

If you’d like to see what dependable, quality IT support looks like, book a call with our team, and we’ll be happy to give you a quote that covers everything you need. To Schedule Your FREE Assessment, please visit https://www.compushooter.com/ or call our office at 602-691-2088

New Security Features To Protect Your Phone In 2024

Long gone are the days when phones were simple devices used to make calls. Today our phones are advanced, handheld supercomputers that can do everything from pay a bill to order lunch for delivery to edit videos and more.

But with more capabilities come more risks. Because our phones are computers and connected to the Internet, they are susceptible to the same security risks that any other computer would be. Worse yet, personal devices often contain private information like bank account numbers, which, if accessed by the wrong person, could result in dangerous and expensive problems like drained bank accounts, identity theft and so on. Still, despite the obvious risks, most people do not treat phones like the security threats they pose, making them easy, no-brainer targets for cybercriminals.

To give perspective on how severe the problem is, Apple recently shared a study from MIT revealing a shocking 2.6 billion personal records were breached in 2021 and 2022 and were expected to increase in 2023. According to Kaspersky Security Network, in Q3 of 2023 alone, a total of 8,346,169 mobile malware, adware and riskware attacks were blocked, with adware being the most common tactic at 52% of total detected threats.

The risks are even more serious for business owners. Does your organization have a mobile policy for employees? Are employees accessing sensitive work documents or accounts using unprotected devices? If you’re not sure, you need your IT department to look into this immediately. It only takes one entry point for a hacker to break into your network.

There are a few ways to protect your devices now. Both Apple and Android have developed powerful security systems with advanced protective features you can start utilizing today.

Apple:

End-to-end encryption has been the default for Apple iMessage, iCloud Keychain, and Health data, but with a recent update, Apple rolled out Advanced Data Protection (ADP). This feature is an optional setting that offers Apple’s highest level of cloud data security by encrypting messages in iCloud, iCloud Backup, Notes, Photos, Safari bookmarks, Siri Shortcuts and more.

Activating this setting protects your data in the event of a cloud-based data breach by only allowing trusted devices added by you to decrypt the information. Not even Apple can access your data.

Here’s how to enable Apple’s Advanced Data Protection Setting:

  1. Make sure devices signed in with your Apple ID have been updated to at least iOS 16.2, iPadOS 16.2, macOS 13.1, tvOS 16.2, watchOS 9.2 or later.
  2. Open the Settings app on your iPhone.
  3. Tap your name at the top.
  4. Select iCloud, scroll to the bottom, and tap Advanced Data Protection.
  5. Tap Turn On Advanced Data Protection.

NOTE: If you don’t have a recovery contact or key set up, you’ll be prompted to do that first.

  1. Once a recovery contact/key is set up, return to Settings > iCloud > Advanced Data Protection and tap Turn On Advanced Data Protection.
  2. Follow the prompts.

NOTE: You may be asked to update other devices signed into your iCloud account before enabling end-to-end encryption (E2E).

You can also remove devices with old software to continue the process.

If your device is new, for security reasons, Apple might make you wait to enable the feature. If that’s the case, that timeframe will show on your screen during setup.

Android:

While Apple is known for having a robust security system that reduces vulnerabilities and protects users’ data, Android’s security features are not far behind. Google Play Protect analyzes every app before it’s available for download, and any new apps where a security risk is detected are unable to be accessed. The software also runs daily scans to help identify and disable malware and other harmful applications installed on your phone to protect your data.

Furthermore, Android backups are regularly uploaded to Google servers and encrypted with your Google Account password for security purposes.

How to keep data secure if you’re using an Android:

If you’re using Google One, you can set up automatic backups on your Android device to ensure that if disaster strikes, your data is securely stored in the cloud:

  1. Open the Google One app on your Android.
  2. At the bottom, tap Storage.
  3. Scroll to “Backup” and tap View.
  • If this is your first phone backup, tap Set up data backup.
  • If this isn’t your first phone backup, tap View Details.
  1. To review backup settings, tap Manage backup.
  2. Choose your backup settings.

NOTE: If you get a message to install an app, update an app or change your settings, follow the onscreen steps. Then, go back to the Google One app to finish.

  1. If asked, tap Allow Permissions.
  2. At the top left, tap Back.

NOTE: Google One backups may take up to 24 hours to complete.

How To Protect All Of Your Devices:

These features are not the end-all, be-all for phone security, but they will add a layer of protection for your data. To ensure every device on your network is secure, we recommend getting a third-party Cybersecurity Risk Assessment. This is a free, no-obligation assessment where one of our experts will examine your network and let you know if and where you’re vulnerable to an attack, including your mobile device policy.

Schedule your assessment with one of our senior advisors by calling us at 602-691-2088 or going to https://bit.ly/48f9A8g.

 

5 New Cybersecurity Threats You Need To Be Very Prepared For This Year

The year of 2023 marked a significant turning point for cyber-attacks with the introduction and wide proliferation of AI (artificial intelligence), now in the hands of people who wish to do you harm and who are actively using it to find faster and easier ways to rob you, extort you or simply burn your business to the ground.

As I write this, I’m well aware there’s a tendency to shrug and just accept the “we’re all gonna get hacked anyway” mantra to avoid having to deal with it. Further, like overhyped weather reports, it’s also tempting to just ignore the warning signs, thinking all of this is just fearmongering rhetoric designed to sell stuff.

However, it truly is becoming a situation where the question is no longer IF your organization will be hacked, but WHEN. The Hiscox Cyber Readiness report recently revealed that 53% of all businesses suffered at least ONE cyber-attack over the last 12 months with 21% stating the attack was enough to threaten the viability of their business.

This year is going to be a particularly nasty one, given the U.S. presidential election along with the ongoing wars between Russia and Ukraine and Israel and Hamas. Tensions are high and hacking groups are often motivated by revenge as well as money.

Now, here are the 5 biggest developments in cyber threats you need to know about.

1. The Proliferation Of AI Powered Attacks:

If cybersecurity is a chess game, AI is the Queen, giving the person in possession the most powerful advantage for whomever plays it best. All cyber-related reports expect to see highly sophisticated deepfake social engineering attacks on the rise designed to separate you from your money.

We’ve already seen scams using AI-generated voices of family members, calling relatives to claim they’ve been injured, kidnapped or worse, to extort money. This is also being used to hack into companies by getting employees to provide login information to people they think are their IT department or boss.

This is where employee awareness training comes in, as well as controls such as MFA (multi-factor authentication), come into play. One of the things we do here at Compushooter is combat AI attacks through continuous monitoring and detection of anomaly in network traffic and algorithms.

2. Increased Risk Of Remote Workers:

The expansion of remote work is a trend that is not going away; and with that comes an exponentially greater risk for cyber threats. From laptops being carried around and connected to suspicious Wi-Fi to mobile phones providing a “key” to logging into critical applications (like your bank account, Microsoft 365, line-of-business and credit card applications), these devices pose a high risk for being easily lost or stolen. Further, when people use their own devices or work remote, they tend to mix business and personal activities on the same device.

That employee who frequents gambling or porn sites may be using the same device used to login to company e-mail or critical applications. Even logging into personal social media sites that get hacked can provide a gateway for a hacker to get to YOUR company’s information through a user’s (employee’s) personal accounts.

3. Escalation Of Ransomware Attacks:

There are an estimated 1.7 million ransomware attacks every day, which means every second 19 people are hacked worldwide. If you’ve been lucky enough to avoid this, know that someone else is getting hacked on a very frequent basis, and you are very likely to be hit.

Last year, ransomware attacks increased by 37% with the average ransom payment exceeding $100,000, with an average demand of $5.3 million.

Fortunately, not all ransom attacks are successful. Businesses are getting much smarter about cyber protections and have been able to put in place protections that prevent hackers from successfully extorting their victims. One of the ways we protect our clients from ransomware is to implement threat detection systems and backup solutions.

4. IoT Attacks:

IoT, or “Internet of Things,” is a term to describe the proliferation of Internet-connected devices. Today, even kitchen appliances, like a refrigerator, can be connected to the Internet to tell you when it’s time to change the water filter to alerting you if there’s a power outage.

This means hackers have a FAR greater number of access points into your world. If there are 100+ more doors to walk through in a house, you have a much greater security risk than if there are only five. That’s why IoT attacks present such a problem for us, and a huge opportunity for the hackers.

While many people know they should lock their PC, they might not be as meticulous in locking down their fridge or their dog’s tracking collar, but those could all provide access to you, your devices, e-mail, credit card and personal information.

5. Cyber Protection Legal Requirements

To try and combat the out-of-control tsunami of cybercrime, the government is initiating more comprehensive federal and state laws requiring business owners to have in place “reasonable security” protections for their employees and clients.

The FTC (Federal Trade Commission) has been the most active in this space, bringing numerous actions against companies it alleges failed to implement reasonable security measures, issuing monetary penalties.

Of course, all 50 states plus Washington D.C. have passed laws imposing security requirements as well as data breach notification laws that require businesses to notify anyone whose data and PII (personally identifiable information) has been stolen or accessed by hackers via the company. For example, in California, under the California Privacy Rights Act (CCPA), a business could face a penalty of $100 to $750 per consumer and per incident if that company gets hacked and the court determines they failed to put in place reasonable security procedures.

Not Sure If You’re As Protected And Prepared As You Should Be?

To make sure you’re properly protected, get a FREE, no-obligation Cybersecurity Risk Assessment. During this assessment, we’ll review your entire system so you know exactly if and where you’re vulnerable to an attack.

Schedule your assessment with one of our senior advisors by calling us at 602-691-2088 or going to https://bit.ly/48f9A8g

The 4 Most Common IT Problems Small Businesses Face

In today’s digital age, even small businesses rely on IT systems as their bread and butter. It sets the backbone of every business operation, large or small, as it facilitates communication, data management, customer service, and marketing. However, setting up and maintaining an IT system is where the part gets tricky, with tech issues being a major concern for small businesses.

Information systems are efficient tools that make complex and time-consuming tasks simpler. But, it’s also not perfect due to various reasons like imperfections in system design, non-compliance with standards, human error, and the complexity of the technology involved.

It’s overwhelming for small business owners to singlehandedly deal with complex technology, data security, and maintaining system reliability. Sometimes, these efforts can lead to more issues due to lack of experience. So when it comes to IT systems, it’s smarter to seek the expertise of an IT professional.

1. Choosing the Right Tech

It’s a common question that SMEs encounter as part of their initial hurdles in selecting the tech that best fits their business needs. For instance, a video editing or recording company will need more extensive desktops compared to other industries.

With several options available in the market, decision-making as to scalability, compatibility, and budget constraints can complicate the process. Seeking guidance from IT professional services can help small businesses choose the right tech that fits their specific operational needs and long-term goals.

2. System Installation

IT installation demands a meticulous process. It can be in the form of implementing a new software solution or upgrading an already existing hardware component. But the hard part is that it requires technical expertise and attention to detail as it involves configurations and tweaking the system’s settings.

3. Reliable 24/7 Desktop Support

Small businesses rely on their IT systems to complete their day-to-day operations and maintain business functions. A sudden IT problem can slow operations and result in downtime. Some SMEs have in-house IT support to address inquiries and assist with troubleshooting. However, many SMEs lack the budget to maintain an IT team capable of providing 24/7 support – as it can be very expensive.

4. Fixing System Issues

System issues are inevitable. No matter how preventive and proactive a business’ maintenance efforts are, problems are bound to arise from time to time. It’s critical to address system issues promptly with proper diagnosis with skilled professionals who can quickly identify the root cause and recommend effective remedies.

Here are common system issues:

  • Software bugs
  • Failures in hardware components
  • Network connectivity issues

Get the Right Support and Expertise

Technology is great, but not so great that it never goes wrong. More SMEs are applauding the benefits of IT systems and recognizing the fact that limitations exist. The most important thing is to turn to the right expertise for guidance and support.

Ready to overcome your IT system’s challenges and optimize your business operations? Let us help you propel your business to success. Click here to schedule your Free 10-minute discovery call.