Website Maintenance: Improving Security and Performance Going Into 2021

Website breaches can cost millions of dollars and thousands of hours to remediate. Joe Brown, Five Nines Director of Marketing Operations, knows firsthand. In his career, he has worked with businesses to remediate breaches where a small WordPress vulnerability was the culprit. If a couple of basic and relatively cheap steps were taken, the breach could’ve been prevented. Read more to see how you can improve your website security and performance before the new year!

 

Access Tips

Be mindful of who has access to the backend of your website and at what level. Think through the roles of your team and divvy up access from there. If your Marketing Specialist posts blogs, make them an author, if they post financial reports or change content on webpages, make them an editor. Admins can edit everything including users and credentials so you should be very selective when determining who should have that access. Another good rule of thumb is requiring two-factor authentications for all accessors. Joe suggests MiniOrange 2 Factor, which integrates directly with WordPress.  

Another access tip he has is to avoid using the default "domain.com/wp-login" WordPress domain for your login screen. This is one of the primary ways hackers attack WordPress sites. The WPS Hide Login plugin is how Five Nines avoids the threat of that basic login screen. In this case, if a hacker finds a user password, they will then need to find the login page which is now hidden.  

Lastly, CloudFlare is a paid filter for websites. It sits on top of the website and filters every single request your site gets. As a good practice, Joe does not allow users outside of the United States to access the website. This protects it from hackers originating from outside of the country that are hungry for your data. The unintended bonus of utilizing CloudFlare is that it drastically improves your site's performance and speed, especially on mobile devices.  

Maintenance Tips

Maintaining your website properly is the key to ensure no threats are originating from the inside. This involves many moving parts including plugins, a staging environment, and regular backups. If you are the webmaster (person accountable for the website) of your site, you need to prioritize these three things at a minimum.  

Plugins are one of the leading causes of breaches, broken websites, and information being leaked. At a minimum, plugins should be updated weekly. It's as simple as logging in, going to the Updates tab, and pushing “refresh." If there is an update, it takes one minute to put it in the staging area, test it, and push it live.  

The staging environment is a clone of your site where plugins can be tested in a safe environment before pushing it to production. Companies like Flywheel are a great resource to utilize when it comes to setting up staging areas.  

Lastly, backing up the contents of your site is imperative. If a plugin breaks or you need to make a change, you want the peace of mind to know that have the ability to revert to a previous version of your website.  

To hear further explanations of the concepts above, watch the recording of our Tuesday Tech Talk. 

 

 

 

Topics: Security, Webinars

What Makes Cylance An Impactful CyberSecurity Solution

Cylance

Cybercrime is a real threat to all businesses, SMB's included. Statistics are only showing an increase in cyberattack methods, and successful attacks result in a significant loss of productivity and data. We want to show you why we stand by Cylance for Five Nines and our partners.

 

THE BASICS

Before diving into what Cylance is, it's important to understand what the software is protecting you from.

Malware: software that is intended to damage or disable computers and computer systems.

Ransomware: a type of malicious software designed to block access to a computer system until a sum of money is paid.

Since 2013, there has been a significant increase in malware and ransomware. In fact, since 2014 there have been over 120 million new malicious programs per year, and ransomware attacks have increased over 97% in the last two years. According to Symantec, 1 in 13 web requests lead to malware, up 3% from 2016. These statistics show that cybersecurity threats are at an all time high, which is why having the right tools in place to keep your organization protected is so important.

Want to jump straight to our free in-depth webinar about all things Cylance? Click here. 

 

WHAT IS CYLANCE

Cylance is a tool that prevents cyberattacks with artificial intelligence (AI). Artificial intelligence is the development of computer systems where systems are able to perform tasks that normally require human intelligence. Cylance is able to do this through machine learning, an application of AI that provides systems the ability to automatically learn and improve from experience without being explicitly programmed.

Cylance began in 2012, and has over 6,000 global customers, as well as over 10 million endpoints, and those numbers are growing each day. Cylance developed predictive endpoint threat prevention, which allows the software to predict, and then block cyber attacks on the endpoint in real time using pre-execution AI algorithms. They have an extremely high success rate at 99%+. Cylance also doesn't need a cloud connection to stop malware, as it can still do its' job without an internet connection, making it a one-of-a-kind product in the industry.

 

WHY COMPANIES CHOOSE CYLANCE

There are several reasons why Five Nines and other companies choose to utilize Cylance.

Effectiveness. Cylance is an extremely effective program with 99.7% effectiveness against all known malware.

Simplicity. Cylance is also very simple to manage, companies don't have to spend a lot of time managing it once it is set up within their environment, yet it increases ROI up to 250%.

Performance. Cylance only has a 1-2% impact to CPU, therefore user systems run faster, hardware lifespans are extended, and network bandwidth is reduced.

Cybercrime is a real threat, but protecting your business doesn't have to be guesswork. If Cylance is something that interests you, and you would like to see it in action while learning about how to apply it to your own business, our Power Hour might be a great resource for you. While the information above is a great overview, it may be more impactful to see exactly how Cylance works. 

Click below to access our free webinar, Cylance - Proactive Protection For Your Business, and tune in as one of our engineers provides in-depth information on Cylance while taking you through a series of demonstrations where you can see the software in action.

Click Here To Watch The Webinar

Topics: Security, Cybersecurity, Webinars, Cylance

Using A Strengths-Based Approach To Boost Workplace Culture

USING A STRENGTHS-BASED APPROACH

Studies show that employees who use their strengths every day are 8% more productive and 15% less likely to quit their jobs. Tune in to this Power Hour to find out how you can use Gallup Strengths to better understand your staff and boost productivity in the workplace. 

WHAT YOU'LL LEARN:

  • Relevant statistics on Strength utilization 
  • Building a team with Strengths
  • Book recommendations
  • How to build your Strengths professionally

Presenter: 

Marshall Ford: Training & Development Manager at Five Nines, & Certified Gallup Strengths Coach

Sit back, grab some popcorn, and watch this FREE Five Nines Power Hour Webinar: Using A Strengths-Based Approach To Boost Workplace Culture.

Watch the Webinar

Topics: Culture, Webinars

How To Effectively Report A Tech Issue

Tech Issue Blog

When reporting a tech issue, the better the communication, the more effective the problem-solving. We want to provide you with what IT professionals look for when addressing a new request so that you can effectively report your future technology issues or questions.

Here's what your engineer will want to know:

WHAT STOPPED WORKING?

This may seem like an obvious question, but it's always important to ensure the engineer knows exactly what isn't working that should be. This helps maintain a strong focus on the request at hand so that the issue can be solved efficiently. An engineer will want to know exactly what went wrong or what isn't working from your perspective. Knowing exactly what stopped working and when the issue started will  help an IT team determine the overall end goal when troubleshooting. So, if something stops working, pay attention to the why and the when.

Related: Troubleshooting Tips - Don't Let Frustration Win 

WHAT'S THE OVERALL IMPACT?

Another important detail to relay is whether or not the issue is impacting just your device or multiple users within your organization. Not only does this let your engineer know the impact, but also whether or not it's a user specific issue vs. a larger one. Knowing the overall impact will help streamline the problem-solving process.

Your engineer might ask something along the lines of, "When was the last time this worked correctly?" This will determine whether or not this is a recurring issue, which will help lead to the root cause more quickly. Finding the answer to that question will help determine whether or not the problem was caused by an internal process changing, a user getting a new device, and much more.

DOES THIS PREVENT YOU FROM WORKING TODAY?

Defining whether or not the ticket request is something that prevents a user from working helps to determine the urgency of the issue. Depending on the urgency, your engineer might want to connect into your computer right away so that you can show them the issue. Having a user directly show an engineer what led to the issue/what the issue looks like is one of the most important parts of troubleshooting and effectively reporting a tech issue. If for some reason that is not an option, taking screenshots and writing down error codes is always helpful as well.

Effectively reporting a tech issue to an IT engineer can potentially save hours of time when trying to troubleshoot a request. Pay attention to the issue at hand, have a willingness to answer questions, and help your IT team determine the urgency of the situation. Most of the time, clear communication will lead to a simple and straightforward ticket request process.

 

Having an understanding of the basic functions of your network will be helpful when reporting a future tech issue. Click below to download the Five Nines Power Hour: Building An Optimal Network, a webinar that will teach you all about network basics, network design (the good and the bad), as well as troubleshooting and monitoring.

Watch the Optimal Network Webinar

 


 

 

 

 

 

 

 

Topics: IT, Tech Solutions, Managed IT Services, Webinars, Customer Service

What It Looks Like When IT Becomes An Asset

IT AS AN ASSET

Building an efficient IT team can make the difference between your workplace technology becoming an asset or a liability. In this webinar, we will discuss how to make your IT an asset by going over how to utilize the right tools, processes, and people to keep your technology running smoothly. 

WHAT YOU'LL LEARN ABOUT:

  • IT Responsibilities 
  • Technology Standards
  • IT Service Requests 
  • IT Security
  • Budgeting for IT
  • IT Training and Knowledge 

 Sit back, grab some popcorn, and watch this FREE Five Nines Power Hour Webinar: What It Looks Like When IT Becomes An Asset. 

Watch the Webinar

 

Topics: IT, Business Continuity, Webinars

A Layered Approach To Cybersecurity

Layered Approach Webinar

We've talked about software that proactively protects your business from cyber attacks, and how to train your staff to spot phishing attempts. Now, it's time to focus on the advancement of your cybersecurity protection.

In this webinar, we will discuss how you can take your cybersecurity to the next level by adding Cisco Umbrella and the Five Nines Cyber-Security Operations Center to your IT environment, for a well-rounded, protection-focused approach. 

WHAT YOU'LL LEARN:

  • Why cybersecurity requires a layered approach
  • Tools that will provide your IT environment with a layered cybersecurity approach 
  • What the Five Nines Cyber-Security Operations Center entails

 

Presenter: 

Jarrod Daake: Project Engineer at Five Nines

Sit back, grab some popcorn, and watch this FREE Five Nines Power Hour Webinar: A Layered Approach To Cybersecurity.

Watch the Webinar

 

Topics: Security, Managed IT Services, Cybersecurity, Webinars

Building An Optimal Network

building an optimal network

Understanding the basic functions of your network and how the right components can positively impact technological performance is key to building and monitoring an optimal network. 

In this webinar, we will dive into the optimization of organizational networks. This power hour covers everything from simple network functions you need to know, to how your entire network operates within an IT environment, as well as how Five Nines analyzes the efficiency of various network setups. 

WHAT YOU'LL LEARN:

  • Network Basics
  • Network Design: The good and the bad
  • Troubleshooting and Monitoring

Presenter: 

Marshall Ford: Training and Development Manager at Five Nines

Sit back, grab some popcorn, and watch this FREE Five Nines Power Hour Webinar: Building An Optimal Network. 

Watch the Optimal Network Webinar

 

Topics: Managed IT Services, Business Continuity, Webinars, Network

Cylance: Proactive Protection For Your Business

Cylance Reformatted

As cybercrime continues to evolve, it's time to look beyond traditional approaches to malware detection. 

In this webinar, we will discuss all things Cylance. This power hour covers everything from simple definitions to how Cylance works within an IT environment, as well as how Five Nines utilizes Cylance to protect businesses from advanced malware. 

WHAT YOU'LL LEARN:

  • What is ransomware and malware?
  • Preventing cyberattacks with artificial intelligence 
  • Using artificial intelligence to predict and prevent threats
  • A complete overview of Cylance
  • Why companies choose to utilize Cylance
  • How Cylance works through a technical demonstration

Presenter: 

Ryan Christensen: System Administrator at Five Nines

Sit back, grab some popcorn, and watch this FREE Five Nines Power Hour Webinar: Cylance - Proactive Protection For Your Business. 

Watch the Cylance Webinar 

 

Topics: Managed IT Services, Threat Landscape, Cybersecurity, Business Continuity, Webinars

Office 365: More Than Just Email

MORE THAN JUST EMAIL.png

What's the first thing you think of when you hear "Office 365"? You aren't alone if you said email, Excel, or PowerPoint. While those are the most common uses, Office 365 offers many other easy to use solutions.

The utilization of Office 365 tools is unique for every business. There is no cookie-cutter solution or one-size-fits-all option.

In this webinar, we will start by covering the basics of Office 365, discuss how Five Nines helps clients leverage Office 365 tools and various packages, and then move beyond the email tool to cover all of the additional applications and services that can be used due to their cross-functionality.

These tools include:

  • Email
  • OneDrive
  • Skype
  • Teams
  • SharePoint
  • Office 365 Business Packages

Presenter: 

Tony Rouse: Senior Primary Engineer at Five Nines

Sit back, grab some popcorn, and watch this FREE Five Nines Power Hour Webinar: Office 365 - More Than Just Email. We'll show you how you can use Office 365 to enhance overall collaboration and productivity in your office the right way.

Watch the Office 365 Webinar

 

Topics: Office 365, Webinars

What Is Phishing?

Phishing Reformatted-1

We'd like to throw a quick statistic your way. According to the security awareness training platform KnowBe4, 91% of successful data breaches start with a Spear Phishing Attack.  Why is this significant? This number proves that end-users are the vulnerability when it comes to IT security.

Now that we have gotten your attention, we'd like to provide you with a breakdown about what phishing really is, how it works, and how you can avoid being a target and the weakest security link.

WHAT IS PHISHING?

Phishing is when hacker sends an email to a user in hopes that the individual clicks on a link or opens an attachment within the email. Once the link is clicked or attachment opened, the hacker gains access to personal information of that user on that device. Afterwards, they can gain access to the network, and once they gain access to the network they can do the same thing to any computer that's connected to that network. All with just one click.

HOW IS IT DONE?

First Step. You can receive a phishing email despite the antivirus software or extra protection your organization has in place, so you can never be too careful. Hackers can get their hands on thousands of emails by using scripts on large search engines. Then, by conducting a little research through your organization's website or social media platforms, hackers can get an idea of what kind of antivirus software is used within your company. They can then customize an attack to you before sending a flawless, undetected email.

Second Step. Whoever wants to steal your information will reverse the traffic on your network back outside of your organization. To do this, they connect their hidden network directly to yours, making it difficult for your IT security software to recognize and stop.

Third Step. It's important for hackers to make the phishing email seem as real as possible, so that users mindlessly click on the email. This email doesn't have to necessarily come from a stranger. It could be in the form of a friend, spouse, a supervisor, or even a brand.

Once a user clicks, hackers have the power.

PHISHING PREVENTION

Prevention is all about constantly being on the defense. It's important to educate and train all end-users throughout your organization, and it's all about working to make sure your IT environment is properly secured in all aspects.

According to the 2017 Cisco Security Report, 57% of cyber-attacks derive from user behavior, an example being the act of clicking on malicious links within emails. Information is the core of every business and is something that needs to be protected. Company data is too significant to compromise over a phishing email that can be prevented. 

Don't be the next big fish a hacker catches. Watch our FREE webinar that will give you all of the information you need to avoid falling victim to a phishing attack.

 Click Here For The Gone Phishing Webinar

Topics: Security, Cybersecurity, Webinars