Businesses today are under constant threat of falling victim to a cybercrime.  According to the FBI, between 2016 and 2019 there was an estimated $26 billion in losses related to Business Email Compromises (BEC) alone*.

Go West IT often gains new customers after an organization experiences a cybercrime and seeks assistance in remediation and reduction of future risk.  For existing Go West IT customers, we strive to continually provide an updated suite of services and cutting-edge industry tools, matched with a highly skilled team driven by a relentless focus on security.  

Our core purpose is to empower people, solve problems, and protect livelihoods, so we hate to see any business suffer the pain and financial strain that results from a cybercrime.  This is why we are excited to announce the creation of the Go West IT No Breach Guarantee.  We are so confident in the effectiveness of our managed security service offerings and expert personnel, that we now offer a financially backed No Breach Guarantee that will reimburse your business 100% of your existing annual cyber insurance premium if you experience a breach.  

Visit https:\\www.gowestit.com\guarantee for more information.

*ic3.gov/media/2019/190910.aspx

Go West IT prides itself on our “security-obsessed” culture, with a focus on providing services and tools to allow our customers to better protect their business. As many organizations are facing the long-term shift to a remote work strategy, the need for more advanced security services only deepens further. That’s why our Cybersecurity in Colorado provides elite-level solutions for all sizes and types of businesses.

Safeguard your employees, strengthen controls, and reduce organization risk through supplementary layers of protection.

DEFEND | EDUCATE | CONTROL

Targeting the protection of users and data, the Go Secured family of managed security service plans (MSSP) provides additional software, tools, and user training to increase the overall security posture of an organization.

Cybersecurity in Colorado

Go Secured equips an organization with solutions to educate and protect users against phishing attacks, implement advanced email filters, leverage tools to increase the complexity and safeguards for user credentials, as well as protect critical corporate data and communications platforms with increased backup and disaster recovery features. These fully managed plans include labor for configuration and ongoing administration, providing organizational leaders peace of mind.

Go Secured | Vault – enterprise-class password manager

Go Secured | Phish – simulated phishing attacks & ongoing training

Go Secured | 365 – advanced threat protection, email filtering & backup services

More details on Go Secured and our Cybersecurity in Colorado, visit this page here: https://www.gowestit.com/managed-services/#gosecured

Most businesses have a business continuity plan (BCP). These plans range from well documented and routinely tested, to rough ideas about how a business will cope with unforeseen circumstances. Every single business in America has now grappled with how to continue operations during the COVID-19 crisis and it has changed BCPs forever. I now challenge business owners to stop thinking in terms of business continuity and start thinking in terms of operational adaptability.

The distinction between business continuity and operational adaptability is important. Continuity is “uninterrupted duration or continuation especially without essential change,”1  while adaptability is the “ability to change or be changed in order to fit or work better in some situation or for some purpose.”2  Businesses did not continue without essential change through this crisis. Rather, they adapted to work better in some situations or for some purpose.

Go West IT worked alongside many businesses to guide them through rapid adaptation in response to COVID-19 and resulting public policy. I saw very little evidence of businesses opening their BCPs and working through the thoughtfully developed steps and processes. I witnessed rapid troubleshooting and change with a focus on taking care of employees and customers. What I saw was operational adaptation.

Today, as businesses come to grip with “the new normal,” I worry that the real lesson is being missed. The lesson is the value of operational adaptability. Continued pursuit of our purpose requires that we adapt. Our purpose at Go West IT is to empower people, solve problems, and protect livelihoods.  Adaptation is necessary so that we may achieve our purpose on behalf of our staff and customers.

The result of adaptation necessitated by the lockdown may prove to have been a huge operational advance. While there is likely still much short-term pain ahead of us, I believe the business community has learned that:

  • work from home strategies are viable; and
  • business travel may not be essential; and
  • cloud technologies and their scalability (up and down) is more valuable than the delta of a simple CapEx vs. OpEx calculation.

We have also learned that people can adapt, and that they do so quickly when in pursuit of a worthy purpose.

Focus on adaptation to continue in the pursuit of your purpose.

P.S.  I understand that many businesses have a regulatory requirement to develop, test, and maintain BCPs. Do that. However, note the lessons learned and think in terms of adaptability rather than continuity, just as I seek ways to adapt our new, larger, and mostly empty office space to better empower people, solve problems, and protect livelihoods.

  1. https://www.merriam-webster.com/dictionary/continuity
  2. https://www.merriam-webster.com/dictionary/adaptability

Go West IT started business ten years ago today. I remember the day very well. The similarities between then and now are striking. We were faced with many unknowns. We watched cashflow very closely. We innovated and adapted quickly. Most importantly, we focused on taking care of customers and employees. We knew there would be challenges and we knew we would rise to the occasion and thrive. We have and we will.

Ten years is an important benchmark. In late 2019 we began talking about how to celebrate. We are moving into new office space this July and decided to combine our anniversary celebration with an open house in our space. That was pre-COVID-19. I am embarrassed to say that we have not talked much about our anniversary internally since then and to be honest, the date caught me by surprise this week.  

We are, once again, intensely focused on our core purpose to empower people, solve problems, and protect livelihoods. Despite the worry that accompanies uncertainty, I believe we are doing some of our best work ever to improve our solutions and systems with the objective of helping our customers through secure digital transformation. It is truly energizing in the same way it was when Go West IT started ten years ago today. 

I want to express my sincere thanks to our customers, many of whom started with us on May 15, 2010. I want to thank the many friends, vendors, and trusted advisors who have helped Go West IT. I want also to express my sincere thanks to our people at Go West IT, past and present. This is simply the best team I have ever worked with, period. 

For Immediate Release April 21, 2020 – Go West IT

Go West IT has joined with IT service providers across America to commit to strong economy and job protection values when using stimulus funds.  The MSP Stimulus Pledge (www.mspstimuluspledge.com) is a collective of peers and competitors in the IT Services industry committing to using government assistance, including PPP funds, as intended: to keep team members employed and keep the economy moving.

“We have a responsibility to use stimulus money for the purpose it was intended and this aligns perfectly with our purpose to empower people, solve problems, and protect livelihoods.” says David Lewien, President of Go West IT, a managed service provider based in Colorado.  “Our purpose drives everything we do and extends the impact of our dedicated team of professionals to our customers, their employees, their vendors, their employees, and so on, and so on.  The work we do every day protects livelihoods and we are pleased to take the MSP stimulus pledge.”

The MSP Stimulus Pledge brings regional and national competitors together for the greater good of employees, the industry, and the business community.

Learn more, sign the pledge, and see the pledging companies at www.mspstimuluspledge.com.

The Pledge

The MSP Stimulus Pledge asks organizations to use stimulus funds to commit to:

  • Avoiding layoffs of staff and pay reductions
  • Paying bills on time
  • Providing no increase in owner’s compensation
  • Working as partners with our vendors without demanding concessions simply because we can use the leverage of economic conditions
  • Running our businesses in a manner that creates a strong foundation for our employees and clients into a new future

Businesses are rapidly shifting to work from home strategies in response to the current COVID-19 situation.  Many are already adept at working from home and have strategies in place to protect networks, endpoints, and systems.  They have proven policies in place to keep tabs on business IT assets and ensure that systems are constantly patched while temporarily disconnected from the office network.  Antivirus monitoring still occurs, and their IT Managed Service Provider has already helped to secure remote access to systems and manage endpoint controls to keep their business secure.

This list is for businesses who did not have a plan in place and are being forced to shift rapidly.  There is still plenty that you can do to protect your business during a less than ideal work from home (WFH) situation.

If you run a business and have staff temporarily working from home, it is extremely important that you implement multi-factor authentication (MFA) for your email platform (Office 365, Gmail, etc.) and for VPN access.  MFA is the very best way to reduce the most likely cyberattack vector, credential harvesting via email phishing.

The following is a list of things that you can ask of your remote workers.  Some of them will be able to tackle these tasks on their own, others will need help.  Do what you can now and circle back to close any gaps as time permits.

Practical, easily implemented, work from home security strategies.

  • Update the firmware on home Wi-Fi routers.  Cyber criminals take advantage of known vulnerabilities to gain access to your home network. Fortunately, router manufacturers routinely release patches for known vulnerabilities, you just need to apply them.
    • Step 1 – Log into your router.  If you don’t know how to do this, first find the name and model number of your Wi-Fi router. Then, search Google for instructions on how to access your router’s internal web server/admin page.   In most cases you access this via a web browser on a computer connected to your network.
    • Step 2 – Take a backup.  Backups give you a restore point should something goes wrong during the update.  Look through the Admin settings in the router to find a backup option.  If you can’t find it, Google your router model to find instructions.
    • Step 2 – Run updates.  Look through the Admin settings in the router to find a firmware update option.  Again, if you can’t find it, turn to Google for some help.

  • Set a new admin password on your home Wi-Fi router.  The administrative credentials you used to access your router are the keys to the castle.  They should NOT be left at the manufacturer defaults (e.g. admin, password) and they should be very strong.
    • Step 1 – Log into the router with your existing admin credentials.  If you don’t know them or don’t remember them, turn to Google to see if you can find instructions on how to reset the password OR try the default credentials for your router and give that a try.
    • Step 2 – Look through the Admin settings in the router to find an option to change the admin password.  Change it to something unique and long (15 – 26 characters).  The longer the password, the better.   Make sure to record the new password so you can find it when you need it (a password manager is the best place to store credentials).   Make sure the admin password on your home Wi-Fi router is NOT the default and it is long (15 – 26 characters)

  • Save the non-business Internet browsing, social media, email, and chat for your personal devices and your home/personal Wi-Fi network.  As tempting as it might be to browse the Internet while your co-workers aren’t looking over your shoulder, you don’t want to be the one to introduce a virus while you’re working from home without your business firewall and otherrestrictions to keep you protected.  Do it on your own device, not the business device.

  • Devices accessing and storing any sensitive, confidential, or personally identifiable information (PII) should be encrypted.  Windows 10 Professional operating systems can be encrypted using the built in Bitlocker.  Be sure to keep a record of the encryption keys.  When possible, a PIN code or passphrase on boot up is preferred to using windows credentials to unlock.  If you are using a computer owned by your employer, you should consult with your IT department or management before encrypting the device on your own.
  • If you are using a personal device (PC, Laptop, iPad…) to work from home (or if your business doesn’t already have a strategy in place for antivirus, operating system patches, account privileges, and a password manager):
    • Install and update a good antivirus application.  If you don’t have antivirus software, consider using Windows Defender (free for Windows devices and baked into Windows 10) or consider purchasing one.  Macs also need antivirus protection.
    • Make sure antivirus is running and launch the antivirus program to check for updates and set the software to automatically update as required.
    • Check for Operating System updates and install them until there are no more updates to install.  If you don’t know how to do this, Google “how to run updates on [your operating system here]” and follow the instructions.  If you have a Windows device the instructions should come from Microsoft.  If you have a Mac, the instructions should come from Apple.  Do NOT download updates from anywhere other than the manufacture.  Windows and Mac updates are performed from the device and you don’t need to visit a website for updates.  Be careful not to download updates from a malicious website.
      • For Windows, click on the start icon and type “Windows Updates” and choose the option to install updates on your computer.
    • Create a separate admin account to be used only when you must perform an administrative task (i.e. install a printer or a new application).  Use a non-admin account for your day to day personal and work tasks.
      • Step 1 – Create a new user on your computer with administrative rights.  Keep a record of the new username and password (a password manager is the best place to store credentials).
      • Step 2 – Log off your computer and log in with the new admin user you created.
      • Step 3- Find your primary user account and make that user a non-admin or “standard” user.
      • Step 4 – Log off with the admin account, log back in with your primary user account and work as usual.  If you are prompted for administrative credentials while trying to install software, a printer, running updates, or some other expected reason, enter your admin credentials to allow the task to complete.  If you are prompted for admin credentials out of the blue, it might be an indication that you’ve tripped across malicious software that is attempting to install on your system.  Don’t enter the admin credentials unless you are sure it is for a legitimate purpose.

  • Purchase and use a password manager.  There are many on the market.  Following are a few of the most popular:
    • StickyPassword.com
    • keepersecurity.com
    • dashlane.com

  • Be on the lookout for email phishing scams designed to harvest your credentials and gain access to your work or personal email.  Criminals will absolutely attempt to use the fear and uncertainty surrounding the COVID-19 environment to entice people to cough up their usernames and passwords.  You will likely see “apply for assistance…”, “sign up now for information…”, “login to protect your account…”, “login to access government assistance…”.  Suspicion is not retroactive.  Slow down and think before you act.  Anything marked “urgent” or where you are being pressured to “act now” should raise your level of suspicion.

  • Proactively change passwords that haven’t been changed in the last 30 days.  Consider the following:
    • Workstation (Windows or Mac) login.
    • Office 365
    • Windows Active Directory
    • Personal email
    • Wi-Fi Router admin credentials
    • Wi-Fi wireless password (SSID & Guest)

  • Take an inventory of where you are storing important data (business and personal).  Is that data being backed up?  If not, implement a backup strategy. If this needs to be done on the fly consider an online cloud service or backing up to USB drive and then getting that drive disconnected from your systems so that it isn’t encrypted along with everything else on your computer in the event of a ransomware attack.

The above guidance is provided with the intention of helping businesses and their people while we all work to make sound decisions in a rapidly changing environment.  These guidelines are not comprehensive.  Rather, they are intended to address some of the most significant risks.  Some of the above recommendations will not be possible in your environment and may even give rise to other issues.

If you are using IT assets owned by your employer, it is very important that you consult with your IT personnel or IT Managed Service Provider before acting.  They may already be managing some of these things for you and/or ad hoc changes might cause other issues.

If you run a business and would like help managing the above tasks proactively and without having to rely on your personnel to do this on their own, please call Go West IT.  We will be happy to help, and we have resources standing by to tackle this for you.

Third party VPN services do not secure your data.  They may provide an additional brick in your security bunker but they are not the invisibility cloak they claim to be and in some cases they may actually do more harm than good.  For starters, who is your third party VPN service provider?  Are they trustworthy?  Are they subject to US or EU privacy laws?  Or, did you just decided to pipe 100% of your data through an unknown third party?

Three very popular third party VPN service providers, NordVPN, VikingVPN, and TorGuard, were recently breached due in part to poor security practices that resulted in leaked expired TLS (encryption) keys.  Now users of these services may be sharing their data with an unknown criminal instead of the third party service provider.

Just like all security measures, they are only as good as the weakest link.  Businesses and individuals need to discover their vulnerabilities, prioritize their vulnerabilities, and then systematically work to layer security to mitigate the risk.  Start by securing corporate networks with a good Unified Threat Management (UTM) appliance, making sure 100% of your devices have good business class endpoint protection software that is automatically updated, patch all of your hardware and software on a routine basis, BACK UP YOUR DATA, implement phishing prevention measures, and TRAIN YOUR PEOPLE.  This is just a start.  If you don’t know how to do this, put something in your budget to work with someone who can help and get started on the path to better security.

– Go West IT

Today the FBI issued a renewed Public Service Announcement (PSA) warning to businesses regarding cyber crime, and more specifically ransomware risk.  If you are not taking action, you are going backward.  All businesses should be regularly reviewing their cybersecurity posture and seeking to make incremental improvements.  Start making improvements today and use the FBI’s PSA as a blueprint.

The PSA can be found at https://www.ic3.gov/media/2019/191002.aspx.

Cyber defense best practices include:

  • Regularly back up your data and verify backup integrity.
  • Focus on awareness and training for employees.
  • Patch your operating systems, software, and firmware on devices.
  • Ensure antivirus and anti-malware is in use on all devices and routinely updated.
  • Implement access controls to limit access based on the principle of least access required to limit potential impact/spread of an attack.

More best practices are listed in the FBI’s PSA. Go West IT helps businesses do all of these things and more every day.  The choice is yours, stand still and go backward or choose to mitigate the known risk to your business.

Please reach out to Go West IT if you have any concerns for your business.

– Go West IT

My tour of the @Microsoft Cyber Defense Operations Center (CDOC) this week was the highlight of my visit to the Microsoft campus in Redmond, WA.  I was one of approximately 150 Microsoft partners invited to attend a small & medium sized business (SMB) partner executive briefing.   The briefing provided @GoWestIT with a valuable road map for new solutions to improve productivity and security for our small business customers (I.E. a cybercrime solution and more).  I love seeing what is ahead and the briefing was heavy on Artificial Intelligence (AI), and Machine Learning (ML) and there is no doubt small businesses will benefit from these technologies delivered via the Microsoft Azure cloud.

Cybercrime Solution

I was most impressed with what Microsoft has been doing rather than what is coming.  Microsoft developed technology to create digital fingerprints of photos and has donated the use of this technology to organizations like Dartmouth University to help fight the exploitation and abuse of children.  The exploitation statistics are staggering and Microsoft is leading the charge to address the problem with technology by helping to trace images back to the source and thereby the criminal and then to aid law enforcement in building cases to prosecute the criminals.  I had no idea that Microsoft was doing so much in this regard and it is impressive to see what an organization like Microsoft can accomplish for the better good when they point their resources and skills at a problem. They’re building a cybercrime solution.

Our chaperone explained the jurisdictional challenges associated with finding and prosecuting criminals across national borders and the antiquated laws used to prosecute cybercrime.  Many cybercriminals are prosecuted under centuries-old laws pertaining to chattel (cattle).  The very old laws were introduced to protect property rights for cattle that wander across a property line and end up being butchered by a neighbor.  Perhaps it is time for some updates to international law to help fight cybercrime?

Let’s Talk About Cybersecurity and about a Cybercrime Solution

I always enjoy talking about cybersecurity and about a cybercrime solution such as Microsoft’s work.  If you want to visit about what I saw and learned please just let me know.  We can jump on a call or meet for coffee.

Do you remember when Windows XP reached the end of its support lifecycle? We sure do, and it’s about to happen again with Windows 7 and Server 2008.

Microsoft supports their operating systems for a minimum of 10 years following public release, after which, they pick a date to end all security updates for good. This is what we call End of Life, or EOL.

Windows 7 and Server 2008 are reaching EOL on 1/14/2020 just like Windows XP did in 2015. This does not mean that your computer or server will power down on 1/14/2020 and refuse to turn back on. What EOL means is simply that you Windows 7 PC or Server 2008 has received its final security update on Tuesday, 1/14/2020, and will forever remain unpatched and unprotected from vulnerabilities that become known after that date.

Why is EOL a concern?

Every Tuesday, Microsoft publishes a list of newly discovered and exploited vulnerabilities across their operating systems along with corresponding patches to fix the vulnerabilities for supported operating systems. Criminals study Microsoft’s list and reverse-engineer the public list of exploits and patches to take advantage of unpatched operating systems. Since most of the behind-the-scenes code remains consistent between older and newer operating systems, unsupported systems running Windows 7 and Server 2008 become the easiest, most obvious targets. Every time your computer or server accesses a web-page, it includes its operating system, broadcasting to the world that it is vulnerable.

You may be asking yourself: “I am running Server 2008 or Windows 7. What do I do?”

You have 4 options:

  1. Upgrade your operating system: This is the least-expensive option, but you are still stuck with your aging hardware. In addition, you’ve sunk several hundred dollars’ worth of labor and licensing into an aging computer. This is an OK choice if your computer is fairly new.
  2. Replace the computer with a modern system: This is self-explanatory. New computers (especially servers) are expensive, but now you have a brand-new computer with many years of life ahead of it.
  3. Migrate to Azure: This option only applies to Server 2008. If you migrate your Windows Server 2008 to Azure, Microsoft is offering an additional 3 years of extended support and security updates at no cost. Migrating to Azure is a relatively simple process and has several distinct advantages over physical servers, such as the ability to upsize or downsize resources on demand, improved security if configured properly, and the eradication of hardware failure.
  4. Ignore EOL and keep using your operating system: This is a very bad idea in the age of viruses, malware, and cyber-attacks. Even if this computer’s use is “coupon-clipping” only, consider your keystrokes, webcam, microphone, and browsing activity potentially compromised.