Don’t let hackers take your business data. Lock that door.

One of our pillars of IT management in network security. We’ve always made it a priority to ensure our clients make sure their server is protected, because being connected to the internet is fraught with danger. So when we saw this post, “Criminals target small businesses with poor server security” from “Stay Smart Online”, a government initiative, we decided to help spread the word. We are also offering up our time for FREE during the month of April to help diagnose if your server is vulnerable or not.

What’s the issue?

Most businesses these days have staff that access the server remotely. Either from home or while travelling. There are “good” ways to connect to your server remotely and there are “bad” ways to connect in. Bad usually coincides with the easiest option. The issue here is, too many businesses have taken the easy route and hackers are gaining access to their servers and the information stored there. Once on your server, the criminals are encrypting your critical business files and demanding a ransom. If you don’t pay the ransom, then you don’t get your files back.  Issue is, even if you do pay the ransom, it’s likely you won’t get your files back. It’s likely you’ll get asked to pay more money.

In English please

Think of your server as a house. The windows and front door have locks on them but you leave the back closed, but unlocked. Why? Because if you lose your keys or lock yourself out you can still get in the house. Convenient? Yes. Secure. No. You’ve just made it easy for a criminal to gain accessing your valuables. They just have to find your back door.

I hear you say, “What are the chances the robbers will find my unlocked door? It’s one back door in a plethora of houses.” Well if the robber was walking around checking each back door to see if it’s unlocked then sure, that would make sense. The problem is the criminal barely has to lift a finger. Just imagine a robber could check each back door of each house across the world without leaving his computer. All he has to do is start a task and then wait for the report to give him a list of all the vulnerable houses.

This is exactly what they are doing to see if your server is vulnerable, so you need to make sure you are protected.

But we have backups.

Backups are very important as we’ve blogged about that before. In this scenario though backups aren’t 100% full proof for two reasons;

1. The hackers have become more sophisticated and once they access your server they are actively deleting attached backups so you can’t use this as a course of action

2. Even if you are able to restore your data from a backup, the “back door” is still unlocked so they can try again.

Is my business vulnerable?

That’s what we’d like to check for you. If you drop us an email or give us a call we determine if you are vulnerable in a matter of minutes. Free of change during April.

Can we check ourselves?

Yes you can follow these steps below:

1. From a computer that is in the same physical location as your server, type into Google the following: What is my IP address.  Or just click here

2. Google will return your IP address that is visible to the world. It will be in bold at the top of the screen. Copy your IP address
   

3. Now you have your address lets check to see if it’s vulnerable. Go to mxtoolbox.com which is a great tool for querying information like this.

4. In the search field at the top of the screen type in scan: and then your IP address. So in my example I will type scan:127.0.0.1 and press Enter

5. This will then show you all the “doors” that are open to the internet. Anything with a green tick is “open”. Now don’t freak out if you see some green ticks. In order for your server to do its job, you need some green ticks. It’s just a matter of which ones are green.

6. Scroll down until you see “remote desktop”. If it has a red cross like this, then you’ll be fine.
   

7. If however, it is a green tick, then your “back door” is unlocked and you’ll need to take action.
   

This will check the default, poor method of accessing your server remotely. To do a proper scan of all possibilities you are best to get in touch with us.

What’s the cost?

As we’ve mentioned previously, if the worst case scenario hits your business and you need to recreate your data you will be up for a hefty loss in productivity. Depending on the size of your business and the amount of data you need recreate you could be paying tens of thousands of dollars. Prevention is the best course of action. Find out today if you are vulnerable.