CALL: 1 (877) 365 TECH

CALL: 1 (877) 365 TECH

Hilltop Blog

Posted on in Security
Paradise Papers Law Firm Leak

Details from a leak of 13.4 million files that expose tax and financial specifics about the world’s largest businesses and corporations, heads of state and global figures in politics, and entertainment and sports celebrities who have sheltered their wealth in secret tax havens. This data leak is being referred to as “The Paradise Papers” and more than 380 journalists have spent a year combing through the data that stretches back over 70 years.

At the center of the leak is Appleby, a law firm with outposts in Bermuda, the Cayman Islands, the British Virgin Islands, the Isle of Man, Jersey and Guernsey. Founded in Bermuda, Appleby sets up companies, trusts and other offshore entities for thousands of clients including high wealth individuals, international banks and accounting firms as well as multinational corporations.

...
Read full article Last modified on

Posted on in Helpdesk

At one stage in our careers, we have all had to interact with an IT help desk of some sort. You may think of IT folk as geeky, Dungeons and Dragons loving, and altogether strange types, but have you ever wondered what they may think of us, the caller on the other end?

1. The Power User

Ther Power User

The Power user has no issues traversing the IT minefield and picking up on computer jargon. Often techies themselves, they value having a perceived equal on the other end of the line. This user rarely ever calls in, and when they do it’s for reassurances and small talk with their “tech buddy”!

...
Read full article Last modified on

Posted on in Security
b2ap3_thumbnail_hilltop-antivirus-bitdefender.jpg

We have been following the Kaspersky drama in the news. At this time, we have not yet seen any evidence that Kaspersky is doing anything nefarious. We do think they just have a major PR problem caused by the current political climate.

This being said, Hilltop has engaged with an alternate endpoint security provider, named BitDefender. BitDefender provides a more robust solution than Kaspersky antivirus.

...
Read full article Last modified on

Posted on in Security
b2ap3_thumbnail_hilltop-ironic.jpg

A few years ago, a prospect requested consultation from me during the process of starting her own business after years of being a government official. She declined my proposal and went with what she felt was a less costly solution. Shortly thereafter, the contents of her mailbox were posted online on one of those "leaks" websites. Ironically, an entire email chain I had with her assistant was included in the leaked data.

The proposal that she declined included a migration from Gmail to Microsoft Office 365. I had discussed the benefits of Microsoft Office 365, such as Multi Factor Authentication and better vendor support. I warned the prospect of the risks of her current setup. I advised her on the steps it would take to mitigate the risks. As a former government official, she was at very high risk. I offered a clear path to avoid her being hacked. I sent the prospect and her assistant an agreement that needed to be signed so that the project could proceed. That was the last I heard from them. I figured my hourly rate was too high and that they went with one of those cheap online offers for migration.

...
Read full article Last modified on

Posted on in Security
b2ap3_thumbnail_hilltop-hacker-jim.jpg

Funny but true story.

Years ago, I went to meet a small business in Rockville to discuss Hilltop providing them managed services. I met them after I had sent in Paul Recksiek, our VP of Consulting, to conduct a free assessment of their network. I knew they were in a rush because their last MSP was circling the drain, and the only remaining good engineer from their soon-to-be former MSP was coming to work for me.

...
Read full article Last modified on

Posted on in Managed IT Services

Last week, my family did something that not many families get to do.  It was an exciting adventure that involved a boat, the ocean, red hot lava, and the amazing reaction when these three things meet.  This trip was part our trip to Hawaii to celebrate my 20th wedding anniversary.

The five of us took the Lava Ocean Tour based out of the Big Island of Hawaii.  This was a once-in-a- lifetime excursion that my family will never forget.  It was also a great learning opportunity for me, my wife, kids, and mother-in-law.  It wasn’t just a chance to learn about geology or nature, but a chance to teach them about fairness and appreciation.

...
Read full article Last modified on

Posted on in Security
b2ap3_thumbnail_hilltop-petya.jpg

Unless you are living under a rock, perhaps even if you ARE living under a rock, you have by now heard of the “Petya” cyberattack that has hit 65 countries as of this morning. There is a LOT of varying information coming from many sources and all of it can leave one feeling dizzy. So, let’s get to the important questions: What is Petya and how can you protect your business from this attack and others like it?

What Is Petya?

The current Petya ransomware virus is a more sophisticated version of a Petya virus that surfaced last Spring. Because this is a new version of the original Ptra virus, it is also being called NotPETYA, GOLDENEYE and/or PETR. While Petya is being compared by many to the WannaCry virus that struck last month, it is important to note that thus far Petya seems to be spreading at a slower rate. However, many have noted Petya attacks newer systems (unlike WannaCry) and so far, shows no indication of a “kill-switch”. Petya can worm through computer networks, gathering passwords and credentials and spreading. Here is what happens on the infected user’s end: after a self-imposed delay of at least 10 minutes the malware uses a reboot to encrypt files, users then see a phony black-and-white "CHKDSK" message on their screen that claims an error has occurred and that the system is checking the integrity of the disk. Experts say this is the last chance for users to power down their computers and protect their files before they are encrypted and held for ransom.

...
Read full article Last modified on

Posted on in Uncategorized
b2ap3_thumbnail_hilltop-no-popup-sign.jpg

By now, everyone knows of the ransomworm “WannaCry”. The virus has caused approximately one billion dollars in damage. Opportunists are now using different approaches to take advantage of this attack with their own lures.

In these cases, victims see a pop-up on their computer screen that claims the pop-up will not close, stating that the PC is infected with the WannaCry virus. The scam claims that the only way to get rid of the pop-up is to call an 800 number. When calling the 800 number, the victims believe they are speaking to Microsoft. They are scammed out of over $400 to remove the pop-up and to “clean” the virus. The scam artists are actually using a free tool from Microsoft and simply removing the pop-up.

...
Read full article Last modified on

Posted on in Security

Last week, DocuSign acknowledged that they were a victim of a data breach which has now resulted in DocuSign-related malware attacks. Ransomware and other malware may be hidden in files disguised as DocuSign-ready attachments.

Although DocuSign users may be the primary targets of these campaigns, you need not be a DocuSign user to receive a tainted email. ANYONE could get one of these infected attachments. All users should be suspicious of any email with the following subject lines, or something similar.

...
Read full article Last modified on

Posted on in Security
President Trump is NOT Loving' It — Hilltop Consultants

This week someone sent a Tweet to President Trump using the Twitter handle of @McDonaldsCorp. The Tweet read “@realDonaldTrump You are actually a disgusting excuse of a President and we would love to have @BarackObama back, also you have tiny hands.

The McDonald’s corporation quickly deleted this Tweet, and stated that their Twitter account was compromised.

...
Read full article Last modified on

Posted on in Security
Server Monitoring is Not Security Monitoring… — Hilltop Consultants

Almost every managed services provider includes server monitoring with their support offering. Server monitoring is a good thing, however it is just part of the “table stakes” for calling yourself a MSP. Unfortunately, this level of monitoring is not enough to fully protect even small businesses anymore.

Many managed IT services providers and IT support companies use software such as Kaseya, Labtech, SolarWinds, or N-Able to monitor their client’s servers. These software packages will notify your technology consultants that a server has either generated a critical alert, or that some utilization threshold has been crossed. Thresholds for disk space, processor, and memory utilization are very common. The monitoring tools will also tell you if your router or firewall are offline. These alerts and alarms are typically monitored by a Network Operations Center or NOC.

...
Read full article Last modified on

Posted on in Big Data
b2ap3_thumbnail_data-ownership.jpg

Recently, an owner of a small Managed IT Services Provider (MSP) near Atlanta, GA was arrested for shutting down access to a customer’s data due to non-payment. This is a truly unfortunate situation for all involved. The MSP should not be expected to provide services for free, and the customer should not lose access to their data – which is essentially their property.

In a perfect world, both parties would have understood the ramifications of non-payment, remediation would have been mandatory, and ownership of data clauses would have existed in the contract so that no legal questions or comebacks exist. In this example, the owner of an MSP was arrested and the business was embarrassed with having its non-payment of services advertised to potential clients and vendors in the local news.

...
Read full article Last modified on

Posted on in Security
b2ap3_thumbnail_hilltop-Your-Clients-Company-Data-Is-Under-Attack-Is-Your-Data-Protection-Solution-Good-Enough.jpg

Data Security

Your clients’ company data is under attack. Company sensitive data is lost, stolen or exposed. Cyber security breaches happen every day but more often, the data walks out the door on a laptop, a mobile device or USB stick. According to a Ponemon Institute report , 7% of all corporate laptops will be lost or stolen sometime during their useful life. The rapid adoption of mobile devices with large storage capacities and Internet access is opening up even more channels for data loss or theft. So, a total data protection plan that protects sensitive, proprietary, and personally identifiable information must be a top priority for MSPs.

Data Loss Prevention Starts at the Endpoint

We live in a Bring Your Own Device world; therefore, any data protection solution must start at the device. Preventing data loss at the endpoint begins with monitoring and regulating through company data security policies; from how employees use and transfer sensitive data via email, IM, printing, and USB drives; to controlling how users send, access, and print sensitive data at the endpoint -- physical or virtual, through applications, and onto storage devices. Controlling data access at the device level is also important for another reason: to stop confidential data loss due to virus infections, and file-sharing applications that hijack employee credentials.

...
Read full article Last modified on

Posted on in Cloud
b2ap3_thumbnail_hilltop-Reasons-to-Implement-Cloud-Based-Disaster-Recovery-with-IT-Support-in-Washington-DC_20170227-152529_1.jpg

Most organizations have disaster recovery procedures in place. However, few have disaster recovery as a cloud entry point. This will ensure that your staff and clients can access critically-important information regardless of unfortunate events. As long as the continuity and disaster recovery plan is not dependent on hardware or tape-based, it will not take up too much time or resources. Here are the top reasons to rely on IT support in Washington DC for the implementation of disaster recovery for an entry point to the cloud.

Avoid Downtime

The cost of downtime is crippling. Nearly one-quarter of all businesses endure a failure of some sort in any year. Over three-quarters of these companies go out of business in a year's time. The total cost of IT downtime exceeds $26 million per year.

...
Read full article Last modified on

Posted on in Cloud
b2ap3_thumbnail_hilltop-Hybrid-Cloud-Services-Made-Easy-with-IT-Services-in-Washington-DC.jpg

If you are familiar with IT services providers in Washington DC, chances are you have heard of the cloud. This technological innovation allows for the rapid retrieval of information regardless of one's physical location. The cloud also allows people modify documents from afar in real-time. It is perfect mobile computing solution for collaboration between co-workers and clients. However, there is another type of cloud that your business might need: hybrid cloud. At Hilltop Consultants, we can help you understand everything there is to know about hybrid cloud IT resources.

About the Hybrid Cloud

There has been a shift of business systems, apps, and general work to hybrid cloud service providers over the past years. Many businesses are on the prowl for means of offloading the management of these complex environments in order to key in on the fundamentals that generate the most revenue.

...
Read full article Last modified on

Posted on in Security
b2ap3_thumbnail_hilltop-How-to-Protect-Your-Business-from-Cybercrimes-with-IT-Consulting-in-Washington-DC.jpg

When choosing an IT consulting firm in Washington DC, you need to consider their cybercrime fighting skills. Make sure that they are up-to-date on the latest security threats and cyber frauds, like Methbot, for example. And if you think a bot farm is not going to cost you money, think again. The Methbot scam has been making millions of dollars for Russian operators engaging in various types of fraud. The scheme involves fraudulent IP addresses, a bot farm that manufactures fake traffic for PPC platforms, bots watching videos, and automated web browsers. Without proper protection, threats like Methbot will ruin your business.

Age of Malware and DDoS

You have likely heard of a cyber-attack called Distributed Denial of Service, or DDoS. This kind of attack overwhelms an online service/network with traffic, making it unavailable for legitimate users and disrupting operations. But it is too hard to launch an effective attack on your network, right? Mirai malware just made it a lot easier to attack any network by infecting IOT devices and creating a Mirai botnet. A Mirai botnet recently created headlines when it targeted and attacked Dyn, the large DNS provider for Twitter, Netflix, Reddit, and other major media hubs. The DDoS attack was considered the largest of its kind in American history. The Mirai code can knock websites offline and can compromise the default factory passwords of IOT devices--- that means over 60 million devices are at risk. Unlike revenue-generator Methbot, DDoS attacks do not affect ecommerce, but can hurt a company's revenue by blocking Internet access.

...
Read full article Last modified on

Posted on in Managed IT Services
b2ap3_thumbnail_hilltop-How-to-Establish-a-Rapport-With-Your-Managed-IT-Services-Washington-DC-Partner.jpg

The Managed Security Service Provider (MSSP) you select will go a long way in determining the efficiency of your operations. Your top priority is to establish a rock-solid alliance with a trustworthy partner, and this will take some time and experimentation. You can get some valuable insights from Stephen Covey's hit book, The Speed of Trust. The principles outlined in this book are applicable to your search and ensuing relationship with an MSSP. The book's theme revolves around the notion of trust being earned rather than provided to anyone. Here is the dynamic of trust between your company and your managed IT services Washington DC partner:

The Issue of Trust

If you are hesitant to place your trust in an MSSP, you are not alone. Your data is highly sensitive, and inviting an MSSP to handle this information is inherently risky. Your MSSP requires access to all information and traffic on your network, otherwise, this threat-monitoring service will not prove effective. However, MSSPs do not look at every single bit of data--- they examine system and security logs to do their job. Still, monitoring devices allow access to all of information on the network. If your MSSP improperly accesses data or shares such information with others, they could ruin your business. Partner with an MSSP that adheres to a series of specific access rules and you will not have to worry about improper data access.

...
Read full article Last modified on

Posted on in Managed IT Services
b2ap3_thumbnail_hilltop-upgrade-your-it-support_20170216-165326_1.jpg

Finding fast and responsive IT support in Washington DC that also excels at execution is one of the biggest challenges for Washington-based businesses. While there are many providers to choose from, not all of them have the expertise, skills, or certifications to help your business. Below are a few things to think about when evaluating IT support consultants in Washington DC:

Why You Should Investigate IT Providers

There are many IT providers in Washington DC, each one with their own story and their own perspective on how to support their clients. But be careful who you choose to partner with, since not all these firms will help you and your business achieve success. Things that we often see from other providers are:

...
Read full article Last modified on

Posted on in Managed IT Services
b2ap3_thumbnail_hilltop_industry_leader.jpg

As you evaluate the wide selection of Washington DC IT support providers, consider size and longevity. Some IT companies have been around over two decades with a hundred employees or more. The vast amount of newer companies lack the authority that commands the attention of businesses that care about quality. Thought leaders of the IT industry provide the greatest opportunities for business growth through more efficient decision-making.

How to Determine Thought Leadership

The reason not every IT consultant can be considered a thought leader is that many of them don’t take the time to keep learning new developments in their industry. The average IT firm doesn’t provide a wide selection of services and can’t meet all the data management needs of any given company. Only a handful of IT companies have the experience to be able to consult on multiple issues involving computers, software, networks, and the Internet. Many businesses, unfortunately, don't do enough research and pick the first IT firm they encounter.

...
Read full article Last modified on

Posted on in Managed IT Services
b2ap3_thumbnail_hilltop_trapped.jpg

Some IT consulting firms in Washington DC try to lock clients into to long-term agreements. The problem with this arrangement is if you get stuck with a provider that doesn't live up to their side of the deal, you can be trapped with mediocre service that generates diminishing returns. Here are ways to explore the market and find the appropriate reliable provider before signing a contract. 

Don't Assume All IT Consultants are Equal

The market is flooded with IT firms, but that doesn't mean they all provide the same level of quality service. Some firms have existed for years and employ top talent, while others are bottom feeders just trying to take money from whoever they can without worrying about customer satisfaction. Make sure that you do your homework before signing a contract. The last thing you need is to commit to a multi-year SLA, then be stuck with a lazy unreliable support team that may not know all the answers to resolving your technical issues.

...
Read full article Last modified on

Some of our technology partners:

We’re here for you 24 hours a day, 7 days a week.
1 (877) 365 8324 ext 1: SUPPORT
1 (877) 365 8324 ext 2: SALES & CONSULTING