Coleman Technologies Blog

The Internet can be a scary place. Between phishing, malware, and a seemingly never-ending list of scams, the dangers are many.

But there’s an even a darker corner of the web where few people dare to venture that can have a wide-reaching and severely damaging effect on your business: the dark web.

The dark web is like “The Wild West” of the Internet. It’s an area beyond the reach of law enforcement, hence the complete lack of regulations or protection. Although not everyone who uses the dark web engages in illicit activities – it has a history of being a platform for political dissidents and corporate whistleblowers – many visitors are there for less than upstanding reasons.

Cybercrime costs US businesses billions of dollars each year. The majority of information hackers steal from businesses ends up on the dark web for sale to identity thieves and corporate spies.

But, the real danger is that it provides a communication and educational training ground for hackers and would-be hackers. Although the competition among different hacking groups is fierce, there’s still a willingness among cyber criminals to share techniques and assist one another.

It’s this access to the “tools of the trade” and the guidance required to pull off successful hacks, attacks, and scams that makes the dark web so dangerous to your business. Anyone with the time and inclination to learn how to steal valuable data from your business can check out an online tutorial or two, pay for some basic hacking software from one of these marketplaces, and set their sights on you.

Traditional cybersecurity products only protect your data from the inside of your firewall. Most organizations don’t realize their digital information is being sold on the dark web until they’re told by law enforcement officials.

You can’t stop this on your own – but Coleman Technologies can help. Our global, cyber-surveillance monitoring solution puts strategies in place to combat any type of threat.

Dark Web ID is a commercial solution designed to detect compromised credentials that surface on the dark web in real-time, offering your business a comprehensive level of data theft protection – it’s an enterprise-level service tailored to businesses like yours. This dark web monitoring solution keeps tabs on the shadiest corners of the online world 24 hours a day, 7 days a week – no exceptions. Features include:

• Security Awareness to keep your staff prepared to spot and stop hackers from harming your business
• Password Manager to help you and your staff maintain complex, hard to crack passwords
• Multifactor Authentication to prevent external parties from accessing your systems with stolen passwords
• Data Leak Prevention to ensure the integrity of your business data
• Vulnerability and Patch Management to make sure no weakness in your cybersecurity is overlooked

Protect your business by reaching out to the Coleman Technologies team: (604) 513-9428 or send us an email at This email address is being protected from spambots. You need JavaScript enabled to view it..

There are several aspects of a backup and recovery strategy that business owners (who do see reason to implement one) have to square away. By breaking the strategy into three core parts, your organization can secure a positive ROI from a backup and recovery system that, with any luck, you’ll never have to use.

Data Backup
Deciding on a backup platform is obviously the first step in the process. There are several strategies a small business can use to cover its assets. They could use cloud storage, network attached storage facilities that use hard disk drives or tape backup drives, or even a manual system where people protect the data by backing it up to a hard drive and then take a copy with them when they leave. No matter what platform you choose to utilize, you have to understand that if you look at your data as an asset, it stands to reason that you would want to protect as much data as you can. At Coleman Technologies, we offer a comprehensive backup and disaster recovery service that utilizes network attached storage that pushes copies to the cloud in real-time. This not only provides the kind of data redundancy every organization needs, it allows our clients to thoroughly plan their data recovery strategies.

Before we go into recovery, we’d be remiss not to mention that some data simply isn’t important. Small businesses often have a lot of data they collect but don’t do anything with, so it just sits on their infrastructure taking up space. Some businesses look to data analytics to cut down on dark data, but for the small business that doesn’t have a backup strategy, it might just be putting the cart before the horse.

Data Recovery
If you are looking for a positive ROI, this is where it begins. A business needs to establish acceptable parameters for the recovery of their data. To do this, an organization is going to have to establish what are known as their recovery point objective (RPO) and recovery time objective (RTO). Before we elaborate, we should say that if you are in a position where you need to restore a large portion of your data--whether it be because of malware, natural disaster, sabotage, or blatant negligence--you absolutely have to have these plans made (and tested).

The recovery point objective defines how much data your business could reasonably afford to lose in order to be able to sustain operational effectiveness. Recovery time objective is the maximum time you believe you can go without your data before your business fails. Each figure isn’t static throughout your business. Some of your data is more important than other data, of course, and has to be weighted this way. Therefore, some systems that hold more crucial data will have different RPOs and RTOs than less critical systems.

How the System Provides a Calculable ROI
This is where you can put it all together. How do you calculate the return on investment on systems that you hope you will never ever use?

• Establish your organization’s hourly realized revenue. To do this you take the amount of revenue your organization has taken in over the past year and divide it by the total working hours you and your staff have logged for that time.
• Figure out how much you would stand to lose both with and without a backup and recovery system in place.
• Multiply the hourly realized revenue with both scenario-specific figures you’ve calculated in step 2 and take the difference. This number represents the total avoided loss, in dollars.
• Finally, plug that figure into this formula to measure your backup system’s ROI:

ROI = (Avoided loss - Cost of backup and recovery system x 100%)

Without a disaster hitting your business, you may think that backup and recovery strategies are a waste of time and resources, but the ROI is clear.

If your business is looking for a backup and disaster recovery solution that can seriously save your business in the event of a disaster--something no ROI calculator will ever tell you--call the IT professionals at Coleman Technologies today at (604) 513-9428.

Use Proper Password Management
As one of the most important parts of protecting your infrastructure, password management can’t be ignored. Your passwords should be complex, using both upper and lower-case letters, numbers, and symbols. While this might make them difficult to remember, an enterprise-level password manager can make this task easier.

Check for Security Certificates
Before you enter sensitive credentials into any website, you should first check to see that it’s secured with a security certificate. In Google Chrome, you can check this by looking for the green padlock icon next to the URL in the address bar. In general, if you see a website with an https:// in the URL, it’s probably secure, but it’s still best to check the certificate.

Implement a Spam Filter
Hackers tend to use email as a scamming option. They will include links that lead to malicious downloads or fake websites that are designed to harvest your credentials. You can dodge many of these bullets by hovering over the link and checking to see where it goes, before you actually download the file or go to the website.

Be Careful of What You Download
Online “freeware,” will often come bundled with unwanted programs, like adware or browser add-ons. Many of these add-ons can be malicious in nature, so it’s best to always pay attention to end-user license agreement prompts, and to be on the lookout for what you are agreeing to. In other words, don’t leave checkboxes checked unless you actually want what they’re offering.

Always Keep a Firewall and Antivirus Solution Active
It’s of the utmost importance to always keep a firewall and antivirus running on your network and its endpoints. Firewalls can keep threats out of an infrastructure, while an antivirus can eliminate the threats that manage to make it through your defenses. Never disable your firewall for any reason.

Use Content Filtering
Most business owners associate content filtering with blocking social media and other time-wasting online content, but its use extends far beyond that. With content filtering, you can keep your users from accessing fake websites or those that contain malware that could negatively affect your infrastructure.

Identify Phishing Attacks
While a spam filter can keep some phishing emails at bay, others will undoubtedly still make it through the restrictions. Phishing attacks use deception to trick users into handing over important credentials or sensitive data. The hacker might even pretend to be someone else in order to extort information from you. Look for spelling errors or inconsistencies if you receive messages from unsolicited sources, and never let your guard down. You can even cross-check the email addresses or phone numbers that you have on file to check if the user is legit or trying to scam you.

Just Use Common Sense
People tend to act impulsively or irrationally when faced with threats like malware and viruses. Instead, you should devote your time and energy into resolving the problem, rather than panicking. Doing so can help minimize the damage done and avoid the threats altogether.

For more great security tips and tricks, reach out to Coleman Technologies at (604) 513-9428, and subscribe to our blog.

Let's look at the definition of disaster.

dis·as·ter

A calamitous event, especially one occurring suddenly and causing great loss of life, damage, or hardship, as a flood, airplane crash, or business failure.

To Coleman Technologies, a disaster is anything that involves a major loss of data or major downtime. When one of our clients experience a server malfunction that leaves most employees sitting idle unable to work, that is a disaster.

The Cost of a Disaster

Downtime is a very terrible expense to not try to avoid. Try this simple formula for yourself:

Number of Employees Affected by an IT Outage X Average Employee Hourly Cost (NOT WAGES)
+ Average Company Hourly Income X Percentage of Income Lost Due to the IT Outage

This simple formula will tell you about how expensive every hour of downtime is for your company. The hardest value in the formula is understanding the percentage of income lost. Not all companies might have a figure, but you will want to consider it as you do the math. This doesn't include the cost of repair, consultation, parts, or any of the remediation required to get things back up and running.

Disaster's Harbinger

Disaster can strike from any direction. Hard drives can go, data can be corrupted, hardware can fail, and networks can go down, and systems can become infected with viruses and malware. User error can cause disaster, as well as theft and other malevolent activity. While companies should take precautions to safeguard themselves against threats both external and internal, and managed maintenance can prevent a lot of foreboding issues, having a solid disaster recovery plan can mean faster turnaround when there is devastating downtime.

Employing a disaster recovery plan starts with the data - your most important IT asset. Computers can be replaced, hardware can be repurchased and software can be reinstalled. Your data is the culmination of countless hours of work by all of your employees ever. It's no wonder why most businesses that suffer a major data loss go out of business within the first year. You can lose your credibility, and things go into disarray. Data needs to be backed up.

Your backed up data should be archived regularly offsite. Most importantly, your backup solution needs to be easy to test, and tested regularly. You don't want to find out your backups are corrupted when it is too late.

The time to put together your company's disaster recovery solution is now. Contact Coleman Technologies at (604) 513-9428 to talk about solutions for safeguarding your data and your business in the event of a disaster, large or small.

First of all, what shocked us the most is that according to the FTC, in the United States, 9 million individuals have their identities stolen each year. Identity theft is a little different than identity fraud, however. Theft is when personal information is exposed and taken without permission. This is happening all the time by malicious software like spyware, but it can also happen when legitimate websites and services get infiltrated by cybercriminals. If a reputable online store (or even a database for a brick and mortar store) gets hacked into, your personal information can be stolen. That's identity theft.

Identity fraud is when that data is misused for financial gain. This is when things start to get very dangerous. In 2009, $56 billion dollars were accumulated by cyber criminals through identity fraud. The good news is in 2010 that number went down to "only" $37 billion. What does that mean to the average person? On average, victims of identity fraud had $4,841 dollars stolen per victim. Trouble is, the world has had to improve drastically to protect consumers from identity fraud. This means higher costs of doing business which then get reflected on prices of products and services. In other words, because of identity fraud, we all lose.

How does your data get stolen?  There are plenty of ways, but here are a few popular methods:

1. Hackers can pick up credentials via public Wi-Fi and public PCs.
2. Credit Card Skimming - a process that involves your credit card data being stolen when your credit card is swiped at a standard ATM or credit card terminal.
3. Selling or discarding used computer equipment that isn't properly wiped can expose personal information.
4. Hackers can infiltrate networks and databases.
5. Dumpster diving and paper mail theft.
6. Malware and viruses
7. Phishing.

In almost half of reported identity theft cases, the victim knew the criminal.

What do you do if your identity is stolen?

Almost half of all reports of identity frauds are discovered by the user first, although banks and credit card companies have methods in place to stay on top of it as well. If your financial credentials are stolen, you need to contact your bank and/or credit card companies immediately, both by phone and in writing. You'll want to file a police report with details about where your identity was stolen, what you believe was or could have been stolen, and documented proof of the crime.

You don't want to risk identity fraud. Monitor your credit reports closely, shred sensitive mail and documents before throwing them away, and ensure your computers and network are running latest security updates and antivirus, as well as other security measures. For a complete review of your security, contact us at (604) 513-9428 and we will help pinpoint vulnerabilities and fill in the cracks before a costly event occurs.