Articles by Davis Merrey

An escrow company in northern California was forced to close its doors and lay off its entire staff when cybercriminals nabbed $1.5 million from its bank account. After penetrating the network and finding a way into the firm’s bank account, the hackers wired $432,215 from the firm’s bank to an account in Moscow. That was followed by two more transfers totaling $1.1 million, this time to banks in Heilongjiang Province in China, near the Russian border.

I recently met with a prospect considering firing his IT Managed Services Provider. Often, this is due to a recurring service delivery failure of some sort, but more frequently, the reason is a breakdown in communication. In those cases, it is usually a problem between the business owner and the MSP’s management. In previous columns, I have advocated for frequent and regular meetings between the client and the service provider to avoid such misunderstandings.  

I spoke recently with a business leader who, following advice from a technology advisor, had replaced a server because it was nearing “end-of-life,” only to find out the provider of his most important line of business software was upgrading to a version the new server would not support. Can you imagine how much this cost in hard dollars and lost time? Were the business leader and the technology advisor following a technology road map or simply reacting to something they had no control over?

A customer recently asked me, “Why do I need this service to backup Microsoft 365? Doesn’t Microsoft already do that?” Actually, no. Microsoft’s Shared Responsibility Model clearly states that Microsoft is responsible for application uptime and the underlying infrastructure, while it is the customer’s responsibility to manage and protect their vital business data.

Recent world events and the latest news headlines have brought more concern than ever over the possibility of international cyberattacks. Cybersecurity experts report that there are more than 26,000 cyberattacks daily, about 20 every minute! Unconventional means are being used by hackers to attempt to steal our data, disrupt our processes and even ruin our businesses and take away our quality of life. The conventional defenses of patching, anti-malware, and data security are not winning the battle.

Microsoft has announced changes to their Office 365 and Microsoft 365 programs beginning March 1, 2022. Microsoft is calling this change the NCE or New Commerce Experience. The largest components of NCE that will affect end-users are a price change and the option for a discount with a 12-month commitment. This will be Microsoft’s first price increase since they launched the program in 2011.  

Looks very official, doesn’t it? It appears as if it came from Microsoft and looks like other emails I receive through Outlook. A couple of years ago I probably would have been concerned that I had lost an important email and might have clicked on the “restore access” link. But now, because I have participated in my company’s Cybersecurity Awareness Training initiative (yes, we “practice what we preach”!), I have learned to examine the information about the sender of emails I receive for suspicious data, especially when the email asks me to click on a link.

Our new customer was competing for a contract for nearly $1 million but needed to apply for cybersecurity insurance and attain approval within ten business days.

With the release of Windows 11, Microsoft has touted several features that might entice you to upgrade your PC.  You may be asking yourself, “Should I upgrade or stick with Windows 10?” There are several factors you will want to consider.

Security awareness training is a great front-line defense against social engineering. The idea is to continuously stay aware of the latest techniques being used by hackers, how to identify them, and what to do when they are recognized for what they are. Employees are routinely tested on their awareness and defensive actions. Ask your MSP or IT manager about this, and if your budget allows, sign up for it. Your investment will likely be on the order of a few dollars and a few minutes of your employee’s time per month; it’s well worth it for most businesses.