https://www.impresscomputers.com/why-work-with-us/
Sherman: And so I’m really excited to be able to talk about what people can do to prepare for their businesses. Today, we have an expert here, your biz, your tech. Roland Parker, thank you so much for coming on the show. Great.
Roland Parker: Nice to nice to be here and chat to you.
Sherman: All right. So tell us a little bit about first off, kind of introduce yourself, kind of what do you do professionally and how do you guys do it?
Roland Parker: Sure. So Impress Computers has been in the Houston market for 20 years, and we provide it support for businesses, keeping them protected against all sorts of things, you know, the general downtime. But in this day and age, it’s especially ransomware and hackers trying to get into your systems. Okay.
Sherman: So now ransomware has been hot in the news right lately. So what is ransomware for the typical business owner that might not be aware? What the heck is that?
Roland Parker: So ransomware basically is the bad guys get access to your system one way or the other. Once they get in, they start encrypting your files and you wake up the next morning and it just comes up and it says the file is encrypted and they hold the other side of the key and they typically want you to pay with bitcoins. And if you don’t pay with the bitcoins that they hold you to ransom.
Sherman: My goodness. So then I know that this is really right from the headlines right there is that oil line.
Roland Parker: That was that was Colonial pipeline. You know, they got hacked and, you know, that was millions of dollars that had cost. But also since Russia invaded Ukraine, there’s been an increase in activity coming from places like Russia and China, where they specifically targeting US businesses.
Sherman: That’s amazing. So then what can a business do to protect themselves against ransomware?
Roland Parker: Well, it’s not as simple as it used to be. It’s getting more and more complicated. You’ve got to have a multi layered approach. You’ve got to start off with people like ourselves monitoring your system, checking to see what’s actually changing. Of course, you’ve got to have a firewall, which is important, but then you’ve also got to have something called zero trust and that we use a program called Threat Locker, which means that we whitelist certain programs that are known, good programs. Anything else beyond that will not be allowed to run. So if you try to click on a link, click on an attachment, go to a website that could have that malware or ransomware embedded into it, well, it’s not going to be allowed to run. So if it can’t run, it can’t get into your system from there. You’ve also got to have additional protection in your emails because the the easiest way for the hackers to get in is to come in through your email. So we use a program called Graphis. And what that does is it uses AI to look for bad links that could contain ransomware and just eliminate them. You don’t even get to see them. In addition to that, we then use what’s called EDR endpoint detection and remediation, and that’s with monitored on a 24/7 through our SOC SOC as security operations center.
Roland Parker: And what that does is that they continuously looking for files that change. So if you get past the firewall, you get past the zero Trust. Now it says, Hey, wait a minute, something is still changing. That shouldn’t be changing. It could be 2:00 in the morning. And that is when we say, okay, lock that machine down and and you’ll find with when you go to renew your cyber security insurance, they’re now saying, do you have a soc, Do you have an EDR? You don’t know what that means. Come and speak to somebody like us who can explain it. And the biggest thing they want to know if a machine is getting compromised, can we shut it down? Because the best thing to shut them, the best way to stop it from spreading, kill it at the source. Stop it from spreading. Biggest mistake people make, you know, click on a file, what’s going on? And then it just spreads like wildfire. And before you know it, everything’s encrypted. Best thing to do. Shut your machine down.
Sherman: Gotcha. So then a lot of times in this, it’s not as simple as I think it used to be. Obviously 20 years in the business, right? At Impress Computers, they know a thing about how to be able to help companies. So when it comes to this, I know there’s always that ransom, right? And so they’re asking for money. Bitcoin. Should they pay that?
Roland Parker: You know, that should only be at the very last resort. Obviously, nobody wants to be sponsoring the bad guys because basically you’re paying a criminal organization with untraceable currency. First of all, are you going to get it? Well, there’s no guarantees. Even if you do get it, you’re basically sponsoring that criminal organization to continue doing what they’re doing. The only way to stop this is to stop paying the ransoms. So if you are in a situation where they get past those defenses, you’ve got to have good backups and you can’t rely anymore on just having a simple data backup. Your date has got to be in three different places and it should be offsite and local and multi-layered, because if you get compromised, you need to be able to recover from that. And we’ve seen people, you know, external hard drive, Oh, I’ve got a backup. Guess what? The backup was plugged into the computer and guess what happened? It just went through into that. And don’t trust things like Dropbox, OneDrive, Google Drive, because that’s not really a backup. It’s file synchronization. So if your files get encrypted on your computer, guess what? They’re syncing with OneDrive. They’re syncing with Dropbox.
Sherman: Typically in real time, right?
Roland Parker: Yes. So it’s great to have it in case your hard drive dies. But in case of ransomware, that’s not the best thing to have. You’ve got to have a separate third party backup. And and it should be an image based backup so that you can restore your programs as well and get you back up and running.
Sherman: So I got to imagine that a lot of businesses think to themselves, I’m just not big enough or I’m not really dealing with client sensitive information. What would your conversation to be to that person? Just saying, Hey, you know what, You need to think beyond that. You know.
Roland Parker: Some people say, well, I’m not I’m not one of the big guys. They’re not going to come after me. 80% of the companies getting hacked are less than 50 people. Oh, my goodness. Over 60% are less than ten people. So they’re coming after the smaller guys because they don’t have protection. So what you’ve got to think about is how would my business be impacted if I woke up one morning and I lost all access to my data? So it may not be you may not have people’s Social Security numbers and that type of thing, but if your business was unable to operate, what would you do if you didn’t know who owed you money, if you didn’t know how to access your accounts, if all of that was taken away in a blink of an eye, how would your business operate? And that’s the critical factor. It’s not just client sensitive information. It’s that critical data that’s going to shut your business down. And we’ve seen as high as 50% of the people that get hit with ransomware. If they’re a small business and they don’t have backups, you either pay the ransom or you go out of business. Wow.
Sherman: So then what happens if somebody runs into this problem? And so they find themselves they are a victim right now. They they are being they’re right now they’re attacked. Right.
Roland Parker: So the first thing to do is not panic and don’t respond to what comes up on your screen. We’ve seen a lot of scareware coming around. Okay. And what happens is it comes up on your screen, oh, your machine’s been hit with ransomware, but it’s not. It’s just a pop up. Oh, okay. So if you respond to it, though, and some people have that automatic reaction, they hit the X to close it. Yes. And what happens? They the X is just a program command. And if they program that to say, overwrite my antivirus and install this by hitting the X, you’ve just allowed the bad guys in. So don’t respond to that. The best thing to do shut your machines down and then contact a professional like Impress Computers where we can now come in and determine what has happened. You may not even be ransomed. The next thing is we would then be able to see, okay, do we have a backup? We’re only part of the files encrypted. Was everything encrypted? The worst thing you can do is try and treat this on your own or respond to that ransom in any way. Speak to a professional first.
Sherman: Absolutely. So then where can people contact you if they have questions? Because this is much more complex than than kind of meets the eye.
Roland Parker: Because really, we we want to sit down with you, do a full network assessment, make sure that all vulnerabilities are being closed, like the Colonial Pipeline. It was an employee who had left and the IT department didn’t remove that. The access. So that employee was still an active employee. He got somewhere along the line, his credentials were exposed and that’s how the bad guys got it. So you’ve got to do a full network assessment, cut off all of the weak points. They can contact us by phoning (281) 647-9977 or go to our website https://www.impresscomputers.com/why-work-with-us/. And as I say, just give us a call to 2816479977 and we’ll schedule for a free network assessment.
Sherman: That’s wonderful. So last question, because I think it’s on a lot of people’s minds right now as some of their employees are working from home using their personal laptop computers, but they’re getting into getting happen. How does that how does that affect a lot of businesses today?
Roland Parker: It’s the worst thing that people do. Oh, bring your own device. You’re going to work from home. You’ve got a home setup. Great. But guess what? Your. It doesn’t have any control over that machine. So your kids could be playing games, downloading stuff. You’ve got no idea what’s on that machine and that machine. Now you’re giving access to your server. Bad news should never happen. Every employee is going to have a company ID issued lock down machine, and that’s the only way that they can access it. And whatever you do, do not use remote desktop to access your your machines. It’s very easy to set up, easy to use, and it’s easy for the bad guys to come in. You’ve got to use something like log me in a secure way of coming in. Let’s face it, you know, a lot of businesses are using remote control. They people are either fully working from home or they’re doing this hybrid, working from the office or from home a couple of days a week. You got to make sure it’s secure and they’ve got to have a company issued computer. Don’t think you’re going to save some money and let them use their own computer. It’s bad, bad news.
Sherman: Good. Really, really insightful. So, again, folks, I really appreciate you coming on, sharing with us your tech, your business. We’re going to take a quick commercial break, folks, and come back with Mike Moran.