VirtualPBX Blog

Wanna Cry Ransomware Hits the World

wanna cry ransomwareIn this series of blogs we examine all topics under the information security umbrella. From corporate blunders to rogue state attacks to the occasional celebrity hack, we believe there is something for businesses and individuals to learn from any cyber security event. We also believe that, while experience is the best teacher, it’s even better to let other people make the mistakes for you.

Wanna Cry Ransomware

By now you have probably heard about the Wanna Cry Ransomware attack that hit the world this month. If you haven’t, please make sure to remind me to put your personal email address into my SPAM filter. All kidding aside, this was a global-scale attack on mostly corporations that involved a “Trojan Horse” of sorts in the form of a Google Documents link sent from what initially may have appeared to be a known source. In a nutshell, thousands of businesses around the world found themselves behind the 8-ball on their security updates, and as a result, were unable to access their company’s files without either paying hackers a ransom or by relying on their protected, backed-up files. This poses a few big questions about how to prevent this right off the bat, but before we get into those, we need to make sure everyone is on the same page with some background into the story of Wanna Cry.

What Exactly is Ransomware? And Why Does it Make me Wanna Cry?

Ransomware is, as the name suggests, a nefarious bit of software written to withhold access to the target’s computer and or files thereon until a ransom is met or the files are all totally erased. This means that to be the target of a ransomware attack is to effectively be put in the position of having to either pay-up to hackers (typically though bitcoin or other cryptocurrencies), or to completely reboot your systems and strip them of all software and operating systems and rely on a complete back up to restore use to pre-attack levels. The specifics of the Wanna Cry Ransomware attack in particular are actually kind of interesting and a little humorous. Interesting in that this was a malware agent originally stolen from a government agency, and amusing in that, according to many security experts, this was a shoddily written bit of code and poorly executed attack. All of that may be fine and dandy for the movie rights that are inevitably going to be purchased by someone with more dollars than sense, but it still doesn’t help the literally tens of thousands of companies that were affected by Wanna Cry and don’t find this very entertaining at all. Which, of course, leads us to the protecting-of-your-neck portion of our program.

An Ounce of Prevention…

Is, as the saying goes, worth a pound of cure. For those of you still baffled by the imperial scale (why aren’t we on metric yet?), ounces are much lighter than pounds, thus suggesting that doing a little work up front will often save you way more time and energy on the back end. This is just as true for exercise as it is for cyber security. What is most baffling about this particular attack, however, is that it exploited a vulnerability in Microsoft users’ software that was identified and corrected in March of this year. That means that the perpetrators of the attack are equivalent to a burglar coming to your door with a police officer, the officer introducing you to the thief who had plans to rob your house, indicating exactly which open and unlocked window that thief intended to use, and then three months later you still got robbed thusly. Look, I don’t want the criminals to win, ever, but we have gone over how software updates work before. Seriously, we don’t want to finger wag you to death here, but preventing cyber attacks can sometimes be as simple as updating your software and operating systems. The point here is that the security patch was available long before the attack occurred, so if a business was regularly updating their software with security patches, then they would have been totally protected against this. Have I made my point? If not, just remember that if you choose not to update your software, just plan on either conducting regular system back-ups so you can erase and restore your network any time you get a virus or just plan on keeping a pretty big slush fund of cryptocurrency so you can pay to get your computers back whenever they fall under attack. All that being said, there’s one more added layer of security to consider that is failing to make it to the headlines about this attack that could save you a mountain of headaches moving forward.

Email Authentication

In a nutshell, email authentication is a series of security measures that are taken to ensure that email addresses cannot be replicated, falsified, or cloned by malicious actors. If you recall, I mentioned that the Wanna Cry was sent from addresses that appeared to be from known addresses. This appearance of familiarity is one of the biggest risks of unauthenticated email. There are simple ways that most larger email clients provide to check the verification status of email, and for the most part, verifying email is also as simple as double checking the specific address of the sender. However, without an authenticated email service in place, when an employee gets an email from what appears to be the company CEO, they aren’t typically quick to scrutinize the veracity of the email in favor or responding to whatever request they have as quickly as possible. Many smaller businesses without dedicated IT staff are most vulnerable to malicious email from an unauthenticated source because the process of authenticating email has traditionally been complicated and cumbersome. However, more and more, email client providers are offering simple steps to email authentication. This added layer of security will likely prevent more phishing, Trojan Horse, and just general SPAM from getting into your company’s inboxes than anything else, so it’s worth the time and energy to get it going, soon.

Protect Ya Neck

Because, that’s the name of the game, right? You can scrutinize your inbound email all you want, but eventually even the most diligent of employees will miss something. Either because the sophistication of attacks varies or because your employees’ attention should, rightly, be on their work more than anything else, you can’t plan on simply catching all nefarious emails manually. That’s why, following these basic best practices will pay off huge dividends in the for of time and headaches saved-

  • Update Your Software Regularly Which is, as we’ve discussed at great length, the first and often best line of defense to keep you systems running healthily and well into the future.
  • Back Up Your System Regularly This is the essential way to hedge against any unknown attack. For whenever something does go awry with your cyber security, or even if you have another disaster at the office that damages your equipment, you can always restore your system provided you make regular back-ups of your data.
  • Invest In Extra Authentication Methods Whether it be email authentication for your email server or dual-factor authentication for all of your critical log-ins, added authentication is just the extra layer of defense that most hackers find to be enough to move on to lower-hanging fruit.

Have your own best practices that you’d add to the list? Let us know on Twitter or Facebook. Either way, make sure to keep posted here and on those social channels for more security updates because, as we always say, it’s a jungle out there. Remember to protect ya neck.

Why Summer Time is the Season of Sales

summer season of salesWell, if you’re anything like me, as soon as you see Memorial Day approaching on the calendar, all you can think about is your next adventure. Getting out into the wild for camping, hiking, or even just for a nice picnic and BBQ with the family is one of the hallmarks of warmer weather, and I for one can’t get enough of it. Warmer weather indicates more than just the time to get out and enjoy the great outdoors, though. For most every single industry, there exists a sizable bump in revenue during the warmer parts of the year. That’s why as summer approaches businesses are as excited as school children because it indicates a season of sunshine and no class as much as a season of sales activity that can make or break a year.

Sell in May and Go Away

That’s a phrase I remember hearing a bunch as a stockbroker from some older, grizzled, and perhaps too cynical for his or her own good advisors. They said this because traditionally there is a slowing in the market’s advance over the summer months and so there was less opportunity to find a winning stock. This is a red herring in many respects because, no matter what direction the Dow Jones Industrial Average is headed, the opportunity to make money always exists. The same can be said for all of the other sectors that experience meaningful boosts during the summer months, too, and here are just a few of the more notable ones-

  • Real Estate: The housing market, even during down years, routinely experiences increases in listings, sales, and velocity all during the summer months. That includes homes selling at or above asking price, too. This is mainly due to the fact that homebuyers are more keen to move into a new home or conduct renovations during nicer weather.
  • Financial Services: Don’t let the “Sell in May” comment fool you, just because DJIA values may dip, that doesn’t mean sales activity does. Derivative options, hedges, bond sales and insurance products like annuities all see boosts in down markets. The fact is that no matter what direction the market goes, someone is winning on an investment.
  • Construction: For obvious reasons, construction projects hate inclement weather. The best way to avoid working in a snowstorm or continuous downpour is to plan all the projects that you can during better weather and, gasp, that’s exactly why there are more ground breaks for new construction projects in the spring and early summer than any other time of the year.
  • Durable Goods & Home Improvement: For very similar reasons to the construction effect, home improvement projects spike around this time of the year, too. Also, with the increase in home projects come with it the increase in durable good sales like grills, appliances, and even pools.
  • Online Retail: And in a case of the tail wagging the dog, retailers know that the added free time, nice weather, and longer periods of sunlight each day makes people ready to build and buy, so what do they do other than offer sales? I’m sure your mailbox is getting stuffed with various Memorial Day Sale info from everyone from grocery stores to home improvement and sporting goods, that is not a coincidence.
  • Travel Agencies: Not that this should come as any surprise to anyone, but summer time is one of the hottest travel periods of the year. And unlike Thanksgiving weekend, this is a full three months! Gas prices, car rentals, airfare, and all of the accouterment that accompanies travel all experience huge spikes as people rush to get out of town for the summer.

Maximize Your Profit, Maximize Your Play

The summer season of sales may create a buzz of electricity for many companies looking to capitalize on the heightened business activity potential. This may also create a longer, drearier existence for some sales organizations with antiquated sales processes. But for companies that leverage modern sales tools, they can efficiently and effectively take advantage of the healthy summer market without compromising their own enjoyment of the season. The VirtualPBX Desktop Softphone has always been one of the best ways to balance work and life by allowing team members to take their office phone with them to any remote place with internet access. Additionally, now that the award-winning VoIP service that powers the softphone is totally integrated with the industry-leading Salesforce CRM software, now sales teams are free to be as potent and effective in tracking leads and closing deals as they would be in the command central at their business HQ as they can be from literally anywhere they can access the internet. This means that even the men and women who need to capitalize off of the heightened sales activity of the season can be out and about to enjoy the nicer weather and family times, too. No more missing our on summer just because summer is also the season of sales? Where do I sign up?

Try it For Free

VirtualPBX offers an unrivaled amount of support for each of the VoIP Plans we sell. That means that we back each of our plans with a 30-day money back guarantee. So what are you waiting for? The temperature is rising, the sales are rolling in, and if you don’t want to be stuck in the office to capture all of the potential business, you need to sign up now. In the meanwhile, let us know your favorite places to work remotely are by sharing on Twitter and Facebook because we’re always open to more ideas on where to get the job done, provided it’s not inside the office, that is!

Why I Didn’t Participate in Bike to Work Day

I Didn't Bike to WorkLast week was the San Francisco Bay Area’s official Bike To Work Day, and as you may recall from past years, this bike to work fever is something we’ve caught in the past. In fact, we’ve even been keen to get the whole company involved with massive fundraising efforts through the Best Buddies Hearst Castle Bike Ride. The point is that we’re keen to stay active and healthy and considering that the weather here is generally pretty awesome, bike commuting is an easy way to accomplish that. All of this is to underscore the peculiarity of the fact that I didn’t participate in Bike to Work Day.

Bike to Work Requires Both Bikes, And Work

Truth be told, I ride around the city of San Francisco nearly every day, but on the one true cycling celebration of the year I didn’t have a need to. In spite of the BOGO Burrito deals, free donuts and coffee, and overall festival feel that an area as bike-friendly as this has for such an occasion, I was definitely not biking to work last week. That’s not because I’ve decided to stop participating in one of my favorite pastimes, but rather because VirtualPBX expects me to be an expert at working from home. We claim that expert status not only because we provide the best tools to implement a remote working policy, but also because we even regularly educate companies on how to make the most of them from a cultural perspective, too. And being that we like to practice what we preach, last Thursday was a work-from-home day for me. Therefore, while I have a bike, enjoy riding, and new about the energizer stations, I just didn’t have anywhere to go to get the job done on that day. Tough life, right?

National Bike to Work Day

In the event that you wanted to participate in your own Bike to Work Day, there’s good news! National Bike to Work Day is scheduled for this Friday, May 19, 2017. This means that you can share the routes, benefits, and free energizing goodies that are going to be available with your employees and coworkers. Don’t see your area listed? Sign up for the American Bike League’s Bike to Work Day Listings and receive all the tools you need to plan one for next year. Plus, planning ahead now allows for you to do all of the training you need to get comfortable with your own route to work in time for next year, too.

Other Ways to Fit In the Miles on a Workday

While I’m in full support of your efforts to participate in existing Bike to Work events or to introduce your own, that’s not the only way to work some fitness into your day. If you sign up for the latest in hosted VoIP telephone service and then couple it with the tips and tricks that we recommend for using them at work, then everyday can be made flexible enough to get in an activity when it suits you best. Be it riding or running, gym or acro-yoga, whatever you’re into you can get more out of your day by using a hosted phone system. So who knows? Maybe next year you can even get in some extra miles before work, not just because you’re riding to work, but because working from home saved you two hours of commute time!

Oh, and to be clear, even though I didn’t participate in bike to Work Day, I definitely still took advantage of the BOGO burrito specials. Obviously.

The Best Way For Millennials to Use Voicemail

Right off the bat, some people may be thinking, “Wait, Millennials use phones for talking?” Okay, admittedly many of the younger men and women in the workplace are more accustomed to texting and Snapchatting than they are to placing and receiving phone calls. That doesn’t mean that employers care a whole lot, though, because conversations over the phone are still an integral part of conducting business. It’s exactly because of that that we wanted to redesign our Voicemail Manager to make it easier for everyone, Millennials and otherwise, to use their voicemail box.

The Most Important Thing about Voicemail Messages

I’ve often read about how Millennials these days are so unaccustomed to using phones to place and receive phone calls that on the rare occasions their phones ring, they freeze like a deer in headlights. If answering a call isn’t an option either because you’re preoccupied or paralyzed with the shock of an inbound call, voicemail begins to be very important. Which brings me to the most important thing to remember about your voicemail messages, and that is to actually listen to them. I know that sounds like I’m speaking another language for some people, but the fact that you can see the inbound number and simply reply back with a text is no reason not to hear what the caller had to say, first. Fortunately, now that Dash has a totally redesigned Voicemail Manager, that process is easier than ever.

Using the New Voicemail Manager

Borrowing from the philosophy of focusing on a consumer application finish and the intuitive design of Dash that has made it the darling of the telecommunications industry, we’ve developed a fittingly simple Voicemail Manager. The most popular features of the Voicemail Manager still exist, but just with more functionality and a cleaner interface. Specifically, users can still have voicemails forwarded to their email automatically, but now the management of the messages is simpler, too. Users can now organize, listen to, forward, delete, save, and generally manage their voicemail messages more easily than ever before. With a simple interface that borrows design elements from the popular Fax Manager, the redesigned Voicemail Manager is ideal for people who don’t want to spend a lot of time dealing with their voicemail. And while I’m specifically calling out Millennials for the target beneficiaries of a streamlined voicemail experience, the reality is that everyone can benefit from saving time and the new Voicemail Manager accomplishes just that.

Millennials Use Voicemail

Try it Yourself

And here’s one of the situations where we all need to borrow from the Millennial playbook, rather than pretend they only have lessons to learn from older employees. I’m referring to the freemium model of applications that seems to be wildly successful across consumer applications. We aren’t going to adopt a true freemium for Dash, but we can do one better than just about any other VoIP provider out there. In addition to offering a 30-day money back guarantee on all of our plans and services, we’re also proponents of being able to try things before you buy them, too. That’s why you can have up to 2 weeks or 1,000 minutes of unfettered Dash access for you and your entire company with our generous Free Trial of Dash. So go ahead and sign up now for a totally risk-free, no-obligation test drive of the award-winning Dash Business Phone System with the totally redesigned Voicemail Manager! And remember to let us know what you think by following us on Twitter or Facebook, we’re looking forward to hearing from you soon!

Nike’s Sub 2 Hour Marathon Attempt, Mt. Everest, and Your Own Moon Shot

Eliud Kipchoge Moon ShotIf you were paying attention last week, there was a small army of scientists, journalists, Olympic athletes, and even some comedian commentators on hand for a surprisingly spectator unfriendly sporting event in Italy. No, I’m not talking about the 100th Giro d’Italia cycling race, but rather Nike’s attempt to have a person break the 2-hour barrier for the marathon. The attempt was held at a Formula 1 race track near Milan and, though any effort there would not be eligible for a world record (due to the fact that it was a lap course, and not point-to-point), the simple fact that the attempt was made so earnestly should teach us all a thing or two about setting goals.

What was Your Last Moon Shot?

If you’re anything like me, it is probably taking too long to answer that. But why is it that we value grand ventures and achievements so much yet rarely can speak of our own efforts? Even the term, “moon shot,” is both synonymous with its namesake moon landing’s improbability as it is almost completely inapplicable to other such accomplishments. I’m happy to say that Nike had gotten fed up with that and wanted to do something about it. The rate of the marathon’s world record improvement had slowed to a near standstill over the past couple of decades. According to experts in fields ranging from biomechanics to statistics, projections for the current world record to be beaten have gotten further and further away. In fact, among the few scientists who thought the 2-hour barrier could be broken at all, even they predicted it wouldn’t be approached for another 80-100 years. Why then, in the face of such seemingly insurmountable odds, would a market leader like Nike stake its reputation by making such a public effort to do this? To quote the ill-fated climber, George Mallory, as to why he was so obsessed to climb Mt. Everest, “Because it’s there.”

If at First You Don’t Succeed

Mallory ended up not succeeding in his quest to summit Mt. Everest in spite of his resolve and disappeared on his third and final attempt, his body not to be found and retrieved for 75 years in 1999. What he accomplished in his time, though, was perhaps more profound than had he planted his flag atop the world’s highest peak. Mallory set in motion a series of events that would eventually lead to Sir Edmund Hillary’s successful summit of Everest, but his devil-may-care attitude also created a sense of adventure and endeavor which still lasts today. All of this is to point out that, unfortunately, Nike and their runner, Eliud Kipchoge, fell painfully short of their goal to break the 2-hour barrier. With a blisteringly fast 2:00:25, Nike’s focus on controlling every possible variable yielded an effort that is two and a half minutes faster than the world record of 2:02:57. So now what?

Try Try Again

You knew that was coming, right? In my opinion, the outcome of this effort can be viewed through two different lenses. First, you can look at this as a simple failure to reach a lofty goal and the result of the inevitability of failing at such a task. Or second, you can look at this as the fastest a human has ever run over 26.2 miles and the spark that could light a powder keg of human development and achievement. I choose the latter. As American Olympic medalist Shalane Flanagan said during the later stages of Kipchoge’s effort when it became clear he would fall above the 2-hour barrier, “Everyone has their own 2-hour barrier, and just because it’s never been done before, that’s no reason to try.” If you have some goose bumps right now, congratulations, you’ve got everything you need to go do great things.

Get Into Action

Let me start by saying, as a multiple marathon finisher myself, you probably shouldn’t just hop outside and try to tackle 26.2 miles off of zero weekly training miles. That would hurt, a lot. But what you can, and I dare say should do, though, is begin to change your thinking about what you believe to be impossible. Remember, when the 4-minute mile was finally broken after being the same type of albatross that the 2-hour marathon is currently, it took only days for it to be broken again and since then hundreds of times more. Once you’ve identified your own “2-hour barrier” it’s time to update your Follow Me Calling list, turn on your Auto Attendant, and get out there to break it! Nothing bad can come from trying to exceed your own expectations, so do yourself proud and find out how far you can go.

So what’s your moon shot? Let us know by sharing or tagging us on Twitter or Facebook as you attempt it. We’re happy to encourage you along the way, but will be even more proud of you for making a claim and going for it! Good luck!

VirtualPBX on TwitterVirtualPBX on FacebookVirtualPBX on YouTubeVirtualPBX on Pinterest