Its been awhile since we posted as we have been in hibernation due to the brutally cold Cincinnati weather, but spring is around the corner and we are hungry! So, lets dive in to a security related post, focusing on malware and phishing as a recent report from Microsoft has found that malware has decreased globally, however phishing has drastically increased.

Most of our post are geared towards small businesses, but this post also applies to medium to large businesses, as email phishing attacks effect every user. Phishing emails are becoming more and more difficult to pick out. If a specific attack happens to a user malware can be installed to a user’s computer, these two generally go hand in hand to wreak havoc on a user’s system then potentially the entire infrastructure.

I propose the question why focus on this? Well, one of the most effective attacks is phishing emails, and the easiest way into a company. Why? Because, the end user generally lacks proper training, which accounts to 35-40% of malware attacks. Its not because an attacker broke in to the network, its due to a user clicking on a phishing email which then installed malware which in turn provided remote access for the attacker.

How do we combat phishing emails? Training the end users to pick out phishing attacks and putting through phishing email simulation training. This is generally a long process, and can be completed over many different time periods, we suggest at least 6 months. The phishing emails grow in complexity and the training increases. I’ll add in a few examples that we often come across, that are very difficult to spot.

Lets take a look at Microsoft’s report you can view it here - Microsoft Security Intelligence Report. According to the report phishing emails increased 250% over 2018, Microsoft scanned over 470 billion email messages for malware and phishing per month. Thus, increased the percentage of success for the attackers. The more emails sent, the more likelihood of an end user clicking a link and getting malware installed. So what kind of phishing emails are there? Where do they come from?

Domain Spoofing – the domain is spoofed and is the exact match of the expected domain

Domain Impersonation – the email domain looks very similar to an expected domain

User impersonation – the email comes from someone the user knows

Text Lures – text that looks like its coming from a legitimate source

Credential phishing links – these take you to a webpage to enter credentials, password resets etc.

Attachments – opening an attachment that redirects or installs malware

Links to fake cloud storage – ask users to sign in with cloud account and give permissions

Many emails come from cloud services such as AWS, Google, which makes it difficult to track down by IP address, this is considered polymorphic phishing, this allows the attackers to avoid detection and come from legitimate IP addresses. Another source we have seen is an end users account being compromised and sending a few thousand emails out within a matter of minutes. This is due to a password being taken or an email account broken into. These phishing emails come from a legitimate source, which is extremely difficult to combat against. Still the best defense is end user training.

A few items I want to reiterate here, training your end users, by far the best way to combat malware and phishing emails, secondly, having good security in place from the beginning. From your firewalls, to spam filters, to proper password security in place at your business. Many times, we have found these simple things are quickly overlooked or bypass due to making it easier for the users. Training users to use basic security principles not only at work but also in their personal lives and be challenging as most people tend to take the path of least resistance and use simple passwords, the same passwords across multiple accounts just for ease of remembering. Often IT people will open ports up without proper redirection, firewalls are not kept up to date and holes are found by the attackers. So make sure your IT consulting company is keeping your business up to date.

What is Microsoft teams? Let’s go over a quick overview of what Microsoft teams is and where it really shines as a communication tool. At its core, Teams is a chat tool, that resides on basically any platform you can think of, Windows, Android, Browsers, iOS, and Mac OS. And it syncs across the board, it does not matter what platform you prefer. It is designed with productivity in mind, and collaboration is the primary driver of the software. Teams makes it easy to share documents, communicate with groups of people (i.e. your team,) or designed around projects. It is great for on the go communication with your team.

As Microsoft continues to add functionality to teams over the coming years, it will become more prevalent no matter the size of the business but let’s look at use cases for small businesses. Some businesses are spread across the entire country, even though they may be a small business, such as developers, recruiters, architects, and many more. With teams it doesn’t matter where you are located the tool provides constant contact and communication with the people you work with daily. The small business is always very cost conscious on all fronts and being able to have a product that is included with Office 365 that is enterprise grade makes it an even easier choice to make to use in your work place.

Three primary functions of the team’s software are Chat, Teams, and Meetings. Each one has a great use case.

Chat – chat is primary used for one on one communication, you can transfer files, voice and video chat, or and others to the chat group.

Teams – The teams section is designed for groups of people, this could be project based, or a general chat for the entire company. But this is where the collaboration piece really comes in to play. A wiki can be created, files added in, meetings created, separate conversations are also in here called @mentions.

Meetings – The meetings section integrates with your calendar, it’s a different way to share meeting request, than through email. But at a quick glance/view its faster to pull up than outlook.

Recently Microsoft has been moving all of Office 365 users off of Skype for business (a poor product in my opinion) over to Microsoft Teams. Now even though there is not fully functionality of what Skype for business had, primarily on the voice side, it is getting closer quickly. But it already is night and day more useful over Skype for Business. Also, screen sharing was recently added, someone can easily share a screen within the team now and give a presentation, give control, or even just to show your team members what is going on. This is a HUGE addition to teams, this makes it use case even stronger.

One area which is still having issues is cross domain communication, meaning our voltonesp.com Office 365 account should in theory be able to communication with people on teams in another example.com domain seamlessly. But this isn’t the case, trying to find someone within teams in another domain is difficult, it creates a quirky guest communication label, and is confusing to use. Microsoft has a way to go in this area. But what we see when it happens is instant communication to us for support. We will be able to see what is going on a user’s screen within seconds vs having to make a phone call.

I thoroughly enjoy using teams as my primary communication tool, even though the product is still far from being mature, Microsoft has defiantly gone all in on developing a product that is hear to stay for a while.

Take a look at the 2019 Teams Blog and Roadmap website - https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/bg-p/MicrosoftTeamsBlog

For this post I want to really focus on few items, functionality and cost. These are the two biggest drivers that we run into with small businesses when deciding with what type of phone system to go with. Making sure the right questions are asked so that we can help properly evaluate the best way to build out a phone system. Whether that is a cloud-based solution, on onsite, or going with a vendor that can provide the clients criteria. Budgets, the whole goal that we abide by is to provide the cheapest solution with the most functionality possible.

As internet connections have become so stable over the past 5 years, it makes more and more since for small businesses to look at VOIP options as the internet never goes down. Thus, never loosing connectivity to the SIP trunk providers. Before, this did not make as much sense as an expensive PRI, or analog line was required to maintain constant connectivity.

Let’s look at cost first, as this is a bigger driver than functionality. Many situations we run into are small businesses being on older analog phone systems with very little functionality outside of the office, such as voicemail to email. Or we find that too many lines are not being utilized thus paying a higher monthly bill. In most situations moving to a newer PBX/VOIP system the monthly cost can be reduced drastically. We find generally an ROI of 18 months or less in these situations.

Other times we find that a small business has been oversold a solution that is very costly and is over engineered for the situation. For instance, most phone systems are all in one solution, the business must buy a certain brand of PBX that only works with that brands phones. This increases the cost drastically, and often a 200-300% markup and locks you into potentially a system that may not be supported at all in years to come. These systems are designed even at the base unit to handle well over 1000 phones. This really is unnecessary for a business with ten to twenty employees, even though it can scale to many phones, that business will never have that many employees, and if they do, they will more than likely need to purchase a new phone system anyway.

These are just some of the examples that we continually run into, and really where everything falls apart is the installer failing to ask the proper questions and finding the best solution. Instead a solution is chosen that only the installer knows and understands, thus leading to a product that does not fit the requirements that the small business needs and leads to an over priced, under utilized piece of equipment.

Let’s dig into functionality a little bit, there is too much to cover here so we will only look at the top level of PBX functionality. At a bare minimum the system needs to be stable, receive all calls, voicemail to email, ring groups, VOIP, auto attendant, schedules, and be able to route accordingly. Most systems have these features; however, we find that some of this functionality gets labeled as “add-on” and increases the cost. Many of these features’ sets are not necessary depending on the requirements of the business. Many of these features as “add-ons” are in the cloud, such as auto attendant which is a requirement for any small business, and by charging a monthly fee for this feature it drives the cost up very quickly year after year.

By looking at open source options that are software-based PBX systems and don’t require specialized hardware, functionality can be drastically increased, and cost reduced over time. Up front cost for the phones themselves will be very similar, it’s the cost of the lines where we see the biggest savings on these systems. And with software-based solutions, current hardware can be used, or as simple as an older PC that has been laying around.

In conclusion, what we see when it comes to phone systems and implementing them is failure to ask the questions that pertain to the business instead of just throwing a solution that generally is will more than likely be overpriced. We have put together an info graph of some of the cloud solutions out there and how one of the primary products that we like to use 3CX and be cost effective over a two-year span, vs the other cloud solutions that are out there. Take a look at the cost break down and you be the judge.