from some of PC KING's many happy Clients
Professional Friendly Service 24/7
PC King has been our trusted IT provider for over 22 years.
Their team have provided professional and friendly service 24/7 that has enabled our group of companies in New Zealand and Australia to perform without worrying about its day to day IT management. They have been proactive in providing cost effective solutions that ensure reliable and secure IT infrastructure
The level of commitment and service has been outstanding; their professional and personal support has enabled us to continue to develop our services to the utmost potential for all our clients
PC KING has done wonders for our computer systems and we highly recommend them
Made us more Profitable
The team at PC KING worked with us in making our IT network more stable, improved efficiencies, and has enabled us to grow our business and improve our profitability
BEST VALUE PLANS
Computer Protection Plans - Price Per Computer
MISSION STATEMENT : "To provide Clients with reliable managed ICT solutions, that help them become more productive and profitable
WE SELL 'UPTIME'
PC KING's objective is to reduce your computer downtime, improve your business processes, thereby increasing productivity and profitability - by using their 4P approach :
Profit = Protection + Prevention + Performance
Solutions are tailored to suit Clients needs and requirements
PC KING provides quality products from the best suppliers and with manufacturers' warranties
60-DAY MONEY-BACK GUARANTEE
PC KING guarantees their solutions will work, and if you are not happy within the first 60-days, you get your money-back. Not many companies can offer you this
"Provide Clients with reliable managed ICT solutions, that help them become more productive and profitable"
KINGSLAND - 1992
- PC KING has humble beginnings, opening its doors in 1992, as a new start-up retail shop in the inner-city Auckland suburb of Kingsland, across the road from the famous Eden Park.
- The name "PC KING" - was derived from the original business name "Kingsland Computers". "KINGsland (Personal) Computers" became "PC KING"
- Customers came from all over New Zealand and the Pacific islands, and included governments, city councils, businesses, charities and schools.
- When Microsoft released its revolutionary DOS 6.0 & Windows 3.0 software, PC KING was one of NZ's largest Microsoft retailers
SANDRINGHAM - PRESENT DAY
- Today PC KING has transformed itself into a Professional Managed Services provider, with advanced computer security protection, data backup solutions, and telephone systems.
- And over the years, the Team at PC KING have learnt through research, testing and experience - what works best, and what may not.
- This combined knowledge and learned expertise, not only gives PC KING a competitive advantage, but also benefits Clients by way of cost-effective solutions that deliver immediate return-on-investments
CONTACT PC KING NOW - firstname.lastname@example.org or 0800 PCKING
- So what are you waiting for? Make the change now.
- If you want honest and practical advice? And need value-for-money guaranteed solutions?
- If you would you like to be supported by certified Engineers who actually own the business?
- Then PC KING is for you - your reliable, trustworthy IT partner, that has been around for over 27 years
NEWS & BLOG
This information is a bit technical – so if you need help or more information on any of these solutions - please feel free to contact PC KING at email@example.com
1. Enforce Multi-Factor Authentication (MFA)
Credential dumps and credential harvesting attacks are common. They give attackers access to large numbers of usernames and passwords. Protect your business systems and data by enabling MFA on all privileged or remote access systems – such as VPN’s, administrative consoles, webmail
2. Patch your Software
Keep software, like operating systems and applications, up-to-date. It's one of the most simple and effective steps you can take to secure your environment. We've seen many organisations attacked by malware that exploits known vulnerabilities. Applying patches would have helped them avoid these attacks.
3. Disable Unused Services and Protocols
Keeping your systems up-to-date isn’t always enough to keep attackers away. Older services and protocols often have their own vulnerabilities. Leaving them on your network gives attackers more opportunity to breach your network. To mitigate this, scan your network for services and protocols that are no longer used, or known to be vulnerable. If you identify any, carry out remediation based on your findings. The recent ‘WannaCry’ incident demonstrated what can happen when attackers exploit out-of-date protocols.
4. Change Default Credentials
Security is sometimes overlooked in the rush to get new technology into production. A key step to take for any new application or device is to change or remove all default credentials. This will prevent an attacker accessing your network with known usernames and passwords. We continue to see organisations compromised by attackers using unchanged default credentials.
5. Implement and Test Backups
Backups are critical for recovering from incidents like ransomware. Store your backups offline, and test them often. Organisations often need to restore data from their latest backup in response to threats like ransomware. We've seen organisations lose data and incur significant operational costs because they didn't have up-to-date, well-maintained backups.
6. Implement Application Whitelisting
Two of the most common ways to infect a user’s workstation with malware are through email clients, and web browsers. To prevent this, identify a list of applications that your users need. Make sure they can only execute approved applications. Most malware incidents reported to CERT NZ are likely to have originated from opening malicious email attachments, or drive-by downloads. Whitelisting the approved applications will help protect the system from these attacks. It's a key security control for your network.
7. Enforce the Principle of Least Privilege
Grant users the minimum level of access and control in your network that they need to do their job. Remove their accounts when they're no longer needed. This will limit the damage that intrusions into your network can cause. We also recommend enforcing separation of privilege. When a user requires administrative privileges, use a separate account. We're aware of incidents where users held unnecessary administrative privileges. Attackers were able to exploit their accounts to make unauthorised changes to the environment.
8. Configure Centralised Logging and Analysis
Storing and securing your logs in a central place makes log analysis and alerting easier. Logs are a key part of understanding what happened in an incident. Configuring alerts for key actions can help you detect abnormal behaviour and tell you what to investigate. Without good logging, it’s very difficult to discover the nature and extent of a compromise. This makes your efforts to contain and recover from an incident much harder. Logs weren't available for many of the incidents reported to CERT NZ. This meant it wasn't possible to do a complete post-incident investigation.
9. Implement Network Segmentation
Proper network segmentation relies on the implementation of other critical controls, in particular disabling unused services and protocols, and enforcing the principle of least privilege. We've seen incidents where attackers used common management tools and protocols to gain control of other machines on a network. There are also tools scripted to get credentials. The credentials are then used to access other devices and applications in a network.
10. Use Network Tools
You can prevent attackers spreading through your network by using network tools like firewalls and ‘netflow’ traffic monitoring , and following the other critical controls.
11. Manage Cloud Authentication
We're aware of incidents where cloud authentication misconfigurations let attackers bypass security controls. They do this by using legacy authentication protocols. Organisations are also moving toward using more cloud-based services. It's easy to end up in a situation where you have multiple authentication systems. Centralising authentication gives you better control and visibility over who has access to your systems and information. It also provides a unified experience and lets you configure MFA for applications that may not support it.
12. Remove Legacy Systems
Legacy systems are systems that a vendor no longer supports, or systems that an organisation no longer maintains. This includes end-of-life or unsupported software, as well as devices. When it comes to legacy systems, organisations have to choose between two options; to replace them or staying with the unsupported systems. There are challenges in finding the right option as both require time, money, and resources to address.
Both options introduce similar risks :
Risk 1: If the systems are replaced, there is a risk of affecting that critical process.
Risk 2: If the system is not replaced, there is a risk that any known problems or security vulnerabilities in that system that could be exploited. Two available options to mitigate this are to remove/replace the system, or restrict access to the system.
13. Manage BYOD Devices
A mobile device is any portable device that can access and hold organisational data. It's important to secure these devices, as you would any other device that sits within your network. It's become more common to use mobile devices for work. Your staff may use a laptop to work remotely travel often and work on their mobile phones. This is convenient, and can provide real benefits to your staff and business. But, there are a few security points to consider before you give these devices access to your network. You need to think about physical security. Because these devices are portable, they're more likely to get lost or stolen. Devices may connect to networks that are not controlled by the organisation, such as a home or hotel Wi-Fi. This means they won’t get the benefit of any network-level security controls, like web proxies. These networks may also be able to see sensitive data in the connections made from these devices. This is because other people manage this routing equipment
14. Maintain Best Practices, including Password Policies
We recommend you also continue with best practices, like maintaining an effective password policy.
You don’t want to be affected by ransomware. Your data is yours, not a toy for some faceless scammer to take off you until you pay up, usually in Bitcoin or some other crypto-currency.
Fortunately, we have some steps you can take — and behaviors you can adopt — to keep your data out of the hands of the scammers.
5 Steps to Defend Against Ransomware
1. Make regular backups.
This is Ransomware Defense 101. The scammers want to restrict access to your data, but if you have a recent backup copy of it, they’ve already lost. Organise your vital data so that it is stored in a single location, and regularly back it all up.
But backup copies that are connected to your computer can also be encrypted by ransomware - so also take a backup copy off-site, and disconnected and away from it's original location. Your backup schedule should be based on how often your files are updated. Daily user? Backup daily, or even, hourly.
2. Keep your computer updated
Whatever platform you’re using, desktop, tablet, or smartphone - keep your software up-to-date. This includes Windows, Mac or Android - updates install the latest security patches and bug fixes, thus protecting you from software vulnerabilities.
3. Spot suspicious files, enable file extensions
One way of combating ransomware (and other malware) is to use your eyes. Don't open or click on email messages that you don't recognise or are from unknown people. And don't download files or information from unknown internet websites or people you don't know. Remember what children are taught : "Don't talk to strangers"!
Many malicious software have multiple file extensions (such as, for example, .PDF.EXE) which immediately identifies them as dangerous, if you know what you’re looking for. By enabling file extensions in Windows, you can spot and delete them (or let your anti-virus software destroy them).
There is also training available to learn how to identify and deal with this.
4. Use Email filtering
In 2019 you should not be receiving emails without first filtering or checking them for viruses, malware and phishing attempts. If you don’t, at least set up a rule that filters out, and deletes, email-bound EXE files. These should never be sent via email and never be opened when received.
5. Use an internet security suite
No matter how careful you are when using the Internet, it's always advisable to have antivirus software installed on your computer. As with all security challenges, the best protection you’ll get from ransomware is with a competent internet security suite. While free internet security tools maybe sufficient for live scanning for viruses, you need to consider a paid alternative.
And when it comes to ransomware protection, only premium internet security suites offer tools that protect your data. By blocking permission to these directories, your data should remain safe. Various suites offer this feature.
(For more information on how to better protect against Ransomware and other Malware and malicious Viruses, contact PC KING)
Source : https://www.makeuseof.com/tag/protect-data-ransomware-5-steps
CONTACT FORM & DETAILS
Get in touch with PC KING - for Peace-of-Mind computing.
Make the change now. If you want honest and practical advice. And value-for-money guaranteed solutions. Supported by certified Engineers. From a reliable, trustworthy IT partner, that has been around for over 27 years.
Don't wait any longer. Get the peace-of-mind you want and deserve.