Based in the historic downtown area of Plymouth, MA, IES is a web design / hosting, computer / IT support, and marketing consulting firm for small to large business, including government & nonprofits. We also sell & service POS equipment, smart systems, CCTV systems, and custom wifi service. IES operates globally via the latest technology.
Charlie Baker has ordered all non-essential businesses to close,
effective noon Tuesday, March 24. "Baker said non-essential businesses
shall close their physical workplaces and facilities to all workers,
customers, and the public."
governor also stated "Everyone is advised to stay home and limit all
unnecessary activities," while announcing that he and state health
officials are issuing a stay at home advisory for the residents of
that provide essential services are exempt. Among the businesses that
will remain open are grocery stores and businesses that support them,
gas stations, pharmacies and all medical facilities, and manufacturers
of medical equipment, pharmaceuticals, and restaurants. Governor Baker
is expected to release a full list of businesses defined as essential
If your business does not fall under an essential category and you would
like to get your office setup for remote working, please email us
We have resources in place to allow us to continue to provide you with
the level of service, responsiveness, and support you have come to
expect from IES. We are considered an essential business and are
available for you, even with these orders in effect. However, effective
Monday, March 23 at 10pm, all IES agents will be working remotely to
support our clients and will only be legally allowed to go onsite to
provide support if your business falls under an essential category.
As always, we are reachable using any of the following methods:
of the key preventative measures for the spread of COVID-19 is social
distancing. Luckily, in this increasingly connected world we can
continue our professional and private lives virtually. However, with
huge increases in the number of people working remotely, it is vital
that we also take care of our cyber "hygiene".
and preparedness are both vital - you'll want to be sure you have the following basics:
wifi connection. Most wifi systems at home these days are correctly
secured, but some older installations might not be. With an insecure
connection, people in the near vicinity can snoop your traffic.
Fully updated antivirus system in place.
to date security software. Security tools such as privacy tools,
add-ons for browsers etc need to be up to date. Patch levels should be
to back up periodically. All important files should be backed up
regularly. In a worst case scenario, staff could fall foul of ransomware
for instance. Then all is lost without a backup.
your screen if you work in a shared space. (You really should be avoiding
co-working or shared spaces at this moment - social distancing
is extremely important to slow down the spread of the virus).
Make sure you are using a secure, encrypted connection to your work environment.
Things employers should do:
initial and then regular feedback to staff on how to react in case of
problems. Who to call, hours of service, emergency procedures and how
suitable priority to the support of remote access solutions. Employers
should provide at least authentication and secure session capabilities
Ensure adequate support in case of problems.
Define a clear procedure to follow in case of a security breach.
Consider restricting access to sensitive systems where it makes sense.
If you have any questions about these tips or need to setup remote login to your office, give us a call at 781-816-9437.
Like you, we're monitoring the latest news
about the Coronavirus. That's why we're doing all we can to make sure
our staff is standing by to aid with all your technology needs.
We want you to have confidence that you can contact us anytime. In the
event of a government mandated quarantine, not much will change. You can
•Call our office 24/7 at 781-816-9437 to reach a tech
•Open a support ticket 24/7 at iesAdvisors.com/portal
•Chat live instantly with a tech from 9am - 10pm Monday - Saturday via our website
•Email firstname.lastname@example.org for a same day response
Thankfully we are able to service most of our customers' issues remotely via the Internet using the latest in technology.
of the many services available to our clients is the ability to remote
into your work computer from another location. Some clients are already
utilizing this service. Best of all, there is one low yearly cost.
Here’s what we need to know to setup your account:
•The business owner or manager needs to authorize us to setup your remote access account.
•The name of each computer you want to access remotely and who will access it.
•Each user’s email address. (Once the accounts are setup, we send instructions on how to use the system via email).
•A secure password for each user to access the portal.
Click the button below to launch the request using your default email
application. We’ll reach out to setup your remote access up ASAP!
Shark Tank judge Barbara Corcoran lost nearly $400,000 in an elaborate email scam that tricked her staff.
Corcoran said someone acting as her assistant sent an invoice to her bookkeeper earlier this week for a renovation payment. Staff believed there was "no reason to be suspicious" about the email because she invests in real estate, so the bookkeeper wired $388,700 to the email address.
The problem was that the email address didn't belong to her assistant. The scammer imitated her assistant's email address and misspelled it with one letter. The mistake wasn't caught until the bookkeeper emailed the assistant's correct address for a follow-up.
Corcoran fell for a phishing scam, which is common: Nearly 30,000 people reported being a victim of that type of scam last year. Together they reported nearly $50 million in losses, according to the FBI's 2018 Internet Crime Report.
Phishing attacks are common methods of stealing usernames, passwords and money. Hackers pretend to be a trustworthy source to convince you to share personal data. To be safe, it's important to make sure the sender is authentic before clicking on a link.
The IT world was waiting on pins and needles yesterday for a high profile Microsoft Windows 10 security patch, and the US National Security Agency (NSA) has enlightened us as to why. Apparently the government agency has discovered a serious flaw in Windows 10 that could expose users to surveillance or serious data breaches.
The NSA confirmed (link) that the vulnerability affects Windows 10 and Windows Server 2016. It said that it flagged the dangerous bug because it "makes trust vulnerable." However, it wouldn't say when it found the flaw and declined to discuss it further until Microsoft released a patch.
The vulnerability was found in a Windows component called crypt32.dll, which handles "certificate and cryptographic messaging functions," according to Microsoft. An exploit in that area could affect authentication on Windows desktops and servers, sensitive data on Microsoft's Internet Explorer and Edge browsers and many third-party applications. Hackers could also use it to spoof digital signatures, making malware look like a legitimate app.
A software patch was released yesterday to critical Windows 10 clients including the US military and managers of key internet infrastructure. Microsoft has since released updates for all customers, urging them to install them "as quickly as practical." as this flaw is being noted the second most severe in Microsoft's rating system. Microsoft has confirmed it has not yet been exploited, but is still a major security issue.
If you use the app Venmo, be aware there is a scam going around.
With this scam, you will receive a text message telling you your Venmo account is about
to be charged and If you want to cancel the withdrawal, you need to log
on and decline it.
The message allows you to log on with any phone number and password. (The
password we used to test this scam was wrong, but it had me continue on). It then asks you
to verify who you are by entering the bankcard number and other
The scam uses the same same colors and fonts as the Venmo App.
Do not use the pages provided by the text to enter into your account. Go directly to your Venmo app or use their Internet website.
If you have fallen victim to this scam and entered your personal information, contact your bank or credit card company immediately.
Major breaches like TJMaxx
and Target have been widely publicized in the past, but breaches at smaller businesses have
received very little attention. This is mainly because information
about these smaller occurrences have been very hard to come by due to
First, not all states have disclosure laws
requiring merchants to disclose breaches and secondly, card associations
are not required to disclose individual cases.
According to a Wall Street Journal article, most breaches come from small businesses who are not up to date with technology or compliance laws. Here are some of the article
More than 80% of the credit card breaches have occurred at small businesses.
Visa levied $3.3 million in fines for non compliance against small businesses in just one year.
MasterCard did not disclose their fines.
Any business that accepts credit cards must agree to be PCI complaint.
Take for example the case study of Lodi Beer, a microbrewery and restaurant in California who unknowingly stored 11,728 credit card records in their point of sale system. (Track data from the credit card's magnetic strip cannot be stored according to PCI standards).
When that data was breached, Visa and MasterCard fined Abanco, the
restaurant's merchant account provider, $27,000. Abanco then in turn
passed that fine onto the restaurant. In addition to the fines,
this merchant has spent over $50,000 in remediation costs, legal fees,
upgrades, etc. That is a huge amount of money for a small business. Had they been up to date with their technology, this situation could have been avoided.
Here are some interesting facts that you should know about PCI compliance standards:
Visa, MasterCard and the other card brands have put the responsibility of maintaining compliance status on the processor or merchant account provider. They've successfully
done this with a policy of making them responsible for paying fines when
While these processors are responsible for fines, they will
almost always pass whatever they're fined onto the merchant.
If merchants are ultimately responsible for the fines, it is their responsibility to maintain PCI standards and stay up to date with their technology.
IES would love to help you become compliant. Give us a call at 781-816-9437 or check us out online at iesAdvisors.com.