PCSOFT Blog

PCSOFT has been serving the Smeaton Grange area since 2005, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

How to Identify If an Email is a Security Risk

How to Identify If an Email is a Security Risk

There’s one major reason why email is the preferred method of spreading threats like ransomware and other types of malicious software. The sheer number of messages that can be sent through email on its own increases the odds that a user will click on the wrong link or download the wrong attachment. How can you know the legitimacy of any message you receive in your email inbox?

0 Comments
Continue reading

Why You Should Pay Close Attention to Where Your Emails Come From

Why You Should Pay Close Attention to Where Your Emails Come From

When you get an email from a big name brand or a trusted vendor, how often do you question the authenticity of it? Thanks to threats like email spoofing, you can’t afford to be as trusting of others as you might like. When all it takes is clicking the wrong link or opening the wrong attachment to set something terrible in motion, you need to be very cautious.


A Swedish cybersecurity firm, Detectify, has found that major online domains are now being used to spoof email addresses. Email spoofing is when a hacker makes it look like a message is coming from a certain organization, when in reality it’s not. It’s just a hacker that has made his email domain look like it’s from someone of repute within or outside of your organization. The reason: misconfigured server settings. Since email servers don’t automatically authenticate whether or not email addresses are legitimate, this is something that needs to be set up by your email provider or IT administrator.

There are numerous ways to make sure your email server is configured properly, but you should only do so if you’re a skilled technician. You don’t want to accidentally make a mistake and change settings that could put your business at risk. To understand how these email spoofing attacks work, let’s start by looking at the details.

Sender Policy Framework (SPF)
The SPF is a record that is checked when your DNS record is examined. This determines if the server is allowed to send and receive email from the domain. SPF uses three specific modifiers for its messages:

  • Softfail: The message is accepted and marked as spam.
  • Hardfail: The message is rejected entirely.
  • Neutral: The message is let through without incident.

DomainKeys Identified Mail (DKIM)
The header and body of the email are hashed separately with DKIM; furthermore, a private key is made and sent along with the message. When the message is opened by the receiving party, the key will perform a DNS request to identify where the email came from. If things seem legitimate, the message is received.

Domain-based Message Authentication Reporting and Conformance (DMARC)
DMARC uses both SPF and DKIM to authenticate an email. DMARC splits its functions into three parts:

  • Reject: The user never sees the message because it was fully rejected by the mail server.
  • Quarantine: The message is stored for review at a later date.
  • None: The message is allowed through with no difficulty.

Basically, what DMARC wants to accomplish is identifying messages as fakes, but also allow administrators to check and make sure that flagged messages aren’t accidentally being marked as spam.

Even if you don’t know the exact details of how email spoofing works, here’s a statistic that speaks for itself. Out of the top 500 sites on the Internet, 276 of them can be spoofed. According to Detectify, this includes servers that don’t have SPF or DMARC set up properly. Also included are servers that don’t have any SPF at all, those that use SPF with softfail only, and DMARC with only action “none.”

In other words, these email servers would be doing literally nothing to keep threatening messages from arriving in your employees’ inboxes. Therefore, it’s your responsibility that you’re proactively managing what gets received and processed by your own email server. Additionally, you’ll want to make sure your email server is configured to not allow your email domain to get spoofed.

The most direct way to keep your employees from falling for email spoofing is to prevent them from receiving spam messages in the first place. Reduce their exposure to threats and you’ll be in a much better position. Make sure that you teach them about phishing scams and other security threats so as to minimize the chances that they will act foolishly in the face of one.

To make sure that your business keeps security top-of-mind, look no further than PCSOFT. You can contact us at 02 98730080.

1 Comment
Continue reading

The Top 3 IT Policies Hated By Employees

The Top 3 IT Policies Hated By Employees

When employers and employees aren’t on the same page, conflicts arise and work grinds to a halt. This bad-for-business scenario is especially true when it comes to technology. You may not have realized this, but certain IT policies may actually be driving your staff crazy! Here are three common examples of how this plays out.


Using Technology That’s Slow and Outdated
It’s important to keep in mind that the entire goal of business technology is to equip everyone in your organization with the tools they need in order to do their job better, and thus, make you more money. Therefore, if the provided technology is slow, outdated, and gets in the way of employees doing their jobs as well as they can, then your decision to hang onto outdated technology just to save a few bucks is actually working against you, and employees can even latch onto this reality as an excuse for a poor job performance. In addition to hindering an employee's job performance, using outdated technology is bad for morale. By providing your staff with crummy technology, you’re communicating that you don’t care about their work, so why should they?

Banning Personal Devices in the Workplace
For security and control reasons, many businesses ban employees from using their personal devices for work purposes. When you first heard about the security risks of mobile devices, you might of had a knee-jerk reaction and decided to ban them. However, mobile device management technology for enterprises has come a long way in recent years, and by outright banning the use of personal devices in your office, you may be foregoing the benefits of these devices, like increased productivity and improved employee morale.

If you’re unsure if allowing employee-owned mobile devices in your workplace will benefit your company or not, then have a conversation with your staff about it. You may be surprised to learn that they’re much more comfortable and even efficient at their jobs using the mobile apps on their own devices than they are having to use the clunky and complicated tools that you’re currently providing them.

More often than not, what this reality leads to is a diligent worker becoming frustrated with the technology they’re asked to use, so they seek out an alternative solution on their own. This might end up putting your company’s data at risk. However, now that you’re aware of this reality, you can take action and utilize measures for your IT infrastructure that supports employee-owned devices in a safe and effective manner. PCSOFT can help equip your business with a mobile device management strategy that will allow your employees to be productive with their personal devices, while protecting the integrity of your network.

Requiring Staff to Deal With Their Own IT Issues
Nobody likes having to do a task that lies outside of their job description, and for most non-IT employees, resolving IT issues isn’t part of the job package they signed up for. Yet, too many employers require their employees to resolve their own IT issues, or at the very least, contact an assigned IT technician about it. For a worker who’s rockin’ a project and taking care of business, having a PC issue quash their momentum and then requiring them to “look into it,” can be demoralizing. Plus, this should have you asking a more important question: are your employees even qualified to troubleshoot the issue at hand?

Instead, it’s much better to prevent these IT issues in the first place by having PCSOFT proactively maintain your company’s equipment. With our remote monitoring service, we’re able to catch and resolve IT issues so that your staff doesn’t have to. This frees them up from putting out fires around the office and getting bogged down by time-consuming maintenances, allowing them to actually work on money-making initiatives. Plus, in the event that your workers do have to reach out to us in order to resolve an issue, you’ve got our promise that the issue will be resolved as quickly and as painlessly as possible so that your valued worker can get back to doing what you hired them to do--making you money.

Now, for organizations without their own in-house IT department, experiencing IT issues can be extra frustrating for your staff because they may be asked to resolve IT issues that they know very little about. This is why it’s so advantageous for businesses to outsource their IT responsibilities. This way, your staff won’t have to handle such tasks as being on the phone with a technology vendor, approving billable time, assigning time to resolving issues, and dealing with IT problems that require specialized knowledge.

Can your company relate to any one or more of these three IT issues keeping workers from being as productive as possible? When it comes to your company’s technology, it should make things easier for you and your staff, not make things more difficult and hold your team back. To that end, call us to take advantage of IT consultation services so that you and your team will always have access to expert advice. We can guide you in implementing a mobile device management strategy for your company so that your staff can use their own devices and get work done more efficiently. And lastly, don’t limit your team with outdated equipment. Instead, talk to us about upgrading your company’s technology so that your team is equipped with the latest and greatest solutions.

0 Comments
Continue reading

Contact Us

Learn more about what PCSOFT can do for your business.

PCSOFT
Suite 2.07, 3 Fordham Way
Oran Park, NSW 2570