Protecting Your Smartphone Against Hackers

As the features and conveniences of smartphones have grown, so have the risks of using them. The more you and your employees use your smartphones to check email, make purchases, access bank accounts, download music, etc., the more tempting your phone becomes to hackers.

There are many different types of smartphone hacking methods — from hacking into a live conversation or hacking into someone’s voicemail and the data stored on smartphones. As we increasingly store sensitive data on our mobile devices, the opportunity to hack our smartphones becomes much more tempting to cybercriminals.

How are hackers getting to your smartphone and how can you protect yourself and your business? Most methods used to attack PCs are also being used to hack mobile devices.

Ways Your Smartphone Can Be Hacked

1. Malware. Your phone is vulnerable to the same things that once only threatened your computer, such as malware. Smartphone users often download the malware to their phone thinking that they are downloading a legitimate application such as the latest game or application.

2. Phishing, or SMiShing, uses text messaging to bait you into disclosing sensitive personal information. You may receive a text message posing to be your banking institution requesting that you call a phone number, or that you click on a link to enter information. You might also receive a text message that advises you to download software to your phone.

3. Bluetooth®. Unfortunately, this ingenious technology that makes it possible to use and enjoy the many features of mobile phones is the same technology that makes those phones vulnerable. Bluetooth makes it easier for you to talk on your phone while driving, use wireless headsets, and even sync your phone to your computer. But, while you are using Bluetooth, you’re allowing hackers easier access to your phone and the information it contains. In general, mobile phones comprise about 60% of overall Bluetooth technology usage.

o Bluejacking: If you are using your phone in a public area, hackers can use Bluetooth’s Business Card feature to send unsolicited messages to all discoverable devices within that area. To protect yourself from Bluejacking, be sure to put your phone in the “invisible” or “non-discoverable” mode to protect it from being hacked.

o Bluesnarfing: This is a more dangerous hack that gives criminals access to some of the information on your phone. Criminals use special software to request information from your device, using the Bluetooth OBEX push profile. Even if your phone is in invisible mode, hackers can attack your phone. However, having it in invisible mode requires the hacker to guess the name of your device — making this type of hack less likely.

o Bluebugging: The electronic business card feature in Bluetooth can also be used to open your phone to takeover by a hacker. Fortunately, newer phones are pretty safe from this type of hack, but older phones and outdated firmware can still be vulnerable.

o Back-door Entry: One of the biggest dangers is when a hacker creates a back door into your phone, gets control of it, clones your phone card, then uses your account on another phone. This is the hack that will hit your pocketbook. All the usage on that other phone will be billed to you.

How to protect your phone from hackers:

Setting up your phone to be secure is one of the first things you should do when you get a new phone. If you or your employees have not taken these steps, then they should right away.

Change the PIN on your voice mail

A phone that is still using the default voice mail or pairing PIN is vulnerable to being accessed by hackers. Changing your PIN often and avoiding PINs that may be available on the Web, such as your birthday, anniversary, etc., is your best protection.

Make your Bluetooth more secure. Just like your computer, your mobile phone should have anti-virus and anti-malware security software. There are dozens available and there are many Websites that rank the software for effectiveness. Since you access the Web from your phone, you’ll want protection from any sites you may visit that have infected downloads or other malware

Use caution when connecting to Wi-Fi. People who are using devices with sensitive business information on them should use additional caution when connecting to Wi-Fi. Business travelers, especially, often use Wi-Fi connections at hotels or conference centers. Because most prominent hotels and event venues are committed to maintaining the security of their Wi-Fi users, this is typically an OK practice. However, free public Wi-Fi in areas such as cafes and airports are often far less secure.

Here are some other tips that will increase your phone’s security:

• Disable your Bluetooth when you aren’t using it.

• Keep your phone in non-discoverable mode.

• Avoid pairing your phone unless necessary.

• Use non-regular patterns as PIN keys while pairing a device.

• Make sure your phone is registered with its manufacturer so you can be sure to get updates that continuously improve your phone’s security.

• Always enable encryption when establishing a Bluetooth connection to your PC.

• Use a security app to increase protection on your phone.

Today’s phones hold large amounts of personal and business data that you will want to keep secure. This data is of value to hackers, which is why it’s important to take every measure possible to protect it. By following the above steps, you can better avoid the dark side of mobility and keep your important data secure.

Combating Robo Calls – SHAKEN/STIR

Scammers and robocallers often use caller ID spoofing to display a number other than the actual number they are calling from, typically making it appear as though a neighbor or someone their target knows is calling. By using caller ID spoofing, scammers increase the likelihood that the intended target will answer a robocall. In many cases, these calls are made with malicious intent, such as a scammer impersonating an IRS agent in order to steal sensitive personal information.

Caller ID authentication is a new system targeted at combating illegal caller ID spoofing. Consumers and law enforcement alike will be more readily able to identify the source of illegal robocalls, thus reducing their frequency and their impact. Once implemented, caller ID authentication, or SHAKEN/STIR, will greatly increase the accuracy of caller ID information and provide consumers with helpful information for determining which calls are authenticated.

What is SHAKEN/STIR?

SHAKEN/STIR stands for Signature-based Handling of Asserted Information Using toKENs (SHAKEN) and the Secure Telephone Identity Revisited (STIR) standards. This means that a call being routed through interconnected phone networks would have its caller ID “signed” as legitimate by the originating carrier, then validated by other carriers before reaching the consumer.

SHAKEN/STIR will verify that the person calling you is, in fact, legitimate and calling you from the number showing on your caller ID. While call verification will not prevent all robocalls from reaching your phone, it will give you more information so you can make a better-informed decision about whether or not to answer the call. It will also track where the call originated, helping to identify potential scammers.

The FCC has mandated that major phone carriers uphold the SHAKEN/STIR standard to not only verify the calls within their network but also the calls coming in from other networks.

Most providers have communicated to the FCC that they will meet the standard, and many also currently provide tools to their customers to block robocalls. Unfortunately, SHAKEN/STIR also requires modern phone routing, so older landlines will not have this protection.

Protect Yourself.

While the new rules of SHAKEN/STIR are still being finalized, there are precautions you can take to protect yourself from robocalls and potential scams:

  • Add your landline or cell phone number to the National Do Not Call Registry at www.donotcall.gov. While it is unlikely to prevent scam calls, it may help to reduce the number of legitimate calls you receive from telemarketers, making it easier to screen for robocalls and scammers.
  • Talk to your phone service provider about robocall-blocking services. Many companies offer services that can block calls or alert you that an incoming robocall may be from a potential scammer or spammer.
  • Do not answer robocalls. By answering the phone, you’re alerting the caller that the number they are dialing is a real phone number, putting you at risk of receiving even more calls in the future. If a robocall slips through, do not respond to any questions, especially those that can be answered with “Yes.” If the caller or a recording asks you to hit a button to stop getting the calls, you should not engage the caller and hang up immediately. Scammers often use this to identify potential targets.

If you suspect a call you received was fraudulent, you can file a complaint with the Federal Trade Commission. The FTC maintains a robocaller database that is used by phone companies to update their call-blocking lists. Filing a complaint with the FTC it increases the likelihood that repeat offenders will be added to the database. You can file your complaint with the FTC online at https://www.ftccomplaintassistant.gov.

Promote Strong Passwords with Single Sign-On

As today’s businesses embrace the cloud, the number of web apps in their IT environment quickly adds up—and quickly overwhelms the ability to ensure security, manage costs and maintain control.

User password behavior is becoming less secure due to the fact that it is nearly impossible for the average user to remember strong passwords for the multiple cloud services most businesses typically run. Because of this, users take shortcuts and use simple passwords, reuse passwords, and even write them down.

You can help to eliminate poor password practices with a single sign-on solution (SSO) such as AppID by Intermedia. Single sign-on services provide users with a single portal for accessing all of their cloud apps while only needing to remember one password.  This eliminates the temptation for users to take password shortcuts that can introduce security holes.

An SSO allows companies to embrace the productivity benefits of cloud apps without getting lax on security. With a good SSO solution, you can:

  1. Manage Passwords. Whether it’s Salesforce, QuickBooks, NetSuite, or even proprietary apps, an SSO solution eliminates the need to remember multiple passwords making it easy for employees to comply with strong password policies. Businesses can also protect their data by encouraging users to keep their personal and work-related passwords separate. This enables businesses to significantly reduce the risk of unauthorized users unlocking a company’s private data via personal login information. It’s a quick fix that can prevent long-term problems.
  2. Add 2-factor authentication. Decrease the likelihood of a security breach by requiring 2-factor authentication on all critical systems, applications, and services – especially those that are exposed to the internet. 2-factor authentication requires a second piece of information during the login process. This could be a password and the answer to some personal question only the official employee would know. Adding another authentication factor makes it much more difficult for intruders to breach a company’s systems. DUO has a great solution for 2-factor authentication.
  3. Increase employee productivity. Once a user logs in to the SSO portal, they have one-click access to all their applications on one convenient page. With an SSO, users do not need to spend their time finding and logging into different apps and can spend more time working. Additionally, because users only need to remember and enter a single set of credentials, an SSO also minimizes the time users spend dealing with password-related frustrations.
  4. Protect your data. Employee turnover along with the flood of devices in the workplace can make it challenging for IT departments to secure employee access to workplace data. Identity and access management tools can prevent potential security risks when an employee leaves or their device is lost or stolen. Businesses can successfully revoke employees’ access to online company resources with just one click.

Because passwords remain a primary path to security, it is essential to implement a strong business password policy as the best defense against intruders accessing your systems. A single sign-on service is a simple, easy-to-deploy solution that keeps passwords safely encrypted. Create strong unique passwords for every web app you use without having to remember any of them.

Chickasaw Telecom, Inc. Named to CRN’s Solution Provider 500 List

Oklahoma City, Oklahoma, June 4, 2019 – Chickasaw Telecom, Inc. today announced that CRN, a brand of The Channel Company, has named the company to its 2019 Solution Provider 500. This annual list ranks the largest North American IT channel partner organizations by revenue. The Solution Provider 500 is the industry standard for recognizing the highest performing technology integrators, strategic service providers and IT consultants. It is the industry’s predominant channel partner list.

2019 marks the ninth consecutive year Chickasaw Telecom, Inc. has been selected for this honor.

Improve Your Cell Phone Signal

Cell reception is no longer considered a luxury. To most cell phone users, it’s a modern-day necessity making it essential to have reliable cell coverage at your place of work.

While provider coverage maps may show strong signals in your area, it does not guarantee great reception in your workplace. Building materials, geographic or structural interference, cell tower location, cell tower user capacity and a variety of other factors can have a negative impact on your cell phone signal.

Spotty service and dropped calls are frustrating, and if employees are using their cell phones to conduct business, problems like these can have a negative impact on communication with your customers, vendors and on your bottom line.

Fortunately, there are ways you can help ensure that the cell signal inside your business facilities is consistent and strong:

Avoid Inhibitors. Open a window, move away from walls and metal surfaces, and move to a higher level.

Charge Your Device. As batteries lose voltage, the amount of power available to communicate with the cellular tower also dwindles.

Close Unused Applications and Pages. Closing apps and pages that are running in the background enables your mobile device to devote all performance to the task at hand.

Enhance Your Cellular Signal. Cell phone signal boosters, also known as cell signal repeaters, are a great solution for most any space that has cell reception outside or nearby the facility. An in-building cell signal repeater such as SureCall’s signal booster, typically supports most cellular providers, including AT&T, Verizon, Sprint, and T-Mobile, in addition to smaller regional carriers if needed.

These devices are usually installed along with what is called a distributed antenna system (DAS). DAS is a telecommunications system that receives the carrier’s signal (a licensed radio frequency) on a base transceiver station or a bi-directional amplifier and then transports it into your building using a cable.

Coverage antennas are placed throughout the building as necessary to provide the best overall service for you and your employees. Cellular signal enhancement solutions come in passive or active options. The best option for you will depend on the size of your facility.

Passive systems

These systems use coaxial cable, a coverage antenna and other components that do not require AC or DC power to function. Passive solutions are more cost effective to install and work best in buildings that are under 100,000 square feet. Passive systems require the radio frequency power to be balanced among multiple coverage antennas so there is a strong and consistent signal throughout the building. The downside to this option is that it is difficult and costly to expand over time, should you want to increase the square footage taken up by your business in the same building.

Active systems

These systems require AC or DC power and consist of changing the radio frequency into other types of signals, such as optical. Then, antenna-like devices are placed throughout the building to receive the signal and change it back into a radio frequency used by cellular phones. Active systems are more costly than passive and are used in very large buildings as well as in campus-like settings of multiple buildings. This option, unlike a passive system, is easy to expand should the need arise.

Chickasaw Telecom can help you assess your needs and find the solution that can best improve the cellular signal in your business.

Save Time and Money with a Software Assurance Plan

Your investment in your business communications system and keeping that system available and up to date every minute of every day is critical.

A short time ago, phone systems were mostly made up of wires and hardware. When the warranty on this equipment ran out, businesses were given the opportunity to purchase annual maintenance and protection plans to help keep their systems operational. With today’s software-based VoIP phone systems, software is just as important as hardware. New features, functionalities, and software updates are constantly available.

In today’s ever-changing market, it is important to maintain the latest technologies. As phone systems have changed, protection plans have also changed. What once was annual maintenance and protection is now “software assurance.” Software assurance is a software subscription support program offered by most manufacturers that protects your communications investments by providing ongoing releases, updates, patches and more.

Why is it important to purchase and keep a software assurance program in place?

  • Protect your investment. Stay current with software upgrades, updates, fixes and security patches. Have peace of mind knowing your operational risk has been reduced and your system is stable and up-to-date with the latest features and enhancements.
  • Ensure your software is always current. A software assurance plan typically includes the following:
    • Cost of enhancements and new software releases
    • Installation of enhancements new software releases
    • Service packs and fixes for any issues related to compatibility and security
    • Remote diagnoses and repair of software-related problems
  • Address System Issues with the ability todownload system fixes and patches quickly and efficiently, ensuring minimal downtime.
  • Maximize Employee Productivity by keeping your systems and applications current with the latest features and enhancements.
  • Budget More Efficiently with a fixed annual contract offered by most software assurance plans. Efficiently budget for your business communications system expenditures in advance, alleviating the concern of unexpected system maintenance or upgrade costs.

Software assurance programs reduce the capital outlay your company would need to make every time there is an upgrade to your communications system software. It also eliminates having to tie up valuable internal resources to purchase, install, and check the software for every upgrade. Software assurance programs are a smart way to keep your telecom system up to date and operating at peak efficiency.

Work Smarter with IoT

By now, you have likely heard the phrase “Internet of things,” or IoT. It has become a hot topic of discussion both inside and outside of the workplace. But what exactly is the “Internet of things?”

IoT is the concept of connecting everyday objects (so long as they have an on/off switch) to the Internet and then to other connected devices. This can include a number of devices from cellphones, coffee makers, washing machines, wearable technology and almost anything else you can think of. 

This network of devices with built in sensors are connected to an IoT platform, which collects and shares data about their environment and how they are used. These platforms can then determine what information is useful and what can be disregarded. The gathered information can be used to identify patterns, provide recommendations, and expose possible problems before they arise.

How Can the Internet of Things Help my Business?

The IoT represents a tremendous opportunity for businesses of all sizes. It’s not only large companies that can utilize these devices—small businesses can, and should, use the devices to improve their operations. So, where do you start? Here are some ideas to get you started.

Automation. For small businesses, leaving the lights on overnight or forgetting to lock the doors can have severe consequences. Automating your office routine with IoT devices can help take some of the pressure off.

  • Using smart lighting and thermostats eliminates the need to constantly set and rest your thermostat or worry about turning the lights off when you leave the office. Not only does this eliminate stress, but these devices can also offer significant cost savings.
  • Smart locks increase security by giving users access to a building instead of using a physical key. Businesses can monitor and control a smart lock from anywhere and can also tell if a door is open.
  • Smart Cameras are great for security. Many of the top connected cameras come with large amounts of cloud storage so that you can go back and review your security footage if needed. A reliable internet connection is necessary to achieve good quality footage.

Improve Space Efficiency. Wasted resources can be a huge burden on a small business budget. IoT can help to maximize your office space by using sensors to pick up activity and heat to monitor which area or areas of your office are used the most.

This information can then be used to figure out when conference rooms go unused or if your office needs to be restructured. For example, perhaps certain departments need to work closer together, or additional workspaces are necessary for meetings. Sensors can tell all of this information and help organizations, large and small, maximize their space. Combined with smart lighting and smart thermostats, offices can use IoT to maximize productivity and savings.

Virtual Assistants. Virtual assistant such as Google Assistant, Alexa or Siri can be connected to task management systems and calendars. These devices can communicate with other smart devices and eliminate tedious tasks like scheduling and research. Taking advantage of these free assistants can simplify your day and boost productivity.

Automatic Inventory Tracking. Maintain an accurate inventory while maximizing efficiency by using RFID tags for merchandise. Small retail businesses can benefit from the use of smart RFID tags on their merchandise. These tags can automatically update inventory as items are sold. You can also set up the sold items to be reordered automatically.

Mobile Card Readers aren’t just for mobile operations. Many small businesses use them in place of cash registers. Similar to credit card processing companies, you are charged a processing fee for each transaction, however the card readers are typically much less expensive to purchase and maintain than a traditional POS system.

The Internet of Things can greatly improve the way we work, helping to make more efficient use of our resources and space. For small businesses trying to grow and compete with larger enterprises, this efficiency is critical. As the IoT continues to automate office tasks, organizations should take advantage of these offerings to help their business stay competitive in the market.

Star of the Year 2018

Joe Rayburn

Each year our board of directors considers nominations for the Chickasaw “Star of the Year Award” that is given to a person showing outstanding effort, teamwork, and communications skills. This is our highest award at Chickasaw.

This year’s recipient for the customer service Star of the Year is Joe Rayburn.

Congratulations Joe and well done!

Disaster Preparation, Prevention, and Recovery

You’ve worked hard opening and running your business. Losing it to a disaster would be financially devastating for you — and for your employees. Would you know what to do if disaster struck your business? One of the most important steps you can take in running your business is creating a disaster preparation, prevention and recovery plan.

The following guide can help you to determine what you need to include in your plan to make sure your business is protected against common threats, prepared for natural and other disasters and can quickly recover should an unpreventable event occur.

Make a list of assets. First, you need to make a list of all your physical business assets that could be lost in a disaster. These may include;

  • Building(s)
  • Equipment
  • Furniture
  • Vehicle(s)
  • Product inventory
  • Cash
  • Financial, customer and other operational data
  • Physical documents
  • Network and Data equipment

Identify Risk. Determine which types of threats can damage or destroy your assets. Some of the following may not affect your area, but any that could impact the operation of your business need to be considered.

  • Earthquake, tornado, tsunami, or hurricane
  • An electrical surge or outage
  • Fire
  • Hacking, viruses, and other cyber attacks
  • Rain and flooding
  • A spill of hazardous substances
  • Terrorism

Determine the steps you will take to protect your assets from disasters. Take each threat and each asset, then analyze how you can prevent or prepare for the variuos disasters that might affect those assets.

Personnel. Employee safety should be a top priority of your disaster plan. Create a plan for the protection/evacuation of your employees during natural or man-made events that could affect their safety.

  • Assign and train employees, based on their personal skills, to be prepared to take specific actions in the event of a physical threat
  • Bring in a professional to train a number of employees to perform CPR and other first aid measures
  • Determine escape routes and safe areas employees should use, depending on the type of physical threat
  • Post a plan of these routes in a prominent place so employees are reminded of them and can know them instinctively
  • Include instructions for turning off utilities such as gas, water, and HVAC systems
  • Assign individuals to help ensure that an escape or safety plan is implemented properly
  • Practice this plan and make sure new employees are trained on it as part of their orientation
  • Post emergency phone numbers for police, fire, poison control, etc .
  • Add safety equipment — including first aid kits, Automatic External Defibrillators (AEDs), fire extinguishers, smoke detectors, and shelter-in-place supplies — to your facility
  • Maintain an emergency personnel file on each employee with important medical data, and names of emergency contacts

Physical Assets. Meet with your insurance provider to understand what is and is not covered in the case of various types of disasters.

  • Determine the cost involved in expanding coverage to make sure your assets are insured in case of each type of loss
  • Make copies of important printed documents — such as deeds and other legal documents — and put the originals in a safe deposit box at your bank
  • Take photos of all physical assets, put them on a CD, DVD or flash drive, and store it in your safe deposit box. Businesses that have an inventory of their belongings, with pictures, typically receive higher insurance payments from losses and receive them faster
  • If your business is in an area threatened by severe natural storms, consider making building enhancements so your building(s) can better withstand these threats

Data. The financial, customer, and operational information on your network is the heart of your operation. Ensuring that it cannot be lost is the best action you can take to quickly get your operation up and running again.

Moving your operations and data to a cloud service provider not only protects that data in case of a disaster, but can also significantly enhance the productivity, collaboration, and functionality of your business.

Cloud services, such as Intermdia, offer business services — including hosted Exchange, Hosted PBX and Securisync® — that let you communicate, collaborate, manage content and run your business applications. Today’s highly mobile environment, with employees accessing data from their PCs, smartphones, and tablets, makes that access easy, yet keeps your data safe and secure and away from your physical location so it’s not affected by any natural or man-made disaster.

Getting Help. There are several governmental and charitable agencies ready to help in times of a disaster. The Small Business Administration is prepared to assist, with programs such as their National Response Framework (NRF), National Disaster Recovery Framework (NDRF) and Disaster Loan Making (DLM) process. Their Disaster Oversight Council/Executive Management Team oversees the direction and support of the disaster loan process during disasters and coordinates DLM and continuity of operations (COOP).

By addressing all the above issues in your plan, your business can prevent damages from some possible threats, be better prepared for other disasters, and be in a position to quickly get your operations back up and running.

Electrical power is a good thing — until it’s not.

As business owners and managers, we like to think we’re the power behind our business. We make the decisions, work with customers or clients, conduct the training, the hiring, the firing and much more.

But the truth is, much of our business runs on electricity. It’s electricity that powers our equipment, phones, computers, printers, scanners, fax machines, security system and more.

Electricity is a wonderful thing, but it can be dangerous, too. Voltage spikes and brownouts, caused by power outages, lightning, tripped circuit breakers, short circuits, and power company malfunctions, can temporarily increase the amount of voltage that travels through electrical lines. When these spikes reach our telecom system and other equipment, they can do a lot of damage.

Spikes are fast, short duration oscillations that affect the amount of voltage running through power lines. They can permanently damage any piece of equipment running on electricity, and that can be costly.

A brownout is a drop in voltage to your electrical system. While you still have power, you have less of it. An irregular power supply can be harmful to your computers and other electronics because they are created to run at specific voltages. Additionally, when the power restores, the voltage surges while it regulates which can also harm your electronic devices.

The solution is the installation of an uninterruptible power supply (UPS) between the source of power and the equipment using that power.

A UPS is a battery that provides backup power when your regular power source fails or your voltage drops to a dangerous level. UPS’ are used to protect computers, data centers, telecommunications equipment and other electrical equipment where an unexpected loss of power could cause harm to electronics.

Find the UPS that suits your operation.

If your business is small or has minimal office equipment, smaller standby UPS systems are probably sufficient. If your business is mid-sized or larger, or if you have server-based computer networks or manufacturing equipment, you may require more sophisticated protection.

Here are the basic elements you’ll want to consider when choosing a UPS system:

  1. Power: The system you choose must have enough power to protect and support all of the devices you have in your business. Power is usually calculated in Volt-Amps (VA). By adding up the watts required by each piece of equipment, you will be able to determine the total amount of power your UPS system will need to protect.
  2. Protection Runtime: Secondly, you will need to consider how long you want the system to stay powered if there is an extended outage. Many UPS devices keep equipment operating only a few minutes, giving users enough time to safely shut them down. If there’s a chance that power will be off for an extended period, this could interfere with your ability to conduct business. Having no power can result in missed communications, unhappy customers and lost revenue. Selecting a UPS with extended runtime is an important consideration.
  3. Activation: Different systems use different triggers to initiate their operation. More basic systems have battery power that kicks in when the voltage drops below a certain level. More powerful systems have a transformer. Transformer-based systems have more sophisticated technology that keeps the voltage within an acceptable range and only relies on the battery in low- or no-power situations.
  4. Incoming Power: It’s important to know about the quality of your incoming power source when choosing a solution. If power fluctuations are common in your area, a UPS with Automatic Voltage Regulation is the answer. This can protect your equipment by correcting the incoming power from over-voltages and under-voltages.

UPS systems should not be chosen based on price alone. Select one that fits the systems and equipment you use in your business and the quality of the power source you receive.

As you run your business, make sure it’s able to run even when the electrical power is less than reliable. Adding an uninterruptible power supply can help your business save its sensitive electronics, equipment, and other systems and increase the reliability of your business for your customers — even if the power company can’t.