|
Call Today (888) 252-2990
IT Support Services
View All
Obsessive Support®

The hallmark of the Visory experience, our dedicated team of professionals provides a high degree of support for all your IT needs

Managed Infrastructure

Leading edge solutions that are always working to maintain the integrity of your firm’s IT backbone

Managed Security

Best in class security to protect your firm’s data and technology

Microsoft Resource Center

Tips, advice, and industry insight from our team of accountants and business owners to yours.

We’re here to help. Contact us for a consultation.
Application Hosting
View All
QuickBooks Online

Bypass the wait time and access Visory’s Obsessive Client Support®

Quickbooks

Take your business to new heights with Visory’s flexible QuickBooks hosting solutions

Sage

The same Sage you work in every day, only better

GoldMine

An affordable CRM for small- and medium-sized businesses, built to support your sales, marketing and customer service needs

Tax

Revolutionize your next tax season with added efficiency and mobility

3rd Party Applications

Access critical applications that are integrated seamlessly into your workflow, conveniently hosted on the same server

Cloud Platforms

Access affordable enterprise-grade hosting solutions with none of the IT burden

Watch your firm grow with the ultimate ease of access, security and flexibility.
Managed Services
View All
Managed Security

We’ll help you develop and implement the right cybersecurity policies and protocols to keep your firm secure and in compliance with regulatory guidance

Managed Infrastructure

We’re here to manage your firm’s IT activity, safeguarding the integrity of your infrastructure and devices, so you don’t have to

Let’s talk about keeping your business and your data secure.
Cybersecurity
View All
Managed Security

We’ll manage your cybersecurity policies and protocols to keep your firm secure and in compliance

Zero Trust

Security that ensures everyone granted access is who they claim to be

Awareness Training & Testing

Educate and train your most important last line of defense – your people

End Device Protection

Protection where people and their machines intersect

Multifactor Authentication

Secure access to your data. Reduce the risk of compromise, prevent cyberthreats.

Email Filter

A different approach to protecting emails

Single Sign-on

Secure single sign-on access for a connected world

Backup

Backup your data for business continuity and compliance

SecureCloudDrive

Keep everyone on the same page. Any user, every device.

SASE

Secure connections for all your users, devices and networks

Written Information Security Plan (WISP)

Get started on a robust security plan with a WISP for your business

Virtual CISO

Protect your organization with the expertise of our Chief Information Security Officers (CISO) without having to hire a full-time resource

No firm is too big or too small for a data breach or a cyberattack. Let’s talk about your security.
Compliance
View All
Tax & Accounting

IRS 4557

Other Businesses

Complying with state and federal privacy regulations and more

Contact us to learn more about how we keep your business safe and in compliance
QB Desktop, QBO

Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy

O365

Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy

Liscio

Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy

Knowbe4

Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy

Sentinel One

Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy

Lorem Ispum Dolor Software CTA

When you are asked, “How do you feel about cybersecurity?”  Do any of the following knee jerk responses occur? 

“Ugh.” 

“Ah, I’m not a target.” 

“What does that even mean?  Really.” 

“I’ve got nothing they want.” 

“I’ve not thought about it much.”  

We hear these responses often. And we get it.  There are very few high-profile resources catering to small and medium-sized businesses (SMBs) when it comes to cybersecurity.  What you see coming through the media and being reported on mainly pertains to large, enterprise-level organizations: MGM, Target, 23 and Me. Those are obvious targets.  We’re not seeing reports on B&C Construction in Philadelphia, family owned for three generations, employing 50 people; they’ve been dealing with litigation over a breach for the last 3 years and it has almost cost them their business.   

No. That isn’t a catchy headline.  That’s not the kind of clickbait news outlets are going for, but it is infinitely more relevant to a much larger number of business owners. 

Now, yes, I made up the company mentioned above, but the overall scenario is based on real events.  The cost of even a small breach, in terms of resources, is too great to ignore.  And it isn’t just about money. There is a labor cost – someone, or more likely several people, in your office will have to manage the problem on top of what they are already doing.  There is reputational damage – while this may not make apple news, word will travel to the people that matter.  There is the client trust factor – divulging to a client that you’ve been hacked opens you up to a lot of questions.  All these factors leave you very vulnerable, the very thing a small business cannot afford to be. 

Now, every time I watch a movie that says, based on real events, the skeptic in me immediately wonders how much creative liberty the writers and directors have taken.  Furthermore, Visory has committed to sticking to the facts when it comes to relaying information about cybersecurity, so, I’m not going to leave you with the made-up scenario above.  We’ve compiled a few real-world stories from organizations we’ve worked with directly.  (Note: names and identifying information has been withheld) 

SCENARIO ONE: 

The bank contacted a construction company to report suspicious activity on their account.

Here’s what happened: 

The business manager, a power user with an all-access pass to their data, gave away their credentials via email, because of a phishing scam.  Now, let’s not chastise this business manager. These phishing emails are good…very, very good; this can (and does) happen to the best of us. 

The good news: MFA adds a strong second layer of security 

They caught it right away and put Multi-Factor Authentication (MFA) in place. Great idea. Multi-Factor-Authentication is an added layer of protection.  Typically, a code is sent to your phone via text/SMS before logging in. 

What they didn’t know: Hackers already obtained a way in 

The hacker used the ill-gotten credentials to forward the IT Manager’s emails to themselves, thus gaining access to the company phone provider.  Now they are able to access email and SMS / text messages, rendering MFA useless. 

Why this business was targeted: Construction companies are lucrative targets 

The purpose of the attack was to intercept a large wire transfer. Large wire transfers are a primary reason construction companies are so attractive to cyber criminals. With email and SMS hijacked, they had the means to all the access they needed. Had the bank not caught the suspicious activity, had this attack been carried out, it would have been a very complex problem, requiring numerous resources and costs.   

How to prevent this problem: Good – Better – Best Planning 

Good: Multi-Factor Authentication 

MFA, would have made it much more difficult for the cyber-criminal to access the business manager’s email. 

Better: MFA + Employee Security Awareness Training 

By participating in security awareness training, the business manager would have been more likely to spot the fraudulent email. 

Best: MFA + Security Awareness Training + Next Gen Filtering 

With the addition of next gen mail filtering, the email wouldn’t have ever made it to the business manager’s inbox. 

SCENARIO TWO:  

Construction company praises cyber-aware team but leaves too much room for human error.

  Here’s what happened: 

During our conversation with this client, the subject of cybersecurity came up and the controller confidently explains her team is incredibly cyber-aware, very security conscious, very adept at thwarting phishing attempts.  We were very impressed and wondered how they know this, how they track it. Well, they forwarded the controller every. single. piece. of suspicious looking email. 

Why this is a problem: Lacking efficiency and effectiveness 

The sheer loyalty and dedication behind this move should be rewarded 10 times out of 10.  However, the lack of efficiency and effectiveness spans a few layers.  And with an SMB, we are always working toward efficient and effective, no?  Always attempting to do more with less. 

First, it is highly unlikely the employees are going to catch every suspicious email, especially if they’ve not had training in how to do so (see employee security awareness training above).  Second, it is unlikely the controller is going to be able to dissect and research every one of the emails they do send to the depth that is necessary and with accuracy.  Third, the amount of time this takes could be a full-time job in and of itself. 

How you prevent this problem:  Email filtering 

A next gen, robust email filtering program, one that gets smarter over time, was made for this very situation.  Efficiency is one of the main reasons to invest in this type of technology; it removes emails and removes garbage, so you don’t ever have to pay attention to it or waste your time. 

SCENARIO THREE: 

Everyone’s worst nightmare when dismissing an employee. 

Here’s What Happened: 

We had a client who had scaled back their business and therefore decided to cancel their hosting service and bring everything on premises.  In fact, they only had one employee – the controller – accessing their accounting data at this point and the cost didn’t seem justifiable.  Completely understandable. 

About 18 months later, the controller was dismissed…um…abruptly.  Now whether said controller was disgruntled or misinformed, I’m not sure, but the controller proceeded to wipe their company computer clean.  Clean.  As in all the accounting data, clean. 

How this became a bigger problem: Corrupt backup data 

The business manager came in and said, “That is okay.  We have a backup.” While they did put a backup solution in place, there was either a gap in understanding how that set up worked or how to manage it.  All backup data was corrupt.  In fact, the most recent back up information they could access was 18 months old.  Is your heart in your throat?  Well, it gets worse.  They had an audit coming up in one month. 

How to prevent this: Robust backup & regular testing 

The turnover of a critical employee doesn’t have to upend your business.  You need a proper back up system and you need to test the recoverability of that backup system on a regular, scheduled cadence.   

It is increasingly difficult to write about or discuss cyber protection in a way that doesn’t create fear because the resulting effects of a cyber-attack are difficult.  While we mainly hear of a ransom attack where the company may or may not have paid the ransom, we do not hear about the resulting fall out; the resulting layers of time, stress and financial burden.  However, that is not our goal. Fear is not a place from which to make good decisions.  We simply want you to see a bit of yourself, your business in these stories.  We want you to start asking yourself, how would we handle that situation?  Are we covered if something like that occurred?  We want this to be your sign to start getting educated if you aren’t already; that is the place you want to start.  

  1. Get to know the greatest risks to your industry 
  1. Understand the risk tolerance of your organization 
  1. Learn how to protect yourself and your employees. 

We’ve got a few pieces that cover the very most fundamental aspects of a cyber-attack.  If this information is brand new to you or if you want to see where you stand in terms of knowledge, start here

If you’d like to see where you currently stand as it relates to cybersecurity, take our short quiz here

If you’d like to have a conversation and ask a few questions, we’d be happy to help.  Whether or not you start with us, it is imperative you start looking at what you need to protect yourself, your organization and your employees. 

INSIGHTS
What We’re Saying
Oct 9th, 2024
Data Breach Survival Guide for Accountants
In our digital world, the safety of your clients’ sensitive information hinges on your vigilance and preparedness. It’s more than a responsibility—it’s a cornerstone of
Oct 8th, 2024
The True Cost of Cybersecurity Threats in Construction
Visory partnered with the American Institute of Constructors (AIC) to bring you this critical webinar: The True Cost of Cybersecurity Threats in Construction. We covered
Oct 7th, 2024
Cybersecurity in Construction: Building a Safer Future for Your Business
The construction industry may not seem like a primary target for cybercriminals, but recent years have shown otherwise. As more construction firms adopt digital tools
Oct 7th, 2024
Cybersecurity in Accounting & Wealth Management: Safeguard your Clients’ Most Sensitive Data
Trust and confidentiality are everything for accountants and wealth managers alike. Your clients rely on you to grow their investments and protect sensitive financial information.
Sep 30th, 2024
October is Cybersecurity Month: Simplifying Cyber Safety for Your Business
The barrage of information and media coverage around cybersecurity can feel overwhelming in today’s fast-paced digital world. Every headline seems to shout about the latest
Sep 26th, 2024
How Secure is your Wealth Management Firm? Essential Cybersecurity Strategies
As the wealth management industry continues to evolve, so too does the cyber landscape. For wealth managers, staying ahead of cybersecurity threats is not just
Copyright ©2024 Visory. All rights reserved.