Recent blog posts - Machado Consulting's News You Can Use - Page 7 | Worcester, Massachusetts | Machado Consulting


Machado Consulting's News You Can Use

Welcome to our blog where you can find everything from tech-tips to keeping your data secure. Have any questions? We'd love to hear from you!

Cyber-Attacks Can Happen, But They Don’t Have to Happen to You

According to the 2019 Ponemon Institute’s Global State of SMB Cybersecurity report, 76 percent of respondents in the US said their companies had a cyberattack in the past year. Out of those incidents, did you know that the top methods of attack weren’t a stolen device or a cracked password?  They were the result of phishing campaigns, web-based attacks and general malware.  In plain terms, sneaky emails that look authentic, legitimate yet compromised websites and planned broad scale malignant software were the causes of most cyberattacks.

Don’t get scared, get prepared.

As a business owner, you know that you must have strong passwords, (remember this meme?)  and that you need to lock your computer when you walk away from your desk.  But how does a small to mid-sized business (SMB) owner defend against ever evolving phishing and web-based attacks?

 What can I do?

Talk to us, at Machado Consulting. We’ll listen to your concerns, ask about your current cyber protection and discuss our enterprise level security plan offered at a “small business” price point.

We provide a suite of advanced, defense in depth coverage, designed to stop active threats before they cause damage. And while it’s important to know how we’re protecting your business, we’re even more proud of WHO is protecting your data, your company and your reputation.

Our company is led and driven by our CEO/CISO, Helder Machado. Helder is a Lt. Colonel in the Massachusetts Army National Guard and serves as the Chief Information Officer (CIO/G6) for the MA-ARNG.  Helder holds degrees in Electrical and Computer Engineering from Worcester Polytechnic Institute and an MBA from Fitchburg State. He’s earned a Certified Information Systems Security Professional (CISSP) certification, a top-level certification within the information security industry.


Machado Protect is a next generation cybersecurity defense plan that safeguards your IT environment from every angle while remaining affordable for the small/mid-sized business. Let our team shield your IT environment from internal and external threats, reduce your risk, and offer peace of mind. Call us at (508) 453-4700 to start a conversation, or send an email.

Continue reading

Plan for Compliance and Avoid Loss

Plan for Compliance and Avoid Loss

Today’s world is driven by data. Naturally, information systems must be secure. Business is all about relationship and without proper security protocols in place, your clients will lose their trust in you. While today’s hackers have many ways to breach an organization’s network, data breaches that occur as a result of lax security are unforgivable from a customer standpoint. Some organizations can spend more on security than others, but data security must be a priority, no matter your IT budget.

Here are some of the regulations all business owners and IT administrators should know:

  • GDPR: The European Union’s General Data Protection Regulation is as comprehensive a data protection law as there is. Its aim is to protect the citizens of EU-member countries from data breaches. The GDPR applies to every organization that processes personal information of people residing in the EU.
  • CAN-SPAM ACT: This rule ensures that individuals don’t receive explicit or misleading advertising information from an organization.
  • GPG13: Known as the Good Practice Guide 13, it is the U.K.’s general data protection regulation for organizations that do business in the U.K.
  • HIPAA: The Health Insurance Portability and Accountability Act puts several guidelines on how patients’ data is shared and disseminated by insurers and health maintenance organizations.
  • SOX - The Sarbanes-Oxley Act requires corporate records to be kept for seven years to ensure that there is transparency in the accounting. For IT this means being able to have access to data to run reports when called upon.
  • PCI-DSS - Payment Card Index Data Security Standard are regulations enacted to try and reduce fraud by protecting an individual’s credit card information.

A business that doesn’t adhere to simple IT regulations probably isn’t adhering to other regulations. Would you want to do business with someone that you know won’t do what’s asked of them to protect YOUR data? Unreputable businesses that are looking to gain an edge by not meeting regulations will pay later for not spending now.

Compliance and Your Business

How will you plan for your company’s compliance? The best way is to educate yourself on what exactly your business needs to plan for by looking at the regulatory mandates, and by seeking out organizations who have already become compliant with their respective industry regulations. This is where a managed IT service provider (MSP) can be helpful. Since we take security compliance extremely seriously, and deal with many businesses across a wide variety of industries, we have the perspective that can provide a clear strategy on how to stay compliant.

Machado Consulting uses sophisticated monitoring, management, and reporting software to reduce risk and put our clients in the best position to prepare for any audits or assessments that need to be completed by regulators. Since the regulatory landscape is constantly changing, our IT professionals are in a unique position to serve as both IT administrator and regulatory consultant.

If you are searching for a way to control your compliance situation, look no further than the IT professionals at Machado Consulting. We can come alongside your organization to help eliminate any risk your organization would have as a result of compliance concerns. Call us at (508) 453-4700 today to get started. 

Originally published as “Knowing and Planning for Your Compliance Burden”, June 23, 2018. Updated October 16, 2019.

Continue reading

Business Ransomware Increases by 500%. 5 Tips to Make Sure You Aren’t Next.

Business Ransomware Increases by 500%. 5 Tips to Make Sure You Aren’t Next.

Originally published as "Tip of the Week: Ransomware is Exploding, is Your Business Ready for the Blast?"

When it comes to internet threats, ransomware is the one that causes the most fear, especially for small and medium-sized businesses, and the fear is based in reality.  According to the Malwarebytes 2019 Cybercrime Tactic’s and Techniques report, in comparison to last year, the rise of business ransomware has increased over 500%. It’s time to make sure that you’re doing what you can to stop your business from becoming another ransomware statistic. Here are five good tips that will help you avoid becoming a victim of the next big ransomware attack.


1. Get Smart: You and your employees are the first line of defense against ransomware - and all malware. You need to invest time to educate yourself and your employees about the dangers and consequences of an attack, and best practices to protect yourself, your data and your network from a cyber threat. Keep yourself apprised of the best ways to prevent victimization.
2. Back It Up: Regularly backing up data is the most effective way to prevent losing your data from ransomware. If a ransomware attack does find its way onto your network, you have a copy of that network and data backed up in its entirety from just a few minutes before. 96% of companies with a trusted backup and disaster recovery plan were able to survive ransomware attacks. The copy of your backup shouldn’t be stored on the infected network.
3. Keep Security Software and Patches Up-to-Date: New ransomware is always being introduced. New variants of malware are always being created, which threaten your network. Luckily, your operating system and software are always working overtime to come up with ways to keep your data and network security. Updating your security software and paying attention to patches is a great way to make sure that you’re protected when ransomware strikes.
4. Beware of Email: One of the primary methods of ransomware transmission and infection is email. According to Proofpoint researchers, nearly 30% of the most targeted malware and phishing attacks were directed at generic email accounts, like . Users should be cautious of any email that is unsolicited or unexpected, particularly if there is a link or attachment.
5. DON’T PAY THE RANSOM: Paying ransom is no guarantee that you’re going to get your data back. The first payment is often a gateway to increasing demands and your data is still gone. Don’t Pay the Ransom! Instead of paying the criminals who have hijacked your data - contact your IT service provider and let them know what is going on.

That is just for starters - for those of you who want to make sure they’re doing everything possible to reduce their chance of contracting ransomware, reach out to our security experts today at (508) 453-4700.

It’s estimated that ransomware attacks will reach 11.5 billion annually by 2019, and that number only includes those who pay the ransom. Imagine if everyone who was attacked paid their ransom. Are you familiar with these five ransomware tips? Is there anything else you have found to be effective? Let us know in the comments below.

Continue reading

Being Smart & Social: The Importance of Cyber Hygiene on Social Media

Being Smart & Social: The Importance of Cyber Hygiene on Social Media

Blog post originally published on April 10, 2019 as "Social Media Users Should Consider Their Personal Information". Updated September 27, 2019.

Social media has completely changed the dynamics of how people communicate with one another. In an age where a picture can appear on thousands of devices all over the world, privacy has become a major concern for anyone using social media. According to the Pew Research Center, 72% of Americans over 18-years-old use some social media platform. 

In relation to this increase, the number of cybercriminals looking to steal money, information, and identities has also risen. Privacy concerns are prevalent in today’s social media environment, and users must be aware of how their data is vulnerable.  For most people social media is a place where they can share their civil and political views, personal health information, learn scientific information, engage in job, familial, and society-related activities, and where they get most of their news. Between social media and online commerce, more personally identifiable information is shared with corporations than you would ever knowingly share with your best friends. Think about that.

As social media usage increases, (we currently spend 30% of our online hours on social media), we are sharing more and more personal information. App developers create more third party integrations that require you to share your personal info in order to use their service. But the more this happens, the easier it is to lose control over who has your data, how their storing it, and how they're monetizing it.

Why Stay on Social Media If It Makes You Vulnerable?

If you are at the beach and a lifeguard told you that they saw sharks in the water, would you wade around waist-deep trying to spot the sharks? No chance. We constantly warn people to protect their personal information, and they consistently don’t. Why? Because we all tend to think of data and privacy in small, targeted ways, but we now know that data breaches and big data gathering happen to anyone and everyone. While personally motivated cyber attacks occur, it's much more likely that your privacy will be compromised by a larger scale attack.

Here are some great tips for staying safe on social media, as posted by the Department of Homeland Security, Cybersecurity & Infrastructure Division, for more detailed information, check out the CISA website.

  • Limit the amount of personal information you post 
  • Remember that the internet is a public resource 
  • Be wary of strangers 
  • Be skeptical 
  • Evaluate your settings 
  • Be wary of third-party applications 
  • Use strong passwords
  • Check privacy policies 
  • Keep software, particularly your web browser, up to date 
  • Use and maintain anti-virus software 

Remember, less is more on social. Sure, your "Likes" may establish your online personality, style and preferences, but you might find yourself the target of more than just savvy marketers.

Continue reading

The Endless Line of Costs from a Data Breach

The Endless Line of Costs from a Data Breach

Picture this… In your office you have a bag filled with thousands of envelopes. In each envelope there is $242 in cash. Unbeknownst to you, a thief has gained access to your office, but you don’t realize this until 279 days later. How much is this going to cost your business?

Continue reading

Search Blog

Subscribe to Our Blog