26. Pop Up Alerts Can Be Good Or Bad – How Do We Know The Difference?
Welcome everybody to episode 26 of Unhacked. And, guys, Unhacked is a podcast where we empower the busy, overworked, underpaid, overwhelmed, frustrated business owners who happen to care about cybersecurity, to outsmart Russian hackers. So, I am Justin Shelley, CEO of Phoenix IT Advisors. I work with businesses in the Dallas area as well as Northern Nevada, Utah, and Idaho, kind of all over the place. And I am sitting here while we've mixed it up a little bit.
Justin:It's been Brian for the last couple weeks, and this week Brian's out and Mario is back. Mario, say hi.
Mario:Hi. How you guys doing? I hope, you guys didn't miss me too much.
Justin:Oh, we did. We did.
Mario:It's good to be back, though.
Justin:Well, tell a little bit about what you do, where you're at, and then where you've been. I'm sure you have a story, at least one.
Mario:So, my name is Mario Zaki, CEO of Mastech IT. We are a managed service provider in the New York, New Jersey area, servicing the entire, tri state area, and we've been in business for 20 something years now, you know, chugging along, helping small to medium sized businesses, stay protected. And for the last 2 weeks, I was, on a vacation back to the motherland of Egypt.
Justin:Oh, really? Yeah. I didn't know that.
Mario:Oh, you didn't? No.
Justin:I knew you were out. I didn't know you were in Egypt.
Mario:No. I went, to Egypt. I took the the wife and the kids. We were there for 2 weeks, which was nowhere near enough time, and we had the time of our life. It was, amazing.
Mario:You know? It's I I haven't been there in, like, 21 years, and even when I went 21 years ago, it was a, you know, family trip. I I didn't you know, we spent the whole time visiting people, but we didn't really get a chance to enjoy it. This time, I not only did I enjoy it, I am trying to plan another trip back soon.
Justin:Nice. It
Mario:was amazing. And, you know, everybody that, you know, we've talked to, I talked to prior to the trip and after, like, oh, how is it there? Is it safe? Justin, when I tell you, not only was it safe, I have never been to a place where everybody is so friendly in their life.
Justin:Really? Really?
Mario:Everywhere we went from Cairo to the Red Sea to, you know, the pyramids. You know, everybody is super nice. Nobody was ever somewhat even snippy, let alone rude. And, you know, you you know, obviously, you do have people trying to sell you stuff all
Justin:the time. But Yeah.
Mario:You know, you know, I came back on Saturday. I had a meeting in Manhattan on Tuesday. The second I hopped off the Lincoln Tunnel, I had 2 people trying to wash my windshield, trying to get money and stuff like that.
Justin:Right. Right.
Mario:You know, it's like that everywhere. But, definitely definitely was an amazing trip. Amazing.
Justin:Dang. That sounds that sounds amazing. Tell me, though, are are is this where you're from?
Mario:Yeah. Yeah. Originally, I was born there, came when I was 3.
Justin:Okay.
Mario:And only been back there once prior to this last trip.
Justin:Things I'm learning about Mario today, Yeah. I had no idea. So I I don't know if I should admit this, but I Mario to me is a Hispanic name. I thought you were, like, Latin American.
Mario:Originally, it's like I mean, it's it's it's an Italian name.
Justin:Is it? See, what little I know.
Mario:But it's Mario I mean, everywhere, but Mario the name Mario is actually very getting very popular in Yeah. As well. But, yeah. No. It's, you know, 100% Egyptian.
Justin:Cool stuff? I had no idea. I we're not as good at friends as I thought, I guess.
Mario:Well, we're getting there. We're getting there.
Justin:We're we're we're getting there. Alright. We'll, we'll we'll wrap this or bring this back to the cybersecurity podcast. So today, we're gonna talk about really how to know the difference between the tip of the week is about how to know the difference between a good pop up and a bad pop up or, you know, alerts that show up on your computer. Pop ups usually, you know, if somebody says pop up to me, I'm thinking what I'm doing on a a website, like a web browser pop up.
Justin:Mhmm. And that may be part of it, but your computer will also throw alerts at you too. So we're gonna talk about that, and we are also going to, break down the largest data leak ever. Right? It that's how this thing's being built.
Justin:Right?
Mario:Yep. Yep.
Justin:And there's been a lot. I think the last three episodes in a row, it feels that way anyways. It's been the biggest, the largest, the most historic whatever in in ransomware dollars, in the outage that took down the most most people that wasn't cybersecurity directly, but it was a cybersecurity vendor that caused it. And now we've got the biggest data leak that's ever happened. So it's like, if if you guys believe in the apocalypse, you know, start prepping what whatever you gotta do because I don't know, man.
Justin:Shit shit seems to just be heating up. Anyways, we're gonna talk about that, and then we're gonna wrap it up with our formula like we always do on how to 100% protect your business from Boris Grishchenko, my, arch nemesis, the cybersecurity antihero. And I don't know if he's even that in, in the James Bond movie. Anyways, let's jump in, guys. Alright.
Justin:So, Mario, you are the one that kind of, first suggested we talk about this. Of course, it's kind of a given because it's such a big deal. But tell us a little bit about what happened, who it happened to, you know, not super technical, but just what it what it means to us as businesses and individuals.
Mario:So, like, as a quick, you know, 30,000 over of overview, the National Public Data Company, was breached. It was they stole I think, the exact number was, like, 2.9 or almost 3,000,000,000 people's Social Security numbers. So it's almost everybody. Everybody's Social Security number is now somewhere on the dark web. They tried to sell it, and they tried to, like, you know, get somebody to buy the, you know, this information.
Mario:They couldn't, So they ended up just releasing it into the dark web.
Justin:Beautiful. Beautiful. That's comforting. Right? I I mean, we talk a lot about, privacy.
Justin:Right? In in the cybersecurity world, it's privacy is a term that gets thrown around, but, I mean, we really at like you said, at this point, we just have to assume that everything about us is available. Yeah. One quote I read, it says we can't really pretend anymore that Social Security numbers are private information. It's just another nail in the coffin.
Justin:There have been so many breaches out there. Every Social Security number is likely available. So with that, I mean, what's a guy to do or a gal?
Mario:Well, I mean, in some people's cases, if their Social Security number was leaked, you know, prior to another breach, this this is just another thing. So it's like it didn't doesn't make a difference to them. But 2 you know, 3,000,000,000 people 3,000,000,000 people's information was leaked. So this wasn't you know, like, I personally I I'm I check my credit and my dark web and stuff like that. My credit I'm sorry.
Mario:My Social Security information prior to this was not leaked. But there are steps that people can take now knowing that that information's out there and, you know, somebody has it and it's literally float like, it's almost googling what is Justin Shelley's Social Security number. On the dark web, they'll find it. Yeah. You know?
Mario:So, yeah, there's there's a couple different things that you you need to do. First of all, even before this breach, what, you know, I always recommend is freeze your credit report, you know, with the 3 major credit agencies. And you can just Google it and say freeze my credit report. They'll come up in order, you know, TransUnion. What's the other 2?
Mario:Experian. Experian.
Justin:There there's 3 of them, but you put me on the spot. I won't remember anything.
Mario:Gotcha. Asian. What the we should have known this.
Justin:Equifax. I got I got it. Equifax. Yeah. Yeah.
Justin:Quick Google search. Thank you, Google.
Mario:So you can just go to them. You can just say freeze my freeze credit report and then just go in there, create an a login for with all 3 and then you can just freeze it. And then when you're ready to go and buy a, you know, a car or open up a credit card or, you know, a mortgage or something, just go in there, like, a couple minutes before. You know, you can even do it right from your phone and just unfreeze it, get everything done, and freeze it back.
Justin:And that you can do for free. Just by the way, this is not like, you go on to those sites. This is not a they will try to sell you stuff. Don't get me wrong. Because what they all have, which probably, is our next talking point, they all have credit monitoring service.
Justin:And this is different. Right? This is just go in and lock it down so the people cannot pull your credit. So Exactly. Exactly.
Justin:Alright. So let's say we've done that. What else do we need to be on the lookout for?
Mario:So just like you said, the the credit monitoring. You know? Like, essentially, you know, you you put this in place. It will tell you. It will send you a report or an alert that, something, you know, is happening with your credit.
Mario:You know, somebody applied for a new credit card. Somebody ran your credit. You know? And some of it may actually be good. Like, you know, you're going for a mortgage.
Mario:They're gonna run your credit. You'll get alerts, but you'll know that it it's there. But it'll also tell you, which is is good, it'll also tell you if somebody reported something bad on your credit. Like, if you missed a a bill with a credit card company or something and they start reporting your credit, it'll also start telling you stuff like that.
Justin:Okay. So get a good credit monitoring service. I mean, the go to, you know, at least the the OG. Right? The first one that at least I know of, LifeLock.
Justin:I love to talk about this because it's funny. Do you remember this, Mario? And I think we've even talked about it on the podcast here that this guy, you know, is late night infomercial stuff, and he'd run around in a van. You know, the
Mario:the Yep. With their social.
Justin:Though. Yeah. The social security. He's like, I'm so confident that my stuff works. I can't be hacked.
Justin:And then, of course, what he doesn't admit to anybody is that he was he had his identity theft stolen, what I can find with a quick search, this is old information though, 13 times and maybe maybe more since then. So but I like this is kind of an interesting thing to talk about though because he made his Social Security number public. I mean, he painted the target on his back, but, like, right now, all of us kind of had that target. So, we've got this target on our back. We locked down our credit.
Justin:We get this the, monitoring service. Nothing is foolproof though in this case. So we we we wanna talk about maybe some specific things that we can do, once we've got those two basics in place. And, you know, you mentioned one when we were prepping for the call, medical bills. I had not thought about that.
Justin:Tell me a little bit about, you know, your your position on medical bills.
Mario:Yeah. So when when somebody steals your credit, what what their you know, the things that they can do with it is obviously open up a credit card with it or, you know, do stuff you know, file taxes with it and stuff like that. But another thing is, you know, go under your medical you know, do medical bills. Like, they can get, like, go to a you know, an insure a doctor's office and receive benefits under your Social Security. So when you get those statements or those, EOB's explanation of benefits from your, insurance company, you know, after a a doctor's visit, they'll tell you, like, this is what you we, you know, we received as a bill.
Mario:You know, this was the procedure. This was whatever. This is how much the doctor's office billed, and this is how much we paid for. So it's called an EOB. You know, 99 and, you know, including myself, when I see this, I once I see it's this is not a bill, I just throw it out.
Justin:Throw it away. Yep.
Mario:Yeah. You know? But what you need to start doing, you know, is start checking, making sure that this is something that you actually or your family member was it's legitimate. You went to that doctor. You did the procedure.
Justin:Right. At least that the the office visit, the procedure, whatever is legitimate, even if you don't wanna read through the 37 pages of fine print that,
Mario:Yeah.
Justin:We all agree with you. Read.
Mario:Because, also, keep in mind, some people will say, oh, you know, whatever the insurance is paying for. Well, those guys are not paying their co pay, and they're not paying their deductible, you know, when they go visit the doctor's office. So shortly after this, if they for example, for simplicity, say the doctor's office billed, you know, $1,000, but the insurance company is only paying, like, 800. Depending on your insurance policy, that $200 is gonna be billed to you. Right.
Mario:And if you don't pay for it, that's gonna start affecting your credit. So that's some of the things that you want to start looking for. You wanna say, okay. Yes. This was me.
Mario:This is legitimate. Okay. Now you can throw it out. But if it's not, you know, you wanna take action. Call the doctor's office, call the insurance, and stuff.
Justin:Right. Okay. Alright. Let's go with passwords. You know?
Justin:And and password is something we've talked about before, but it's just common practice, common, procedure, change your passwords. And this is the problem with passwords though is the rules. If we follow every rule about passwords, we get to the point where we as humans are not wired to do this. They have to be complex. They have to be long.
Justin:They have to be different for every site. And personally and tell me your thoughts on this, Mario, but I don't know that there's a way the human brain can do this without a password manager. So I always recommend password managers. You you agree with that?
Mario:A 100%.
Justin:Now that said, when I'm going out and meeting with a prospect or, you know, somebody who I haven't done business with yet, do you know how often I find good password managers in place?
Mario:I I What's your a 100?
Justin:Yeah. I mean, is that your experience too?
Mario:Yeah. Absolutely. Like, it's really out of, like, a 100 network assessments, I I wanna say maybe I saw 1. And from the one that, you know, top of my head, the one that I did see wasn't a business password man like, so it was the personal one, you know, he got a personal password manager and stole it on the computer. His passwords for everything is on there, but it's his it's not managed by the company.
Mario:Right. So if that person leaves or something happens, all those passwords are gonna go with him. So, you know, obviously, some things with business, you know, passwords like, you know, 365 and Gmail and stuff like that, you you know, if you if it's set up correctly from the admin, you can reset it. But it's it's more to kind of, like, hygiene when you are using it. You want to have somebody that's using passwords, your employees using, you know, good passwords, passwords that nobody's going to remember even them.
Mario:Like, I don't know you know, I wanna I I know one password, and that one password is to my password manager.
Justin:Right.
Mario:Okay? But you don't want anybody, including the user, to remember passwords because then it's easily cracked.
Justin:So I'm with you. Now I am a a a nerdy type, and I will I will tell you that my password to my password manager is I'm not gonna give exact numbers, but somewhere between 2030 random characters that I've memorized. And I I have patterns where I can mix it up if and when I need to. That's probably not gonna work for most people. So what do we do when we need a super long, super complex password that we can actually remember?
Justin:Do you have any advice for people on that one?
Mario:Well, it's you know, the one thing I and a lot of sites allow you to do this is now you can actually write, like, space like, put in the spaces. So you can actually put in, like, a sentence.
Justin:Right.
Mario:Obviously, the sentence doesn't need to make sense. Like, you know, I wear black shoes. You know? Like, you you you wanna have something that with spaces as sentence, but a sentence that you're gonna remember, maybe throw in some numbers here, you know, where you're gonna remember it. But, you know, that that's it.
Mario:I mean, do you have advice for that?
Justin:No. That's that's kinda where I would have gone to. It's just, and I think they even call them passphrases instead of passwords.
Mario:Yeah. Phrases or phrases. Yeah.
Justin:So you can just put a sentence in there, throw some punctuation and throw a special character, capitalizes or capitalization, where you'll remember it. But now you can go from where, you know, this nerdy little dude can memorize and brag about a 20 whatever character password. I mean, you can get 50 or 60 characters in it because it's a sentence. Exactly. So Yeah.
Justin:Much better, procedure. Just remember the sentence. You know?
Mario:Yeah. Yeah. And then obviously, you know, including your password manager, you should have 2 factor authentication
Justin:Right.
Mario:To everything that offers 2 factor authentication. I mean, a lot of sites now force you to do it anyway.
Justin:Yeah. And, you know, more and more of this is I've said this for a long time, but if if security isn't the biggest pain in your ass, then you're not doing it right. And that sucks, but it just is the reality of using technology these days. So, you know, bite the bullet and and take a few steps and and because, again, we're all for sale. If if it wasn't true before, it always has been, but it is really true right now.
Justin:So last thing we wanna last tip we wanna throw out there is and this, again, we've we've touched on this before, so we'll keep it pretty brief. But I'm gonna punt this back to you, Mario. Direct deposit changes. Talk about that.
Mario:So we've seen this a few times. Okay? And and when I say a few times, I mean, a few times within the last couple months. Alright? And, somebody will open up a, like, a Gmail account, and they'll say, you know, that they'll change the name to Justin Shelley even though the email address makes no sense.
Mario:It could be John, you know you know, bunch of letters and numbers at Gmail.
Justin:Right.
Mario:Not you know, a bunch of people just look at the name. And what they they'll say, hey. You know, they'll go on LinkedIn, see who is, like, the HR manager or whoever, and say, I need to change my direct deposit information. Here's my new bank account and routing information.
Justin:Right.
Mario:And then the person in charge of payroll, what do they do? They go in there and change the direct deposit information. And that employee, when it comes time to get paid, goes to the managers like, hey. I didn't get paid this week. You know, what happened or this period?
Mario:And they're like, oh, well, you know, it processed. You know, we even put in your new bank account information. Like, I didn't have any new bank account information. And then, you know, the hacker just received, you know, a paycheck, you know, for probably 2 weeks worth of pay for, you know, nothing. Right.
Mario:You know?
Justin:And these are things where you can't get that money back. It's gone. Banks can't get it back. When money's transferred electronically like that, it's convenient. It's great.
Justin:But, man, you've gotta have it right. So
Mario:Yeah.
Justin:Yeah. Double check, triple check, and, you know, put put policies around how you allow people to change their banking information with both, vendors, clients. Well, all 3. Vendors, clients, and employees. These are the 3 places where you've gotta have a good policy in place to make sure that when changes are made, they're absolutely legitimate.
Justin:Can't afford to make mistakes there.
Mario:What what I tell my clients is any employee like, this has to be a policy. Any employee that is changing their banking account information, they need to come and do it in person.
Justin:Do it in person. Right.
Mario:They cannot send it to you in Teams. They can't send it to you.
Justin:Yeah. You know? It We can't always do that.
Mario:A lot of more.
Justin:I and I love that, which you can do in with employees. You can't always do that with vendors and clients, customers, patients. So, you know, in those cases, you just need another form of identifying them. It's kinda like 2 factor authentication, but, if if the first communication is over email, make sure that the next one is over a phone number. That wasn't on the email, by the way.
Justin:You know? Know the phone number. Don't, if I email you, Mario, and I'm like, hey. Update my information. By the way, if you have any questions, call this number or email me back here or fill out this form on my website.
Justin:Don't do that. Get your information from a different source. So
Mario:Yeah. And then what I do suggest is, like you know? And we talk to client because we work with a lot of construction companies. So they're billing they're they're receiving ACH payments back and forth and stuff, and it's a subnet a substantial amount of money. Whenever a vendor or a client is sending you ACH information, pick up the phone, call them like, hey.
Mario:I just got your email. I got your ACH. I just wanna confirm it over the phone real quick. Gonna take 45 seconds.
Justin:Yep.
Mario:You know? But I do have a funny story about the, the the direct deposit. So, obviously, I know about, you know, cybersecurity and whatever. I but, occasionally, I'll check my spam filter, and I went in there. And, you know, I I just wanna make sure that nothing that I need is in there, and I saw somebody send me an email with the my salesperson's name on there, Steve.
Mario:And I knew right away, obviously, it was, you know, spam. It was in my spam folder. I'm checking it, and it says I need to change my bank information. It was from a Gmail or a Yahoo account. I don't remember.
Mario:And, you know, I felt like, oh, let's mess with this guy. And I replied to him. I'm like, sure. No problem. I like, as you know, you need to fill out this enclosed form from Paychex.
Justin:Mhmm.
Mario:Please fill it out and and send it out. I sent it within 2 minutes. They ended up sending it back. You know, obviously leaving they they left, like, some things blank. And I'm and I replied to them like, oh, well, you know, you have to fill out the Social Security number.
Mario:You you forgot it. And then they replied within a couple minutes, like, sure. No problem. And they sent it back. They filled out the Social Security number, but it was the wrong Social Security number.
Justin:Yeah.
Mario:But after today's conversation, you never know. They may come back with the right Social Security number. Yeah. But but, again, I would have never processed it. I knew what I was doing.
Mario:I knew who else you know, I knew I wasn't talking to my salesperson that, by the way, I share a wall with.
Justin:Right.
Mario:But I wanted to kinda just mess with them. So always do as much as you can in person, you know, especially when it comes to somebody's paycheck or bank information, stuff like that, always do it in person.
Justin:Okay. I like that one. Alright. Like I said, we've talked about that one before. We have episodes on it.
Justin:So, we'll move on from there, and we're gonna move to our weekly cybersecurity tip. Now it's it's perfect timing because I came in this morning. I opened up, you know, I wiggle the mouse. I don't turn my computer off. I don't turn you know?
Justin:But anyways, I I log in, and and the first thing I see is this pop up that says message from Phoenix IT Advisors. Reboot is required. Recent update you know, whatever. Press here to, press yes to reboot. Press no to do it later.
Justin:So this is you know, and I I know my own system. I know that this is legitimate. I'm the one that actually set this up. So it's pretty easy for me to know that this pop up is legitimate and that I really should push yes. By the way, guys, let your computers reboot.
Justin:I know it's inconvenient, but it needs to happen. But the problem is these pop ups, these system pop ups can look really legitimate. You know, I've I've seen them come up from Norton, you know, Norton antivirus, and I'm putting that in quotes, you know, because it's not Norton. And and it'll be something to the effect of, you know, your computer's infected with a virus. You've gotta run this software to clean it or call this phone number even worse, and you call the number up and they say, oh, yeah.
Justin:Let me just get some access to your computer real quick, and we'll get you cleaned up. We'll get you taken care of. No charge. That's that's always nice. Or actually, I've had people say that they, you know, they paid a fee to have this very friendly remote technician, help clean up their computer and steal all their information.
Justin:So what's better than paying a criminal to do their job? Right? So, what, let's just talk through this, Mario. You know, we don't have a lot of notes on it, but we live in this world. What are some things that you've seen and some tips you would give people on how to know the difference between a legitimate message that pops up on the computer that is addressing security or computer performance, and and how to know like, how do you know the difference?
Justin:What do you do? What are your thoughts?
Mario:Well, one thing that those notorious, messages that come up and says, oh, your computer's, you know, compromised, Call this number. And it it makes it look like it's from Microsoft. Okay? Mhmm. Let me just let everybody know out there, all our listeners, Microsoft will never ask you to call them for support.
Mario:They don't wanna support they don't wanna support. They didn't even even if us even for us as people that will sell Microsoft, they don't want us to call them.
Justin:We can't get them to support us for I mean, I think it used to be $500 per incident. I don't even know what it is now because it's been a while, but good luck. Yeah.
Mario:Yeah. And it will take weeks, if not months, for them to actually call you back. Okay? So if you see something that says call this number, it's not legitimate Right. Right away.
Mario:If you see this number, it's not legitimate. If it comes up and it says, you know, like, we don't really use the number. We usually just say we need to update. You know, let's say we don't put in our phone number. Not that we don't want our customers to call us, but our customers know our number.
Mario:So, you know, if you do see a number, you know, and you know it's from Phoenix IT or MasTec IT, you know, and that's the right number, then same number we put on everything, then that that most likely is legitimate. But if you're unsure, call us. I'm sure, you know, we're not we have no problem, you know, telling you if it's a legitimate or not. Justin, I'm sure you have no problem. You're better off calling than taking the wrong step.
Justin:Absolutely. Yeah. I mean, it it's really similar to changing wire instructions. You know, the what we were just talking about before is just verify it. Yeah.
Justin:If if you have any questions at all, get a hold of your IT company.
Mario:Exactly. Exactly.
Justin:So
Mario:You're you're better safe than sorry.
Justin:Right. Alright. I think that's probably good. I'm trying to think if there's anything else we need to talk about on on the pop ups, but it really just comes down to to verifying.
Mario:Yeah. And then, you know, sometimes you will notice that, like, your pop up blocker, like, built in Google Chrome may come up on the very top by the address bar that says it blocked something.
Justin:Right.
Mario:You know, it's like if you go to a, like, a bank account information and it has, like, another page that's supposed to pop up, it is going to you know, those are safe, you know, but if it it that's if you're waiting for something to pop up with, like, a login. But, again, if you're unsure, call your IT people and, you know, have them, you know, speak to them. Say, hey. I got this. Is this you guys?
Mario:What should I do? Chances are you just need to close your browser and go back in.
Justin:Right. Yeah. Usually, that's that's about all it is. Or it's also possible that you actually have a virus that needs to be cleaned up. So Yeah.
Justin:Alright. That's our weekly cyber security tip. Let's talk about business, Mario. You know, and I say this frequently. I think to some extent it's true for for both you and Brian as well.
Justin:But, you know, as much as I love technology and I got into business because of technology, my real passion is business. It's it's you know, that's that's what I love. And so we've started integrating a a weekly business tip into the podcast. And today, what I really wanted to go over is, you know, I just keep hearing over and over, there's just so much fear around an upcoming recession. So, I mean, you're hearing this too, I assume.
Justin:Of course. Yeah. Everywhere. So let's take, you know, just maybe 2 minutes. I don't wanna get, too into this, but, like, there's, you know, there's nothing we can do about it.
Justin:It's either gonna happen or it's not. So what are some things that we can do to let's call it recession proof our business. But, no. Yeah. I've got something to say, but I'm gonna I'm gonna wrap up with that.
Justin:So, give me your thoughts on MR. A, what is your if you had a crystal ball, what does it say? Are we going into a recession or no?
Mario:If I had a crystal ball, it would probably say I don't think so.
Justin:Okay.
Mario:You know? It just and the thing is the reason I think I think that is because with the way they've been in, you know, increasing interest rates, I I think it woulda happened already. But Yeah. I I feel like right now we're at a period of time where we we may not hit that recession in the near future.
Justin:I believe and I think and I hope what you said is true. What I will add to it is that we are in weird times. COVID was you know, we don't have a lot of history where we took a planet and we powered it down for a year, 2 years, and then rebooted it. Do you ever, have you ever rebooted a server and had it not come back on?
Mario:Absolutely. Yeah.
Justin:I feel like that's what we did with the planet, with the economy. And we just like, let's turn it off. It'll be fine. We're gonna just turn it off. We're gonna wait this thing out.
Justin:We'll turn it back on. Everything will be fine. Everything wasn't fine. You know, we've got a lot of things going on. We've got housing prices going through the roof.
Justin:We've got food prices going through the roof. You know, the the inflation is high. So recession or no, we're kind of in these times of uncertainty, and and a lot of people are in some version of financial distress, if not fear or fear if not distress. I said that backwards. So what can we do as business owners to just to brace against, you know, even if it's not a recession, to brace against rising costs and and shrinking profits?
Justin:Do you have any thoughts there?
Mario:Well, actually, this is a conversation that I had with a good amount of clients. We you know, if you're able to, you wanna see some some vendors will give you the ability to lock in a rate, you know, or lock in a price if you do, like, a 3 year contract.
Justin:That's good. Yeah.
Mario:For certain things that you need. Obviously, you know, if you're gonna plan on staying in business, you do need security. You need IT. You know? So we have clients that will walk in for 3 years, and then we say, listen.
Mario:We're, you know, we're gonna go out to all the vendors, and we're gonna lock you in for 3 years. In that way, no matter what, you know, happens next year, you'll be paying the same price. You know? So Yeah. If if you can do it, you know, do it.
Mario:You know? Okay. Same thing with, like, phone company. You know you know, like, we we have, Verizon Fios in the area, and we have, like, Optimum. And they have, like, you know, contracts where we can where it's not necessarily a contract, but it's a rate lock.
Mario:You know? And I've gone to I've gone to, you know, Optimum because they told me that they were gonna have a rate lock for 3 years. It wasn't like I was locked in for necessary for 3 years, but they locked me in for 3 years.
Justin:Right.
Mario:So I went with them. You know? So if you can do stuff like that, that's always good.
Justin:Yeah. I and, you know, I think all of it comes down to or a lot of it does just relationships. Relationships are critical. So, number 1, yeah, talk talk to your vendors. Like, what what can we do?
Justin:A, I would look for flexibility. So a lot of contracts, 3 years, we wanna protect price. But what if, you know, you or I lose clients or our clients downsize and we lose seats? So that becomes an issue in our contracts with our vendors. Right?
Justin:So maybe we can negotiate some sort of flexibility. I'll lock in this 3 years, but, hey. You know, if my client loses some seats, what can we do? Maybe have that conversation.
Mario:Yeah.
Justin:And then I would argue that when we talk to our clients, and and negotiate all this, find out what their fears are, find out where they're uneasy because we all have different things that bother us and that we're afraid of. And if we can take those fears and alleviate them with an updated contract, say, okay. Let's get that 3 year contract in place that protects both of us. And then if your fear is this, we're gonna work that into the agreement so that, you know, we're we because the last thing we wanna do is do damage to our clients in the process. Right?
Justin:That's who I am. We all wanna make money, but none of us wanna hurt our client. We're here to help. We're here to, you know, be in business together. So if I've got a client that they lose half their business, they need half the service.
Justin:And if I hold their feet to the fire on a contract, all I'm gonna do is help them go out of business. You know? Just do anybody any good. So, those that that's a thought that I had. And, again, I don't wanna spend a bunch of time on this, but, you know, maybe if you've got any other final thoughts, go ahead and shoot them.
Justin:And then, you know, if not, we'll go ahead and wrap this thing up.
Mario:Yeah. I mean, you you see it all around then. You see it on the news and stuff like that. People somewhat are are hesitant, you know, to spend some money right now waiting for the upcoming election and stuff like that. You know, always have, like, you know, a plan.
Mario:You know, always have, like, say, okay. You know, I I have, you know, if I need to, you know, I'll go 2 months. I can do go 2 months or something, you know, but have have you know, you gotta look at it, what you're paying in per month. If I need to cut back, you know, create an a, b, and c list, like, what you can cut back on and stuff like that. You know, hopefully, it's not technology.
Justin:Right. Alright. Let's go ahead and wrap this up. So, I mean, we've talked about again, it just seems like week after week, we're talking about the biggest, baddest, most ugliest, you know, thing that's happened in the world of technology, and I'd really love to see that turnaround. I would love to jump on this call 1 week and have nothing to talk about.
Justin:That would be fantastic. Doesn't seem to be the trend we're going in. So, guys, take care of your technology. Take care of your people. Get your policies and procedures in place.
Justin:You know what we always say, the the formula really to make this all happen to to really protect your business and where technology and cybersecurity is concerned is it's about protecting your technology, your data, and your people using industry standards, just best practices. And that's what we do. That's what our audit is all about. We'll come in and we'll measure your your technology against that. Gets you to about 97%, and from there, get a good insurance policy, cybersecurity insurance policy in place, and and then you're good.
Justin:You're at a 100%. You can take a break. Maybe you can take a 2 week vacation. Hey, Mario?
Mario:Yeah. Yeah. I have the perfect place for you.
Justin:You, Chip. Not on my radar, but now maybe it maybe it needs to be. With that, Mario, I'm going to kinda tease that next episode, we're bringing on a guest who is an insurance expert in the world of cybersecurity and technology. So usually, he is interfacing directly with our clients, and so we're gonna bring him in, and we're gonna talk about that here together. So
Mario:Yeah. I'm I'm looking forward to that. I'm excited.
Justin:Yeah. Me too. Alright. That's all I've got. Any final thoughts or key takeaways, Mario?
Mario:One thing I do want to to offer to all our our clients, and I'm sure, Justin, you're offering it to your clients as well. Because of this upcoming or recent, you know, breach, we would love to offer our listeners a free dark web scan, to kinda just let you know what of your information and your company information is already on the dark web. So this is in addition to our cybersecurity, you know, scans and stuff like that. We'll also give you a dark web scan so that you know what information like social and stuff like that is out on the dark web for you.
Justin:Yep. Absolutely. Yeah. That's that's key. That's important.
Justin:And, yes, I will I will, second that offer as well as part of our network assessment that, we will do for anybody out there. So ring us up on unhack.live and schedule one of assessments, get a dark web scan. Let us help you set up a password manager, for the love of all things holy. And let's let's let's, fight this battle and and stop letting these bad hackers take over our bank accounts and our lives. So that's what I've got.
Justin:Mario, thanks for being here today.
Mario:Thank you, Justin. Thank you everybody for having me.
Justin:All right. We'll see you guys next week.
Creators and Guests
