570.235.1946

help@nepageeks.com
35 Gateway Shopping Center

Edwardsville, PA 18704
Drop Off Hours Mon - Fri 10 AM - 7 PM

Sat 10 AM - 5 PM, Sun 12 PM - 5 PM

Blog Post

01 Sep

Posted at 11:26h in Blog Post
0 Likes

What would happen to your business if one of your key tools suddenly stopped being safe to use?   That’s the situation many businesses are heading for right now. With Windows 10.   Because time is running out. Fast.   Microsoft has confirmed that free support for Windows 10 will end on October 14, when it reaches end of life.   That’s only a few weeks away. And with the time it takes to plan, budget and roll out a full upgrade across your business, it’s dangerously close.   Here’s the thing: When support ends, it really ends.   That means no more security updates. No more bug fixes. No help from Microsoft if something goes wrong.   Yes, you’ll still be able to use your Windows 10 devices. But you’ll be doing so in the dark, with a big target painted on your back for cybercriminals.   What’s even more worrying is that many business owners haven’t realized this is coming. A recent survey found that 18% had no idea support was ending. Another 14% had considered it but hadn’t started planning. That’s a lot of businesses at serious risk of disruption, data breaches, or worse.   And yes, Microsoft will offer Extended Security Updates (ESUs). But they’re not free. It’s a temporary patch, not a solution. The price increases every year.   The better option? Moving to Windows 11 now, while there’s still time to do it properly and without stress.   Windows 11 isn’t just the next version of Windows. It’s built to be faster, more secure, and better suited to the way modern businesses work. It’s designed for hybrid teams, packed with productivity features, and includes the latest security tools to help protect against today's threats.   You’ll notice smoother performance and better integration with tools like Microsoft Teams, OneDrive and Copilot.   But there's a catch. Not all devices that run Windows 10 can run Windows 11.   You might need to upgrade your hardware too. That’s why you need to act now, rather than waiting until you're forced into last-second decisions that cost more and cause more disruption.   The bottom line? October 2025 is a deadline. And the longer you leave it, the harder and more expensive the transition becomes.   If you haven’t started preparing, please do it now. Ask your IT support partner: “Are we ready for Windows 10 end of life?” If the answer’s anything but a confident “yes,” make a plan.   Not just about upgrading to Windows 11, but about whether your IT support partner is as much of a partner as you thought.   Need a hand making the upgrade? My team and I can help. Get in touch....

28 Jul

Posted at 09:00h in Blog Post
0 Likes

What would you do if you arrived at work tomorrow and all your files were gone?   Not just missing. But locked up. Encrypted. Held for ransom by criminals demanding a massive payout just to get them back.   Maybe.   That’s the reality of ransomware. And it’s getting worse.   In the first quarter of 2025, ransomware attacks hit a new high. Up 84% compared to the same period last year.   It’s no longer a case of “if” your business might be targeted… but “when”.   In fact, two-thirds of businesses have been hit by ransomware in the last two years. It’s the kind of stat that makes you stop and think: Is your business ready?   Now, the good news (yes, there is some) is that there is a very effective way to protect your business: Immutable backup storage.   I’ll explain what that is in a second.   First, a quick refresher on ransomware. It’s a type of cyberattack where criminals gain access to your systems, encrypt your files, and then demand a ransom payment to unlock them.   It’s nasty stuff.   And these attacks don’t just target your day-to-day files anymore. According to recent research, 96% of businesses that were hit by ransomware in the last two years saw their backups targeted too.   That’s right. The attackers know about that safety net you thought would save you. And they’re gunning for it.   This is where immutable backup storage comes in.   “Immutable” means unchangeable. With immutable storage, once your backup data is written, it can’t be edited, deleted, or overwritten. Even by someone with admin access.   That means if a ransomware attacker does manage to get into your system, they still can’t tamper with these backups. It’s like putting your most important information into a vault, locking it up, and throwing away the key… except you still have a secure way to access it when you really need it.   Traditionally, businesses achieved this by storing backups on devices that were physically disconnected from the network. What we call “air-gapped” storage.   But these days, we’ve got smarter, cloud-based options that offer the same level of protection without the need for bulky hardware or complex routines.   So, why isn’t every business using immutable backups?   That’s a great question. Even though 81% of IT professionals say it’s the best way to protect against ransomware, only 59% of businesses are using it. And that’s a worry.   Today, security hardening alone isn’t enough. Firewalls, security software, and careful user permissions are all part of the picture. But if ransomware gets through (and often, it does), your last line of defense is your backups.   They need to be untouchable.   I call it having a “breach mentality”. Working on the assumption that an attack will happen at some point. That means preparing for recovery, not just prevention.   Immutable backup storage is one of the smartest investments you can make right now. When the worst happens, being able to restore your data quickly and safely (without paying a ransom) can be the difference between a bad day… and business-ending disaster.   Got questions about how to get started with immutable storage or want help reviewing your backup strategy? My team and I can help. Get in touch....

21 Jul

Posted at 09:00h in Blog Post
0 Likes

Be honest. Do you still have at least one password that looks like “12345” or “password123”?   If so, you’re not alone.   But that doesn’t mean it’s OK.   Despite years of warnings from IT experts (people like me), weak passwords are still everywhere. And that’s a real problem. Because they’re one of the easiest ways for cybercriminals to break into your business systems.   You’d be amazed how many companies are still using passwords that can be cracked in less than a second.   Recent research found that the most common business password is still “123456”.   Right behind it? “123456789”, “password”, and even the ever popular “qwerty123”.   These aren’t just lazy choices. They’re open doors for hackers.   What’s worse, it’s not just huge enterprises that are getting this wrong. SMBs are guilty too. And they’re often hit harder when things go wrong, because they don’t always have the same resources to recover.   A single stolen password can let an attacker access your email, files, financial systems, or even customer data.   The damage? It can be serious. Both financially and to your reputation.   You might think, “But we don’t have anything worth stealing.” Trust me, you do. Even if you’re a team of five, your accounts, client data, and communications are all valuable targets. Cybercriminals don’t discriminate. They go for easy wins. And weak passwords are the easiest win there is.   Now here’s the kicker: Even if you’re not using “123456”, that doesn’t necessarily mean your passwords are secure. The research also found people using their own email address or their name as a password (eye roll). Some even used phrases like “iloveyou”.   It’s all very sweet… until a cybercriminal uses it to get into your systems.   So… what can you do to protect your business?   Start by making sure everyone uses strong, unique randomly generated passwords. That means longer phrases with a mix of letters, numbers, and symbols. Nothing predictable.   Nobody wants to remember 30 complex passwords. That’s where a password manager comes in. It can create super strong passwords for every login and store them securely, so your team doesn’t have to rely on memory (or sticky notes).   Better still, consider enabling two-factor authentication. That’s the thing where you get a code on your phone or app when logging in. Even if someone does steal a password, they can’t get in without that second code. It’s one of the easiest and most effective ways to add a layer of protection.   And if you want to future-proof your security, look at passkeys. These are a new way to log in without traditional passwords at all. Using biometrics like fingerprint or facial recognition, or secure device-based authentication. It’s safer and simpler, and it’s quickly becoming the new standard.   At the end of the day, strong passwords -or better, password alternatives -are your first line of defense. Don’t wait for a security scare to take them seriously. If your team is still using “abc123”, now’s the time for a change.   Need a hand reviewing your password policy or setting up a secure login system for your team? My team and I would love to help. Get in touch....

14 Jul

Posted at 09:00h in Blog Post
0 Likes

Have you ever stopped to think how much fraud could be costing your business?   It’s easy to consider fraud as a problem for big companies. The kind with thousands of employees and dedicated security teams.   But that’s a dangerous assumption.   Fraud is a growing threat to companies of every size. And SMBs are often more exposed.   Why?   Because they typically don’t have the same layers of protection, resources, or formal training in place.   I’m talking specifically about identity fraud. When someone pretends to be a trusted contact (like your staff, suppliers, or customers) to steal money, access data, or infiltrate systems.   It might be a fake email from someone posing as your finance manager requesting an urgent payment. Or a cybercriminal using stolen login credentials to access sensitive business tools.   And the most common entry point? Stolen usernames and passwords. A trick that’s been around forever but still works.   With modern AI tools, scams are becoming harder to spot. Criminals can now fake emails, voices, and even videos that look and sound just like the real thing.   Around 69% of businesses say they’ve seen a rise in fraud attempts.   There is good news.   Businesses that adopt better identity protection, like biometric logins, device recognition, and AI-driven fraud detection, are seeing real results. Many are reporting significant savings and far fewer fraud-related costs.   Even small improvements can make a big difference. Start by reviewing your login practices:   Are passwords randomly generated and never used for more than one application? Do you use multi-factor authentication, where you get a code on another device to prove it’s you? Can your team spot suspicious emails or messages, thanks to training?   The goal isn’t to make life harder. It’s to build smart, people-friendly security that protects your business without slowing you down.   Need a hand reviewing your current setup or figuring out which tools fit your needs? My team and I are here to help. Get in touch....

07 Jul

Posted at 09:00h in Blog Post
0 Likes

Have you ever felt like just when you’ve nailed your cybersecurity – BAM! – something new comes along to throw a spanner in the works?   That’s exactly what’s happening right now.   There’s a new scam doing the rounds. And it’s catching out businesses just like yours.   The worst part?   Cybercriminals don’t even need your password.   Scary…   It’s called device code phishing. It’s a clever trick that’s becoming more and more popular. Microsoft recently flagged a wave of these attacks, and we’re likely to see many more.   This one’s different to the usual phishing scams you’ve probably heard about. Normally, phishing is all about tricking people into giving away their usernames and passwords on fake websites.   But with device code phishing, scammers play a smarter game.   Instead of stealing your password, they get you to voluntarily give them access to your account. And they do it using real Microsoft login pages, so it looks totally legit.   It usually starts with a convincing email. Maybe it looks like it’s from your HR person, or a colleague, inviting you to a Microsoft Teams meeting. You click the link, and it takes you to a real Microsoft login screen.   Nothing seems out of place.   You’re asked to enter a code. Just a short one, called a “device code.” This code is supplied in the email, and you’re told it’s needed to join the meeting or finish logging in.   Here’s the catch: By entering that code, you’re not logging yourself in… you’re logging them in.   You’re unknowingly giving the attacker access to your Microsoft account on their device. And because the login goes through the proper channels, it can even bypass multi-factor authentication (MFA).   Yep, even if you’ve got extra security in place, they might still get in.   Once they’re in, they can do a lot of damage. Reading your emails, accessing your files, even using your account to trick others in your company. It’s like handing over the keys to your office and you don’t even realize it.   It’s dangerous because it doesn’t look suspicious. You’re on a real Microsoft site, not some suspicious fake. You didn’t click a weird link or enter your password into a phishing form. Everything looks above board… except it’s not.   And because attackers are using legitimate Microsoft login flows, traditional security tools don’t always catch it.   Plus, once they’re in, they can stay in. They don’t need to keep logging in if they’ve captured your session token (that’s a sort of digital "pass" that keeps you logged in behind the scenes). So even changing your password won’t necessarily kick them out right away.   A big question then: How can you protect your business?   Start by getting your team to be extra cautious with login requests. Especially ones that involve entering codes. If you get a device code from someone, stop and think: Did I request this? Do I know for sure this is real?   If you’re not sure, don’t go through with it. Use a separate method, like a direct phone call or your company’s messaging system, to double-check with the person who sent the email.   Remember, real Microsoft logins don’t involve someone else giving you a code to enter. If that ever happens, it’s a red flag.   From a technical side, your IT team (or IT provider) can also tighten things up. If your business doesn’t need device code login as part of its daily operations, it’s safest to turn it off altogether. They can also put in place extra security rules that only allow logins from trusted locations or devices.   And finally, keep training your people. Good cybersecurity is about awareness. If your team knows what to look out for, they’re much less likely to fall for these kinds of tricks.   Can we help you tighten up your security? Get in touch....

30 Jun

Posted at 09:00h in Blog Post
0 Likes

How many times have you tried searching for a file, only to forget what you called it? You know it’s there. You remember writing it, maybe even roughly when. But Windows search just stares blankly back at you. Or worse, throws up ten random web results and a document from 2019 that has nothing to do with anything. Sound familiar? So annoying. It’s a common pain point, especially for teams juggling multiple files, folders, and projects. Well, get your hands ready to applaud: Microsoft is finally doing something about it. A new update for Windows 11 promises to make search feel a lot more like a conversation. Instead of needing to remember exact file names, you’ll be able to type something like “find the notes I made for the July project meeting”. Or “show me pictures of the team at the summer BBQ”. And your PC will understand what you mean. It’s called natural language search, and it’s a big step forward. But only if you’re using what Microsoft calls a Copilot+ PC. These Copilot+ PCs are Microsoft’s new breed of AI-powered computers. They come with a special chip called an NPU (Neural Processing Unit). This is designed to handle AI tasks locally, right there on your computer, without needing the internet. It’s not just faster, it’s also more private. It powers new features like this smarter search and taps into Microsoft’s Copilot assistant. Copilot’s built into Windows 11 and Microsoft 365. It can help with everything from drafting emails to generating images. And now, even finding files with vague descriptions. The feature’s still in testing, but it’s showing up in preview builds of Windows 11 for Copilot+ devices. That means it’s likely not far off from a full rollout. It even works with cloud files in OneDrive, so if your business uses that, you’ll get an even smarter experience. Of course, if you’re not using a Copilot+ PC, you won’t see this update. At least not yet. But if you’re thinking about refreshing your hardware this year, this might be one of those features worth keeping an eye on. It’s exactly the kind of everyday improvement that saves time and frustration. And gives your team one less thing to wrestle with. Curious about whether a Copilot+ PC is a smart move for your business? My team and I can help you weigh up the pros and cons… and make sure you’re getting tools that work for how you work. Get in touch....

23 Jun

Posted at 09:00h in Blog Post
0 Likes

Ever needed to quickly convert a file, say, from a Word doc to a PDF? And found yourself Googling for a free tool to do it? It seems harmless enough, right? A quick download, a fast conversion, job done. But what if I told you that one small click could secretly open the door to ransomware or data theft? That’s exactly what the FBI is warning about right now. Yes, the FBI. A file converter does exactly what it says. It takes a file in one format and turns it into another. Maybe you’ve got a PowerPoint that needs to be turned into a PDF for a client. Or you’ve got a bunch of images you want to bundle into a single document. These tools are often free, and they work. But that’s where the danger lies. Because some of them come with strings attached. Cyber criminals are using some of these free converters as a cover for more sinister activity. While the tool does what it promises, behind the scenes, it may also be installing something nasty on your system. Such as malware or even ransomware. What does that mean? Malware is malicious software. It’s designed to do something harmful without your permission. It might steal your data, spy on your activity, or mess with your files. Ransomware is one of the worst types of malware. It locks your files so you can’t access them, then demands a payment (usually in cryptocurrency) to unlock them. It’s like someone sneaking into your office overnight, putting all your important documents in a safe, and then charging you to get the key. Worse still, these tools can also scan the files you upload and scrape them for sensitive information. That could be things like your passwords, banking details, or even personal data. If you’ve ever uploaded something with a customer list, an invoice, or employee details, that’s the kind of gold cyber criminals are after. The problem is these tools often look perfectly legitimate. And they do what they say on the tin, which makes them hard to spot. That’s why it’s so important to be cautious. If your business needs quick file conversions, it’s far safer to use trusted, professional tools. The kind that come from known software providers, not random websites you find in a pinch. Knowing how these scams work is your first line of defense. So, if you or your team ever use online tools like this, it’s worth reviewing where they come from… and whether they’re putting your business at risk. Need help setting up safe, secure software alternatives for your team? We can do that – get in touch....

16 Jun

Posted at 09:00h in Blog Post
0 Likes

Have you ever sat in a Teams meeting and found yourself gritting your teeth every time someone said, “next slide, please”? Me too. And if your business runs a lot of online meetings or webinars, you’ll know the frustration of clunky handovers and awkward pauses when switching between presenters. Well, there’s good news. And it’s about time. Microsoft is rolling out a small but mighty update to Teams that’s going to make a surprisingly big difference to how your meetings run. First, if you’re not too familiar with Teams, let’s quickly cover the basics. It’s Microsoft’s all-in-one communication platform. Video calls, chat, file sharing, and collaboration tools are all combined in one place. Whether your team is remote, hybrid, or all under one roof, it helps everyone stay connected and productive without needing to jump between lots of different apps. Back to the update. Microsoft’s introducing a feature that will let multiple people control the presentation slides during a Teams meeting or webinar. Right now, if you’ve ever tried to co-present in Teams, you’ll know that only one person has control of the slides. Everyone else is stuck asking the presenter to move things along. That’s not only frustrating, but it also breaks the flow of the meeting. This new feature will let the meeting host hand over slide control to more than one person. That means if you’ve got a few people presenting different parts of a deck, each of them can take control of the slides when it’s their turn, without stopping the meeting or awkwardly calling out instructions. It sounds like a small thing, but in practice, it’ll make meetings feel much more natural and professional. This feature has started to roll out already, beginning with the Windows desktop version of Teams. It’ll likely involve the host selecting co-presenters when setting up the meeting. Hopefully, the setup will be as smooth as the presentations will be. To me, this is one of those updates that should have been added years ago. But hey, better late than never, right? Alongside other recent improvements like real-time text messaging during calls (great for those who prefer typing over talking), it’s clear Microsoft’s working hard to make Teams more flexible and intuitive. Need help getting the most out of Microsoft Teams or other tools in Microsoft 365? That’s what my team and I are here for. Get in touch....

09 Jun

Posted at 09:00h in Blog Post
0 Likes

You trust your team, right? They’re smart, capable, and they know better than to click on suspicious links or open unexpected attachments. They already know that phishing emails look trustworthy on purpose. To trick them into giving away sensitive data or downloading malicious software. So, they’re not the type to fall for it. At least, that’s what they think… Here’s the problem: Just because someone’s confident they could spot a phishing attack, it doesn’t mean they can. It’s a false sense of security – and it’s exactly what cyber criminals count on. New research has found that a huge 86% of employees believe they can confidently identify phishing emails… yet over half of them have fallen for some form of scam in the past. Think about that for a second. These are people who knew about phishing, felt sure they wouldn’t be tricked, and yet still got caught out. That’s because cyber criminals aren’t just sending out the obvious “foreign prince” emails anymore. They’re using sophisticated tactics like: • Emails that look like they’re from your bank or suppliers. • Fake invoices that appear totally legitimate. • Messages that seem to come from your own colleagues. Because phishing scams have evolved, they’re much harder to spot. And when someone thinks they’re too smart to fall for one, that’s when they’re most at risk. Overconfidence in cyber security is a classic case of the Dunning-Kruger effect – a psychological phenomenon where people tend to think they know more than they do. What’s the problem with being too confident? Well, when people believe they’re invincible to scams, they don’t take the necessary precautions. Instead of double-checking links or questioning unexpected emails, they just assume “I’d never fall for a scam” and carry on clicking. This is how cyber criminals end up accessing business systems and data. So, what’s the good news? You can lower the risk of getting hit by a phishing attack. But it starts with a shift in mindset. Instead of assuming your people know what they’re doing, make sure they’re properly informed. Regular phishing awareness training can make a massive difference, helping your staff to recognize newer and more subtle scams before it’s too late. Training alone isn’t enough, though. Your employees also need to feel comfortable reporting anything suspicious, or they might stay quiet about a potential scam. And that gives cyber criminals the upper hand. Creating a workplace culture where security concerns are welcomed (not criticized) is just as important as education. Cyber security isn’t about intelligence; it’s about vigilance. Even the most tech-savvy employee can be caught off guard by a well-crafted scam. The key is to assume a threat is real, remain cautious, and never rely on confidence alone. The moment someone thinks “I’d never fall for that” is often the moment they do. Prevent phishing attacks with the help of our team here at NEPA Geeks. Contact today!...

02 Jun

Posted at 09:00h in Blog Post
0 Likes

Spreadsheets have been a go-to business tool for decades now. They’re familiar and easy to use (and if we’re being honest, we can all feel like a bit of a genius when we get that one formula to work, right?). The problem is, 90% of businesses are still relying on outdated spreadsheets to manage important data, even though they’re slowing things down and increasing the risk of errors. Think about it: How often do you get stuck manually entering data, fixing mistakes, or trying to figure out if you’re looking at the latest version of that important spreadsheet? It’s so frustrating – and you’re not alone. Research shows that although 82% of businesses have automation on their roadmap, only 43% plan to implement it in the next year. This means that many businesses are still dealing with the same spreadsheet-related headaches, when they could be working much more efficiently. So, how could automation help your business? Instead of spending hours plugging in numbers and double-checking calculations, automation tools can handle data collection, processing, and reporting for you. That means fewer mistakes, less time wasted, and real-time updates that keep everything running smoothly. Automation tools also come with built-in security features, so you don’t have to worry about who has access to what. Despite all these benefits, a lot of businesses are hesitant to make the switch. Spreadsheets feel safe and familiar, and change can be intimidating. But sticking with outdated tools is holding you back. The good news is you don’t have to overhaul everything overnight. Start small. Look at the areas where automation could save you the most time and hassle, like payment tracking, customer data, or reporting. Once you see how much easier things get, you’ll wonder why you didn’t switch sooner. If you’re ready to see how automating some of your business processes could improve productivity, we can help. Get in touch....