By -- 2016-12-8 in Blog

A couple is suing a Toyota dealership for stealing an intimate photo off of the husband’s smartphone and uploading it to a swinger’s website. He did this because he saved his pre-approved financing document for a new car on his phone and the salesperson needed to show the document to his manager.

After getting his phone back five minutes later, the husband noticed that an intimate photo of his wife had been recently selected and emailed out to another couple as well as the adult website. The couple called the police right away and once on the scene, discovered that the dealership’s owner had emailed the photos to himself, first, before uploading it to his profile on the website.

Luckily, the husband had an app installed on his phone which was able to recover the emails on his phone which the dealership owner had deleted to try and cover his tracks. But this problem would never had happened had he not hand his phone over to a complete stranger. He could have printed out the document beforehand, or just emailed the document to the salesperson, himself, from his smartphone.

There should be no reason you hand your phone over to a stranger, unless it’s to the manufacturer for a technical issue. Remember, if you do, they now have access to not only your files, but sometimes many apps/websites that you may be logged in to. Be smart and keep your belongings secure, don’t be your own point of failure.

By -- 2016-12-7 in Blog

Many Amazon customers are being scammed by a very real-looking email saying there’s a problem with their order and asking them to click on the attached link to enter some information as verification. So if you are or will be ordering through Amazon anytime soon, be on the lookout!

Remember, anytime a company sends an email asking you for more information, there are some ways to identify if it’s a scam and to protect yourself. You can read the full article for every tip. However, the easiest way to protect yourself in these circumstances is just to go directly to the site yourself without using the provided “link”. This way you know you’re going to the right site.

The other major way to protect yourself is by using two-step authentication whenever it’s available. We have blogged about this several times over the past year. This, and many other tips, are just some of the things you should be training your employees on to avoid having your company’s systems breached. If you want more information on this, or want someone to train your staff for you, contact Optfinity today. We also provide free assessments so you can know for yourself just how secure you really are.

By -- 2016-12-6 in Blog

Several weeks ago, the MUNI, San Francisco’s transportation system, was hit hard by a ransomware attack which forced its systems to allow passengers to ride for free. The hackers demanded 100 Bitcoins, which, at a conversion rate of $700/1btc, equates to $70,000. SFMTA has not paid the ransom; however, for fear that it will only encourage future attacks.

Experts think the hack was not deliberate, but rather a chance infection by an employee who unwittingly opened an infected file on their computer, allowing the malware to make its way to over 2,000 systems including servers, workstations, and ticketing machines.

The San Francisco Municipal Transport Agency (SFMTA) had their systems back up and running by the Sunday of the weekend in which it was affected and were able to start charging fares again. But imagine if this were your company affected because of a single careless employee. A huge organization can withstand the loss of revenue over the course of several days, but can your company?

Also, the SFMTA was able to get their systems back up and running in a few days. Do you know how quickly you would be able to recover without having to pay the ransom? How secure and reliable are your backups, if you have any at all? Lucky for you, Optfinity offers free assessments so you know exactly how vulnerable and protected your systems are. Don’t wait till you’re a victim. Secure yourself and your company today.

By -- 2016-11-23 in Blog

A hacker group known as The Dark Overlord has stolen a variety of business and personal information from Gorilla Glue. They made off with 500 GB of data including personal email accounts, executive and family pictures, and R&D material.

This group has attacked other businesses before, demanding large ransoms in return for not posting their sensitive data. When WestPark Capital, a recent victim, turned down their “handsome business proposal”, The Dark Overlord published several sensitive documents.

What can these companies do now? Nothing, really; at this point there is no way for them to steal back their information from the thieves. But you can learn a lesson the easy way by boosting your business’ defenses.

You can implement layered defenses, review your security policies, and think about training your employees to be wary of scams and other attacks. If you’re not sure if your company has these or how robust they might be, Optfinity provides free assessments to all companies. Contact us right away and we can let you know just how vulnerable your data may be, what steps you need to take to improve your security, and if there are any other weaknesses regarding your full IT infrastructure. IT safety and security are our number one concerns with regards to our clients.

By -- 2016-11-17 in Blog

As published by MSPMentor: Michael Drobnis, president and CEO of Springfield, VA-based OptfinITy, shares three suggestions he’d apply if he were launching an MSP from scratch today.

1. Leverage cloud internally – From the business perspective, utilizing cloud-based PSA tools, RMM tools, virus-monitoring, backups, etc., the cloud is probably the best way with no or very minimal capital expenses to get started. And it’s an operating expense. You can ramp up and pay as you need to. That gives you a lot more flexibility than in the past, where you had to acquire servers, acquire data center space, acquire everything else and pay for the licenses, which made it very difficult to start up.

2. Sell cloud – As you’re dealing on the smaller business side, a business up to 200 employees, the cloud is providing a lot of benefits. From scalability and elasticity, to the ability to ramp up clients, you can do things that you couldn’t have done in the past because they didn’t have those capabilities, financial and otherwise. Understand the cloud and be able to offer cloud services.

3. Hire with service in mind – As a service provider, you’re selling a service – a solution. Yes, you can productize it, but you’re not selling a product. You’re being judged by the services you provide. Hire people that are going to be personable; that are going to be able to help a customer get through a problem, whether it means knowing the answer right away or not. You can always teach the technical skills. You need to focus on hiring the right people internally that can do the projects that you need as well as focus on your core strengths. Outsource the rest: your human resources, your payroll. You can go as far as your sales.

By -- 2016-09-28 in Blog



Breaking the Health Information Portability and Accountability Act can quickly add up for many businesses regulated by this act. Most of you might know this as HIPAA. A breach can cost a company millions of dollars annually, even if the breach is perpetrated by a contracted third party. These third party contractors are often times IT companies, so ensuring your IT provider is knowledgeable with HIPAA regulations is a huge priority and should be a mitigating factor when selecting one.

The top breaches of HIPAA are theft, unauthorized access/disclosure, and hacking. Theft includes not just the loss of cyber data, but also the taking of physical property, such as laptops. Leaving documents out in the open or failing to dispose of them properly falls under the disclosure reason, and malware, including ransomware, is a good example of hacking.

Read the full article to understand more the complexities of the ways your business needs to protect itself with regards to HIPAA, with even some basics as ensuring cables and locks are attached to laptops to prevent basic theft. Optfinity is an IT managed service provider which fully understands this regulation and works hard to protect its clients’ data and help educate others. Please contact Optfinity today for more information.

By -- 2016-09-28 in OptfinITy News

Springfield, VA – OptfinITy announced today that CEO Michael Drobnis has been named to Leadership Fairfax’s Class of 2017.

Leadership Fairfax is a nonprofit corporation dedicated to finding, training and growing leaders in Northern Virginia. Through the Leadership Fairfax Program, Emerging Leaders Institute and the Lifetime Leaders Program, Leadership Fairfax seeks to build leaders who raise the tide not only in their organization or local community but in the whole Northern Virginia area. The Leadership Fairfax Program will cover a comprehensive 10-month curriculum of community issues and skill development.

“It is an honor to be part of the Leadership Fairfax Program and the opportunities it will provide me to help improve the Fairfax Community,” said Drobnis. “Additionally, the leadership development opportunity will allow me to learn from others to help both my employees and clients.”

OptfinITy offers a full suite of IT solutions including cloud and hosting solutions, managed services, application development, website development, mobile application development and phone systems to small and medium size organizations. Headquartered outside of Washington, DC, OptfinITy services clients throughout the United States.

Michael currently serves as a Past President and board member for the Greater Springfield Chamber of Commerce, is an alumni of the FBI’s Citizens academy and is a local youth group coach.

By -- 2016-09-15 in Blog


We all hate the fact that our phone batteries run out of juice so quickly. But it’s no wonder they do since we rely on them for more and more of our daily lives, from GPS to entertainment to work emails, and once in a while, a phone call. One thing to keep in mind, they last a whole lot longer than phone batteries of the past thanks to lithium-ion technology. Follow these three tips to help extend your battery’s life and keep it as healthy as possible.

Make sure to avoid heat, this includes leaving your phone in a hot car, taking it into the sauna with you at the gym, or leaving it out in the hot sun when you’re at the beach or lounging by the pool. If you must take your phone into the sun, keep it shaded and as cool as possible.

Don’t let your phone die. Letting your phone’s battery drain till it dies is extremely bad for lithium-ion batteries. And lastly, if you’re going to leave your phone unused for a significant amount of time, for example, going on an international trip where you won’t be using your phone, make sure you store it with at least a 50% charge.

It is important to remember that this advice mainly applies to lithium-ion batteries, so in the event you have an old phone that still uses NMH batteries, seek out another tip. If you’re ready to upgrade or have questions on what is the best mobile phone for your business use, contact Optfinity and we’ll be glad you provide you with more information and tips.

By -- 2016-09-13 in Blog


Beginning January 2017, if your website asks for sensitive information and is not utilizing a HTTPS web encryption, your site and data fields will be flagged as “Not secure”. While this will not change your website’s ranking or how it operates, it may give pause to some of your clients/visitors and perhaps stop them from being more interactive or making that purchase. Some of these sensitive information fields include passwords, bank account information, social security numbers, credit card numbers, etc.

Hackers can more easily capture your data when the information at hand is being transmitted from your device to the website you’re interacting with through an HTTP site as opposed to an HTTPS site. That extra “S” means you’re accessing that particular website through an encrypted connection. There is also a padlock in the left side of your address bar notifying you whether or not you’re on a secure site.

But remember, just because you’re on an HTTPS site, does not necessarily mean you’re protected 100%! So always be cautious when entering sensitive data online. If you’re not sure how this affects your site or you’re not even aware if your site is secure and encrypted and don’t want to be stymied come January 2017, contact Optfinity today and we can provide you with a free assessment and give you advice on some next steps.

By -- 2016-08-31 in Blog

If you have a Dropbox account, be aware that hackers have stolen over 60 million account details from the online cloud storage platform company. Dropbox says it has already forced password resets within the last week, but to be safe, you may want to change your password, if you have not done so recently.

According to the company, “Our security teams are always watching out for new threats to our users. As part of these ongoing efforts, we learned about an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe were obtained in 2012. Our analysis suggests that the credentials relate to an incident we disclosed around that time”.

It is also highly recommended that you change any other passwords for sites which shared the same password as your Dropbox account. Remember to use strong passwords, use a different password for each account, and utilize two-step verification, when possible. If you have any other questions or concerns, feel free to reach out to us at Optfinity anytime!