iCorps Technologies Statement on Coronavirus (COVID-19)

1. For Non-iCorps Clients
2. Frequently Asked Questions (FAQ) Business Operations
3. Digital Data Security Updates
4. FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing 

Message to Current iCorps Clients 

iCorps Technologies is closely monitoring the spread of the Coronavirus, especially in relation to our clients and their telecommunication, data security, and IT support needs. As our clients are continuing their operations with their employees working from home, we understand the need for uninterrupted IT support. We have adjusted our operations to ensure that IT support is ready and available to remote workforces, and our services will continue as normal. 

Service Details: 

• Planned consultant schedule will continue uninterrupted 
• Help Desk / Remote Support will continue uninterrupted 
• Providing training for employees on how to efficiently assess business systems remotely 
• Providing guidance and deployment of data security services to ensure compliance needs are met 

Message to Non-iCorps Clients 

If your business is moving employees off-site in response to the Coronavirus and need help with IT and telecommunications support please contact us directly, and we can swiftly provide guidance and deployment of enterprise-level IT support. While corporate and government policies evolve, our goal is to provide businesses with remote data security, digital conferencing tools, and other on-demand IT support in order to keep business from slowing down their operations. 

Visit the CDC website for more information 

If your business needs help with IT, data security, and telecommunications support, please contact iCorps via our direct phone line: 617-868-2000 or click on the "Request IT Support" button below. 

Frequently Asked Questions (FAQ)

Q: Does iCorps have a formal business continuity plan in place to ensure continued support?

A: Yes, iCorps Technologies utilizes cloud services for all critical systems, including client-facing services. Systems are replicated to independent clouds, such as Azure replicating to Amazon and Office 365 (email and file shares) to SaaS Protect (private cloud), to ensure continuity and availability. Our staff is geographically dispersed between regions. In the event our New York office shuts down, our Boston office can take over, likewise with our Florida, Michigan, and South Carolina Offices. All employees have the ability to work remotely with full access to the system required to provide services to our clients.

Q: Does your firm engage third-party service providers that provide services impacting our business.

A: iCorps Technology partners with the best of breed providers such as Microsoft, Sophos, and Datto.  These primary vendors have readiness plans to address data center failures as well as pandemics. 

Q: When was the last time your business continuity plan was tested? 

A: iCorps Technologies regularly conducts business continuity testing. Our most recent test was conducted on 2/23/2020, which was successful and included failover testing of day to day system, managed services, and remote access.

Q: Who at iCorps should be contacted should we need assistance.

A: You should call our offices which are available around the clock, we will ensure your team members are informed as well as your account manager.

Q: What steps are your taking to prepare your firm to address the business continuity risk posed by COVID-19

A: Like many organizations, iCorps is taking measures that included employee education, limiting travel for nonessential meetings and conferences. Additionally, iCorps' day-to day operations is governed by the philosophy of providing depth of service at each client to ensure continuity, cross-training personnel in each region to protect against a single regional event as well as leveraging independent cloud services to provide uninterrupted services and support.

Security Updates and Best Practices

Download: CISA Insights - Risk Management for Novel Coronavirus (COVID-19) 

• On March 13, 2020, the Cybersecurity and Critical Infrastructure Agency (CISA) of DHS issued Awareness Alert AA20-073Aⁱ, “Enterprise VPN Security,” to advise organizations of cybersecurity considerations and mitigations for enterprise virtual private network (VPN) solutions enabling teleworking employees to connect to an organization’s information technology (IT) network. As organizations implement telework, CISA encourages them to adopt a heightened state of cybersecurity.
• On March 6, 2020, CISA issued a Cyber Alertⁱⁱ, “Defending Against COVID-19 Cyber Scams,” reminding individuals to remain vigilant for scams related to COVID-19. Cyber actors have been sending emails with malicious attachments or links to fraudulent websites attempting to trick recipients into revealing sensitive information or donating to fraudulent charities or causes. Organizations are encouraged to caution staff and customers in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.
• On March 6, 2020, CISA issued a CISA Insights documentⁱⁱⁱ, “Risk Management for Novel Coronavirus (COVID-19),” outlining physical, supply chain, and cybersecurity issues that may arise from the spread of COVID-19. As organizations explore various alternate workplace options in response to COVID-19, CISA recommends examining the security of information technology systems by taking the following steps:
• Ensure all machines have properly configured firewalls, as well as anti-malware and intrusion prevention software installed. Test remote access solutions capacity, and increase capacity, as necessary.

• Secure systems that enable remote access.

• Ensure Virtual Private Network and other remote access systems are fully patched.
• Enhance system monitoring to receive early detection and alerts on abnormal activity.
• Implement multi-factor authentication.
• Ensure continuity of operations plans or business continuity plans are current.
• Increase awareness of information technology support mechanisms for employees who work remotely.
• Update incident response plans to consider workforce changes in a distributed environment.

FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing

View Article: FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing 

The Federal Bureau of Investigation (FBI) has released an article on defending against video-teleconferencing (VTC) hijacking (referred to as “Zoom-bombing” when attacks are to the Zoom VTC platform). Many organizations and individuals are increasingly dependent on VTC platforms, such as Zoom and Microsoft Teams, to stay connected during the Coronavirus Disease 2019 (COVID-19) pandemic. The FBI has released this guidance in response to an increase in reports of VTC hijacking.

The Cybersecurity and Infrastructure Security Agency encourages users and administrators to review the FBI article as well as the following steps to improve VTC cybersecurity:

Ensure meetings are private, either by requiring a password for entry or controlling guest access from a waiting room.
Consider security requirements when selecting vendors. For example, if end-to-end encryption is necessary, does the vendor offer it?
Ensure VTC software is up to date. 

CISA also recommends the following VTC cybersecurity resources:

FBI Internet Crime Complaint Center (IC3) Alert: Cyber Actors Take Advantage of COVID-19 Pandemic to Exploit Increased Use of Virtual Environments
Zoom Blog on Recent Cybersecurity Measures
Microsoft Teams Security Guide