This can create some difficulties. How often have you found yourself locked out of one of your accounts because you accidentally put in the password for another one? Or one that you had used for that account in the past? These kinds of issues can be insanely irritating to deal with, which is why password management systems have become so popular among businesses. Here, we’ll review the three primary reasons that you should consider password management. Less to Remember A 2007 study states that, on average, a computer user typically had about eight password-protected online accounts. Considering all of the services and platforms that have been developed and become popular in the last decade, it isn’t hard to imagine that this “eight” has almost assuredly swelled considerably. This means that the pressure that comes from remembering a sufficiently complicated password for each account has similarly swelled. While the human memory can be trained to astounding limits, that requires some pretty intense training… are you suggesting that you’re willing to invest in this training for each one of your employees? Unfortunately, most businesses can’t realistically make this commitment. That’s okay, because a password manager accomplishes effectively the same thing, while giving you control over your own resources and assets. All a user needs to remember is a single master password, and they will be able to access all of the passwords they need to do their job. Security is Easier to Maintain So far we’ve reviewed that it is important to use a variety of passwords that corresponds to the variety of accounts you have, but we haven’t really touched on why. Doing so is pretty simple… just put it in the scope of the private user. Would you rather have a credit card stolen, or have all of your credit cards, bank accounts, medical records, property holdings, investments, and social media accounts stolen? While neither option is ideal, the latter one is clearly worse, and is exactly the kind of scenario that comes from recycling passwords. A password manager protects you from the temptation of recycling passwords, as well as the temptation to make them easy to guess. As a result, your overall password strategy remains secure, the potential for escalation being significantly reduced. Improved Management There will almost assuredly be varying needs in your business, as far as access to documents and resources is concerned. However, if there is a particular account that needs to remain secure, while still being accessible to your staff, a password management system can be extremely helpful. Via the password manager, you can manage your users’ credentials. Controlled by the responsibilities of each user as per their role, you can prevent your users from even seeing the credentials while they are putting them in, boosting your security even farther. Want help improving your security, either through a password management system or some other means? Reach out to SRS Networks at (831) 758-3636 to start a conversation.
Over the last three or four years, we’ve seen some of the world’s biggest data breaches. Yahoo, Marriott-Starwood, and Equifax were the highest profile attacks, with a combined 3.5 billion accounts hijacked for those events on their own. To put that in perspective, you could take any two human beings on the planet, and there would be a pretty good chance that one of them was a victim of a data breach over the last three years. Security breaches like this have increased by over 67% since 2014, and the trend is still climbing. What’s at Stake? We’re Basically All Hacked Now? It’s actually almost a good thing that these massively high-profile data breaches are happening. Hear me out: It brings this type of crime to the public eye – Most Americans know about the Equifax breach. Awareness is a huge step in the right direction. There is so much data in these breaches that it is practically impossible for cybercriminals to use it all – If 500 million credit card numbers are stolen, the chances of one in particular being used goes down substantially. We’re not looking at data breaches in a positive light, but I firmly believe that the last few years has been the lesson the world needed, and it is a lesson a lot of organizations are taking very seriously. Policies and laws are hitting the books, and compliance regulations are being mandated within certain industries. Organizations of all sizes are taking data security seriously. What Does This Mean for Smaller Businesses? Of course, when we talk about data breaches, we always reference the big ones like Yahoo, Target, Sony, eBay, etc. Or we talk about the municipal attacks, where large cities like Albany, NY and Baltimore, MD were targeted, along with smaller towns like Wilmer, TX and Lake City, FL being held at ransom. We don’t hear about the 40-person company that goes under because of a cyberattack, because it affects fewer people. The problem is that small businesses are a major target. In fact, according to a survey by Verizon, 43% of breach victims were small businesses. Smaller businesses are easier targets because they usually don’t pay as close attention to their security. It’s Time to Take Cybersecurity Seriously There are things you can do. If you want to start getting serious about your organization’s cybersecurity, there is no time like the present. Call our knowledgeable IT professionals at SRS Networks today at (831) 758-3636 to get started taking the steps you need to keep your company’s data and infrastructure secure.
If you are currently still using Windows 7, it isn’t as though you won’t be able to use your computer after the January 14. Rather, you will no longer be able to do so securely. The device in question would no longer be receiving the kind of updates and support necessary to protect it from developing threats, and its functionality could degrade as a result. You could also potentially put the safety of your network at risk, if such a device is attached to it. Granted, there are ways that you might still be able to use devices running out-of-support software (like Windows 7) after the official date passes – especially if you need a particular solution to continue a certain business function. You could simply isolate the machines running the susceptible software from the rest of your network, but you still run the risk of these systems being taken offline through some unpatched vulnerability. Your best option is to have a plan in place to retire these solutions and continue your operations in some other way. How You Might Do That There are several options you might consider: Bite the Bullet and Upgrade to Windows 10 Honestly, this is probably your simplest route to take. Windows 7 and Windows 10 have similar operating requirements. In fact, Windows 10 relies on surprisingly little to function: Processor – 1 GHZ or faster RAM – 1 GB for 32-bit or 2 GB for 64-bit Hard disk space – 16 GB for 32-bit or 20 GB for 64-bit Graphics card – DirectX 9 or later with WDDM 1.0 driver Display – 800 x 600 resolution Take note – we said function, not perform. A computer with these specs running Windows 10 simply isn’t going to be very fast, so it makes sense to do more than we’ve listed here. Try using a 2 GHz dual-core processor, installing between 4 and 8 GBs of RAM, and upping the hard drive to 160 GB. Replace Your Hardware To be honest, while this is your easiest option, it is effectively guaranteed to be the most expensive as well… but with so little time left, it may be your best option to keep yourself secure. New hardware will come with Windows 10 installed and will receive regular updates – the only downside is it may take some time to configure. Use ChromeOS Many businesses are considering the tasks that their employees are responsible for and opting to provide them with Chromebooks rather than Windows workstations. While the cost-effectiveness of this approach can’t be argued, there are other issues to consider. Any line-of-business application would need to be virtualized, and Internet access is a prerequisite to using a Chromebook. While this may be a budget-friendly option on the surface, these hidden costs could cause a rise in your overhead. Use a Thin Client Via Virtualization In some ways similar to using the Chromebook option, you could simply repurpose your old hardware to host virtualized thin clients to accomplish what needs to be done. Of course, with the looming deadline, this may also be a challenge to pull off. However, Microsoft will still offer the option to use a service called Microsoft 365, which combines Windows 10, Office 365, and a terabyte of OneDrive storage along with the security […]
What Are Browser Extensions? Essentially, browser extensions are pieces of software that bring external integrations to the functionality of the browser itself. In Chrome and Microsoft Edge, they are called extensions, while in Firefox they are called add-ons. There are all types of options to choose from. There are apps to help with browser security, productivity, communications, and much more. A problem that many users–business and otherwise–have with these browser extensions is that sometimes they can be vulnerable to infiltration (or they just flat-out spy on you). This presents a situation where, sure you are getting some enhanced productivity, but if the price is that you need to put your data at risk, that boost in productivity won’t help. Obviously, some browser extensions/add-ons are secure and have major utility for end-users. Ad blockers, screenshot tools, password managers, and instant messaging tools are often deployed through extensions by users to improve the functionality and security of their browsing experience. Examples of Risks People have been using these browser extensions for some time. Just this last year, millions of users of Google Chrome, Mozilla Firefox, and Chromium-based browsers such as Opera were victims of rogue extensions/add-ons. These extensions collected people’s data through capturing titles and URLs of the websites they clicked on. This unauthorized data collection included sensitive data such as medical records and credit card information. Then, if that wasn’t bad enough, the collected web histories of these users were published by a paid service called Nacho Analytics. Google Is Stepping Up Soon after the news broke, Google went ahead and set a policy that is aimed at improving the security of the extensions available on the Chrome Web Store. They launched a full-scale audit of the system, which they called Project Strobe. The findings of this audit led them to change the policy of third-party extensions. Now extensions will only be able to request access to the minimum amount of user data necessary to function. The company also announced they will extend the requirements around its privacy policies. The new changes will be implemented throughout the end of 2019 and into 2020. There are currently 180,000 extensions available on the Chrome Web Store. Essentially, the shift is going to make it more difficult for these third-party extensions to grab user information. Data security has to be a major point of emphasis for any business or organization that relies on information systems to function effectively. Call the IT experts at SRS Networks today at (831) 758-3636 to learn more.
A VPN provides a useful layer of security when transmitting data. It does this by forming dedicated connections over a Wide Area Network (WAN). This dedicated connection utilizes encryption to protect sensitive data. While doing so doesn’t create an impenetrable security system, it does ensure this sensitive data will be unreadable and useless if a hacker intercepts the data transmission. VPNs can be very useful to all businesses alike. Here are three reasons a VPN is right for you: Cost Effectiveness – A VPN provides a sense of security for what amounts to a minimal investment… a real no-brainer for a business that needs to keep the data it transfers safe. Client Confidence – While many may not consider this when weighing the benefits of a VPN, the confidence you will have in your data security will help impress your clients, both current and potential. An impressed client is more likely to be a loyal client. Proven Productivity – When a VPN is used, the data transferred over it is obscured from unwanted eyes. This means that a VPN can be used to help make an insecure connection safe for your data to be transferred over, allowing your staff the ability to safely work from out of the office, decreasing the impact of absences. Plus, a VPN is very user-friendly, meaning that your least tech-savvy employee can still use it effectively. A VPN is critical to a comprehensive cybersecurity strategy, especially if you operate out of more than one location or have remote workers and data therefore needs to be accessed from more than one area. To learn more about putting a VPN into place, reach out to SRS Networks! Call (831) 758-3636 today.
Knowing how to protect your individual data often comes down to taking control over your personal information. Today, we will get you started protecting the information you share with Facebook. Let’s get started by logging into Facebook on a computer. You can do a lot from the Facebook mobile app, but you should try to do this part on a computer. Facebook’s Security and Privacy Options Once you are in, you will want to look for a little down arrow in the top right-hand part of the page. Click on Settings. If you ever need to get back to square one, remember that you can always click on the down arrow in the top right corner. Verify the General Account Settings are Correct The first thing you are going to want to do is make sure that you own (and control) all of the email accounts tied to your Facebook account. If you used an old email address (that you can’t get into), you’ll have a hard time getting back into the account if something were to happen. Security and Login – Find Out Where You’ve Logged into Facebook Click Security and Login on the right. Facebook will show you all of the devices that you are currently logged into. Trust us when we say that you will probably be shocked at some of the devices you are still logged in to. It will also show you where your device was last used and the browser type if you weren’t using an app. The longer you have been an active user, the more devices you’ve accessed your Facebook on; and, if you haven’t logged out of the account on that device it will show up here. If you do see a phone or device that you don’t remember using you’ll want to immediately change your password (directions below). You will want to log out of Facebook from devices that you aren’t currently using. You can do that from the three-dot icon that corresponds to the device in question. Take a Moment to Change Your Password While there–especially if you think any of these devices are remotely suspicious–change your password. It won’t take long to do it and you will wish you did the minute your Facebook friends are getting spammed with phishing messages. To accomplish this, click on the down arrow on the top right of Facebook, going to Settings, and clicking Security and Login. It is important to never use the same password for two different accounts online. How To Enable Two-Factor Authentication Underneath the password options are the settings on how to set up two-factor authentication (2fa). This feature adds additional security to your account in the manner of adding a separate device. Select Use two-factor authentication and click edit. Facebook will take you to a page that walks you through setting it up. From there, click Get Started. You will be given two Security Methods. Choose to use an Authentication App or get a Text Message. Using the authentication app option is a bit more secure, but it does require you to have access to the mobile device that the authenticator app is installed on. To set the Authentication App option up, open your authentication app on your mobile device. It makes the most sense to use […]
What Does Facebook Know About You? Facebook has gathered a lot of information about its users. From a person’s posts, to their like history, to the advertisers they engage with, the world’s most popular social network knows more about the average user than most of their family members do. After the Cambridge Analytica scandal–where third-party users had free reign of Facebook user information–Facebook vowed to offer more transparency, so they now allow users to view the information they have collected about them. Here’s how to view this information on a computer, and a mobile app respectively. It is a pretty straightforward process. On a desktop or laptop: Log in to your Facebook account. If you are on a desktop or laptop, click the down arrow on the top right and go to Settings. On the left, click Your Facebook Information. Facebook will present you with five options. Look for Download Your Information. Click View, Facebook will give you a screen where you can choose the date range and format of the data. Since in this case, we want to download everything, we’re going to set the Date Range to All of my data and set Media Quality to High. This means we’ll get a higher quality version of all of our photos and videos in the download. Click Create File and Facebook will start building the download. This can take a while, but Facebook will give you a notification when your data is ready for download. Once Facebook gives you the notification, click it and Download your data. From the Facebook mobile app: Tap the 3-bar hamburger icon in the top right of the app. Scroll down and tap Settings & Privacy, and then tap Settings. Tap Download Your Information. Leave all of the options checked, and scroll down. Ensure the Date Range is set to All of my data and that Media Quality is set to High. Tap Create File and Facebook will give you a notification when the data is ready for download. After you create your file, it takes about an hour before you are given a notification. If you’ve been with the social media site a long time, or if you are a heavy user, it may take longer. Most users that have been using Facebook for a while will end up with GBs worth of information. Now that you have access to your report, click on Your Facebook Information: Access Your Information – Facebook itemizes all of your information with Posts, Photos, and Location all available to be viewed. This still doesn’t tell you what Facebook knows about you outside of Facebook. Activity Log – This page is basically a timeline recap, which is great if you are looking to relive any old moments. Deactivation and Deletion – Facebook users looking for a way out have complained that deleting their account is extremely difficult. Today, it’s not so difficult. What Does Facebook Know About You? Once your file is viewable, you will be shocked at just how much information they know about you. They have the basic information, but beyond that they track and log your location, which can be disconcerting. You can pull up a date and learn just what you did that day. You may have forgotten, but Facebook hasn’t. Then there […]
Mobile Information Management – How Does It Work? Mobile Information Management keeps sensitive data encrypted. Encryption doesn’t discriminate which mobile platform a user is on. By allowing only approved applications to access information, MIM has proven its value amongst the mobile-equipped workforce. Cybersecurity is not something in which budget should be cut. The risks of having poor security measures in place should not be taken lightly either. MIM benefits businesses of all sizes by securing endpoints, keeping sensitive data only visible by those who it was originally intended to be visible by. Endpoint security plays a critical role in business data exchange. Data interception can result in a devastating outcome if the cybercriminal is experienced. The most dangerous cybercriminals know how to maximize profits and deliver the hardest blow with the wrongfully acquired data. Here Are a Few Ways to Enhance Mobile Security! Mobile data exchange can easily be further secured by practicing some simple, yet effective security tips. These are just a few of the ways to better distance yourself from a ill-willed cybercriminal: Backup can get your business back up and running – Mobile data is constantly being targeted due to mobile information security being more of an afterthought than a priority. The circumstances in which this is accomplished is always changing as the cybercriminals develop more devastating attacks. There are phishing attacks, ransomware, and so many more ways your data can be hacked or compromised. Backing up your data on a regular basis keeps your business up and running in the event a cybercriminal locks your devices while trying to collect data. MIM & MDM Duality – Mobile device management (MDM) controls which data can be viewed, copied, or moved on mobile devices. Limiting capabilities might seem a bit cruel, but it is necessary to secure data. Why should employees who would never need to venture into certain databases have the required access to do so? MDM also allows you to monitor your staff as they use or exchange mobile data. Audit Your Mobile Security – How secure is your data? Finding out the effectiveness of your security which your business has put in place is better done through an audit, rather than falling victim to a data breach. Today’s workforce constantly needs to send or receive data. Don’t let the convenience of mobile data exchange ruin your business. Mobile information doesn’t need to be difficult to secure, it just requires expertise in the field. Our experts at SRS Networks are prepared to help implement business-saving software and security measures. Call us at SRS Networks today.
We’ve tried to keep a detailed record of this year’s largest data breaches. These are the major breaches that have happened this fall. September 9/5 Providence Health Plan – 122,000 members have had their personal information leaked as an unauthorized party accessed the company’s servers. Plan member names, addresses, email addresses, dates of birth, Social Security numbers, member ID numbers, and subscriber numbers were involved in the leak. Facebook – An unprotected server with over 419 million records was discovered, giving outside entities access to Facebook’s user ID and phone number. In some cases, user’s names, genders, and locations were also leaked. 9/16 Dealer Leader, LLC. – The personal information of 198 million prospective car buyers was left exposed. The exposed information included names, email addresses, phone numbers, addresses, and IPs. 9/27 DoorDash – The food delivery app announced that 4.9 million customers had their personal information breached through a third-party. The information included the names, delivery addresses, phone numbers, hashed passwords, order history, and the last four numbers of each’s credit card numbers. Additionally, over 100,000 delivery drivers had their driver’s license information leaked. 9/30 Zynga – The mobile game maker, Zynga, has announced that 218 million players of their popular mobile games Words With Friends and Draw Something, had their information accessed by a hacker. Player names, email addresses, login IDs, phone numbers, Facebook IDs and more were exposed. October 10/17 Methodist Hospitals of Indiana – After a couple of employees fell victim to an email phishing scam, the personal information of 68,000 patients were accessed by hackers. The information leaked included names, addresses, dates of birth, Social Security, driver’s licenses, and more. 10/21 Autoclerk – An open database was discovered by a cybersecurity vendor belonging to Autoclerk, a hotel property management software developer. The exposed data included names, dates of birth, home addresses, phone numbers, dates of travel, travel costs, room numbers, and some masked credit card details of hundreds of thousands of guests. 10/22 Kalispell Regional Healthcare – Over 130,000 personal, insurance, and financial records were exposed in a hacking attack. This included patient names, Social Security numbers, addresses, medical record numbers, dates of birth, medical history and treatment information, name of treating physicians and more. 10/26 Adobe – The account information for over 7.5 million users of Adobe’s Creative Cloud were exposed from an unprotected online database. Data that was exposed included email addresses, usernames, location, Adobe product licenses, account creation dates, and payment statuses. 10/27 Network Solutions – The world’s oldest domain name provider has exposed in a hack. Millions of individual’s data that include names, addresses, phone numbers, email addresses, and service information. November 11/9 Texas Health Resources – The Texas-based health care provider reported a data breach where 82,000 patient records were exposed. Included in the breach were names, addresses, email information, health information, and more. 11/16 Magic the Gathering – The popular online version of the card game Magic the Gathering has reported that an unsecured website database has exposed 452,000 player records that include names, usernames, and more. 11/18 State of Louisiana – The State of Louisiana has been a victim of a ransomware attack that took down many state agencies’ servers. Although no data is said to be lost, the state’s crucial computing infrastructure was down for several days […]
One of the major cybersecurity concerns of today is how attacks are now frequently automated, making it intensely difficult for a human being to successfully keep up with threats. As a result, it only makes sense to automate your cybersecurity measures as well. There are a few ways that you can do just that. Crunching the Numbers Regardless of how much data you collect, just collecting it isn’t going to benefit your organization all that much – especially when it concerns your security. It also needs to be processed and analyzed, which is simply too big of a job to be done manually. By compiling data from multiple internal and external sources, a business can better predict how threats will play out, as well as identify those that it hasn’t yet encountered. By utilizing machine learning and automation technologies, this compilation and processing is a much simpler, faster, and more accurate process, bringing your business improved security measures. Furthermore, many businesses face a lack of security-oriented employees. Automation can help make up the difference, reducing the burden on whatever resources they do have to protect their network. How Automation Benefits Cybersecurity There are multiple ways that adopting automation can deliver improvements to your cybersecurity. Data-Supported Inferences By sequencing data collected from within your organization, along with data provided by security vendors and other sources, you can use this data to draw conclusions and make predictions about threats, enabling you to catch them more effectively. Outpacing Attacks with Protections Cybersecurity is effectively an arms race – as new threats are discovered, new preventative measures need to be implemented to keep them from spreading. Of course, by the time a threat is discovered, it has often already moved on to its next step. This means that these steps need to be predicted and protected in order to stop them. Automated defenses are the most effective means to foil an automated attack, as they are more efficient and accurate. Detecting Threats in the Network When a network fails to deter a cyberthreat, it doesn’t immediately become a data breach – and automated protections can effectively analyze data to prevent such an outcome. Since a human being can’t hope to keep up with one of these threats, automation is your best bet at detecting, identifying, and resolving them. SRS Networks is here to help you implement the cybersecurity necessary to protect your business’ resources, including automated measures. To learn more, reach out to us at (831) 758-3636.