Staff Training – Without the ability to spot potential threats before falling for them, your employees are apt to get caught up in scams, ransomware attacks, and phishing attempts. Every level of the business needs to be taught how to spot these threats and mitigate them – including you – so there’s less of a chance of these threats being successful. Network Protection – Any device on your network, as well as your network itself, needs to have sufficient security solutions protecting it. You should have antivirus and antimalware installed, as well as content filtering to prevent unseemly and risky web surfing, and firewalls to block incoming threats… along with too many other protections to list here. Password Policies – A survey by the UK-based National Cyber Security Centre revealed a few telling things in an analysis of passwords involved in data breaches around the world. For example, here was the top 10 list of common passwords in breaches: 1. 123456 2.123456789 3. qwerty 4. password 5. 111111 6. 12345678 7. abc123 8. 1234567 9. password1 10. 12345 You probably noticed a pattern here. You need to have password policies in place that prevent these kinds of passwords from being utilized. Preferably, your users would use a passphrase, as these can be more secure than the typically recommended randomized password… if devised properly. Keep Software Updated – The majority of software updates are intended to shore up security concerns, so putting off updates for no reason is risky behavior. Make sure that you remain diligent about updating your solutions. Prepare for the Worst – The unfortunate truth is that some cyberthreats are bound to slip by your defenses at some point – that’s just statistics. Therefore, you need to have an ace up your sleeve – or a solid, bulletproof backup solution. Of course, you also need to have a strategy mapped out for any scenario that might force you to use it. For assistance in handling any of these tasks (and more), reach out to SRS Networks. We can provide the assistance necessary for you to accomplish these goals effectively and efficiently. To learn more, call (831) 758-3636.
Cybersecurity is a lot like that, and preventing the one percent of threats that slip past your security is crucial to your business. Let’s talk about it. One Percent of Threats Equals a Hundred Percent of the Damage Very few things in the computing world are infallible. If it is connected to the Internet and hackers really want to get into it, they will find a way. No antivirus can guarantee they will protect you from one hundred percent of all viruses ever. No anti-spam solution can promise you that they will never let a piece of junk mail through. These solutions are designed to reduce the risk. Antivirus can only protect you from known viruses, and only when the definitions are kept up to date in the software. Anti-spam often uses machine learning to analyze a message and determine if it has similarities with millions of other spam messages. This means there is room for a tiny amount to slip through as cybercriminals tweak and adjust their tactics to try to get past the security systems put in place. In other words, you could have the most expensive, most carefully managed and monitored IT security in place, and still be at risk. You could meet and exceed any compliance standard and still be at risk. Granted, it’s a greatly reduced risk than you would have without the security, but that one percent that slips through the cracks could still lead to massive amounts of damage. How Do I Stop the One Percent from Harming My Organization? That’s the big question, right? If you paid for that expensive firewall and that centralized antivirus and you’ve locked down your end points as much as possible, what more can you do? Employee Training Sometimes it just takes awareness to prevent an issue from becoming a bigger problem. Offering training and resources to keep your staff aware of threats can go a long way. There are some pretty simple lessons that are pretty easy to understand regardless of one’s technical level: Don’t open attachments you didn’t expect. Don’t click on the links that seem skeptical or too good to be true. Don’t share passwords, and don’t use the same password on multiple accounts. Don’t plug in random USB devices, especially if you found it. Report anything suspicious to IT. Teaching users how to do some basic tasks like taking screenshots for errors and identifying phishing attacks can also go a very long way. Don’t ‘Set and Forget’ IT Security (or Backups, or New Policies, etc.) A huge factor in almost every preventative IT solution, whether it be your antivirus or your cloud backup, is that the developers behind it are playing an ongoing game of cat and mouse with cybercriminals. New viruses and threats come out all the time, exploits and security holes are discovered that need to be patched, and everything needs to be applied to your hardware/software to keep you and your data safe. That’s why it is crucial to monitor and manage every device and endpoint on your network. Every workstation, router, access point, server, firewall, and security solution needs to be carefully monitored and kept updated. Solutions that become so old that the developer chooses to no longer support them need to be retired and swapped out. If this […]
Here, we’ll review the various scams that frequently appear on social media to help you better identify problematic content on your feeds. Many of these may not seem to apply to your business’ social media presence at first glance, but it is important to remember that your personal social media and your professional representation on social media are closely linked. As a result, a breach of your personal account could easily put your business’ representation at risk as well. Gossip Scams “See PHOTOS of the celebrity that secretly lives in your area!” “You’d never believe who DWAYNE JOHNSON spends his free time with!” “You’ll be SHOCKED to learn which beloved ‘90s sitcom cast formed a blood cult!” You’ve likely seen ads pop up on your Facebook (or have had some of your connections share stories on their Newsfeeds) making claims similar to these. People like to live vicariously through the celebrities they admire, but these scams more often than not fool them into downloading malware after visiting a page. Fortunately, avoiding these scams is fairly simple – all you have to do is take in gossipy headlines with a grain of salt and avoid downloading programs from anywhere but the actual source. Nigerian Scam/Stuck Abroad Scam “Hello Dearest Friend, I am Prince Akinola. During the recent uprising in my country, my father was murdered in his sleep. To protect his riches, I seek a trustworthy Person to help me transfer 3 million US dollars into an account for a time. Helping me, you will be able to keep 35% of it to use as you see Fit. Please reply to me immediately with your name and phone number so I can leave this country and transfer the money to you.” These scams are perhaps some of the most famous, originally appearing in Nigeria but quickly spreading the world over. Basically, instead of netting a large percentage of a fortune, the victim usually is scammed out of their banking credentials or are asked to pay “processing fees” before their “payment can be delivered.” “I’m so glad I got the chance to send this message. I’m overseas in Europe and my wallet was stolen! I need $1,300 to get home. Could you wire over the money for me?” In the more personal version of the Nigerian scam, a cybercriminal will hack into someone’s account and start spreading a facetious sob story among their friends and relatives, hoping that someone will wire money in an attempt to help. While we would all want to do anything, we could for a friend, it is important to verify their story with them via some other means of communication. Lottery Scams/Who Viewed Your Profile Scam/IQ Scam “Congratulations! A gift card worth $1500 is reserved for you!” Wouldn’t it be nice, right? Quite a few of the scams that appear on social media come up in the form of pop-up messages, offering a generic prize in exchange for some personal information. Some will ask for a mobile number so they can charge data fees from you, while others will ask for your banking credentials to steal from you that way. While winning anything like what these scams offer would be undeniably awesome, you can’t win a contest that you didn’t enter. “Want to know who’s been looking […]
The basic tenet of social media is the ability for individuals to share part of themselves easily. With more computing done on mobile platforms today than ever before, more people are using these applications to share little pieces of their lives. One study conducted in 2018 found that not including YouTube, it was found that 69 percent of all American adults (18+) used some form of social media regularly over the subsequent year. That number continues to grow. So much so that now nearly 40 percent of seniors use some form of social media today, up nearly 200 percent since 2012. With so many people using social media it stands to reason that the number of people looking to steal money, information, and identities would also grow as well. This has proven to be accurate, and now today there are a fair amount of major privacy concerns that all social media users have to be cognizant of. The study also laid out what people use social media for. It won’t be a surprise to those who do use social media a fair amount that a lot of what is done is actually substituting as a social interactions hub to those people that don’t have the time (or the inclination) to interact with people in person or through other traditional methods. In fact, most people cite social media as where they share most of their civil and political views, personal health information, learn scientific information, engage in job, familial, and society-related activities; and, probably most alarming of all, it’s the place they go to get their news. Role of Privacy Privacy has, and will likely always be, dependent on how much an individual prioritizes the security of his/her personal information. If someone wants to keep some semblance of their life private, he/she can still do it, as long as it’s not available for people to steal. This is increasingly a problem. As social media use increases, the amount of direct integration that developers create with these social websites increases, making it easier for people to lose control over their private information. That’s not to say that by allowing social media companies access to some of your most personal information that you will completely lose control over it, but it seems fair to suggest. In a 2014 survey, 91 percent of polled Americans suggested that they had lost control over their personal information (or how it was collected), with 80 percent showing at least some concern over the relationship advertisers and other businesses have with these social media companies. One problem is that over half of Americans are cognizant of the dangers of having personal information fall into the wrong hands, and as a result they are actively monitoring their private information and where it is shared more effectively. The problem that faces them over time is that in order to use social media (or e-commerce for that matter), many companies are now demanding access to personal information that isn’t relevant to the transactions. This kind of data mining is beginning to creep out users as much as some of the content they find on these platforms, and it’s only a matter of time before a new social platform is created that doesn’t present users these problems; or, people just begin leaving […]
The password isn’t nearly as secure as it used to be. Hackers have begun to take advantage of extremely powerful solutions designed to brute force their way into accounts by using software to rapidly guessing thousands of passwords per second, making it extraordinarily difficult to prepare yourself for them. What’s the best way to guarantee that passwords aren’t going to be the downfall of your company? A great start is by taking a close look at password best practices and two-factor authentication.
Data security isn’t a matter to be taken lightly, as too many businesses have found out the hard way. Unfortunately, there are far too many simple ways to correct common security issues – enough that it’s foolish not to do so. We’ll review a few ways to fix security issues, after discussing one of, if not the, most egregious security failings in modern history.
Despite what detractors say, regulations are in place for good reason. They typically protect individuals from organizational malfeasance. Many of these regulations are actual laws passed by a governing body and cover the entire spectrum of the issue, not just the data involved. The ones that have data protection regulations written into them mostly deal with the handling and protection of sensitive information. For organizations that work in industries covered by these regulations there are very visible costs that go into compliance. Today, we look at the costs incurred by these organizations as a result of these regulations, and how to ascertain how they affect your business.
There is no question that a small business can benefit from technology, as has been proven time and time again. However, an issue can arise if a business bites off more than it can chew, so to speak, and ultimately creates a spike in costs. A responsible business owner will resist this temptation and prioritize the solutions they need over the ones they want – building profitability and generating capital needed to make other improvements. In this blog, we’ll examine some of the implementations that can deliver a good return on investment to a small business.
How much does your business rely on technology to keep your organization running forward? As business technology becomes more complex, it’s becoming increasingly popular for organizations to have their own internal IT departments to manage and maintain it. Yet, small businesses don’t often have the necessary funds for such a feat. How can your company afford quality IT service? You can start by pursuing managed IT solutions from a managed service provider.