More than any time before, cybersecurity has to be a major consideration for businesses. It is, in fact, one of the biggest problems the modern business has to face day-in and day-out. Shortage in cybersecurity talent and antiquated strategies are making it difficult for businesses to find the knowledgeable resources that will help them work to secure their network and data from threats to the business.
Partner IT Blog
It’s fair to say that most business owners aren’t cybersecurity experts. That’s why there is such a large investment in cybersecurity solutions. That outlay is justified, sure, but is it effective? Today, we’ll talk a little bit about network and cybersecurity, and how all the capital investment in the world may not actually keep your network secure.
The professional services space is filled with important information. Lawyers, accountants, doctors, and many more professionals have access to some of the very most personal information available. For this reason, they are continuously targeted by hackers. Since October is cybersecurity awareness month, we thought we would take a look at modern cybersecurity practices to see which ones were working best for professional services firms.
Just like you can form habits to be more productive, you can also form habits that expose your organization to risky situations, namely security problems. Your employees in particular are likely to have picked up a couple of nasty habits over time, so it’s up to you to address them and keep them from becoming an issue in the long term.
All that stands between hackers and your accounts’ data, be it personal information or sensitive business info, is a measly string of characters that may (or may not) be complex enough to thwart their attacks. We’re talking about your passwords, and for many businesses, they are the only thing protecting important data. We’ll walk you through how to make sure your passwords are as complex as possible, as well as instruct you on how to implement additional security features to keep your data locked down.
Let me ask you a question… let’s say that you’re about one year from your projected retirement, when a ransomware attack encrypts all of your files. What do you do? Pack it in and retire early? This is precisely the situation that the practitioners of Brookside ENT & Hearing Services of Battle Creek, Michigan, have found themselves in - and it may not be over yet.
Password security is a tricky part of running a business. After all, it’s not just dealing with your own password, but those of the many employees all throughout your organization. In times like this, it’s helpful to provide them with a list of how to make the best passwords possible. Here are a couple of examples for what to do, as well as what you shouldn’t do, when building a proper password.
Now that the holidays have come and gone, you might have a couple of new gadgets in your home or office that connect to the Internet. Depending on what these gadgets are, you might have a serious security issue sitting right in front of you without realizing it. Some devices that don’t normally connect to the Internet--also known as Internet of Things devices (IoT)--aren’t as secure as you’d like them to be, particularly in a business environment.
What are your chances of being hacked, or targeted by some kind of cyberattack? I hate to tell you this, but they’re probably a lot higher than you might think.
Network security for small businesses is far from simple. There are countless threats out there that want to see your business fall, and it only takes one to see this come to fruition. Unless you take action now to protect your organization, you risk the future of your business. But what is it that businesses need to protect from, and what measures are out there that can accomplish this feat?
Security is an aspect of running a business that absolutely cannot be ignored, regardless of whether or not you see it as a considerable issue in the near future. The fact remains that your organization will always be at risk unless you take actions to keep it safe today. By taking advantage of some of the latest and greatest security tools on the market, you’ll be able to protect not only from the basic threats, but more advanced ones as well.
As 2016 drew to a close, many of our clients might be forgiven for thinking that we were “all of a sudden” pushing the use of two factor authentication (2FA) for connection to remote desktop servers.
USB technology is widely-used and you’d be hard-pressed to find an organization that doesn’t utilize USB devices in some way, shape, or form. However, these devices often harbor unexpected threats that could put the security of your entire infrastructure in jeopardy. All it takes is one infected device to compromise your network. Do you know where your USB devices have been?
Since USBs are prized for their portability, they can be used for a myriad of purposes. USB flash drives or hard disk drives can be used to transport files, both compactly or in bulk. Many keyboards and computer mouses operate with USB technology these days. That’s not even mentioning the plethora of USB dongles that are used to connect other devices to your computer.
Now, imagine this scenario. An employee finds a USB drive on the ground and, curious to find out what’s on it, plugs it into their company-issued workstation. They might do this to make sure that good technology isn’t just left lying around, or maybe their curiosity just got the best of them. Either way, the files on the device could contain executable malware that can threaten your business. In many cases, the user might not even be aware that malware has been installed on the computer, and it can spread viruses, or install trojans that allow for remote access at a later date.
In fact, there’s been a recent report from May 2016 of a $10 USB device that’s capable of logging keystrokes on wireless Microsoft keyboards and transmitting the signals over a wireless frequency. Whitehat hacker Samy Kamkar built it out of a USB phone charger, which is so commonplace these days that nobody would think twice about seeing it plugged into the wall of your office. The threat of these types of devices is so significant that the FBI saw fit to issue a statement warning professionals of their dangers. While no attacks have been found in the wild, it’s still best to take the warning to heart and apply it to your own cyber security practices.
The root of the problem--the theft of data before it reaches its destination--extends well beyond Microsoft wireless keyboards, too. Any wireless device that sends signals that aren’t encrypted could potentially be intercepted by hackers using similar techniques. This method can be used to harvest data that could lead to the theft of personally identifiable information, login credentials, or financial credentials. It’s not unlike a hacker intercepting data over an unsecured wireless Internet connection.
Is your business prepared to handle these outside-the-box threats? All it takes is one mistake to expose your company’s data to those who would do it harm. In instances like this, you should make a policy that any and all devices your employees want to use should first go through your organization’s security protocol. This will help ensure that the devices are not threats to your critical infrastructure. Emphasize that your organization should only be using encrypted data storage devices whenever possible, and you can’t go wrong.
For more information about how to keep your business safe, contact us at 1300 968 748.
Do you find yourself traveling for your business? Be it for a conference, a series of meetings that require your attendance, or some other reason, you may very likely need to spend some time on the road; time that could be spent on tasks your business needs to function. Despite the lack of a traditional workspace, this time spent traveling doesn’t necessarily need to be time wasted. Thanks to the technology of today, you have the ability to remain productive while mobile.
However, you should still be mindful of your security. Cyber threats are present everywhere, and travelers unaware of security best practices can provide a tantalizing road of sitting ducks for attackers to strike. Of particular importance to a traveling business owner is the utilization of a Virtual Private Network (VPN), which allows you to access the company network on public Wi-Fi. It is important that you adhere to following these often ignored best practices, especially while carrying a pathway to the data critical of your business dealings.
Before departing for your trip:
- Be sure your software is fully updated: An important aspect of software updates is the fact that they aid in reducing the vulnerability of your device, especially those that apply to your security solutions. If your mobile solution’s software isn’t fully up to date, you are leaving the critical components of your business vulnerable to potential attack.
- Back up, back up, BACK UP: There’s a reason that best practices dictate that everything you have on your device be backed up before you leave: how often do you misplace your device at home or in the office? The nice thing about that scenario is you have a reasonable chance of finding it again, but on the road the chances of finding it are negligible, never mind the risk of damaging the device itself. It would be a shame to lose all the work you had accomplished on top of misplacing what is likely a company-provided device. Keeping at least your progress up to that point backed up is a simple method of mitigating the risks of traveling with your device.
While you’re travelling or present at your destination:
- Connect with consideration: Public hotspots are rife with risk factors. A favorite method of many hackers is to set up their own Wi-Fi connections that closely mimic the name of an establishment’s actual Wi-Fi network. For example, if you’re staying at the (fictitious) Motel Morris, and when you attempt to link to WiFi you are given the options of MOTEL_MORRIS_GUEST or MOTELMORRIS_FREEWIFI, it may be difficult to determine which is legitimate. As a precaution, always confirm which WiFi to use with someone associated with the establishment. Additionally, if what appears to be an establishment’s Internet connection claims to require a software update, disconnect and inform management at once.
- The more brief, the better: This one is just simple math: the longer you spend connected to the Internet through public Wi-Fi, the longer a hacker has to detect and infiltrate your system. If you aren’t actively engaged in some task, disconnect and log back in when you are again prepared to accomplish something. As irksome as it may be, it’s better than having your device’s security compromised.
- Keep it to yourself, if possible: If at all possible, use your own data plan and create a hotspot to access materials online, especially if financial matters and accounts are concerned. This will make the prospect of infiltration by hackers far less likely.
On a different line of thought, keep it to yourself and never leave your devices (storage solutions included) unsecured or unattended. If leaving your devices in your hotel room, keep them well-secured, just in case.
Just because you are travelling doesn’t mean you can’t be productive while maintaining a reasonable level of data security. With the proper safeguards in place and the application of a few best practices, you can make sure time is not wasted when there is work to be done.
Be sure to check back to our blog for more useful articles about the technology you rely on every day.
Mobile? Grab this Article