Blog

June 20th, 2016

b

The NBA Finals may now be over but for one team, the losses keep coming. Yahoo! Sports reported that the Milwaukee Bucks fell victim to a spoofed email scam last month. Names, addresses, Social Security numbers, compensation information and dates of birth of the players were unknowingly sent to a hacker and created a massive security issue for the team. And just because your employees don’t make millions of dollars doesn’t mean hackers won't target your company. Here are four ways to protect yourself from spoofed emails.

Education is key There are countless cliches out there promoting the importance of education, but when it comes to cyber security, you might as well embrace them all. In the case of spoofed emails, you need to make sure your employees know what these are and how they can harm your company. They can come in several forms and look to attack your organization in a number of different ways. A good defense starts with trained employees using best security practices when it comes to emails. Knowledge isn’t just the key to success, it’s the building block of a comprehensive email security plan.

Check the sender The easiest way to determine a real email from a spoofed one is to view who is sending it. While your basic junk mail folder will screen the really lazy attempts at spoofing, you and your employees can’t rely on it to weed out everything. A lot of cybercriminals have gotten skilled at mimicking the look and feel of companies through professional looking graphics and signatures. For starters, you are going to want to ignore email display names as these can be deceptive. The domain name provides the best clues as to who the sender really is. For instance, if an email requesting your company’s financial documents claims to be from the IRS but the domain reads IRSgov.com, it’s a spoof email since that domain is not what the IRS uses. If you ever spot an email containing a domain you consider to be suspicious, delete it immediately. If it is from a legitimate sender, they will send you a follow up email in a couple of days.

Embrace DMARC Domain-based Message Authentication, Reporting and Conformance (DMARC) can help reduce the risk of spoofed emails being sent internally. For businesses that do not set this up, it is possible for someone to spoof an email account that looks like it is from your business or a current employee and send it from a different server. As we saw in the case with the Bucks, these can appear legitimate to employees who will then in turn do what is requested such as turn off security settings or handover sensitive data. With DMARC in place you can prevent spoofed emails from utilizing your domains by requiring any email sent by your domain to come from your server. This greatly reduces the risk of an internal spoofed email showing up in the inbox of your employees.

Utilize email protections A lot of companies believe they can get by with the simple protections that come standard with an email client. However, doing the bare minimum is rarely enough to stop spoofed emails, not to mention all of the other threats lurking in your inbox, and high-powered email and spam protection will give your organization the added layer of security it needs. Much like elite-level basketball players need the best coaching and equipment to succeed, the only way to truly reduce the risk of falling victim of a spoofed email is to educate your staff properly and then equip them with email filtering. This ensures they aren’t wasting their time constantly trying to identify legitimate emails from fake ones but are prepared when the situation presents itself.

When it comes to email security, working with us is a slam dunk. We may not have the skills of Steph Curry on the basketball court but when in the realm of IT, competitors say they want to be like us. Give us a call today to find out more.

Published with permission from TechAdvisory.org. Source.

Topic Security
June 9th, 2016

2016June9_Security_AAlthough some may have hoped that the threat of ransomware was on the decline, the reality is that it’s quite the opposite. Until now, attacks seemed to be targeted directly at its victims, but Microsoft warns that may no longer be true. With their discovery of self-propagating ransomware it’s vital to fully understand the possible risk of infection.

Ransomware, the malware that locks up infected systems and demands payment to return access to users, has been steadily increasing its infection rate over the course of this year. Enigma Software reported that, “After staying steady for the last six months of 2015, ransomware detection has begun to climb; February saw a 19 percent increase over January, while March had almost a 10 percent increase over February. Then, in April, infections more than doubled.”

And as if that wasn’t frightening enough, Microsoft announced last week that a recently detected ransomware software was found copying itself onto USB and network drives. The ransomware, titled ZCryptor, disguises itself as either an Adobe Flash installer or a Microsoft Office file to trick users into opening it.

Once opened, it displays a prompt that says “There is no disk in the drive. Please insert a disk into drive D:”. If you see this after opening a suspicious file, it is most likely ZCryptor trying to distract you while it works in the background to add a registry key that buries itself deep in your system and begins to encrypt your files.

Although previous ransomware iterations like Alpha Ransomware had the ability to find and encrypt files on shared network drives, security experts believe this is the first time a ransomware variant has included self-replication via removable drives into its framework.

When it was first detected in May, Microsoft found ZCryptor singling out 88 different file types for encryption. However, later on a security expert analyzed the ransomware and found 121 targeted file types -- inferring that creators of the malware were continuing to develop its source code.

It’s commonplace for ransomware to demand payment to be made in Bitcoins as they’re an almost totally untraceable online currency. ZCryptor is no different, demanding 1.2 Bitcoins (500 USD) unless payment is more than four days after infection -- then it increases to five Bitcoins (2,700 USD).

Compared to other more complex security threats, ransomware is still relatively easy to avoid. Always verify the source of email attachments and website downloads before opening files, disable macros in Microsoft Office programs, maintain regular backups and update your security software.

Still concerned about security at your SMB? It doesn’t have to be as difficult and draining as you may think. Contact us today for advice on keeping your network protected around the clock.

Published with permission from TechAdvisory.org. Source.

Topic Security
May 17th, 2016

2016May17_Security_AImageMagick, one of the internet’s most widely used image processing services, is susceptible to attacks that may put your site at a huge risk of exploitation, according to recent reports. The discovery of this vulnerability means attackers could potentially steal your site’s data, or corrupt it entirely. Let’s take a look at what your SMB should be doing to protect itself from this security flaw.

What is ImageMagick?

ImageMagick is a tool that allows sites to easily crop, resize, and store images uploaded by third parties. Vendors continue to improve user interfaces and experiences by consolidating functions into all-in-one packages, which means administrators are becoming increasingly unaware of what specific services they are actually utilizing. ImageMagick is deeply integrated into countless web services and many webmasters may not even be aware they are using this unsafe software.

How can an image make my site vulnerable?

Recently, it was discovered that images can be uploaded that force ImageMagick into executing commands and permitting attackers to remotely insert harmful code into vulnerable sites. Images are actually made up of complex code that is translated into photos, icons, etc. Different file extensions use what are called “Magic Numbers” to define their file types. Manipulating these numbers allows attackers to exploit a flaw in ImageMagick. The service scans the uploaded file, and attempts to decode the source information whenever it detects the file is not what it claims to be. Scanning that code and attempting to rectify the file misappropriation can then trigger whatever was hidden inside the image and result in remote command of your site.

How should I protect my site?

ImageMagick has admitted knowledge of the security flaw and promised to release a patch very soon. Until then, experts advise implementing multiple workarounds to keep your systems safe. However, if you're not well acquainted with your web server and its code, then it's wise to consult an expert instead of attempting these changes on your own.

For those who are familiar, follow these steps. The first is to temporarily incorporate lines of code that preemptively block attackers from exploiting these holes. Those lines of code, and where to insert them, can be found here.

The next step is double checking that any image files utilizing the ImageMagick service aren’t hiding any harmful information. This can be accomplished by opening an image file with a text editor, and checking for a specific set of letters and numbers at the beginning of the text that define what type it is. The list of these “Magic Numbers” can be found here, and will reveal if an image is hiding its true purpose.

Ideally, administrators will halt all image processing via ImageMagick until a patch is released from the developers.

Data security is one of the most crucial aspects of any SMB, however, keeping up with the constant flow of security exploits and patches can be overwhelming for administrators of any ability level. Why not contact us to learn more about keeping your network secure and protected from exploits like this one?

Published with permission from TechAdvisory.org. Source.

Topic Security
April 28th, 2016

2016Apr28_Security_AKnow thy enemy. When it comes to hackers, most business owners get hung up on the technical and mechanical details of a cyber attack forgetting another important aspect: motive. Why are they attacking people and organizations in the first place? And who are they targeting? By answering these questions you’ll have a better understanding of what resources need the most protection in your business.

Script Kiddies

When it comes to skill level, Script Kiddies are at the bottom of the totem pole and often use scripts or other automated tools they did not write themselves - hence the name. With only an elementary level of technical knowhow, Script Kiddies usually don’t cause much damage...usually. The Script Kiddy virus known as the Love Bug which sent out an email with the subject-line “I LOVE YOU” fooled millions of people, including some in the Pentagon, in the early 2000’s. The virus reportedly caused around 10 billion in lost productivity and digital damage.

So who is a Script Kiddie? Most of the time they’re simply bored youth looking for a thrill or notoriety. Many never evolve into a full-time hacker, and instead just use their skills as a hobby. Oddly enough, many Script Kiddies find a career later on working in the security industry.

Hacktivist

If you’ve heard of Anonymous, LulzSec or AntiSec, then you’re familiar with Hacktivists. These groups are made up of members of varying skill levels, all the way from Script Kiddies to some of the most talented hackers in the world. Their mission is largely politically motivated as they aim to embarrass their targets or disrupt their operations, whether that be a business or government body. Two of the most common ways they attack their target are by stealing sensitive information and exposing it or denial of service (DDoS) where a server is overloaded till it finally crashes.

As a small or medium-sized business owner you are not necessarily immune to Hacktivist disruption. If your business or a company you’re associated/partnered with participates or provides services that can be seen as unethical, such as Ashley Madison (who fell victim of a major Hacktivist attack last year), then you too may be targeted by Hacktivists.

Cyber Criminals

Often talked about in the media and well-known by most SMBs, cyber criminals are after one thing: money. Their targets run the gamut, including everyone from individuals to small businesses to large enterprises and banks. But what do these targets usually have in common? They either have a very valuable resource to steal or their security is easy to exploit...or a combination of both of these. Cyber criminals can attack in a number of ways including using social engineering to trick users into providing sensitive information, infecting an organization/individual with ransomware or another form or malware, or exploiting weaknesses in a network.

Insiders

Perhaps the scariest type of hackers are the ones that lurk within your own organization. Insiders are made up of disgruntled employees, whistleblowers or contractors. Oftentimes their mission is payback; they want to right a wrong they believe a company has perpetrated toward them, so they’ll steal sensitive documents or try to disrupt the organization somehow. Edward Snowden is a prime example of an insider who hacked his own organization - the US government.

Now that you know what motivates your enemy, you’ll hopefully have a bit of an idea as to whether or not you’re a target. To learn more about how to secure your business from these types of hackers, get in touch with our experts today.

Published with permission from TechAdvisory.org. Source.

Topic Security
April 13th, 2016

2016Apr13_Security_ABring your own device (BYOD) strategy is when an employee uses their personal mobile device to work with your company from anywhere. This strategy can bring about many advantages to your business such as increased efficiency and convenience. However, this can also bring a number of security risks for your IT infrastructure and data. If you’re thinking of incorporating BYOD in your office, consider some of the risks involved before making a decision.

Data leakage

The biggest reason why businesses are weary of implementing a BYOD strategy is because it can potentially leave the company’s system vulnerable to data breaches. Personal devices are not part of your business’s IT infrastructure, which means that these devices are not protected by company firewalls and systems. There is also a chance that an employee will take work with them, where they are not using the same encrypted servers that your company is using, leaving your system vulnerable to inherent security risks.

Lost devices

Another risk your company has to deal with, is the possibility of your employees losing their personal devices. When devices with sensitive business information are lost, there is a chance that this could end up falling into the wrong hands. Additionally, if an employee forgets to use a four digit PIN code to lock their smartphone or tablet, anyone can gain unauthorized access to valuable company data stored on that particular device. Therefore, your company should consider countermeasures for lost devices like completely wiping the device of information as soon as an employee reports a missing or stolen phone.

Hackers can infiltrate your system

Personal devices tend to lack adequate data encryption to keep people from snooping. This along with the fact that your employees might not have updated their devices can allow hackers to infiltrate your IT infrastructure.

Connecting to open Wifi spots makes your company more susceptible to hackers. Open wireless points in public places can put device owners at risk because there is a chance that hackers may have created that hotspot to trick people into connecting. Once the device owner has connected, attackers can simply surveil web activity and gain access to your company’s accounts.

Vulnerable to malware

Viruses are also a big problem when implementing BYOD strategies into your business. Using personal devices means your employees can access whatever sites or download any mobile apps that your business would normally restrict to protect your system.

Jailbreaking or rooting a device also puts your systems at risk because it removes limitations imposed by the manufacturer to keep the mobile software updated and protected against external threats. It’s best to understand that as your employees have the freedom to choose whatever device they want to work with, the process of keeping track of vulnerabilities and updates is considerably harder. So if you’re thinking about implementing BYOD strategies to your business, prepare your IT department for an array of potential malware attacks on different devices.

So you might be thinking that it would probably be best to just avoid implementing a BYOD strategy in the first place. However, BYOD will help your business grow and adapt to the modern workplace, and should not be dismissed as a legitimate IT solution. It’s just important to educate your company about these risks so that problems won’t occur for your business down the line.

If you need some help implementing IT security solutions for your company, or if you have any concerns regarding IT, give us a call.

Published with permission from TechAdvisory.org. Source.

Topic Security
March 29th, 2016

2016Mar29_Security_AYour computer has been acting up a lot lately. It keeps crashing, it’s slow and, to top it off, you keep getting pop-ups you don’t want to see. If these problems keep occurring then your computer may have a virus. So is there a way to prevent things like this from happening again? While there are various antivirus solutions you can take, it’s best to know how malware affects your computer first so you can quickly recognize and deal with the problem. These are a few ways to find out if your computer has a virus before it’s too late.

Slow computer

The most common symptom of a malware infection is a slow running computer. Are your operating systems and programs taking a while to start up? Is your data bandwidth suspiciously slow? If so, your computer may potentially have a virus.

However, before you immediately assume your computer has a virus, you should check if there are other causes to your computer slowing down. Check if you’re running out of RAM. For Windows, open task manager (Ctrl + Shift + Esc) and go to the Performance tab and check how many gigabytes of RAM you are using under the Memory section. For Mac OS users, you can open the Activity Monitor app and under System Memory you should be able to find out your RAM usage.

Other causes of a slow system include a lack of space on your hard drive and damaged hardware. Once you’ve ruled out the other potential causes, then a virus may have infected your device.

Blue screen of death (BSOD)

If your PC crashes regularly, it’s usually either a technical problem with your system or a malware infection. You might not have installed the latest drivers for your device or the programs you’re running could possibly be incompatible with your hardware. If none of these problems are apparent in your PC then the virus could be conflicting with other programs causing your crashes. To check what caused your last BSOD go to Control Panel> System and Security> Administrative Tools> Event Viewer and select Windows Logs. Those marked with an “error” are your recorded crashes. For troubleshooting solutions, consult forums or your IT department to figure out what to do next.

Programs opening and closing automatically

Malware can also be present when your programs are opening and closing automatically. However, do check if some programs are meant to behave this way or if they are simply incompatible to run with your hardware first before coming to the conclusion that your computer has a virus.

Lack of storage space

There are several types of malware that can manipulate the files saved on your computer. Most tend to fill up your hard drive with suspicious files. If you find any unknown programs that you have never installed before, don’t open the application, search up the program’s name over the Internet and use antivirus protections once you’re certain that it’s malware.

Suspicious modem and hard drive activity

Combined with the other warning signs, if your hard disk is working excessively while no programs are currently running or if you notice that your external modem is always lit then you should scan your computer for viruses.

Pop-ups, websites, toolbars and other unwanted programs

These are irritating signs that your computer has a virus. Pop-ups come from clicking on suspicious pages, answering survey questions to access a website’s service or installing free applications. Don’t click on ads where Jane says she earned $8000 a month staying at home. When you get pop-ups appearing out of the blue, refrain from clicking anywhere on the pop-up page and just close out of the window and use your anti-malware tool immediately.

Equally, free applications allow you to download their service for free but the installation process can be riddled with malware. When you’re installing a program from the Internet it’s easy to just skim over the terms and conditions page and repeatedly press next. This is where they get you. In the process of skipping over certain installation steps, you might have agreed to accepting a new default browser, opening unwanted websites and other programs filled with viruses. Just be cautious the next time you download something for free. It’s best to try avoiding any of these practices when you can in order to protect your computer.

You’re sending out spam

If your friends are telling you that you’ve been offering them suspicious messages and links over social media or email, you might be a victim of spyware. These may be caused from setting weak passwords to your accounts or forgetting to logout of them.

In the end, it’s best to know how malicious software affects your computer so you can take steps to rectify the situation as soon as possible. Regardless of whether or not your system has experienced these symptoms, it’s always smart to perform regular malware scans to ensure your business is safe. To find out more about malware and IT security, contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
March 15th, 2016

2016Mar15_Security_AWhether or not to monitor your employees' computers can be a tricky decision. While part of you may think it’s unethical, you also may question if your staff are spending too much time on non-work related activities, and taking advantage of you in the process. So, should you monitor? Here are some pros and cons of monitoring, and some tips to effectively do it if you decide it’s right for your business.

The case for monitoring

There are a number of reasons why monitoring your employees is a good idea. Doing so can help you:
  • Protect your organization from data theft or harm - because some disgruntled employees may try to steal from you or corrupt your data.
  • Ensure you have a harassment free workplace - because cyber harassment (sexual or otherwise) happens among employees.
  • Ensure staff are complying with policies - not downloading illegal programs or spending time on websites with illegal or hostile content.
  • Provide evidence in case of a lawsuit - heaven forbid this happens, but if an employee participates in illegal activities on your business’s computers, monitoring can provide evidence of it.
The sad fact of the matter is that many businesses who monitor end up discovering that employees are doing things they’re not happy about. Research by Nancy Flynn, the executive director of the ePolicy Institute in Columbus, Ohio, revealed that two thirds of companies monitor their employees, and half of them have fired employees due to their behavior on email and the web.

Cons

Of course there are some potential downsides to monitoring that you should be aware of as well. These include:
  • Productivity loss - monitoring can kill employee morale, and therefore you may see a hit in their productivity if they feel you distrust them.
  • TMI and lawsuits - you’ll likely learn about the personal lives of your employees that you would’ve never known about had you not monitored. You may discover their political or religious views, sexual orientation or medical problems. This could potentially open up your business to privacy or discrimination issues if you or your management team act negatively on this information.

Monitoring guidelines to follow

If you decide to monitor your employees, here are a few tips you should follow.

1. Create written policies

When you decide to monitor, ask yourself, are you doing it for security purposes? Is it to ensure your employees are not wasting large amounts of time on Social media? Whatever the reasons, it’s smart to balance your policies with the expectations of your employees. If you’re too strict with your monitoring, you could create that atmosphere of distrust we mentioned above. So set guidelines for acceptable use of email, social media, web surfing, instant messaging, and downloading software and apps. Also, in your policy, include how monitoring will be carried out and how data will be secured or destroyed.

2. Tell your employees

It’s important to inform your employees about your monitoring. If they find out you’re doing it without their knowledge, you could create resentment among them or even face legal issues. And just by letting staff know, you may actually see a boost in productivity as it could deter them from wasting time on the web.

When you tell your employees, explain why you’re doing it and the risks your business faces from misuse of digital assets. Reassure them you’re not doing it to spy on their personal life, but only attempting to create a compliant and law abiding workplace. Because their activities will now be less private, encourage your staff to keep their personal communication to their smartphones. Also, provide a copy of your written policy to employees to read over and sign.

3. Get the right technology tools

While there are many technology tools to monitor your employees, bear in mind, you don’t need to follow their every move. In fact, you shouldn’t as it will not only waste your time, but also cause you to find out more information than necessary. So look for technology that will alert you to potential problems, so you can focus on more important things. Lastly, you may also want to consider technology that can block certain content, like porn or hate websites, as employee access to this content could create larger problems.

Whether or not to monitor your employees can be a tricky decision but, if implemented correctly, could benefit your business in making it more secure and even more productive. For more information about security and other IT support tools, get in touch. We’ll make our best effort to help however we can.

Published with permission from TechAdvisory.org. Source.

Topic Security
February 29th, 2016

2015Feb29_Security_AThe financial services industry has long been a heavily targeted sector by cyber criminals. The number of attacks that involved extortion, social-engineering and credential-stealing malware surged in 2015. This means that these institutions should strive to familiarize themselves with the threats and the agents behind them. Here are 7 new threats and tactics, techniques and procedures (TTP’s) that security professionals should know about.

Extortion

The cyber criminal Armada Collective gained notoriety for being the first to utilize distributed denial-of-service (DDoS) attacks. This occurs when multiple systems flood a targeted system to temporarily or completely disrupt service. They evolved the idea further and started to extort Bitcoins from victims who were initially notified of their vulnerability. If they didn’t comply with the ransom demands of the criminals, they would flood their systems until the victim's network would shut down completely.

Social media attacks

This involved criminals using fake profiles to gather information for social engineering purposes. Fortunately, both Facebook and Twitter began to proactively monitoring for suspicious activity and started notifying users if they had been targeted by the end of 2015. However, you should still have your guard up when someone you don’t know, or even a friend or colleague, starts asking you suspicious questions.

Spear phishing

Phishers thrive off familiarity. They send out emails that seem to come from a business or someone that you know asking for credit card/bank account numbers. In 2015, phishers went to the next level and began whaling. This normally involved spoofing executives’ emails (often CEO’s) to dupe the finance departments to transfer large sums of money to fraudulent accounts.

Point-of-sale malware

POS malware is written to steal customer payment (especially credit card) data from retail checkout systems. They are a type of memory scraper that operates by instantly detecting unencrypted type 2 credit card data and is then sent to the attacker’s computer to be sold on underground sites.

ATM malware

GreenDispenser is an ATM-specific malware that infects ATM’s and allows criminals to extract large sums of money while avoiding detection. Recently reverse ATM attacks have also emerged, this is when compromised POS terminals and money mules to reverse transactions after money being withdrawn or sent to another bank account.

Credential theft

Dridex, a well known credential-stealing software, is a multifunctional malware package that leverages obfuscated macros in Microsoft Office and extensible markup language files to infect systems. The goal is to infect computers, steal credentials, and obtain money from victims’ bank accounts. It operates primarily as a banking Trojan where it is generally distributed through phishing email messages.

Other sophisticated threats

Various TTP’s can be combined to extracted data on a bigger scale. Targeting multiple geographies and sectors at once, this method normally involves an organized crime syndicate or someone with a highly sophisticated setup. For example, the group Carbanak primarily targeted financial institutions by infiltrating internal networks and installing software that would drain ATM’s of cash.

The creation of defensive measures requires extensive knowledge of the lurking threats and our team of experts is up-to-date on the latest security information. If you have any questions, feel free to contact us to find out more about TTP’s and other weapons in the hacker’s toolbox.

Published with permission from TechAdvisory.org. Source.

Topic Security
February 9th, 2016

2016Feb9_Security_AMost business owners have an employee handbook. But when it comes to the online security of their business, often times this portion is either not adequately addressed, or not addressed at all. However, with cyber crimes an ever increasing threat, and the fact that employee error is one of the most common causes of a security breach, it is incredibly vital that your staff is informed of your policies. Here are four policies that every business owner should share with their employees.

Internet

In today’s business world, employees spend a lot of time on the Internet. To ensure they’re not putting your business at risk, you need a clear set of web policies. Here are three important ones to keep in mind:
  1. Employees should be using the Internet for business purposes only. While this is undoubtedly hard to avoid without blocking specific websites, having a policy in place should at least cut back on employees spending time on non-business related sites.
  2. Prohibit unauthorized downloads. This includes everything from music to games, and even data or applications.
  3. Accessing personal email should not be done on business devices. If employees must access their own email account during the day, they can do so on their smartphone or other personal device.
These are just a few Internet policies to get started, but you should also consider including information on your recommended browsing practices and your policies for using business devices (such as company phones) on public wifi.

Email

Just like with the Internet policy mentioned above, company email accounts should only be utilized for business use. That means your employees should never use it to send personal files, forward links or perform any type of business-related activities outside of their specific job role. Additionally, consider implementing a standard email signature for all employees. This not only creates brand cohesion on all outgoing emails, but also makes it easy to identify messages from other employees, and hence helps prevents spear phishing.

Passwords

We’ve all heard the importance of a strong password time and time again. And this same principle should also apply to your employees. The reason is rather simple. Many employees will create the easiest to crack passwords for their business accounts. After all, if your organization gets hacked, it’s not their money or business at stake. So to encourage employees to create strong passwords, your policy should instruct them to include special characters, uppercase and lowercase letters, and numbers in their passwords.

Data

Whether or not you allow your employees to conduct work on their own device, such as a smartphone or tablet, it is important to have a bring your own device (BYOD) policy. If your employees aren’t aware of your stance on BYOD, some are sure to assume they can conduct work related tasks on their personal laptop or tablet. So have a BYOD policy and put it in the employee handbook. In addition to this, make sure to explain that data on any workstation is business property. That means employees aren’t allowed to remove or copy it without your authorization.

We hope these four policies have shed some light on best security practices. If you’d like more tips or are interested in a security audit of your business, do get in touch.

Published with permission from TechAdvisory.org. Source.

Topic Security
January 25th, 2016

2016Jan20_Security_AIt’s been said so many times that many small business owners are likely to block it out, but the truth remains: cyber criminals target SMBs. Perhaps the reason for this ignorance is that when an SMB falls victim to an online attack, it’s not breaking news. But this time, in a recent NY Times article, a cyber attack wasn’t focused on the Ashley Madisons or Dropboxes of the world. This time the focus was on a small business who is lucky to still be in business after a serious cyber attack.

Last holiday season, Rokenbok Education, a small, California-based toy company of seven employees realized its worse nightmare. During the busiest time of the sales year, the files in their database had become unusable, infected with malware. The hackers used ransomware, a malware designed to hold a business’s data hostage, to encrypt their files and demanded a payment to make them usable again. However, instead of paying the ransom, Rokenbok restructured their key system. To do this it took four days. That’s four days of downtime, lost sales, and confused customers who likely lost confidence in the integrity of their company. Luckily this did not put Rokenbok Education out of business. But many SMBs aren’t so fortunate, and are forced to close after such a security debacle.

So why do security breaches like this happen to SMBs?

There are many reasons, but a common one is that small and medium-sized businesses often focus on profits over security. And really, it’s hard to blame them. When you’re small, you want to grow your organization as quickly as possible. And you likely think that because you’re small, no one is going to attack you. However, nowadays hackers are on to this way of thinking. They know that SMBs don’t focus as much on security, which make them a perfect target. In fact, according to Timothy C. Francis, the enterprise lead for Cyber Insurance at Travelers, 60 percent of all online attacks in 2014 targeted SMBs.

So what can your business do to protect itself against online attacks? There are a range of options, but it’s best to start off with an audit of your current security system to see where the holes are. This audit should check areas of risk which include customer data, employee access, and assets such as servers, computers and all Internet-enable devices.

After that, an obvious thing to do is to strengthen your passwords. While this has been said thousands of times over, many SMB owners do not take heed. Clay Calvert, the director of security at the Virginia-based firm MetroStar Systems, notes that hackers analyze how we create passwords and use big data analytics to crack them. “They have databases of passwords,” Calvert said. The best way to create a strong password is to make it long with a mix of characters. Password managers that encrypt your passwords can also help.

Aside from passwords, there are many other ways to boost your business’s security that include installing a firewall, keeping your antivirus up-to-date, and moving data over to the cloud (instead of storing it on company servers). Also, since many security attacks occur because an employee clicked on a malicious website or link, training your employees is a smart move. A good way to start this training is to create an employee manual that includes security guidelines they must follow. For ongoing training, you can keep them up-to-date on the latest security threats through email updates and regular meetings. Once you feel confident that your employees are up-to-speed and your security practices are updated, you can try hiring ethical hackers to test your systems and try to break through your security. This will let you know if there are any security holes you missed.

Calling in a security specialist

However, if all of this sounds far too much to bother with, consider outsourcing your security to a service provider that specializes in digital security. This can oftentimes save valuable time and money in the long run. Best of all, this can provide peace of mind, knowing that you have a security specialist watching over your business.

If you’re feeling overwhelmed and unsure where to start with your business’s security, we’re happy to help perform a thorough audit and provide you the digital security solution you need to keep your business protected. Security worries don’t have to keep you up at night, and we can help you implement the measures that will protect your business from disastrous security problems.

Published with permission from TechAdvisory.org. Source.

Topic Security