Tag Archives: malware

Cyber Crime

Keeping Your Network Secure

A network is only as strong as its weakest link, and if that weakest link is your security, that can compromise the revenue and the reputation of your business. Attacks just from ransomware have increased over the years, by 200% between 2015 and 2016 alone.  There are three fronts to consider: identify the hazards, use technical tools to protect your network, and educate your employees on cybersecurity. Read on to find out more about how to protect yourself.

Know the Hazards of Malware and Phishing Schemes

With so many businesses finding it necessary to gather, store and monetize customer data, this is an area of vulnerability. Malicious software, or “malware,” can take various forms, from worms and viruses to ransomware, which can hold your data hostage. Some types can simply make your system run more slowly, and some can steal or destroy data. Phishing schemes are designed to steal private data simply by an unwary recipient clicking a link. Technical tools are part of the protection plan.

Fight Cyber Attacks with Technology

There are plenty of technical tools and applications to keep your system safe. Firewalls and SPAM filters can keep unwanted network communications from coming in and going out. Anti-virus and anti-malware applications keep harmful worms, viruses and other malicious software from infiltrating your network. Be sure also to keep your antivirus and anti-malware programs up-to-date, to guard against the latest threats. Network monitoring can help stop attacks before they start, and operating system patches can fill in any security holes in the network. Along with these tools, be sure to train your employees to recognize security hazards.

Don’t Forget the Human Element

Employees can be the first line of defense against cybersecurity hazards. Teach your employees, through regular training, to recognize threats to your system’s security. Educate them to avoid “phishing” schemes by not clicking on links in email from suspicious sources, and how to recognize a suspicious email (often typographical or factual errors in the email are tip-offs). Finally, emphasize that cybersecurity is a team effort, and get them invested in helping keep your network safe.

Remember, your business is only as secure as your network. You are risking more than money if your network contains weak spots. Contact your technology advisor for assistance with protecting your network’s security.

The Importance of Maintaining Network Compliance

Network SecurityLast month’s blog provided information about ways to “Avoid Being Held Hostage by Ransomware.” Eight days later, on May 12, 2017, there was a global outbreak of the Wanna Cry Virus. With Cyber Threats on the rise, the importance of maintaining network compliance is top of mind with business owners and IT professionals alike. Industry compliance regulations, including PCI, HIPAA, and SOX, drive best practices in Network Compliance. However, most businesses today rely heavily on their systems to access Cloud Services, Voice, and Data Networks for mission-critical applications that run their business. What can you do to maintain network compliance?

Automate Your Network Administration

Keeping operating systems and network configurations up to date is a top priority for network compliance. Each device that connects to your network needs to have up-to-date operating system security patches, anti-virus definitions, and malware threat prevention in order avoid un- intended intrusion of your network. There are abundant tools and managed services to help your business stay up to date without adding to your internal labor cost.

Proactively Monitor Your Network

Monitor your network to identify any systems that are out of compliance. Proactive monitoring can also identify unauthorized devices connected to your network. You can monitor your network traffic to identify unusual use of network bandwidth. Aside from slowing down your systems, excessive bandwidth may be the result of a malware-infected device that is exploiting your network.

Documenting Your Network Security Controls

Achieving compliance with documented security procedures including password policy, systems maintenance, backup procedures, and compliance measures, is critical to following most industry compliance regulations. It is a  best practice to update these procedures annually. Reviewing your Network Compliance policies gives your business an opportunity to stay up to date and serves as a reminder of the importance of maintaining network compliance.

Contact your Technology Advisor if you have questions about maintaining network compliance or other concerns regarding ransomware and other related Cyber Threats.

How to Avoid Being a Ransomware Hostage

RansomwareRansomware, spyware, phishing schemes, and other Cyber attacks are commonplace in today’s world of technology. According to a recent article in Forbes, ransomware attacks grew at an accelerated pace in 2016 with reports of 638 million attacks, almost 200 times more than the number of ransomware attacks in 2015. Most experts agree that Ransomware attacks will continue to occur–so what can you do to avoid being a ransomware hostage?

Not All Ransomware is Created Equal

Before you panic, find out what type of Ransomware you are up against. Scareware is a type of Ransomware that tricks you into thinking you have a bigger problem. A simple scan may quickly remove the pop from your browser cache and get you back on your way. Some ransomware is truly nasty — your entire system may be encrypted, meaning you will need to wipe your system and start over if you have a good backup. Otherwise, you may find yourself hostage to the cybercriminals to unlock your data.

An Ounce of Protection is Worth a Pound of Ransom

Data protection is an important element in minimizing the impact of Ransomware. Make sure your network security is fully compliant. Backup your data, update your antivirus definitions and make sure your security patches are up to date. Consider using Cloud Backup, Security as a Service, and Managed IT services to keep your network up to date. Having a strong offense to avoid ransomware is your best defense.

Don’t Forget the Human Element

Train your employees on a regular basis on the importance of staying vigilant against Cyberattacks and how to avoid being a hostage. There are many resources to get training for your team. Periodic updates about threats and security procedures serve as a reminder to your employees to ensure they adhere to best practices.

If you need security training or are interested in a review of your network, security vulnerability, or other technology infrastructure, contact your Technology Advisor today.

Cyber Threats You Should Protect Against

Cyber SecurityDefending against Cyber threats is no easy task. Understanding the risks and designing a defense strategy are important steps in protecting yourself from Malicious actors and Cybercriminals. Staying current on Operating System and Application Patches, Restricting Network Access, and maintaining antivirus and malware protection are known ways to protect your network. Employee awareness and education on how to identify threats, and the importance of adhering to policies, also bolster your defense against cyber attack. If you’re not convinced, review the following Cyber threats you need to protect against.

 

How Malicious Software (Malware) Works

Malware is self-propagating software designed to infiltrate your network. This software can come in the form of a worm that will infect your network via your router via your Internet Protocol (IP) address. If it doesn’t find a hole in your network it may automatically update to scan for the next sequential IP Address, infiltrating and corrupting networks as it goes along. Avoid Malware by proactively scanning your network and keeping your network in compliance.

 

Why Phishing Could Put You Out of Business

Every year, millions of SPAM emails are sent to unwary recipients with the hope of collecting private and personal information including, account/password, privacy data and other information that can be exploited for profit. What’s more, Phishing is a popular way for Cybercriminals to distribute Ransomware, a form of malware that holds your systems hostage in exchange for payment. In the event of a data breach, your company may need to disclose the impact to customers and other stakeholders. In addition to ransom and legal fees, your company’s reputation may be on the line. Email protection and web content filtering are ways to protect against phishing schemes. It is also important to train your employees in how to identify and avoid these types of attacks.

 

Distributed Denial of Service Attack (DDoS)

Think of a Distributed Denial of Service Attack (DDoS) as a flood of system-generated traffic attacking your business infrastructure, designed to take you offline from the Internet. Hackers may try and extort your business or use DDoS in retaliation. Many Cloud Providers have excellent resilience and redundancy to defend against DDoS. If you rely on your own infrastructure, be sure to monitor for unusual activity and have a plan for failover in the event of a DDoS attack on your business.

 

Cyber attack threatens businesses large and small. Planning and network protection, combined with training, are your keys to defending against unintended data loss and business interruption due to Cyberthreats. Contact your Network Security specialist to find out what you can do to prevent a Cyber attack on your business.

Technology Trends for 2017

Technology Outlook 2017It’s that time of year when many businesses are setting goals and budgets for next year. This is a good time to reflect on the impact technology can have on your business. While Cloud Computing adoption remains strong, companies will increase migration from Public to Private Cloud and even migrate back “on premise.” Cloud adoption, digital transformation and streaming media will increase the demand for bulletproof networking. New technologies including SD-WAN will hit mainstream in 2017 to improve network performance in support of business requirements. Cyber threats will continue to keep business owners up at night with increased intrusions from ransomware and unplanned downtime from DDoS attacks. Here are a few takeaways to consider for your 2017 plan.

More Choices for Cloud Computing

In a recent study by the Computing Technology Industry Association’s (CompTIA), 43% of those using Public Cloud are expected to migrate to another Public Cloud Provider. For example, companies using Hosted Exchange may find themselves adopting Office 365 or Google for Work to keep current on the latest version of these communications and collaborations applications. The CompTIA “Trends in Cloud Computing” research also revealed 21% of Cloud usage will move from Public Cloud to Private Clouds. This scenario is driven by the need for compliance with industry regulations, including HIPAA regulations for health care and SOX compliance for Financial Services, among other business requirements.

Digital Transformation Will Emerge as Competitive Advantage for Business of All Sizes

Businesses will adopt new strategies for reaching new customers and servicing existing customers in 2017. These new strategies will fuel the need for digital transformation. Reaching new buyers through digital channels, along with automating customer service, order or fulfillment, and linking supply chains, will drive this digital transformation in support of new business strategies. Cloud Contact Center, Customer Relationship Management (CRM), Marketing Automation, eCommerce, and other customer-facing technologies will emerge as transformation enablers. Other technologies helping with administrative functions (including workforce recruitment and development) will help companies maintain competitive advantage and manage their growth.

Resolve to Bulletproof Your Network in 2017

In 2017 Business Networks will become a strategic advantage. Access to Cloud infrastructure, connecting remote offices, reliance on VoIP, Cloud Call Center and video streaming will all drive demand for high-performance networking. Technologies allowing wide area networking optimization, known as Software Defined Networks or SD-WAN, will become mainstream technology in 2017. Through simplified management and reliance on business class Internet, network performance is expected to increase while related costs are expected to decrease.

Security will Continue to Keep Business Owners Up at Night

The Gartner Group predicts demand for Security related to the Internet of Things (IoT) will be driven by 11 billion connected devices. Similar to adoption of mobile devices in the workplace, connecting “things” will create the need for additional security and proactive management. Additionally, Cyber Threats from malware and phishing schemes will continue, as will additional threats and downtime from Ransomware and DDoS attacks in 2017. Keeping your network running will be more complex and more important for the foreseeable future.

As you adjust your strategy to accommodate the rapidly changing business environment, consider how technology can influence your outcome in 2017. If you feel you need help with your 2017 technology plan, contact your technology advisor today.

What is Ransomware and How to Protect Against It

RansomwareRansomware is a type of malware designed to block access to your computer until a sum of money is paid. Ransomware issues have impacted many individuals with home computers; however, it is only a matter of time before this malicious software attacks business. Starting with Cryptolocker in 2013, Ransomware exploits have become increasing sophisticated and have cost individual companies thousands of dollars in ransom.

Here are some tips to take to help your business avoid being held captive by Ransomware.

Backup to the Cloud to Recover from a Ransomware Attack.

An inadequate backup strategy without real-time backups or offsite backup could hamper your ability to recover from a Ransomware attack. Being able to recover data from your Cloud Backup could get your systems up and running in a hurry, avoiding the need to pay ransom.

Keep Your IT Assets Up to Date and in Compliance

If your systems get behind in operating system and applications patches and updates, you may create a security hole that can be compromised by Ransomware. Many managed security and managed service offerings include proactive management and delivery of these important updates so your network will not be held hostage by ransomware.

Training Your Employees to Detect and Report Ransomware

Your employees are your front line of defense when it comes to your systems security. Make sure your employees know how to identify a phishing email and understand the risks of opening documents and attachments (including unfamiliar file extensions or .exe file formats) from unauthorized sources. Ensure your employees understand what Ransomware is and how it can impact your company’s productivity and drain financial resources. Make sure employees are clear on procedures to quickly report any security breach to avoid widespread distribution of a Ransomware attack.

To avoid unnecessary downtime and costs associated with Ransomware, it is important to proactively protect your computer systems. If you have any questions about steps to take to avoid Ransomware in your organization, contact your trusted technology advisor.

Findings Link Network Security to Human Error

Network SecurityHow secure is your network? A recent study by CompTIA links human error as the primary cause of security breaches. In fact, human error is at fault 58 percent of the time, as compared to technology error occurring 42 percent of the time. This survey of over 1500 business and technology executives points to the need to teach staff the importance of Network Security.

Continue reading Findings Link Network Security to Human Error

Does Your Business Need Network Monitoring?

According to a recent Trends in Information Security report by CompTIA, malware, hacking, privacy and data loss/leakage top the list of serious concerns over security threats. Companies large and small have been victims of these security threats. While large corporate security breaches makes the news, smaller companies may not have the vigilance to detect, and the resilience to survive a network security breach. Hackers have evolved and are now more sophisticated than ever. Network Monitoring can identify security exploits before it is too late.

 

Network Monitoring is Proactive

Just like getting your vital signs checked at the doctor’s office, network monitoring is a proactive way to detect a network security threat. Network Monitoring scans for viruses, malware, patch compliance and any unauthorized access to help determine network health and compliance. By using intrusion detection when a system has been breached, you are immediately notified. It’s important to proactively monitored your network and act swiftly.

Network Monitoring Saves You Time and Money

By remotely monitoring and managing your network and related IT assets, your IT Service Provider may be able to detect and remediate security issues without ever coming to your office. This will result in an overall reduction of IT costs. Routine IT tasks, including Patch Management will ensure that all Application and Operating System (O/S) patches are up to date thus protecting your business against vulnerabilities. In addition, keeping software up to date may give you productivity features and benefits.

Avoiding Downtime and Increasing Security

Secure remote support is an important element for delivering an IT Managed Service. In addition to remote support, many IT Service Providers offer remote network monitoring, managed backup and managed security in their IT Managed Service offerings. By adopting the Managed Service Model your IT Service Provider can proactively manage your IT needs in a secure and cost effective manner.

Don’t wait until you have a security breach to add proactive network monitoring to your line of security defense. If you have concerns about your network security contact your IT service provider today.

Windows 10 – Best Windows Ever?

windows-10The new Windows 10 operating system is purported to be the best Windows ever. The combination of ease of use for new users, automatic updates, and built in security features is causing small to medium sized businesses to breathe a sigh of relief as business owners dream about spending less time and money on training and more energy on making money – finally.

Windows 10 is Easy to Use

The new OS combines the interface of Windows 8 with the Start menu of Windows 7. This is a godsend for small business, because it means not having to train employees to complete mundane tasks, such as syncing a Bluetooth device. Such options are readily available on the Start menu now. The Windows 10 Start menu is designed to be easy for new users. Check out some of the things users can now do right from the Start menu:

  • Find settings
  • Reboot
  • Launch applications and place apps into the program list
  • Find documents
  • Adjust desktop resolution

In addition, the new OS is designed for all platforms, especially smartphones. When using Windows 10 on your smartphone, it will only display the finger-control interface. All in all, Windows 10 is great for SMBs who want to avoid high training costs.

Automatic Updates!

Microsoft experienced the pain first-hand of customers complaining about having to upgrade from Windows XP and later from Windows 7 to 8. Microsoft Vice President for Operating Systems, Terry Myerson, explained that the company never wants to be in the position of having to convince people to buy the next version of Windows again. The plans for Windows 10 include a continuous series of upgrades performed automatically. This means that in the future, questions about what version of Windows you’re running will become meaningless because everyone will have the same version as universal upgrades begin to take effect, making business as seamless as ever.

Enhanced Security Features

Windows 10 is offering new ways to protect users from dynamic script-based malware and other forms of cyberattack. Specifically, they’re using AMSI (Antimalware Scan Interface), an interface standard that allows applications and services to integrate with any existing antimalware product on your PC. Applications can use AMSI to scan files and employ other techniques to identify malicious behavior. This means that your device will automatically be inspected on a much deeper level than before.

Windows 10 has made quite the leap, and those who have tested the new OS report only good news. To learn more about how the new Windows 10 OS can improve your small to medium sized business, contact your trusted IT advisor today. 

The Most Recent Data Breaches and Their Consequences

data breach securityBig data breaches have been making headlines more and more frequently. It was announced last week that the computer systems at the U.S. Office of Personnel Management had been breached. This is the second computer break-in in the past year for the agency. An estimated four million current and former federal employee records may have been compromised. Guidance Software, a cybersecurity firm, used Einstein, an intrusion detection system, to trace the breach back to a machine under the control of Chinese intelligence.

Is Your Network Protected?

The hard truth about data breaches is that no one is safe: An individual, a small business, a Fortune 500 company, and government agencies can all be infiltrated. Costs from data breaches have grown tremendously in recent years. On average, a data breach will cost a large company about $640,000 to cover the cost of business disruption, information loss, and detection. It takes the average company about a month to recover. If you own a small to medium sized company, it’s doubly wise to be prepared. Small organizations can expect a higher per-capita cost than large organizations. So, what can your organization do to be better prepared for a possible data breach?

Why Invest in Stronger Security Measures

United States senators have added $200 million in funding to their proposed fiscal 2016 budget to fund a detailed study of the cyber vulnerabilities of major weapons systems. Smaller organizations would be wise to follow these footsteps and make data security a priority going forward. The biggest goal for SMBs when it comes to data security is education over technical improvement. Security education must be interactive, ongoing, and measurable in order to raise awareness about data security. In addition, the following tips will help keep your company data free from infiltration

Tips on Keeping Your Data Safe

  • Keep antivirus and anti-malware definitions up to date.
  • Train your employes regularly on IT security measures.
  • Create a clear-cut, step-by-step Data Breach Incident Response plan in the event of a security attack in order to limit damage and reduce recovery time and costs.
  • Hire an Information Security Firm.

One of the best investments your organization can make is to become wholly prepared for a data breach.  If your organization needs guidance on protecting your company’s data, contact your trusted IT advisor today.