Tag: Cybersecurity

Categories
Casserly Consulting Blog

Cybersecurity Requires Flexibility to Changes

security_needed_even_more_400.jpg

Security is always changing due to the volatility of online threats and vulnerabilities. Things have changed so much over the past decade that solutions that worked back then are so outdated that they put your business at risk today. This brings into question what you should expect in the years to come. What are some of the threats that your business can expect to face in the future?

For reference, this information is from a study performed by Cisco. The study references the findings of 3,600 data security professionals from organizations such as Talos and others from all over the world.

Malware Has Grown More Autonomous
Early types of malware relied heavily on the user actually clicking on a link or downloading an attachment to install itself on their computer. Nowadays, malware doesn’t take the risk that the victim will know better than to click on a link or download something bad. Instead, a ransomware might be more network-based, meaning that all it takes is a simple mistake to spread to your entire infrastructure. Cisco suspects that this type of threat could potentially grow so widespread that it could take over the Internet.

Ransomware Is About More Than Just Money
Ransomware used to be all about making money and disrupting operations. It was a way to make money to fund further hacking attacks against even more victims. People would pay up because they were too scared to imagine losing their data. Trends are showing that hackers are increasingly more interested not in the financial side of ransomware, but with the destruction of businesses. Ransomware is being actively used by criminals to put an end to any business unfortunate enough to be hit by it.

Threats Are Avoiding Detection More Effectively
Ultimately, any online threat’s level of danger is equivalent to how easy it is to hide. The easier it hides, the more dangerous it can be. Ransomware can now hide in encrypted traffic to make itself much harder to detect. It can even use cloud-based applications and services to implement a command and control attack, all hidden within normal traffic.

Watch Out for Internet of Things Devices
The Internet of Things–a large collection of connected devices that all perform various functions–has grown at a considerable rate. Since Internet of Things devices are difficult to patch properly, they can provide backdoor access to an infrastructure. Since many IoT endpoints aren’t secured properly, your company network could potentially be opened up to all kinds of threats.

Security changes every day, but the one thing that never changes is that COMPANYNAME can help your business secure its infrastructure. To learn more, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Security Concerns Have Led To New Voting Machines In Virginia

auto_vote_digital_400.jpg

Regardless of your feelings on the matter, the 2016 United States presidential election was an extremely divisive one–in no small part, due to the suspicion that the outcome of the election may have been significantly influenced by hacked voting machines. This uncertainty has led to some states making strides to ensure that their technology will no longer be responsible for such doubts.

Virginia is one of those states, deciding to remove direct-recording electronic voting machines in favor of those that produce paper documentation. In addition to that, there is now legislation in Virginia that will remove all touch-screen voting devices from circulation by November 7, 2017. This is when the next governor is to be elected, along with various other positions.

According to Politico, Governor McAuliffe has pushed for legislation to provide the necessary budget to replace new voting machines, but this legislation was denied two years ago. Things have changed since then, and now the state has little choice to obtain new machines, as the old ones will no longer be certified for use.

Other states have been recommended to emulate this decision by the Board of Elections, but again–it’s only a recommendation. While paper ballots do seem to be more reliable and authentic as the tangible option, counting them can be a drag. Therefore, it only makes sense that the states would want to expedite the process with technological assistance. Even so, there is the risk that this key democratic data can be manipulated and altered.

You can find a similar scenario much closer to home, in your very own business. If your systems aren’t painstakingly maintained–as many states’ voting machines are not–they can be vulnerable to numerous hacks and other attacks. Do you really want to risk your sensitive data when a solution is so easy to find?

COMPANYNAME’s technicians can help give you the ability to better prepare for a successful future for your business. One way is by equipping you with a Unified Threat Management tool that helps protect your business from threats before they have a chance to strike. Call PHONENUMBER for more information.

Categories
Casserly Consulting Blog

3 Ways Your Business Can Prioritize Data Security

data_security_switch400.jpg

In the wake of the Equifax data breach, which placed the personal information of 143 million users at risk, the issue of data security is at the forefront of social consciousness. Your organization needs to go about its daily business as if it will experience a data breach at any given moment. This involves looking at the worst-case scenario, and planning for it so that you’re never caught unaware.

Here are three preventative measures that you can take to secure your business.

Use Strong Passwords and Two-Factor Authentication
Passwords are often the only thing standing between your online accounts and your personal data. Think about it; a string of maybe 8-to-10 characters is the only thing keeping your sensitive information secure. Doesn’t it make sense to make this password as complex and difficult to crack as possible? You would think so, but a surprising number of folks still use the word “password” as their password. You should be using both upper and lower-case letters, numbers, and symbols, formed into a seemingly random string of characters. Doing so keeps hackers from guessing your password and accessing an account.

Secure Your Network with Unified Threat Management
Network security depends on both internal and external measures, which include network-attached security devices like a Unified Threat Management (UTM) tool. A UTM consists of an enterprise-level firewall, antivirus, spam blocker, and content filter, all to keep threats from taking root on your network in the first place. Furthermore, you’ll be able to react to issues that become prevalent before too much damage is done, which is a valuable opportunity in its own right.

Educate Your Users on Best Practices
Your employees access important information on a day-to-day basis, and they are often in contact with more threats than you’d like them to be. Something as simple as a spam message in the wrong inbox or a carefully disguised link could be all it takes to expose your business to dangerous situations. Take the time to teach your employees how to identify potentially dangerous scenarios, like phishing phone calls and sketchy emails or attachments. Often times, you’ll stop attacks from taking off simply by keeping your employees informed.

By using these three methods to secure your organization, you’ll be less likely to suffer from a data breach. To learn more about network security and other ways to keep yourself secure, subscribe to our blog, and call our IT professionals at PHONENUMBER.

Categories
Casserly Consulting Blog

Essential Cybersecurity Tips From The FBI

fbi_cybersecurity_400.jpg

In 2016 former President of the United States Barack Obama passed the Cybersecurity National Action Plan that implemented near-term action and developed a longer-term strategy of bringing awareness and protections to public computing systems connected to the Internet. The strategy is to make an immediate effort to empower citizens to protect their own privacy, while also maintaining public safety and national and economic security, as many of the most critical systems this nation utilizes are networked on the web.

For the average small business, it is more crucial than ever to avoid the pitfalls that lay on the internet. Victims of cybercrime deal with an endless number of issues, including drops in revenue, data loss, downtime, and fines/restitution if they are unable to keep their networks secure. Below are a number of line-items that the Federal Bureau of Investigation recommends to keep your data secure, and to avoid becoming a victim of the most pressing malware on the Internet today: ransomware.

  • Raise Awareness: Ensure that you make a point to make your staff cognizant of the threat of a ransomware infection.
  • Updates and Patches: Make sure to patch your operating systems, software, and firmware on all of your digital assets.
  • Auto Update Security Software: Lean on enterprise-level antivirus and anti-malware software to conduct regular scans and catch potential malware.
  • Limit Super Users: Ensure that you don’t just hand out administrator access to your mission-critical systems. Managing access is one of the best ways to keep untrustworthy entities out of your network.
  • Access Control: As stated above, access control is essential to ensure that you know who can and should be in parts of your network. If your users only need read-specific information, they don’t need write-access to files or directories, mitigating risk.
  • Filters and Application Control: Deploy software restrictions to keep programs from executing from location where ransomware may be found. This includes temporary folders found to support Internet browsers and compression/decompression programs.
  • Data Backup & Disaster Recovery Plan: Create data redundancy by having a comprehensive backup and recovery plan in place.
  • Multiple Storages: Ensure that each storage unit is stand-alone to avoid major problems with backups and other forms of storage.

Governments absolutely have to have a strategic plan on how to deal with cybercrime, and as a solid practice, businesses should follow suit. If you want to make sure your strategies are top-level, visit https://www.fbi.gov/investigate/cyber/news to see what the FBI is doing to protect their computing infrastructure. For more great security information, subscribe to our blog.

Categories
Security

Your Business Should Be in the Headlines for the Right Reasons, Not for a Cyber Attack

b2ap3_thumbnail_business_ramifications_400.jpg Today’s headlines are peppered with stories of major companies and institutions falling victim to a cyberattack. As a business owner, what’s your response to these gut-wrenching stories? If you write them off as fear mongering and believe that these attacks can never happen to your SMB, well, you’re wrong. They can and it’s up to you to prevent such a disaster.

One reason why it’s so important to shore up your company’s network security is because the ramifications of a breach extend well beyond the sensationalism surrounding a news story. Take for example one of the biggest stories of hacking in recent memory; the revelation made public last December that Yahoo had more than one billion of its accounts compromised, dating all the way back to 2013. While the headlines focused on the plight of Yahoo and the negative effect this would have on the tech company’s value, what didn’t get reported is how millions of Yahoo users were negatively affected by having their sensitive information exposed to hackers.

In the same way, seeing to your company’s network security goes beyond protecting your corporate image from a negative headline. It’s also about protecting all of those who have entrusted you with their sensitive data. This includes customers and vendors that have provided your business with their financial information, as well as employees that each have a wealth of their personal information connected to your HR department.

We’ve established that there’s a lot riding on your network security and that it’s your job to make sure this is taken care of. If you don’t currently have a security plan in place protecting your company from a data breach, where do you even begin? Fortunately, you don’t need to be an IT security expert or have a computer science degree to implement adequate security measures. As is the case with the many vital responsibilities connected to your business, you can outsource the protection of your network to the professionals, such as the IT technicians at COMPANYNAME.

That said, IT security is such an important and comprehensive matter that it’s not something that you should outsource and then disregard. In fact, IT security works best when everybody in the company understands that they have an active role in its upkeep. Yes, everybody. We’re talking from the C-level executives down to the cleaning lady who connects her smartphone to Wi-Fi. If everyone in your company understands how to avoid the snares laid by hackers, then the cake that is your network security measures will be topped with the icing of best practices.

Remember, securing your network from cyberattacks isn’t something that you have to do on your own. COMPANYNAME is here to help, and we can do so by implementing proven and comprehensive network security solutions like our Unified Threat Management tool, as well as remote monitoring and maintenance in order to detect and take care of any threats that may breach your defenses. We’re also available to equip your staff with the means and know-how to better understand cybersecurity.

For assistance in all of these areas of security and more, give us a call today at PHONENUMBER.