This Cybersecurity Awareness Month (October 2020), we explore the cybersecurity challenges brought on by the COVID-19 Pandemic as businesses are increasingly adopting the work-from-home (WFH) model. #CybersecurityAwarenessMonth http://cmap.amp.vg/web/b9imfqud6whyq
Today, more than 40 percent of all cyberattacks target small businesses.
If you happen to run a small business, this might be cause for alarm if you aren’t taking the proper precautions. One of the most important precautions to take is to set up cybersecurity policies in your company, while also making sure that your employees are properly trained and educated.
Below we’ll dive into the best cybersecurity tips to push in your business.
The Top Cybersecurity Tips to Teach Your Employees
Without question, educating your employees on cybersecurity is one of the most important investments that you can make in your company.
So what exactly should you be teaching your employees about cybersecurity?
Below are some of the main points to keep in mind.
1. Make Strong Passwords and Change Them Regularly
You need to be sure that your employees aren’t creating flimsy passwords that can be easily hacked. This not only puts their work portal at risk but it also put your entire company’s data on the line.
Set up a policy for password strength to ensure that each employee is setting up passwords that are virtually impossible to crack.
When you start with this step, many of your other cybersecurity concerns become a non-issue.
2. Be Wary of Sites You Shouldn’t Trust
Make sure that you educate your employees about the danger of certain sites. First, check the protocol of every web address, ensuring that they have a secure “https://” extension.
Even today, phishing is still one of the most common and dangerous forms of cyberattack.
If they don’t personally know or do business with a sender, they shouldn’t open any files or fill out any forms.
3. Get to Know the Data Protection and Emergency Plan
Each and every company should have a data protection and emergency plan.
A cyber breach response plan will mitigate damage and help you quickly communicate with customers. This way, your company can get back on track.
4. Use Two-Factor Authentication
In this age of cyber threats, two-factor authentication is an absolute necessity. With two-factor authentication, your employees will have to verify both a password check and a special code sent to their e-mail address or mobile device.
Requiring these two steps adds a layer of protection from cyber threats.
5. Upgrade Software Whenever Possible
Finally, take the time to make upgrades to your software so that you can work through bugs and short up any cyberattack weaknesses you have in previous versions.
Make it so that your employees can’t log in and access regular activity without having the newest upgrade. This way, you’ll always know everyone that accesses your data is on one accord, so troubleshooting and safety precautions become simplified and strengthened.
Handle Your Company’s Cybersecurity Needs
These are the cybersecurity tips you need to be imparting to your employees.
When you are ready to take your company’s cybersecurity and information technology (IT) to the next level, we’ve got you covered.
To learn more about our services, contact us via the web, or call us at (504) 603-9910 (New Orleans office), (985) 603-9910 (Northshore office), (225) 624-4900 (Baton Rouge office).
Insider-caused data breaches are happening more often and at higher costs to companies, according to the Ponemon Institute.
Institute experts recommend stepping up efforts to minimize risk. One of the top steps you can take is to hire experts to train your employees on policies and procedures.
Here are five reasons why employee education is vital in protecting your network.
1. Security Will Become a Clear Priority
You’d hate to see your company make data breach history, and your employees would too. It’s hard to feel proud of a company doesn’t seem to care about security and privacy.
By setting aside company time for training, you’re showing employees your company is serious about security. This increases the chances that they will take it seriously as well.
2. You Will Raise Awareness and Provide Specific Directions
Anyone can fall victim to common cyber security risks. Knowledge is the top way to fight that.
Do your employees even know you have a security policy? Do they know what to do if they see something that concerns them or if they think they may have slipped up? Are they aware of what kinds of threats are out there today?
They will be if you bring in professionals to educate them properly. After all, nobody wants to see the employer who puts food on their table lose cash because of security-related legal bills.
3. Employee Education Makes Security Personal
It’s unlikely every employee feels personally responsible for security issues, such as protecting business data. It can feel like a responsibility that rests on IT’s shoulders. Teaching employees to protect your company helps them realize that it’s part of their daily job description.
One way education does this is by making security a personal problem. When employees learn that data breaches can release their own HR and payroll records, that can raise a red flag and inspire action.
Adding this personal touch also helps employees feel like they’re getting a benefit. They can use the tips they learn for their own accounts and home network.
4. People Will Open up to IT
Once employees gain a sense of their role in security, they will understand how important it is to be honest if they have a concern. They will be much more likely to report issues to the IT department or the managed services provider.
Having a reporting plan in place will make it much easier for employees to know what to report and how. Thanks their training, everybody on staff will be ready to react quickly.
5. Your Policy Will Fit Your Company
When you include employees in training, the direct interaction can help ensure everyone is on the same page about your polices and procedures. Giving employees the chance to ask questions, share concerns, and provide feedback may help you build a better plan for the future.
You’ll end up with a policy that works for your company’s needs and culture. You’re more likely to see success.
Get Expert Help with Employee Education for Superior Network Security
With professional employee education, you can get your network security in gear. If you’re ready to educate your employees, contact us to get started.
In 2019, Help Net Security found out that 43% of businesses were still running Windows 7.
If your business is among them, it’s high time to prepare for Windows 7 end of life. From January 2020, Microsoft will no longer provide support for this system. As popular as it was, Windows 7 always had a limited lifespan.
Not sure why it’s time to move on? Here’s a quick guide to help you out.
What It Means
First things first: why is the end of Windows 7 support such a big deal?
For starters, there’s the matter of security. Once Jan. 14 rolls around, PCs running Windows 7 will face higher exposure to security risks. These include viruses, corruption, data loss, cyber-attacks, and so on.
Also, your business may be subject to regulatory compliance such as GDPR, PCI, or HIPAA. In this case, if you continue to use an unsupported operating system, your business won’t pass its yearly audits.
The Two Options
The best way to protect your IT infrastructure is to migrate to Windows 10 by the Jan. 14 deadline. You have two viable options at your disposal.
1. Upgrade to Windows 10
Are most of your business laptops and computers less than three years old? If so, your best bet is a simple upgrade to Windows 10. This won’t take a long time and allows you to keep your existing files and software.
The upgrade costs depend on whether your PCs have Windows 10 pre-loaded. If they do, you only need to buy the installation file ($120-$200 per machine). If you need to buy the license as well, you may end up spending a lot more.
Once you add the license costs into the mix, the age of your existing PCs becomes a key factor. The older a computer gets, the closer it is to the end of its life. If you’ll have to replace it soon, it may not be wise to invest in it.
2. Purchasing New PCs
Your other option is to buy PCs that come with Windows 10 installed. This is the more expensive route, as well as the more time-consuming one. Researching new PCs, transferring the files, and setting everything up can take a while.
That said, this may be the right move for two types of businesses:
• Businesses with computers that are more than three years old
• Businesses with computers that don’t have the Windows 10 OEM license
As mentioned above, the Windows 10 license and software can be steep. In these situations, businesses should look at each individual PC. If most of them don’t have licenses or are older than three years, getting new PCs makes sense.
Of course, keeping PCs that are older than three years is also a valid option. That said, keep in mind that these will keep slowing down over time. Plus, they may not be completely compatible with Windows 10.
More on Windows 7 End of Life
As you can see, you shouldn’t take the Windows 7 end of life deadline lightly. If your business has an in-house IT department, they should already be on top of it. If you have a managed service provider, check in with them.
Want to know more about the security issues that Windows 10 can protect you from? Worried that your business isn’t safe from cyber-attacks? We can help you out — contact us right here, and we’ll get back to you!
All it takes is a single click to put all of your business’s confidential data in the wrong hands and plunge the entire company into mass chaos. Data breaches can devastate a business because of how hard it is to bounce back from them. The most popular scam that causes these sorts of breaches is email phishing.
Sometimes it can be hard to tell a fake email from a legitimate one. Hackers are getting craftier by the day.
There are some methods that you can use to protect yourself from these vicious attacks. Check out this helpful email phishing guide.
1. Stay Informed
The first step to any successful action plan is to keep yourself updated and informed. Keep your eyes open for any news regarding email phishing.
The sooner you know about these scammer’s latest methods, the less likely you are to fall into their trap.
2. Think Before Clicking
It’s one thing to open an email from a known and trusted client without thinking about it, it’s another to open one willy nilly from a stranger. When you get an email from someone you don’t know, inspect it carefully.
Hover over the links in the email to make sure that they are going to the place they say they’re going to before you click them. Check and see if the email contains your name at the beginning. If it starts with “dear customer” it’s probably a scam.
3. Install a Toolbar
The best way to keep your business safe is to brace yourself with the right tools. Most browsers have a security toolbar that you can download. It provides basic protection and it’s completely free.
The toolbar runs checks for phishing websites every time you visit a site. If they find anything you will be alerted so you can get off the website ASAP.
4. Check the Site’s Security
Everyone is a little cautious about sharing confidential data online but as long as the website is secure you’re fine. There are ways to check and make sure that it is secure before you start typing in personal business information.
First off, you want to be sure that the website URL starts with “https”. Second of all, you want to look at the little lock icon located beside the URL in the search bar. If the lock is closed the site is secure and if it’s open then it’s not.
5. Keep Your Browser Up to Date
Browsers are constantly updating themselves with security patches. These patches are released to fix loopholes that hackers found in the security system.
So, if you’re the type of person to ignore these patches, stop. Listen to your browser and install the patch. It’s annoying because you’ll have to stop what you’re doing but it’s worth it.
Expert Ways to Avoid Email Phishing
Email phishing is a security scam that can be easy to fall victim to. Hackers are crafty. Sometimes the emails they send look as legit as the ones that you get from clients.
The trick to avoiding this scam is to stay aware of the latest computer security news and keep your computer updated and protected. Don’t let your business’s information fall into the wrong hands.
Do you think your work computer has suffered from an email phishing incident? Contact us for immediate assistance.
Did you realize over 58 percent of the cyber attacks perpetrated each year target small businesses? For most businesses, using the power of technology to stay connected with consumers and other businesses is a must. Making sure the network you have in place is secure should be one of your top concerns.
Ignoring the need for better network security measures can lead to big problems in the long run. This is why learning about cyber security risks and the measures needed to mitigate these risks is vital. Informing yourself and your team about these online dangers can help you keep sensitive information out of the hands of hackers.
Read below to find out more about common cyber security threats and how to avoid them.
Ransomware Attacks are Surprisingly Common
Keeping sensitive information on your servers is probably something you do without much thought. One of the worst things that can happen to a business owner is becoming the victim of a ransomware attack.
This attack involves hackers taking control of a business network and demanding a ransom to release the information contained on it. Paying this ransom will only make your problems worse, which is why taking measures to prevent these attacks altogether is important.
The best way to mitigate the risks posed by ransomware attacks is by putting a backup and recovery system in place. A cloud-based system will backup your data immediately. With this backup, you can wipe your network clean and remove ransomware with ease.
Phishing Scams Can Create Lots of Problems
You and your employees probably receive hundreds of emails on a monthly basis. The worst mistake you can make when receiving an email from an unknown address is to open any attachments. Cyber-criminals use email phishing scams to put viruses on a network or to steal sensitive login credentials.
Not only will you need to bulk up your network security to fend off these attacks, you also need to work on educating your team about phishing scams. The more they know about what to look for when receiving emails, the easier it will be to avoid these scams.
Avoid Establishing a Bring Your Own Device Policy
Saving money is one of the main concerns most business owners have. While staying on budget is important, you need to avoid making decisions based on cost alone. When it comes to allowing employees to bring in their own devices to access sensitive information, you need to avoid this at all costs.
Most smartphones and other mobile devices are not secure. This means that the sensitive information accessed on these devices can be stolen by a cyber-criminal.
By providing your employees with devices, you can rest assured they are secure.
Professionals Can Help You Avoid Cyber Security Risks
If you are unsure about how to avoid common cyber security risks, working with professionals is a good idea. Without this professional guidance, you are bound to make mistakes.
Are you looking for an experienced managed IT provider? If so, contact us now to find out about the services we provide.
Deep and dark web hackers buy and sell all kinds of personal information. They sell stolen credit card numbers for as little as $9 and if the card uses a unique one-time payment code even that is available for the right price.
Credit card numbers are far from the only thing that’s at risk though. Let’s look at 9 ways hackers on the dark web steal your information.
The Deep and Dark Web Compared
There are three levels of the web:
- The world-wide-web that anyone can access.
- The deep web is made up of sites that aren’t indexed by the search engines but aren’t necessarily bad.
- The dark web, a subsection of the deep web, deals mainly with illegal activities.
Encryption & Anonymity
The foundation of how hackers steal your information through the dark web is encryption and anonymity. They use special software to access these sites that encrypt everything they do. Nobody uses their real name and most transactions use completely anonymous cryptocurrencies.
“Carding” is the buying and selling of credit card information. If your credit card details get stolen, they could end up for sale on the dark web for any hacker to use. Even high-tech protection like one-time purchase codes is for sale.
Botnets are one of the most common ways hackers steal information. They take over personal computers around the world and turn them into “bots” that are all connected through the internet. These botnets are incredibly powerful because of the sheer number of machines involved.
Brute Force Attacks
Hackers may use a brute force attack to steal your information by hacking into your accounts or your PC. These attacks often use botnets to test millions of different passwords until they find one that works. This is why it’s not a good idea to use dictionary words for your password.
Viruses and other malware are another common method of stealing information. Once your computer gets infected with one of these, a hacker can easily access all your data and even track everything you type including things like your login credentials for banks and other websites.
Scanned copies of sensitive documents are often available through the dark web. Passports, citizenship documents, and other personal information can be bought by anyone with access to these sites.
Finding Your Address and Other Information
Hackers use resources on the dark web to find addresses, phone numbers, workplaces, and many other things about your “real” life. Hackers can use these to target you in other ways or as part of a larger identity theft operation.
Most people picture someone in a dark room, hammering away on their computer keyboard when they think of hackers. A lot of the information hackers collect is obtained through social engineering. They’ll pretend to be someone they’re not and trick people into revealing personal information through email, over the phone, or even face-to-face.
Deep and Dark Web Hackers are Buying and Selling Information
The dark web has its own underground economy, with hackers buying and selling almost any kind of information you can imagine. They use untraceable websites and payment methods to do “business” with one another outside the view of most of the world.
If you’ve been targeted by hackers on the dark web or you want to make sure you’re protected if it happens, Core Networks can help.
Get in touch with us today to find out more about our Cyber Security service and how it can help keep you safe.