May 15, 2015 | SMB Technology
It’s a moment every business owner dreads. A message appears on your organization’s computer screen alerting you that your files have been encrypted and the only way to access them is by paying a ransom. Security threats to computers and mobile phones have grown more sophisticated around the globe in the past few years. The United States in particular saw an increase in “ransomware.” What is Ransomware? Cypersecurity experts report that ransomware is one of the fastest growing forms of hacking, and the scary part is that no one is safe. An individual, a small business, a Fortune 500 company, and government agencies can all be infiltrated. It also attacks smartphones. Ransomware is malicious software that hackers use to extort money from individuals or businesses by preventing them from opening their documents, pictures, and other files unless they pay a ransom, usually in the amount of several hundred dollars. How Ransomware Works Similar to other hackers’ schemes, ransomware can arrive in emails or attachments with links that, when clicked, encrypt your files. Attacks can also occur during a visit to a website, as cybercriminals can attach computer code to even the most well known websites. It could happen during something as harmless as updating an application or downloading an app on your smartphone. Protect Your Organization Cybercriminals are starting to target small businesses more and more, because generally speaking, they are more vulnerable. While big companies have backups and separate computers for their different departments, small to medium sized businesses lack technology teams, sophisticated software, and secure backup systems to protect from ransomware. One of the best investments your...
Apr 3, 2015 | SMB Technology
Imagine you are on your personal or work computer, and you receive a seemingly innocuous email from a trusted source, such as your bank, your tax office, or even a friend. The source asks you to download a file to update important account information. But, when you click on it, your most important files become encrypted and you are threatened you will lose them unless you pay a sizable sum to get them back! This real threat is called cryptolocker. What is Cryptolocker? Simply, cryptolocker is malware that encrypts documents and asks for money to unencrypt them. It affects both personal data and company data stored on corporate files. If you’re tricked into downloading the infected file, the virus will target your most important applications and operating systems. Cryptolocker can bypass virus scanners and other security measures to infect your computer, so it’s important to be able to recognize the warning signs. Typical Warning Signs Beware of the following suspicious emails: Senders you do not recognize or known senders with unexpected content No recipient listed in the “To” line of the email Links in the email that do not match the title when you scroll your mouse over it “Zip” files you are not expecting How to Protect Yourself and Your Company The following tips will help keep your personal and company data free from cryptolocker: Delete suspicious emails right away and empty your trash bin Keep antivirus and anti-malware definitions up to data If you do get infected, remove the machine from the network to protect your organization from further damage Train your employees regularly on IT security...
Feb 12, 2015 | SMB Technology
New technology trends pose new security threats to businesses. CompTIA reports that 64% of companies report a “drastic or moderate” change to their security approach. In their survey, more than half of businesses recognize opportunities within their organization for security improvement. IT security priorities are currently focused on developing new corporate policies and educating employees. Businesses are no longer solely relying on annual security reviews; the majority of companies are seeking education that is more ongoing and interactive to avoid future security threats. Modern Day IT Security With new and evolving technologies, the overall approach to IT security must be re-evaluated from the top levels of a business. As more cloud solutions and mobile devices are being utilized within the workplace, new security products are attempting to meet the needs of modern day IT security, such as firewalls, Data Loss Prevention (DLP), and Identity Access Management (IAM). When strategizing your organization’s IT security plan, two main areas need to be addressed in order to be prepared in today’s security landscape: risk analysis and end user awareness. Balancing Risk and Security Risk analysis is becoming a critical activity as companies decide how to handle corporate data, but only 41% of companies are currently performing this in a formal way. Typical risk analysis includes determining the probability of a risk, estimating the potential impact, and then deciding on mitigation strategies. But, the growing trends of cloud computing and mobility have increased the need for careful risk analysis. Since with public cloud computing and personal smart phones and tablets, data resides outside of your company’s control, companies must re-evaluate which data and...
Jan 26, 2015 | SMB Technology
According to a report by CompTia, 28% of businesses view security as a significantly higher priority today compared to two years ago, and an even greater percentage of businesses expect the importance of security to rise in the next two years. The study also revealed that while many companies assumed a satisfactory level of security, they did not fully comprehend their exposure to potential security threats. The rise in security threats is largely due to emerging technologies, causing businesses to take a new approach to security. End users now have access to powerful devices and business class systems, often without the oversight of an IT team. Therefore, investing in mobile security is one the smartest things your small to medium sized business can do to protect your organization. The Human Element to BYOD According to the study, the factors in security breaches fall 45% to technology error and 55% to human error. With the BYOD (Bring Your Own Device) trend, more and more employees are bringing their own mobile devices to work, and end users typically do not have the background knowledge of security that allows them to recognize potential threats. The desire for productivity and flexibility is driving many businesses to adopt a “use first, secure later” attitude when it comes to mobile security, but this approach puts your business in danger. Most Common Mobile Security Incidents Mobility forces businesses to consider data leaving the company in the hands of its employees. The top three reasons for mobile security incidents include: lost/stolen devices, mobile malware, and employees disabling security features. Mobile malware is quickly becoming a growing concern,...
Sep 22, 2014 | SMB Technology
While cloud security concerns are top of mind with many business owners, the benefits of the cloud far outweigh the risks. Nevertheless, as companies deploy cloud computing, taking cloud security seriously will ensure a smooth transition to the cloud. Top Cloud Security Concerns If you are moving your business to the cloud it is important to understand and address your security needs. For many companies, the top concerns of cloud security are cloud service provider’s encryption policies, business continuity and disaster recovery capability, data protection and data integrity. There are a number of other critical concerns, such as the physical security, identity and access management, and regulatory compliance. How to Protect your Data in the Cloud Create Strong Passwords An important step you can take to protect your data in the cloud is to create a policy for passwords within your organization. By requiring a string of text combining numbers, letters (both uppercase and lowercase), and special characters your employees will avoid common passwords that are easily hacked. Also, ensure that your company policy requires changes to passwords regularly and asks employees to use unique passwords when accessing the cloud from their desktops. Network Compliance In addition to creating strong passwords, it’s important for your company to keep your network in compliance. Your network is secure as its/ weakest point of access. Ensure desktops, laptops, tablets and smartphones are maintained with the latest operating system patches and are protected by up to date antivirus and antimalware definition updates. End User Training on Security Employees with a clear understanding of security policy and related risks will help keep your data...