Wednesday, August 29, 2018
Tuesday, August 28, 2018
By Anonymous at August 28, 2018
Monday, August 13, 2018
Hackers are targeting small businesses. They are far easier to steal valuable data from then larger enterprises. Most small businesses do not have a full time IT department to keep their computers up-to-date and secure against intruders. Small business owners may feel they are too small for a hacker to even bother with, but they are dead wrong. It is almost impossible for a small business to recover from a data breach.
When a small business gets hit, they must inform all of there customers, employees and vendors that they did not protect their privacy and the information could be in the hands of a criminal. Customers end up taking their business elsewhere, and employees find a new employer and could sue the company for damages. Finding new customers with a tarnished reputation is hard. Within months, the small business can be forced to close their doors forever.
By taking these five critical steps, small businesses can harden their systems against attack. No computer is impenetrable. But most hackers rely on scanning millions of machines to find the weakest to attack. By ensuring a computer is slightly harder to hack into than most other computers, a small business has a better chance of staying out of a cyber criminal's radar.
Upgrade and patch the Operating System
Even unskilled, kiddie hackers can search the internet and find issues with current operating systems. Hackers have released free tools and software that anyone can download. Anyone, even those without technical skills can use these applications to scan the internet for any computer that has an operating system that is not patched and upgraded. Detailed instructions are available on how to penetrate and unpatched system. If a business computer does not have the latest operating system and patches, any hacker can easily walk in and steal the data without the business even knowing it happened.
Train users on proper email etiquette
Phishing and other types of attacks are easily launched to millions of unsuspecting users daily by flooding email boxes with emails designed to trick the user into clicking a link. Once the user clicks this link, malware and other destructive software get automatically downloaded onto the machine. This software could blatantly cause damage, or it can secretly run in the background. Sending all data and capturing everything done on that computer for the hacker to steal for years.
Phishing attacks have become so elaborate that it is tough to decipher if an email is legitimate or fake. Provide training to employees to handle email links with caution and provide a way the employees can ask questions and get help if they need it. If a link has been clicked, provide a policy on how to limit the amount of damage that can occur and how to get back to safety as soon as possible.
Scan for both malware and viruses regularly
There is a difference between malware and viruses. Small business computers usually have a standard antivirus program installed to protect against infections. These scanners do not always catch harmful malware; they are not designed to do so. Malware can take many forms, and unless a business owner is explicitly looking for the correct signatures deep in the recesses of the hard drive, malware is extremely difficult to notice and remove. Some malware will thread itself throughout the hard drive, making removal a complicated and challenging process. Businesses should use professional antimalware software frequently to keep the system clean of issues. An added benefit of this precaution will be a computer that runs faster due to not having extra programs stealing resources.
Create a strong password policy
Everyone struggles to remember passwords. It is the best practice to use a different password for every login, which is difficult for many users. To make signing into applications easier, people will often use the same password for everything. When this happens, a hacker only needs a way to steal one password for the weakest system, and they will own the keys to every site and application for which they use that password.
A strong password policy begins with frequently changing all passwords. It takes time to crack a password. If the password gets changed regularly, there is not enough time for a cybercriminal to crack the password. Along with changing passwords frequently, users should choose strong passwords with lower case, upper case, numbers, and symbols. Users should never use the same password for more than one site. Passwords can be easily manageable with a password vault, a program that allows a user to store every password. When they need to log in, they copy it from the vault; there is no need to memorize hundreds of passwords.
Keep all software upgraded and patched
Java and Adobe are notorious for harmful exploits and these programs work hard to push out critical patches and upgrades to close any loopholes in the code that hackers use to gain access to a computer. It is as vital to patch all of the software used on a computer as it is to update the operating system. It is a little more difficult because the users must know what software they are running on the system and also know how to get the latest release when it is released.
Upgrading software takes time and considerable effort. It is so easy to click no when a program asks permission to download the latest version. But any software running that is not patched is an open door a hacker can walk right through. A policy should be created and followed to upgrade all software when a release comes out, or upgrade at regular intervals that make sense to the business, such as at night or on weekends, to avoid disrupting normal business activities.
One warning to remember when upgrading or patching is incompatibility issues. All software on a system must be able to interact with the other software on a system to work correctly. It is normal to upgrade one program only to find out that a different program no longer functions properly. Daily maintenance of a good backup system is critical to the prevention of such issues. If an upgrade, virus, malware or anything else causes a significant problem, the system can be restored to order with the last backup and users can continue working.
By following these simple security procedures, many small business computers can be harder to attack than most systems on the internet. These computers will not show up in scans run by hackers. Significant vulnerabilities will get fixed, and machines will run faster. Each of these items does not require expert technical skills, and if these are a challenge to perform, business owners should hire a security specialist to regularly harden the office computers to keep sensitive business data safe.
If you need help securing your network call us at 877.860.5831 x190
What is SOC-as-a-Service? By Robert Blake Having a Security Operations Center (SOC) in-house is expensive for the average business. Large ...
A managed IT service provider (MSP) is an outsourced company that takes care of a business's technology needs. They provide various serv...
Network segmentation refers to the process of dividing a computer network into smaller subnetworks, known as segments or zones. Each segment...