Our Business IT, Networking, & Computer Support Blog

Stay up to date on the latest news and happenings

A Good Day of Phishing Could Mean a Bad Day for You

Here’s a scary fact if you are responsible for your company’s security: Some phishing emails encourage a nearly 100 percent open rate.

Apparently, emails are irresistible when they pretend to inform recipients of a new evacuation plan for their workplace. The same is true for fake password update alerts. According to Wombat Security’s annual “State of the Phish” report, users open virtually every one of these type of scam notices.

What happens when one of your employees clicks on that authoritative-sounding message? They begin on a path that could lead to the theft of their personal information or worse – the company could lose valuable, even crucial, data.
Train and then train some more
You can’t stop the criminal activities of those trying to infiltrate your company. But training has proven effective in helping your employees recognize phishing scams and to report them.

Happily, it is not necessary to make everyone an IT specialist to avoid trouble. It’s enough to educate them on the latest scams and how to look for telltale signs that certain emails are likely to be trouble.

The frequency of training is key.

IT Support Services CT, NY, NJ, PA, FL

 

What Went Wrong With Facebook? An Explanation.

Everyone knows Facebook has a problem. The headlines are relentless and appear day after day. If you only read the headlines, though, you might have an uneasy feeling, without knowing exactly why.

Here is a primer on what’s been happening recently, what’s gone wrong, and how it might be addressed.

To begin:

Facebook collects a lot of information about everyone who uses it. Or to be more precise, we give Facebook the information. We provide a partial biography when we join. Then we create a network of Facebook friends, who have also provided hints about their preferences. Then we “like” some of their posts and share other posts with our network. Now Facebook knows a good amount of what we say we value, and it can discern more about our leanings by who we interact with, and how.

Most of us provide that information without thinking too much about it. But we assume, perhaps naively, that Facebook will keep the information safe. At the same time, Facebook makes money by analyzing our information so it can sell advertising targeted specifically toward us. Facebook is using our preferences so others can sell us stuff.

As it turns out, people are generally OK with that proposition. What we might question is Facebook giving that information to other companies. Well, it turns out that is what happens, even to this day.
Who else is looking at you?
The recent big news stories concern such sharing. In 2014, a company enticed more than 200,000 people to fill out a quiz on Facebook and then download an app. The app scoured data from all of the contacts of those original 200,000. In the end, information from about 50 million people was downloaded and most of them had no idea that Facebook had allowed it.

IT Support Services CT, NY, NJ, PA, FL

 

Why Your Business Needs Cyber Liability Insurance

Business owners know there will always be liabilities connected to running that business. But now there’s another “liability” to add to the list: data that must be protected.

There are ways to safeguard your business against the liability of data loss, not the least of which is cyber liability insurance, which is a very specific policy that should be tailored to your business.

But before we get into details about that, let’s review why it’s becoming so important to have it. Protected data is anything that contains two or more pieces of PII (Personally Identifiable Information). PII is any data that can be used on its own or in conjunction with other information to identify, contact or locate a single person. For example, a name combined with either address or phone number constitutes PII.

Since this type of information can be used to steal identities for monetary gain, it has value, and cybercriminals are constantly trying to get their hands on it. When PII data is stolen, that’s a data breach. There are both state and federal statues in place that cover such breaches; business owners may be fined for the breach and may be responsible for notifying and protecting the persons impacted in a breach. Some actions you, as an owner, may need to take following a data breach may include notifying the state’s attorney general, sending out written notifications, and providing identity protection services to those impacted. All-in-all, the cost of a data breach can range from $150 – $300 per record. And that can add up to many thousands of dollars. For a lot of businesses, the presence of statue and the lack of insurance creates an unfunded liability.

Standard insurance, including umbrella policies, absent a cyber liability policy, will not cover these expenses go to my site. Some commercial policies have a low-cost rider that may include some cyber liability, but in most cases these will leave you under-insured and majorly exposed.

Cyber liability is a very specific coverage that should be tailored to a business. The application for such a policy is substantial and detailed. When applying, you should expect to answer a myriad of questions about your business, including information regarding revenue, headcount, your customers, types of data stored, current breach prevention measures, and much more.

While purchasing cyber liability insurance is an important step to protecting your business, simply going through the application process is eye-opening, and therefore recommended for all businesses. At the very least, the exercise will get you going in the right direction toward protecting your data, and ultimately, your business. If you have too much risk, the insurance company will deny your policy application and explain why. If your policy is too expensive for your budget, you may be able to invest a little more in preventative measures to reduce your risk.

If you find the application a little overwhelming – and most business owners do, please feel free to call us at 203-744-2274. We have helped many companies through the process and knowing your own cyber security stance is an important byproduct of the exercise.

IT Support Services CT, NY, NJ, PA, FL

 

There Goes The Neighborhood; Cyber-Crime is Rampant

When I was growing up we never locked our house, even when we went away for a weekend. We weren’t afraid of going out at night and we didn’t have to worry about venturing into certain areas of town. We lived in the country, in a good neighborhood with good neighbors.

Contrast that with any crime-ridden neighborhood in a big city. Residents there might have several locks on their door, an alarm system, and venturing out requires a constant state of vigilance. Quite a different scenario.

Today, though, when it comes to our corporate computer networks, the unfortunate truth is that we all live in bad neighborhoods. The entire internet-connected world is a dangerous place, requiring constant vigilance to be safe and to survive.

Every person and every company in the world that is online is being attacked every second of every day by an army of bad guys around the globe. Our mission as a network support company, therefore, is to protect information assets from those who wish to do harm. The consequences to us and our clients if we fail are considerable: financial loss, reputation damage, fines, and even business failures.  The collateral damage is that people will lose their jobs, which leads to financial hardship and crushing stress.

Why are we seeing cyber threats increasing so dramatically in frequency, type and sophistication? I think the answer, like with any commercially driven activity, lies in market conditions and economics. Consider this: For an industry to thrive, it needs a product, producers of said product, buyers of the product, a distribution system, and a way to get paid. The bigger the market and the amount of money to be made, the bigger the industry.

Product: Currently and for the foreseeable future, there is an unlimited supply of information residing on individual and corporate computer systems. This product – data –  is mined by hackers for use by themselves, to sell to others, and/or to ransom to the original owners.

IT Support Services CT, NY, NJ, PA, FL

 

Seven Technology Hacks and Tips to Up Your Security Quotient

When it comes to technology, the hottest issue on the planet right now is cybersecurity. You simply cannot be over-protected when it comes to safeguarding against a data breach or a cyberattack.

Whether you’re concerned about an entire network of computers, or simply your own PC or Mac, making sure you’re operating as safely as possible should always be at the top of your mind. You’ve got to be thinking about using adequate passwords and preventing virus infiltrations, or even the possibility of someone else gaining unwarranted access to your machine.

IT Support Services CT, NY, NJ, PA, FL

 

Ongoing Security Training is Key to Preventing a Breach

Some things in life are “set-it-and-forget-it.” Things like a Crock-Pot slow-cooker, or your DVR. IT security, however, does not fall into that category.

Instead, especially for businesses – typical targets of cybercrime and data breaches – it’s imperative that employees stay as informed and as equipped as possible about constantly changing threats. And that means they must engage in ongoing security awareness training. Why? Because hackers and cyber-criminals are opportunistic, skilled, relentless, and nimble as cats, readjusting and accelerating their methods and techniques as soon as the good guys figure out ways to stop them.

IT Support Services CT, NY, NJ, PA, FL

 

Social Engineering in a Digital World

Cyber security is a growing concern for any business. At least it should be.

Most companies correctly invest a great deal in securing their IT systems. They inspect data on the perimeter of their networks, servers and workstations, filter websites that may contain malicious software, and institutionalize policies assuring proper password protection.

The list of measures taken to secure data goes on and on. Yet, cyber criminals are still able to access data. How can they get past these security measures so easily? How can all of these measures be defeated so easily by someone halfway across the world?

The short answer is that they don’t always try to defeat those measures. They simply go around them.

Today, the number-one way hackers access data is by employing a tactic known as spear phishing. Their scheme involves learning as much information about a company as possible, and then using that information to convince someone on the inside to provide the data they are looking for. In short, they use information to manipulate our trust. Obtaining the necessary information to make the appeal is not difficult. Most employees post their job title and the name of their company on LinkedIn or other social media. Many companies list their executive teams on their own website, and sometimes include a bio and even photos. It’s ripe for the picking – by the wrong people.

IT Support Services CT, NY, NJ, PA, FL

 

The Cost of a Security Breach Could Be Closure

Security breaches stink.

At best, a malware or virus attack is a nuisance and a time-sucker, because – if it hits your business – your employees will be forced to spend their time dealing with endless pop-up ads, slowed-down systems and probably computer crashes.

At worst, a company can lose precious data or experience outages that drag on for days, and even weeks, while IT experts work (often in vain) to recover records, files, account info, content, etc. Your business can be effectively shut down – unable to function – until everything can be restored or reconstructed.

Here’s where the statistics get ugly, and, although they vary somewhat from source to source, they convey a sad story.

Research shows that companies that experience an outage lasting more than 10 days will never fully recover, being burdened with financial challenges that are difficult, in some case even impossible, to overcome.

The National Cyber Security Alliance indicates 60% of small firms go out of business within six months of a breach. 25% will never reopen after a major data loss. And 70% of small firms that experience a major data loss will go out of business in a year.

Even more sobering: 85% of all breaches happen to small businesses. And 32% of all organizations have reported that they’ve been the victim of some form of cyber-crime. Continue reading “The Cost of a Security Breach Could Be Closure”

IT Support Services CT, NY, NJ, PA, FL

 

Spear Phishing: a New, Targeted Twist on Phishing

You’re probably familiar with the cyberattack known as “phishing.” The hackers and crooks who engage in this send out automated mass emails, which appear to be from well-known institutions, such as banks, or ecommerce leaders, like Amazon.

They hope to catch as many unsuspecting people as possible, who become victims by falling for a ploy that gets them to give up credit card or banking information. Alternately, the email could come harboring a virus or other malware, designed to play havoc on the recipient’s computer or network. And, boom, your data is encrypted for ransom plavix drug.

Spear phishing, the latest twist on phishing, is a more insidious attack, because the hacker uses familiarity with his intended victim to make his entre and do his damage. In a spear-phishing attack, the hacker uses a victim’s web presence – yes, by stalking Facebook, Instagram and Twitter – to glean useful personal bits of info, and then crafts a specifically targeted, manually sent email that appears to be from someone the victim knows.

A spear attack email is likely to:

  • Use the recipient’s first name; instead of “Dear sir,” it’s “Hi Paul.”
  • Come “from” someone known to be associated with the recipient; a boss, coworker, or family member. Usually, however, the actual sender’s address contains just enough of a misspelling to go unnoticed.
  • Begin with a salutation that mentions a “mutual friend” or maybe something the recipient just posted on a social media site, such as a recent vacation or online purchase, in an effort to build trust.

Continue reading “Spear Phishing: a New, Targeted Twist on Phishing”

IT Support Services CT, NY, NJ, PA, FL