Why aren’t your employees following your office security policy?

I'm sure you've heard it a hundred times, cybersecurity is not something to mess with. It's serious business. If you are one of the lucky ones and your staff is good about practicing safe internet habits then I applaud you! If you're not so lucky, don't fret, let's get you on the right track.

I can't stress this enough, don't be afraid to talk to your IT service provider! They are there for a reason and should be able to work with you help formulate a comprehensive yet realistic policy that everyone can follow. If you don't have an IT service provider, or your current one isn't doing enough to keep you safe, give us a call and we can step in to assist. No matter what though, please, please make sure you have a plan in place!


Your front door is talking

If you've been following the news, the Internet of Things is getting increasing attention. You’re probably also thinking this is some Silicon Valley fancy thing that will take years to reach the rest of us.Not really. You probably already have some items of your own tied into the Internet of Things.First of all, what is the I of T? Simply, it is any object that collects data about itself or its surroundings, and then transfers that data across a network to some other object, which can then make use of that data. For example, if you have a baby monitor that sends crib pictures from upstairs to your phone, you're tied into the I of T.

But what about business people? Where is it showing up in the workplace? You may have security cameras tied to a network where they can be monitored by a PC or phone. A front door lock that can be remotely opened via phone. A thermostat that can changed by the same phone. Internal lights that go on when you phone approach. All of these are part of the Internet of Things.

If you have questions about whether being tied into I of T presents a data security issue or hacking threat, you should contact a service consultant to discuss these issues. Headlines are now appearing about hacking into the I of T for nefarious purposes. It is a good idea to stay ahead of the curve because as a business, data security is a revenue-critical issue. Seriously, you don't want the front door telling someone your client’s private data.

NPO’s and volunteer security nightmare

Not-for-profits have an unusual issue regarding security. Firms that have trained, paid full-time employees have a strong level of control over the actions of their workers. NPOs, however, may rely heavily on volunteers whose time in the office may be minimal and sporadic. You may feel grateful for their dedication and be less likely to subject them to rigid security training. Also, a threat of punishment for those who make inadvertent errors that create security risks isn't going to be acceptable in the “volunteer” environment.

Though it may seem a waste of precious volunteer time, you need to consider implementing ongoing training and reminders to all volunteers about what they can do to protect your data and digital infrastructure. The 2 most common human errors are falling for phishing scams and bringing storage devices to your office and introducing them to laptops and other devices. Think of the volunteer who creates a brochure for you in their home office, then downloads it to your office PC. This is an excellent backdoor for a virus or malware to break into your infrastructure.

Remind your volunteers on a consistent basis that no outside storage devices are to be brought into the office for use on the NPO’s equipment. Secondly, provide training on how to recognize phishing scams and the risks of opening unfamiliar emails and links. Finally, for volunteers who work from home, consider using safe shared software platforms like Google Drive or Microsoft 365.

Save your unprotected printers from dangerous printer pranks

Did you know that an unsecured printer can put your entire network at risk? If hackers can sneak in to your network via phone systems and computers and everything else, printers shouldn't come as a big surprise. Are your printers secured? If you answered "no", or "I'm not sure", then I highly recommend you have a talk with your IT provider. If you don't have an IT provider, or need a little outside assistance to be sure, give us a call.


Security and your sub-contractors

So you feel relatively comfortable that you have created cyber security around your data and your employees are trained to avoid security errors in their day-to-day business ( a MAJOR source of security breaches, by the way.) However, you may be overlooking one area where you are exceptionally vulnerable. What protection do you have from those you do business with? If you are a manufacturer, for example, you may have several vendors who provide components and raw materials. How careful are they about data security? Smaller producers and service providers may perceive themselves as not being a likely hacker target, which is incorrect. Small firms are significant targets for data hacking because they have access to larger firms. They can provide a “digital backdoor” to the firms they sell to.

You need to work closely with all of your vendors to ensure that they are as serious about protecting their systems as you are. If you share digital information with your subcontractors, you open a very wide door for any of their vulnerabilities.

And this doesn't just apply to the manufacturing sector. Medical offices share data, for instance. Consider talking to a security expert to address your vulnerability to a security breach via the very vendors you rely upon. You need to expect as much focus on security from them as you do from yourself.

10 Wi-Fi Security Tips

In this day and age with the popularity of BYOD, telecommuting, and a wireless device (or two, or three...) in what seems to be nearly everyone's hand, the need for greater Wi-Fi security is a must.


Government regulations

Any business that stores customer payment information must comply with a number of state and federal regulations. The legal, healthcare, and financial sectors have a number of laws tailored specifically for them (such as HIPAA or CISPA). If you run almost any kind of professional practice or agency you probably have very specific data security requirements. Running afoul of these regulations puts you at risk for legal action and probably means that you have bad security in place.

As a professional, your focus needs to be on your clients and running your firm. Regulatory requirements to ensure data security can be complex and include rigorous testing requirements. Ensuring compliance with the regulations can be a serious distraction for you and take you into territory where your experience is limited.

One of the best solutions is to work with a third party who has strong credentials in the area of regulatory compliance and data security. When you are working with a third party to set up security or data storage, make sure that they have experience working in your industry. Finding a service provider with experience in your profession can give you peace of mind knowing that you can focus on running your business without the distraction of ongoing technology concerns.

Dark web security strategies to keep data off the black market

By now you've likely seen commercials on tv about the dark web, there are a plethora of them and for good reason. Already this year we've seen some big names (WhatsApp, Instagram and Dunkin Donuts just to name a few) experience data breaches on some level so its safe to assume that no one is immune from a cyber attack. While it's likely impossible to be 100% in the clear, there are steps you can take to increase the odds that your data will remain out of the hands of cyber criminals.

Read More

3 smart ways to allocate your 2019 cybersecurity budget

Cybersecurity budgets are growing more and more common as technology evolves, and the risks that cybercrime pose to businesses can vary from annoying to catastrophic. Taking a good look at your network and your business model can help you determine where your budget lies, and the best way to go about protecting your crucial assets.

Read More

How Phishing Scams Are Evolving—And How Not to Get Caught

Much like anything else in life, phishing has evolved from its inception. Once mostly just a nuissance, phishing attacks have turned into a money making endevour that, if not handled effectly, can ruin a business, or life.

Are you protected? If not, now's the time to invest in a conversation and some education with your IT service provider (if you don't have one, we can assist) so that you don't become the next victim.

Read More