Cyber Security For Small Businesses On A Tight Budget

Cyber Security is definitely a 21st century problem, and it knows no limits.

No matter the size of your business, you must take the threat of a data breach seriously and protect your data.

Small businesses face a challenge because they must be just as compliant as a large business, without having the resources of their larger competitors.

Nevertheless, there are steps a small business can take to improve cyber security without blowing the budget.

1. Have A Good Password Strategy

The number one thing you can do is to have strong passwords and keep them safe.

These two recommendations may seem obvious, but it needs to be said: don’t use the same password for everything, and don’t leave passwords on post-it notes.

Having a long password may be annoying, but with every additional character, it takes more time for a hacker to break through using brute force.

In order to keep many passwords safely, you may want to use a password manager application such as LastPass or 1Password.

This is will save you the hassle of resetting emails constantly or getting locked out of your accounts with too many unsuccessful attempts.

Even with a tight budget, the cost of a password manager application is well worth the $15-40 yearly subscription.

2. Use 2-Factor Authentication

Two-factor authentication is becoming more and more popular as hackers get more and more clever. In fact, this option may be a legitimate reason for you choose one supplier over another.

All 2-factor authentication does is ask you for a second layer of proof that you are who you say you are. Often this looks like a text message to your cell phone or an email to your email address, but it can also mean a unique code provided through an authentication app like Google Authenticator.

Two-Factor authentication prevents a hacker from getting into your account, because merely figuring out your password isn’t enough.

And since services that offer 2-factor authentication don’t generally charge for it, you can fit this in to your budget easily.

3. Use The 3-2-1 Backup Rule

The 3-2-1 Backup Rule was invented by Peter Krogh, a photographer, who didn’t want to lose any of his work.

Although at first glance, it might seem excessive, it is a best practice that has been picked up by many and has been recognized and recommended by governments.

The 3-2-1 backup rule is simple. To follow it, all you need to do is:

  • Have THREE copies of your data
  • Keep those copies on at least TWO different media
  • Store one of these copies off-site

Saving your files to an external hard drive and a safe server are both a good place to start.

Establishing a schedule for doing your backups is a great idea to ensure you’re never left unprepared.

Even if you don’t do your backups every day, you can take the precaution of emailing yourself that document you just finished working on.

Doing that will save you if your computer itself is lost or irreparably damaged.

Truly, this practice can be priceless, when looking at the cost of having a company or consultant try to pull your files off a broken computer.

4. Make Sure You’re PCI DSS Compliant

The Payment Card Industry Security Standards Council (PCI SSC) has many recommendations that protect the security of your business, should you process, transmit or store credit card transactions.

1st Secure IT is authorized to perform PCI Data Security Standard (PCI DSS) assessments of any level, but we will provide you with more than mere action items.

There are 12 PCI DSS requirements that you must adhere to if you process, transmit or store credit card data.

However, when we assess your company, we will also provide helpful suggestions regarding your systems and processes, recommending best practices and improving your overall cyber security.

Contact 1st Secure IT

Being PCI DSS compliant is crucial for merchant businesses, which means that finding the best value for money will be the critical factor if you’re on a tight budget.

1st Secure IT can help. Our team of experienced qualified security assessors (QSAs) will help you understand what your business needs to do to achieve and maintain PCI DSS compliance.

We can also help you with a number of other IT security concerns, from training your staff on the implementation of IT security best practices, risk & fraud analysis, and more.

Call 1st Secure IT today, and keep your business safe and secure in an uncertain digital world.

Continue reading
992 Hits
0 Comments

Cyber Security: Beyond The Password

“You’re only as strong as your weakest link.”

This old proverb might be cliché at this point, but it’s also the key to your organization’s cyber security.

As more and more employees are working remotely, carrying company-issued smartphones and laptops, and thus walking around with company and client information at their fingertips, this statement is truer than ever.

If the passwords protecting these devices aren’t strong enough, then your own employees will be the biggest cyber security risk you’ll face.

Worried about information getting into the wrong hands?

Finding your employees writing down passwords on scraps of paper, not changing them regularly or making them too easy to guess?

If so, there are steps you can take to improve your company’s cyber security and protect your clients from a data breach.

Read on for some solutions to common cyber-security related problems.

How To Choose A Good Password

Uppercase letter, lowercase letter, number, “special symbol”, and at least 8 characters long.

These are the types of requirements often used for setting a password.

But not everyone understands why.

One of the traditional methods of password cracking is called “brute force” cracking – it’s essentially the process of using an automated tool to try a large number of randomized passwords over and over again until you get the right one.

Your standard QWERTY keyboard is capable of producing 96 characters using normal keystrokes, so if your password is one character long, there are 96 possible passwords you have. A password cracker can break into this in the blink of an eye.

Add another character, and it’s 96×96 possible passwords – 9,216.

Three characters, and it’s 884,736 possible passwords. And so on.

Most password crackers can attempt millions of passwords per second, so while 884,736 possible passwords may seem like a lot, software tools can make short work of them.

But the more characters you add to a password, the harder it becomes to crack, and exponentially so.

Nine character passwords have just over seven trillion possible combinations – that can be cracked in less than a week.

But a ten character password has 66 quintillion possible combinations, which will take several months.

Add two more characters, and you’re looking at 613 sextillion possible combinations, which will take nearly 200 years to crack.

The first step in ensuring your employees have a strong password is setting a password policy, such as the one listed above.

Have your IT staff ensure passwords on company systems must meet the minimum requirements.

However, these sorts of requirements can result in passwords so complicated that employees feel compelled to write them down, thus defeating the purpose.

We talked about this in a previous article about the Hawaii missile warning earlier this year, where it was revealed that the people in charge of Hawaii’s Emergency Management Agency had left the passwords to their accounts on a post-it note on their computer monitor, which then ended up on television.

So offer them some tips to combat this behavior.

Making passwords easy for the user to remember but hard for anyone else to doesn’t have to be rocket science.

One technique is to use an “inside joke” or special memory. Remove the spaces and trade out some of the letters for numbers (try using “3” for “E”, “6” for “G”, and “$” for “S” in order to substitute special characters).

This will make it easy to remember, but hard for someone else to guess.

How To Manage Your Passwords

Some organizations have chosen to take back control over passwords, by using password managers or password vaults.

These are programs which assist in generating and storing complex passwords in an encrypted database.

These types of applications require the user to create and remember one “master” password to gain access to the information stored in the encrypted database.

Using a password manager can prevent employees from using the same log-in and password across multiple devices and accounts – so long as they can remember the password for the manager itself.

Using 2-Factor Authentication

When it comes to protecting very sensitive information, a single password alone may not be enough.

Two-factor authentication can make it much harder for a hacker to gain access to a system.

Even if a hacker is able to determine a user’s password to log-in to the system, two-factor authentication adds an extra step, or “authentication factor” which needs to be used before access to the system is granted.

The 3 types of authentication factors are knowledge, possession and inherence (also called biometrics).

Knowledge factors are based on something the user knows (such as the password or PIN).

We’ve already talked about passwords above.

Possession factors use something the user has, such as an ID card, smartphone or security token.

For example, this might involve having a special code sent to the user’s smartphone which must be entered before access to a system can be gained.

Or the user carrying a smart card or key fob that must be presented or swiped in addition to the password.

Inherence (or biometric) factors have to do with something the user IS.

This could be a fingerprint swipe, face or voice recognition, or as often seen in the movies, an eyeball scan.

Two-factor authentication requires using two different types of authentication.

Requiring a user have a password and then enter a pin code would only count as one, as this only uses knowledge authentication.

Requiring a user have a password, but also use a fingerprint swipe to unlock a device is two-factor authentication as it uses both knowledge and inherence factors.

Contact 1st Secure IT

Worried about data breaches?

Need help setting up a two-factor authentication tool so your company’s information stays safe and secure?

Or maybe you’re looking for employee awareness training, on the importance of strong passwords.

1st Secure IT can help.

Contact us today to discuss your options for keeping your company secure in an uncertain digital climate.

Continue reading
753 Hits
0 Comments

Do You Need Cyber Security Insurance?

Life insurance.

Car insurance.

Home insurance.

These are all “no-brainers” right?

But what about Cyber-security insurance?

Are you prepared if you face a data breach?

Are you ready to pay-out those whose information may be compromised if your systems are hacked?

Keep reading to learn more about data breach protection and how it could benefit you.

What Is Cyber Security Insurance?

Cyber insurance, cyber risk insurance or cyber liability insurance coverage are different names for the same thing.

This insurance will assist your organization in covering costs associated with cyber-security breaches and other related cyber-security issues.

When creating a risk management plan, organizations will determine on how to handle potential risks they face, by either accepting, avoiding, controlling or transferring them.

Cyber Insurance is one method to transfer risk by offsetting costs associated with response and recovery after a cyber-security related breach occurs.

Choosing A Cyber Security Insurance Policy

Many well-known insurance companies offer cyber-insurance policies.

If you have an insurance provider you know and trust for your other policies, start there and see if they have cyber-insurance suitable for your needs.

When researching policies, be certain to be very clear about what is covered and what is not.

Find out about special circumstances and any limits as well.

Some questions to ask include:

  • Is the coverage standalone, or is it an extension on an existing policy?
    (Often times, a standalone policy will be more comprehensive.)
  • Can the policy be customized to my organization?
  • What are the deductibles?
  • What sorts of breaches or cyber-attacks are covered?
  • Is there a time-frame to which the coverage applies?

What Does Cyber Security Insurance Cover?

There are 4 key areas cyber-security insurance can help you with.

Let’s take a look at what they are:

1. Investigation

In the event of a security breach, often times a third-party company will need to be brought in, to discover the causes of the breach.

A forensics investigation will determine what occurred, how to fix it, and how to prevent it from happening again.

This insurance will help with costs associated with this investigation.

2. Business Losses

The terms of a cyber-insurance policy might be similar to those of policies that cover errors due to negligence or other similar reasons.

Business losses can also include losses due to network downtime, business interruption, data recovery and damage to reputation.

3. Privacy and Notification

In most jurisdictions if a company has a data breach which affects their customers or clients it is required they be notified.

Additionally, customers whose information has been breached may now require credit monitoring to guard against identity theft.

This coverage can help with these expenses.

4. Lawsuits and extortion

If a company is faced with cyber-extortion, for instance after ransomware is installed on their system, cyber-insurance can help cover these costs.

If you have this type of insurance be sure to read your policy carefully, as sometimes disclosing you have this coverage can make it null and void, as it makes you a target for cyber-thieves who know their demands will be paid for with the insurance.

What Does Cyber Security Insurance NOT Cover?

When choosing Cyber Security Insurance, it is important to read the fine print and understand what is, and is not, covered.

For example, the way the policy defines a breach, or fraud, could make the difference in being covered or not covered should an incident occur.

Read your policy carefully and thoroughly to understand what is, and more importantly what is NOT covered.

What Kind Of Cyber Security Insurance Do I Need?

Factors such as the size of your company, the type of information you are storing and the industry you work in will determine what type of cyber-insurance you will need.

For some, a rider on their existing policy may be sufficient, and for others an entire separate policy may be required.

If you’re on the hunt for a policy, and are overwhelmed by the choices on-offer, an insurance broker might be beneficial to help navigate your options.

When looking for a broker, the relationship between your Chief Information Security Officer (CISO) and the broker is important.

Ensure the broker has your best interest, and not that of their partners, in mind.

Look at the services being offered and their ability in the arena of cyber security.

The right broker can help you navigate the finer points of the options available, so long as they are experienced and honest.

Contact 1st Secure IT

Are you worried about a data breach?

Do you want to beef-up cyber security so you can be eligible for lower cyber-insurance premiums?

Are you worried about maintaining compliance with the requirements for your existing plan, or need help looking at your cyber-security options?

1st Secure IT can help. Contact us today for a cyber-security consultation.

Continue reading
859 Hits
0 Comments

What is the Dark Web?

When you read the phrase “The Dark Web” what do you picture?

Is it a sinister place where criminals run rampant?

A haven for anarchists, ne’er-do-wells, and other unsavoury types?

Or a bastion of free speech in a world where many worry about censorship?

Depending on who you ask, it might be described as any of the above, and more.

If you’ve been the victim of a data breach, your personal information may be there, waiting for someone to come along and pay the right price to steal your identity.

You might think it’s something you don’t have to worry about, but are you as good at analyzing risk as you think you are?

Let’s dig into the dark web to learn more.

What Is The Dark Web?

The Dark Web is the part of the internet that cannot be found through a typical “Google” search.

It requires the use of a special browser such as Tor which keeps you (relatively) anonymous.

As a result, it presents a particular challenge for law enforcement.

On the dark web, you can find a wide range of illegal activity, including trafficking in stolen goods, illicit substances or weapons, murder for hire, and other things far too horrible to be mentioned here.

Benefits Of Using The Dark Web?

When many people think of the dark web, they think of an epicentre of criminal activity with little reason for a law-abiding citizen to ever venture there.

While this is often the case, not all activity on the Dark Web is illegal.

In countries where internet access is controlled and monitored by the government, the Dark Web can help people to communicate without fear of repercussions.

Those concerned with their personal privacy on the internet can find lots of tips and tricks to incorporate into their lives.

And it can be a safe place for whistleblowers to share information – some mainstream media organizations even monitor these dark web whistleblower sites, including a version of Wikileaks.

Even law enforcement can find benefit from monitoring the dark web as part of a larger threat analysis and situational awareness strategy.

Accessing The Dark Web

Accessing the dark web is not as hard as one might imagine.

You don’t need a secret code-word or to have a special contact to be let in – you just need the right software.

The most popular is Tor but Freenet and I2P may also be used.

Just be prepared to deal with slow and unpredictable performance.

Tor uses special encryption – so when a message is sent over the network each computer in the network only receives the information of where it came from, and where it is going next thus ensuring anonymity.

Because the signal is bouncing around through many different volunteers’ computers and not a set network, the speed can be slow and bottlenecks often happen.

The naming structure of Dark Web site URLs typically are scrambled to make them near-impossible to remember and end in .onion which designates a hidden, anonymous network that can’t be accessed through regular browsers.

Of course, if the content of the message contains identifying information (such as an email address) it becomes less anonymous.

Illegal Activity On The Dark Web

Do you wonder what happens to information after data companies like Equifax, Uber or Facebook are breached?

What’s the goal behind taking the risk to steal all this data?

In many cases it ends up on the dark web, for sale to the highest bidder.

Everything from login details for underused Netflix accounts to bank and credit card accounts giving access to thousands of dollars in funds can be found for those willing to pay the price.

If you go searching and happen to find your own information on the Dark Web, there may not be much you can do to remove it, but by knowing it’s there you can take steps to protect yourself.

Of course, a data breach may not seem like a big deal compared to some of the other uses of the dark web we talked about earlier.

But if you’re the one whose information is breached, credit cards and ID stolen, it can be devastating.

And if your company suffered a data breach due to negligent IT security practices and are as a result directly responsible for perhaps thousands of people losing their data, it can be exponentially worse.

Contact 1st Secure IT

Are you worried that your personal or company information may have appeared on the Dark Web after a security breach?

Or are you worried that employees may be using company resources to access this illicit corner of the internet?

Even worse – has your company suffered a data breach, and that information is being bought and sold across the Dark Web?

If so, 1st Secure IT can help.

Call us today to speak with one of our knowledgeable IT security consultants.

We can help you find the weak points in your IT security infrastructure to avoid a data breach or catastrophic leak from occurring.

We’ll help you avoid becoming just another statistic, just another company who, through its own negligence, caused millions of dollars in damage as their customers scramble to contain the damage to their lives.

Contact 1st Secure IT today, and keep your business and your customers safe and secure in an uncertain digital world.

Continue reading
809 Hits
0 Comments

How Easy is it to Get Hacked?

Contrary to what the movies would have you believe, hacking is not done as you chase virtual rabbits across a screen through a graphic interface.

Nor is it something you can simply defend yourself from with a piece of software that comes with your computer.

You can be fully compliant with PCI DSS, EI3PA, and employ the latest known security tactics, but how easy will it be for someone to break through that security?

Are You At Risk?

A few years back, The National Cyber Security Alliance estimated the odds of any small being hacked in a year are about 20%.

That means if you run a small business, and four of your friends also have small businesses, one of you is statically likely to be hacked in the next 12 months.

In Britain, in 2014, there were 2.5 million reported cybercrimes.

That adds up to about 10% of the population being hit in a 12 month period.

Noted accounting firm KPMG, however, believes that because so few of these crimes are actually reported, the statistics are in reality much higher.

They place the odds closer to 1 in 3 of being hacked on an annual basis.

So why are so many organizations vulnerable to hacks?

1. Weak Passwords

One of the easiest ways for hackers to gain access to secure accounts is through cracking a password.

Because it’s so hard to remember different passwords for different accounts, many people use the same password for almost all their accounts.

So, if a hacker gets access to one, the hacker has access to them all.

It comes down to a numbers game for hackers.

A simple five-character password such as 12345, or even a basic word can be cracked in under 10 seconds, just by trying combinations and common passwords.

A seven-character password, meanwhile, takes an entire day to get through.

Jumping to nine characters means it takes about a week to crack, but a ten-character password will take several months to get through.

If you really want to be secure, adding just two more characters to your password will make it so difficult that a hacker will take nearly 200 years to crack into it.

Now these numbers are, of course, an average.

The list of the top 10, most commonly used passwords does contain some nine, and ten character passwords, but any reasonable hacker will try them first and get into your account.

These top 10 passwords are:

  • 123456
  • 123456789
  • qwerty
  • 12345678
  • 111111
  • 1234567890
  • 1234567
  • password
  • 123123
  • 987654321

If you’re using one of these passwords yourself, it’s time to change to something more secure.

2. Viruses

Viruses are not as common as they used to be but are still prevalent.

While we no longer live in a world where one emailed virus goes viral seemingly every six months disabling major networks, they are a threat.

According to the Microsoft Security Intelligence Report, 16 million American households have experienced a viral infection on one of their machines at some point over the last two years.

That same study found that 95% of American households said they use antivirus software.

But with an estimated 126 million American households in existence, 16 million is actually closer to 13% of the total.

What this means is that people who use antiviruses are sometimes still vulnerable – that, or they were lying about using an antivirus.

Modern antivirus software, along with automatic account lockouts after two or three wrong passwords are responsible for much of the decline in popularity in viruses, but occasionally, a new powerful one proves effective and sneaks through.

3. Phishing

Part of the decline in viruses is due to the rise in phishing scams.

It’s now generally more profitable for a hacker to send out an email to an unsuspecting mark, telling them that they have either come into an inheritance, or are needed to help abandon an abandoned fortune, or pay a fee to accept an inheritance, or pay to help a Nigerian prince recover a fortune.

These are generally written in broken English, but people fall for them, and often wire thousands of dollars to the hacker/scammer.

Sometimes they come from fake email addresses that seem as if they are tied to legitimate clients, or businesses, until you read the actual email address.

For more on how to recognize a phishing scam, see one of our previous articles on the subject

Contact 1ST Secure IT

If that prediction from KPMG is accurate, you have a one in three chance of being hacked this year.

Spread that out over a long enough timeline, and you’ve got a 100% chance of being hacked sooner or later.

You don’t want that to happen.

1st Secure IT can help.

Call us today and speak with one of our experienced and knowledgeable IT security consultants.

They will take the time to better understand your business and your needs, and from there help you understand what you need to keep things running smoothly and, more importantly, securely.

Contact 1st Secure IT today and keep your business safe and secure in an uncertain digital world.

Continue reading
728 Hits
0 Comments

Is Windows Defender Enough to Keep You Safe?

Windows Defender really has a great name, doesn’t it?

Defender, it’s the kind of word that makes a computer user think of an invisible guardian protecting your computer from all potential harm.

But is it as good as its name suggests?

Will it protect you from all manner of IT security threats?

Read this guide to find out more

What Is Windows Defender?

Windows Defender Antivirus is the anti-malware portion of Microsoft Windows.

It utilizes a firewall to help strengthen its antivirus capabilities.

What does Windows Defender Do?

Through Windows Defender Security Center, you can:

• Control your security preferences
• Control live scans of your browsers
• Control your firewall
• Update your family controls
• Monitor the general security status of your computer and network.

If you just need basic web security, like to protect your home network from threats, Windows Defender can help you remain safe and secure.

And if you have young children and would like to restrict the content they have access to, Windows Defender is helpful.

What Does Windows Defender Not Do?

Windows Defender is a nice, well rounded, anti-malware system that offers, low to medium level protection.

However, it’s far from a perfect system.

PC Magazine, Techradar Pro, Tom’s Guide, and PC World all gave Windows Defender a 3 out of 5, with Tom’s Guide writer Brian Nadel calling it “better than nothing”.

System scans run by Defender are also known to slow down computer performance to an achingly slow crawl when being performed.

Windows Defender is designed to work primarily with Microsoft Internet Explorer, or more recently, Microsoft’s newest browser, Edge.

This means that other browsers, like Opera, Chrome, and Firefox, all are slower to be scanned for threats, and are delayed in getting updates on the latest malware when working with Defender as their primary anti-malware system.

And because Internet Explorer and Edge have such a small browser market share – just over 16% of desktop users use one of the two, according to Net Market Share – this makes Windows Defender less useful for the vast majority of us who prefer a different browser.

Defender also is known to have leaks through plugins like Java.

And given how much of the internet is still based around Java, it makes Defender far from the ideal solution for heavy internet users.

What Do You Need?

Microsoft is so popular that its users have a tremendously broad set of needs.

At one end, you may have a senior citizen who uses their computer to only play candy crush or solitaire and send notes on Facebook to relatives.

At the other, you have people who spend their entire workday on computers managing high level IT environments.

What works for some is not necessarily adequate for others.

If you don’t download much from the internet, and the only videos you watch are from YouTube, Amazon, or Netflix, you’re likely fine with Microsoft Defender.

But, if you spend a huge chunk of your day working on your computer sending dozens of emails a day, reviewing content in a multitude of formats, or doing constant research, you’ll want to upgrade to a stronger protocol than Microsoft Defender.

This is especially true in corporate environments where IT security is paramount – like when processing sensitive information or complying with industry regulations, like the PCI DSS.

As soon as you install a new security suite, Windows Defender will shut itself off to let the new system take over, because that is what it is designed to do.

It protects your system until you have something more secure.

Contact 1st Secure IT

If your needs are no more significant than that of someone who uses their computer for little else than emails, social media, and shopping, you likely are fine running Windows Defender – just make sure to keep it up to date.

But in a corporate environment, Windows Defender is not our recommendation.

Here at 1st Secure IT, our motto is “compliance is not enough”.

That means we don’t recommend the bare minimum – which includes Windows Defender.

If you use your computer for business, contact 1st Secure IT today to find out how you can better protect your company’s sensitive information from the bad actors out there.

Don’t get caught unprotected – there are a lot of cyber security threats which could potentially cost you dearly in the form of lost revenue, lost respect, lawsuits, and more.

But it doesn’t have to be that way.

1st Secure IT can help.

Contact 1st Secure IT today, and keep yourself safe and secure in an uncertain digital world.

Continue reading
1126 Hits
0 Comments

What Is A Firewall

There are many different words related to IT security which have snuck their way into mainstream vocabulary.

The average person may not have heard of phrases like PCI DSS compliance, SSAE 18, or even TLS, but you can bet most of them have heard of a firewall.

The word firewall ends up in a lot of the technobabble in science fiction and police TV shows featuring a hacker, because it sounds fancy and sophisticated. You’ll hear a phrase like “resetting the TCF of the external firewall will allow us to resync the NAT devices.”

This is just to make a TV show sound exciting, of course, but is a firewall a real thing? Yes, it is.

Read this article to find out more about how firewalls work and how they can improve your company’s IT security.

What Is A Firewall?

To put it as simply as possible, a firewall is a digital wall between your electronic devices and the malware rampant across the web.

When data moves from the internet into your devices, your firewall screens it and makes sure what comes through is clean.

Think of it like security at the border. If you want to take a vacation to Canada, security agents let cars through one at a time while they confirm your identity, your passengers, and your travel intent.

A firewall works the same way, only it’s scanning data, not cars. The data will come into your computer in small chunks called packets. These are designed to be manageable for your firewall to scan as it passes through. If malware scans come back negative, the data is allowed to pass through, but if it finds something harmful the packet is rejected and you get a notification.

Types Of Firewalls

There are many different types of firewalls, but broadly speaking, there they can fit into two categories: network firewalls and host-based firewalls. Here’s what each of them do.

What Is A Network Firewall?

The idea behind a network firewall is to filter any traffic coming from the internet to make sure that only the data that should be coming into your system does so.

Your IT department will configure your firewall to monitor traffic, which can, among other things, block access to certain websites to prevent your staff from accidentally infecting your system from known malicious sites or wasting time on their social network of choice when they should be working.

But rather than manually configuring it (an exhausting endeavour), you can use an external service that keeps your firewall updated with the latest definitions to recognize cyber attacks and screen them. If we continue with our border analogy from before, this is like keeping your drug-sniffing dogs trained on how to recognize new types of drugs being invented on a regular basis, except it happens automatically.

Like the name suggests, these are useful for larger networks made up of multiple devices.

What Is A Host-Based Firewall?

A host-based firewall works in much the same way as a network firewall, but instead of protecting a network they protect only the device on which they’ve been installed.

These firewalls are often paired with a hardware firewall built into what they use to connect to the internet, like a wireless router. The downside of these firewalls is that they need to be manually updated, but because they’re used on a smaller scale it isn’t as much of a hassle.

Why A Firewall?

A firewall is a simple, relatively painless way to improve the cyber security of your company. If configured right, your firewall will serve as your first line of defense against the malicious stuff floating around the internet.

But it’s only your first line of defense.

The internet is a constantly changing place, and cyber criminals are constantly discovering new ways to break into your systems and steal your data.

If you’re having trouble keeping up or you feel a little vulnerable to all the various security risks out there, you’re not alone.

1st Secure IT is there for you.

Give us a call and book a consultation with one of our IT security experts. We can help you recognize the gaps and weaknesses in your cyber security and shore up your defenses against the threats to your business that exist online.

Don’t get caught by the latest malicious attack. Contact 1st Secure IT today and enjoy the peace of mind that can only come from working with one of the top IT security firms on the market today.

Contact 1st Secure IT to stay safe and secure in an uncertain world.

Continue reading
851 Hits
0 Comments

Phishing Vs. Spoofing: What's The Difference?

1st Secure IT data loss prevention cyber and IT security services risk management protection firm

Phishing and spoofing are no longer a threat that is limited to aunts who cover their Facebook walls in wine memes and grandfathers that type in all caps and send chain emails.

They’ve evolved to become a legitimate threat to your entire staff and can grievously compromise the security of your company and your clients. Because of this it’s a good idea to hire on an IT security company to protect yourself against these threats.

For now, enjoy this handy guide to better understand what phishing and spoofing are, and how you can protect yourself from them.

What is Spoofing?

Phishing and spoofing are often mixed up. To keep things simple, let’s start with spoofing.

This is a technique used by crooks where an email is received that claims to be from a trusted individual or institution.

Sometimes it comes from a trusted, verified email account that has been hacked, or it comes from a fake account that seems to be from a respected company.

This email encourages a person to click on a link that generally downloads malware, a Trojan virus, or something else malicious that can cripple your network, and infect your clients.

What is Phishing?

Now, phishing is like spoofing in that it often comes from emails, but these emails contain forms, or links to forms.

These forms look very official, but are in reality, used by criminals for nefarious purposes.

They ask for everything from banking information, to passwords for online accounts. It only takes a few pieces of data to do anything from identity theft, to emptying your corporate accounts.

Take care of your information | 1st Secure IT data loss prevention cyber and IT security services risk management protection firm

How to Recognize a Phishing Or Spoofing Scam?

These scams are often extremely convincing, using stolen graphics from official companies, or even using hacked accounts of trusted professionals.

Always go with your gut. If your accountant sends you an email asking you to download a document with a weird name and weird format that is making you uncomfortable, call their office, and make sure it’s legitimate.

Scammers will often purchase domain names that are slight corruptions of domains used by trusted companies like stores, or banks. Copy and paste this into a separate document and compare it to the URL used by these companies normally.

These crooks will even go so far as to register a normal domain name but with a different ending such as .RU or .JP. Russia and Japan are often where these scam domains are registered, so unless you are doing business with banks in those countries, it’s a scam.

The same goes for their email addresses. They will often register a normal Gmail or Hotmail account with a name like Apple Support or Microsoft Support, or VISA Customer Service, but if you right click the name you will see the actual registered email address. Usually it is a nonsense name @gmail.com

In emails, keep your eyes peeled for broken or bad English. These scams are often orchestrated by people who learned English as a second language. This often leads to poorly written messages.

Be wary of demands of urgent action or demands for quick payment in the form of a bank transfer, or electronic currency. If a normal, legitimate institution, like a bank, or the IRS, needs payment, they send requests through registered mail.

Lastly, if the URL starts with http: and not https: then that means that the site you are using is not secured with TLS, which is a guarantee that you are dealing with a scam.

Contact 1st Secure IT

An IT security company like 1st Secure IT can help protect you, your staff, and your customers from phishing and spoofing.

Give us a call to keep safe, especially if you just responded to an email from a Nigerian prince, or a foreign business official informing you of a massive inheritance.

Continue reading
1034 Hits
0 Comments

How Small Businesses Can Protect Themselves From Hackers

If you read much about the world of IT security, you likely mostly see articles reporting on data breaches from larger corporations.

And that makes sense – after all, more people are impacted by a data breach at a multinational with millions of clients than one at a local mom-and-pop shop.

But all this news may lull small business owners into a false sense of security, and that can be dangerous.

While most IT security companies perform penetration tests and other security audits on large businesses, small businesses are also vulnerable to hackers, data breaches, phishing scams, and the like.

If you’re a small business owner, though, there are some steps you can take to protect yourself from being vulnerable online.

Small Business IT Security Breach: How It Happens

When it comes to a big corporate office, security is usually pretty high.

Many buildings employ a full staff of security personnel and electronic surveillance systems with the goal of keeping their staff, data, and systems safe.

And yet, social engineering tricks can still sneak their way through.

By manipulating front desk and security staff, a clever social engineer can get someone to step away from their desk long enough to slip a piece of malware onto company systems via a USB key.

Big corporations also generally have IT security practices they teach their staff.

This includes things like how to recognize a phishing email, a proper password strategy, and protocols on what devices are allowed to connect to the company network.

And yet, phishing scams are still effective, and the most commonly used password in the world is still “password”.

So if larger corporations, with all their tight security and data management strategies, can’t manage to stave off these attacks, what hope does a small business have?

A storefront with a single staff member at the front desk can easily be manipulated.

A company email address can easily have some phishing attacks that slip through the spam filter.

Any attack that hits larger corporations can hit a small business too.

Small Business IT Security

When it comes to protecting your small business from IT security breaches, the steps are similar to big businesses.

The first step ought to be to review with your staff how to recognize a phishing scam or other social engineering hack.

Most of us imagine a hacker sitting at their desk in a ski mask, banging away on an old grey IBM keyboard as dozens of strings of numbers fly past their screen like in The Matrix, cracking passwords and finding vulnerabilities in software.

This sort of thing definitely happens (though maybe without the ski mask), but it’s not as common as you might think. Far more common, in fact, is the phishing scam, the social engineering trick, or the poor security set up by the user.

In short, it’s people that cause most IT security breaches, not a programming weakness. You should also do what you can to protect your network.

While it might be unrealistic to expect you to roll out a multi-million dollar IT security plan, there are measures you can take right now which are relatively inexpensive.

Aside from training your staff, make sure your wireless network is secured with a strong password and that your router’s software is up to date.

If you run a business where customers frequently connect to your wireless network, like a coffee shop, it’s a wise idea to have a separate network for your customers.

Make sure you have a data backup plan as well. 1st Secure IT recommends the 3-2-1 backup rule. For more on that rule, see our previous article on the subject.

Contact 1st Secure IT

To a large corporation, a cyber security incident is a PR nightmare. But to a small business, such an attack can cause major issues, sometimes even bankrupting the business altogether.

If you’re a small business who’s concerned about taking your IT security more seriously, contact 1st Secure IT.

Our team of cyber security experts can consult with you, helping you discover the gaps in your security and how you can better protect yourself from the digital malcontents and bad actors of the world.

Don’t let your guard down. Contact 1st Secure IT today to keep yourself secure in an uncertain digital world.

Continue reading
768 Hits
0 Comments

IT Security Isn’t Just About IT

IT Security Isn’t Just About IT | IT isn't just about IT
| 1st Secure IT data loss prevention cyber and IT security services risk management protection firm

Imagine if someone hacked your toaster.

Or your car.

Or your vacuum cleaner.

Seem absurd? Maybe, but with the prevalence of new technology like the internet of things, artificial intelligence, and robotics, cyberattacks have become more common in more areas of life.

Once upon a time, it was banks, big tech companies, and other multinational conglomerates who were vulnerable to cyberattacks. But these days, as more and more of our life goes electronic, we’re faced with more IT security risks than ever.

A Changing World

In 2017, WannaCry and NotPetya were some of the biggest threats to cyber security out there. In 2018 so far, it’s been KRACK attacks, Meltdown, and Spectre, as well as the perennial phishing scams you’ll see in your email’s spam box.

As the risks become more and more problematic, it’s becoming clearer than the current approaches aren’t working as well as they should be.

What’s the problem here?

Part of it is the lack of preparedness many companies have to modern security risks.

This includes small and medium size businesses as well as enterprise-level corporations like Deloitte, the poster child for cyber security failure in 2017.

Many companies haven’t bothered consulting with a team of cyber security experts, leaving their heads in the sand like the proverbial ostrich.

But what’s even more frustrating is the fact that some companies who have paid for a comprehensive cyber security plan haven’t implemented them.

As a business owner, it’s easy to look only at the bottom line and wonder whether or not these extra security measures are worth it. And in an ideal world, we wouldn’t even need to worry about them. But sadly, we don’t live in an ideal world.

Some IT security changes can be frustrating to implement. This includes things like multi-factor authentication, email encryption, and replacing outdated software that is no longer supported.

On top of this, employees who have enjoyed the ability to work remotely may be upset by the sudden requirement that they only be able to access the company intranet on-site.

This may make some executives reluctant to implement these, and instead hope for the best.

And while it is possible to run a successful business without these things and without ever suffering a cyberattack, the same could be said about the lock on your front door.

Sure, a lock doesn’t guarantee your house will never be robbed, nor does the lack of a lock guarantee that your house will be robbed.

But you’d be hard pressed to find someone who seriously argues that it’s a good idea to leave your house unlocked, and you’d be hard pressed to find a good IT security consultant who won’t suggest you encrypt your emails.

IT Security Isn’t Just About IT | Employees are hight part of IT security | 1st Secure IT data loss prevention cyber and IT security services risk management protection firm

So What’s The Point?

What can you do about it?

Part of the solution lies in how you look at your IT security.

Some executives leave their IT security to their IT department, assuming they’ll just take care of it. This may make sense on the surface, but the reality is that IT security isn’t just an IT issue.

It’s a risk management issue.

With more than a hundred billion lines of code being written each year by everyone from Microsoft employees to cryptocurrency coders to ne’er-do-wells online, you can be sure that at least a few million of those are malicious.

By treating IT security as a risk management issue, you’re recognizing the reality that cyber threats can pose your business. It forces you to look at the issue differently – rather than just shrugging it off, you recognize it as a legitimate cost of running a safe, secure, reliable business.

This means evaluating multiple levels of cyber threats, from data breaches to gaps in your security to a lack of knowledge and training from your staff members. Unnecessary complexity can also cause issues and redundancies that can create unintended security gaps.

So choosing the right software suite, implementing the appropriate security measures, and consulting with the right people isn’t just about IT. It’s about taking the measures you need to make sure your business continues to run.

Contact 1st Secure IT

No one has 100% protection against any and all cyberattacks. But by implementing an appropriate IT security system, you can go a long way to staying as safe as possible online.

If you’re not sure about how you can protect your business online, contact 1st Secure IT today.

Our team of experienced and qualified IT security specialists will consult with you, illuminate the potential security risks in your organization, and help you implement the best practices you need to stay safe in the face of an uncertain digital landscape.

Don’t face the dangers of the internet alone. Contact 1st Secure IT and keep your business running smoothly, today.

Continue reading
1009 Hits
0 Comments

How To Get Your Employees To Improve Your IT Security

Recently, we’ve been posting about the human factor in the world of IT security. The sad reality is that you can hire a team of ethical hackers to do as much penetration testing and security analysis as you want – all that will be for nothing if one of your staff members lets a hacker in themselves.

No matter what your business is, no matter what type of operation you run, your staff will always be your greatest liability when it comes to IT security. And they aren’t doing it on purpose either. With extremely rare exception, none of your staff members actively want to cause risk to your security.

No, they’re doing it out of simple ignorance.

Fortunately, there are things you can do to help mitigate those risks and get your staff on your team when it comes to shoring up defenses against hackers or other bad characters out there.

Here are some of 1st Secure IT’s top tips on how to train your staff to be more IT security savvy.

1. Train them. Over and over.

Some organizations just have their IT department worry about IT security, and nobody else.

These are the same organizations who end up getting hacked.

But it’s not enough just to have your IT head tell your staff about password safety and then forget about it. You need to be training your staff on an ongoing basis.

After all, repetition is the key to learning anything. Think back to your time in school – did you remember everything your teacher told you in lecture, or did you have to study before a test to make sure you remembered it?

Not only do you need to train on an ongoing basis, you also need to make sure your training is relevant to the position your staff holds. This means providing a higher level of training to those staff members who have higher levels of permissions on their account.

It also helps to implement some simple rules for your staff, like not accessing company servers anywhere other than at the office or approved locations. And of course, training everyone on how to recognize a phishing scam or a malware attack is a must.

2. Don’t just teach them. Test them.

If you want to learn how someone will handle an emergency situation, the only real way to know is by putting them in an emergency situation.

Medical students can’t go from reading books to performing open-heart surgery. They need to be eased into it and put into some “live fire” exercises where enough is at stake for them to care.

The same goes for your company’s IT security.

Contracting a third party to simulate some sort of data breach or cyberattack can help you better understand what would happen in case you’re faced with a real crisis. How will they react? Will they play right into the phishing email you just sent them? Will they innocently grant access to your company’s intranet? Or will the training you gave them be enough to protect your data and your IT infrastructure from attackers?

There’s only one way to find out.

This will not only help you understand how prepared you are for a cyberattack, it will also help your employees understand what’s potentially at stake and how an attack might look.



3. Plan, plan, plan.

Now that you’ve trained your employees and you’ve tested them, you may feel like it’s smooth sailing ahead.

And it might be, for a little while.

But hackers are crafty people. They’re always looking for new ways to crack into a company’s data, since the reward for them can be well worth the risk.

Ongoing communication is crucial here. If you can’t find a way to communicate your security needs to your staff, you can’t expect them to understand them. Whether this means getting your IT department to hold regular workshops on IT security or hiring a third-party firm to come in and train your people, communication is extremely important here.

You might want to consider some sort of incentive for your staff to report potential security risks as well – a phishing attack caught early can be significantly less damaging than one left for several days.

Contact 1st Secure IT

If you’re worried about whether your company is properly prepared for a cyber attack, that’s a good thing. Recognizing a threat is better than sitting confident when there’s an underlying problem that needs to be addressed.

But whatever your IT security needs, 1st Secure IT can help.

We can help you prepare your staff for any cyberattacks that may occur. And we can test your current IT infrastructure to help you understand the gaps in your armour which an attacker may be able to exploit.

Whatever your business, don’t leave it up to chance. Contact 1st Secure IT today and keep your business safe and secure in the uncertain digital world.

Continue reading
847 Hits
0 Comments

The Business Email Compromise Scam: What Is It And How To Protect Yourself From It

The Business Email Compromise Scam: What Is It And How To Protect Yourself From It

In our last article, we talked about the human factor in IT security, and how simple human error is responsible for the vast majority of IT security breaches.

A specific type of human error IT security breach is known as the business email compromise scam. This social engineering practice is responsible for a number of IT security breaches.

A 2016 statement from the FBI reported that from October 2013 to May 2016, business email compromise scams (BEC) have cost businesses more than a billion dollars in damage.

Is your company vulnerable to this type of security breach? Keep reading to find out.

What Is A Business Email Compromise Scam?

In a business email compromise scam, an attacker uses a simple social engineering trick to gain control of an email account. How does it work?

I’m going to walk you through the entire process of what a business email compromise scam can look like. To illustrate the point, we’ll talk about a fictional company, Grasshopper Industries.

One common method BEC scammers use is to purchase a domain with a slight variation to that of the company’s, create a convincing looking login page, and set up a form designed to store any information that goes into it.

I find out that the URL to login to their company intranet is login.grasshopper.com. So I purchase the URL www.grashopper.com (notice the missing s?), duplicate the intranet login page, and program it to save any login information inputted into the fields.

There’s my tool, all set up. Now all I need to do is get the employees of Grasshopper Industries to show up at my new scam website and try to log in using it.

There’s a simple way to do that too.

First of all, I need to find out the name of Grasshopper Industries’ IT manager. So I browse LinkedIn, and find out her name is Michelle Devereaux.

Then, I head over to a payphone (so they can’t trace the call back to me), and I call the reception desk and say:

“Hello, I’ve got some information I need to send to Michelle in IT. What’s her email address again?”

Simple. Now I know her email is mdever@grasshopper.com.

This tells me what the IT manager’s email address is, but more importantly, it tells me what the format for email addresses is – the first initial, and the first five letters of the last name.

So I’ll set up my own email address on the domain I just bought – mdever@grashopper.com.

If you think that looks like the same email address as Michelle’s email, that’s the point.

Next, it’s just a matter of finding a company directory. Again, LinkedIn can help here. So can Facebook, Twitter, and even a general Google search. There are a number of other tools out there you can use to find the employees of a company.

So let’s say we have a list of 1500 employees of Grasshopper Industries (it’s a big company, after all). Based on the formula we have for email addresses, we’ll create a list of emails. Some of them may not work, and that’s okay – it doesn’t cost anything to send an email.

Now we’ll send out an email from our bogus email account claiming to be the real Michelle Devereaux. It may say something like this:

Dear Will,

 We’ve recently had a security breach, and your information may have been compromised.

 I talked with Frank, and he agreed that everyone will need to change their passwords.

 To do so, please go to this link – login.grashopper.com. From there, input your username and your old password, and the screen will prompt you to change your old password to a new one.

 If you have any trouble, please let me know.

 Cheers,

 Michelle.


Now, of the 1500 emails we send out, do you think at least one of those people will fall for our little spoof?

This is just one possible angle a BEC scammer can take.

The Business Email Compromise Scam: What Is It And How To Protect Yourself From It

So Now What?

Eventually, Michelle in IT will catch on. And she’ll alert her superiors, who will then begin to take some sort of measures to mitigate the damage.

But by then, the damage may already have been done.

If the scammer got their hands on the login and password for someone in accounting, they may have access to Grasshopper Industries’ tax information, and even their banking information.

Even worse, if they managed to get hold of an account with sufficient privileges, they could set up a piece of ransomware on the company servers in order to extort money from them.

They could also browse everyone’s private emails until they found someone with an account on Ashley Madison, and blackmail them for money.

And if they were secretly sent by Grasshopper Industries’ main competitors, Cricket Cooperative, they could find out information about Grasshopper’s plans for the future and tailor their plans accordingly.

Messy stuff.

Why BEC Scams?

At the end of the day, hackers use BEC scams because they work great, and they can often get away with them without having to use malware or break through complex layers of security.

They’re also fairly cheap, and the barrier to entry is fairly low. All you need is a basic understanding of how to build a website and some outside-the-box problem solving.

They’re particularly difficult to trace where the attack comes from. There are enough anonymous web registrars out there that you can hide your information fairly effectively.

And finally, they can slip through a lot of your built-up security layers. After all, it’s just a simple email, with no attachments or anything fishy that would raise red flags.

Are You At Risk For BEC Scams?

While any company is at risk, those that wire money internationally are often considered high value targets.

This is because they can divert a wire transfer from its destination into a scam account, and because the transfer is international it may be more difficult to track where it ended up.

If you’re concerned about what to do about BEC scams, you’re not alone.

But you don’t need to face this risk alone, either.

1st Secure IT can help.

Contact 1st Secure IT today to book a consultation with one of our experienced IT security professionals. We’ll help you assess your risks and implement strategies to help you stay safe from BEC scams and other potential risks.

Contact 1st Secure IT today and keep your business safe in an uncertain world.

Continue reading
1163 Hits
0 Comments

The Human Factor In IT Security

It’s amazing, isn’t it?

You check your spam filter, and before you clear it you find among the junk an email claiming to be from the US Marine Corps, a UN ambassador, or that classic Nigerian Prince.

I’ve even gotten one claiming to have been sent from Melania Trump herself, telling me that I have $20 million from a west African bank sitting on her desk at the White House.

Nonsense right? Nobody in their right mind would fall for something this ridiculous, right?

Maybe not.

After all, these emails are still going around, more than 20 years after it became commonplace to have an email address. And if nobody fell for them, you’d assume people would stop sending them out.

And yet, they still exist.

Email auto-senders are cheap and easy to come by, and it only takes one sucker to fall for it. But this outlines one of the most important issues in IT security, or security in general: the human factor.

You can run all the risk analyses and penetration tests you like, but the human factor can still leave you vulnerable to security breaches if you aren’t careful.

What Is The Human Factor?

Think of it this way. You’re the manager of your local bank branch. As your shift wraps up for the day, you close down the bank, shut down the computers and get in your car to go home and enjoy the evening with your family.

You come in to work the next morning and find the place has been ransacked, the vault emptied, and anything of value hauled out the door.

Why didn’t anyone tell you? Turns out, you forgot to lock the front door and turn on the security system.

Does this mean the bank isn’t secure? No, far from it. It has some of the latest top of the line security and theft deterrent systems installed. You just made an unfortunate and costly mistake.

IT security is like that too.

We have this image of a hacker being someone in a balaclava sitting behind a computer screen and tearing through line after line of code, trying to find a security vulnerability so they can break into a system and steal whatever is worth stealing.

And while these people and situations do exist (minus the balaclava, maybe), the truth is it’s generally not the systems itself that are the problem.

It’s the people using them.

After all, why spend your time learning how to crack a safe when you can just wait until someone misplaces their key?

Most companies don’t want to admit it, but the vast majority of cyber attacks are a direct result of human error. The last time IBM investigated this issue, they discovered that 95 percent of cyber attacks, data breaches, and other IT security issues were a direct result of a human screwing up at some point in the chain.

What Does Human Error Look Like?

One example is clicking on a phishing link from an email. If you aren’t training your staff members on how to recognize a phishing email, especially your older staff members who haven’t grown up in digital environments, you may be exposing your company to security risks.

However, there’s more to it than that.

Neglecting to apply the latest patches to your software or hardware, for example, can leave you vulnerable to known and obvious attack vectors. So can misconfigured network devices or cloud servers.

But one of the most common examples of human error are using a weak combination of username and password.

For example, many companies have a consistent system they use when it comes to giving user names to staff. They may choose the first initial of your first name, and the first four digits of your last name, for example.

You can often tell this from an email correspondence with anyone in the company, since many companies will use their email addresses as their usernames as well. Once an attacker has figured out the username format, they can use the usernames they have and combine them with the most common passwords online.

These include passwords like "password", "12345", "123456789", and "987654321". While it may seem painfully obvious that you should NOT use such easy passwords, not everybody got the memo.

So if your company has an easy to guess username format and no system to ensure your passwords are difficult to crack, you’re leaving yourself vulnerable.

These are some, but by no means all, of the most common examples you can find for why your own staff provided the point of entry for a hacker.

Contact 1st Secure IT

Are you running a growing enterprise and aren’t sure whether you can keep up with your IT needs?

Concerned that your IT security infrastructure isn’t protecting you the way it should?

Contact 1st Secure IT today.

Our team of experienced IT security consultants can help you understand your weaknesses and shore up your defenses to leave you better protected against the bad guys out there.

The IT world can be frightening, but you don’t need to face it alone. Contact 1st Secure IT today.

Continue reading
862 Hits
0 Comments

Why Cyber Security Needs To Be A Key Part Of Your Reputation Management Strategy

Why Cyber Security Needs To Be A Key Part Of Your Reputation Management Strategy | Star ratings
| 1st Secure IT data loss prevention cyber and IT security services risk management protection firm

Every business wants to have a good reputation.

From awards by the Better Business Bureau to accolades from peer and industry groups, high-quality testimonials to a focus on high quality service, businessees spend millions of dollars each year letting you know they have a great reputation.

But one thing that’s consistently forgotten when it comes to a solid reputation is mitigating cyber security risks.

And it’s understandable. After all, when you think “poor reputation”, cyber security isn’t the first thing that comes to mind. But cyber security can have a big impact.

A Data Breach Leaves Your Brand Vulnerable

According to a 2015 report from Forbes and IBM, 46% of businesses have suffered a hit to their reputation as a result of a data breach. Shocking numbers, I know.

What this means is that a company is almost equally likely to experience a reputation hit from a data breach than not. Why is this such a significant reputation hit?

All sorts of sensitive data can be lost in a data breach, including credit card information, client secrets, login and password info, and more. And when your company suffers a data breach, it’s seen as a warning sign that you shouldn’t do business with them.

Rationally, this doesn’t make a whole lot of sense. If 46% of businesses have suffered a hit to their reputation as a result of a data breach, it stands to reason that at least 46% of businesses have suffered from some sort of data breach in general.

But in the world of social media, where we more frequently see headlines than actually read articles, a data breach can give your company a bad reputation.

A Data Breach Can Kill Your Company Value

On September 7th, 2017, Equifax announced their now infamous data breach. Their stock closed at $142.72 that day.

On the following day, it had plummetted to $123.23, and a week later it reached $92.98, a nearly 35% drop. While it has recovered somewhat, it has yet to return to those early September highs.

Chipotle Mexican Grill announced they had suffered a data breach back in May of 2017, and their shares are trading at a low not seen in five years.

What’s pretty clear here is the fact that your company’s stock value can be impacted by a data breach. It won’t necessarily cause an issue (Sonic Drive-In’s stock seemed to weather the storm well) but it partially depends on the severity of the breach.

So what’s a company to do?

If you’re concerned about the consequences a data breach can have on your reputation, well, good. You should be. Here’s what you can do to mitigate such a disaster.

1. Have a data breach strategy

Assume for a moment that a data breach is inevitable with your business. How are you going to react?

Will you sit on the news for weeks or even months at a time while your customers’ sensitive personal information is at risk? Will you fumble in media interviews?

If you don’t have a strategy ready, you will. But this is the worst possible thing you can do.

Back in January, we wrote an article on how executives should respond to a data breach. Its advice is as true today as it was then. Read it here, and find out some of the big mistakes other companies have made when it comes to IT security, and how you can learn from them.

2. Take Your Cyber Security Seriously

Have you had an IT security team examine your digital infrastructure? Do you know about all the potential gaps ­in your security?

If not, it pays to have a team of experienced cyber security professionals to consult with on these matters.

From ensuring you’re up to date with the latest in compliance, whether PCI DSS, EI3PA, or SSAE 16, to analyzing your business for risk and fraud, to performing a penetration test to see whether there are any gaps in your security a hacker could use to steal your data or disrupt your systems, an IT security company can make a big difference.

Your IT security company can help you implement a better cyber security strategy, prepare for any future security breaches, and seal the gaps so you’re less likely to experience a breach in the first place.

Contact 1st Secure IT

If you’re interested in maintaining the reputation of your company, cyber security needs to be a critical part of your strategy.

1st Secure IT can help.

Call us today, and speak with one of our helpful and experienced IT security professionals. You’ll get a chance to explain your concerns, get your questions answered, and from there we can build you a strategy that will protect your reputation, protect your data, and keep your business running smoothly.

Contact 1st Secure IT today.

Continue reading
903 Hits
0 Comments

The Problem With Cloud Storage

The Problem With Cloud Storage 
| 1st Secure IT data loss prevention cyber and IT security services risk management protection firm

Once upon a time, just about all the data generated by, or inputted into, the world's computers was done so by way of punch cards. If you wanted to back up your data, you had to make physical copies of each punch card, then store it in a separate location in case of fire.

Thank God we're not at that point anymore. Most of the staff at our IT security company have been in the industry for decades now, so we all remember the dark ages of relying on older technology to store data. Not quite as far back as punch cards, but far enough.

From floppy disks to magnetic tape, hard disk drives to today's high-performance solid state drives, we’ve come a long way in developing new storage solutions. But these days, cloud storage seems to be the most popular option for backing up data. What is cloud storage? And are there any problems with it? Keep reading to find out.

What Is Cloud Storage?

Cloud storage isn’t so much a new innovation in storage technology as it is a model of computing. When uploading data to the cloud, what you’re essentially doing is uploading it to remote servers which you can access via the internet. It’s maintained by a third party cloud storage company.

It works by providing the user (you) with a virtualized data centre, so you can see and interact with all of your information in one place. Most cloud storage systems also have a built in function that allows your files to be automatically backed up on a regular basis, which takes the guesswork out of backing up your systems.

But cloud storage isn’t the be-all, end-all of backing up your data.

Your Data Is On Someone Else’s Machine

A common meme in the world of IT is that “there is no cloud. It’s just someone else’s computer.”

This is true in the broadest sense of the word, but it’s more complicated than just tossing your data onto a random person’s hard drive like this meme makes it seem.

Just because your data is on someone else’s machine, this doesn’t mean cloud storage is inherently unsafe. However, because your data is on someone else’s machine, there are risks. Here are some of them.

1. You’re sharing your service with others

If you’re using a cloud storage solution, it goes without saying that you aren’t their only customer. Amazon Web Services, one of the biggest cloud storage and cloud computing solutions in the world, claims to have over a million users.

Most cloud data centres have security measures in place to prevent any cross-contamination. But what happens if they don’t? You can be as vigilant as you like, but what happens if someone uploads some sort of ransomware or malware to the cloud? Could you be affected?

It may sound unlikely, but well-known IT security researcher and author Brian Krebs wrote about just such a scenario.

2. Your jurisdiction’s laws may not apply

Your cloud storage company’s servers aren’t necessarily going to be in the same jurisdiction you are.

In a way, this is a good thing. If you live in a place where natural disasters are a risk, for example, like hurricane-prone Florida, earthquake- and wildfire-prone California, or one of the states in Tornado Alley, it’s a good idea to store your data in another area After all, if a hurricane wipes out your computers AND your cloud storage company’s data centre, there isn’t much of a point in having cloud storage in the first place, is there?

That said, when you work with cloud storage companies in other countries, the rights and responsibilities you’ve come to understand in your home jurisdiction may not apply.

In some jurisdictions, you may actually be giving up your rights to your data entirely. In other cases, you may upload content that’s perfectly legal and lawful in your home jurisdiction, but breaks the law in another. So it pays to understand the country out of which your cloud storage is based and their laws when it comes to privacy, data protection, and intellectual property.

3. It can lull you into a false sense of security

It’s simple to use a cloud storage solution to back up your data. Most backup strategies involve some sort of cloud storage solution. After all, it’s convenient, happens automatically, and takes a lot of the headaches out of things.

That said, it’s not the only option you should consider.

Here at 1st Secure IT, we’re big fans of the 3-2-1 backup rule. We’ve written an article on it in the past, which you can feel free to check out. But the gist of it is as follows:

Have at least 3 different copies of your data, 2 of which are stored locally (but on different media), and at least 1 copy off-site.

Your off-site backup could be your cloud storage solution, but what happens if they have an outage? Whether they experience a bug, a natural disaster, a physical breach of security, or any number of other issues, it doesn’t matter.

Relying solely on one source of backup for your data is foolish.

See, one of the problems is that your files are backed up automatically. So if you happen to acquire some sort of malware that renders your data unreadable, or ransomware that blocks access to your data, your cloud storage will diligently upload it to its server without a second thought. And just like that, your data is entirely compromised.

So if you’re going to use a cloud storage solution, be sure you have more than just that as a backup for your files.

Contact 1st Secure IT

Are you uncertain about your current backup strategy? Not sure how strong your IT security is against all the potential threats out there?

No problem. Contact 1st Secure IT today.You’ll get a chance to speak with one of our experienced IT security specialists about your concerns, and from there we’ll put together a strategy that addresses these issues and meets your needs.

Don’t wait until you’ve already been attacked. Contact 1st Secure IT and enjoy a safer, securer, more reliable IT environment today.

 

Continue reading
Tags:
1064 Hits
0 Comments

Is Your Cloud Storage As Secure As It Should Be?

Data breaches are no fun. Just ask the CEOs of Equifax, Forever 21, Deloitte, or one of the many other big businesses hit with them last year.

At the same time, there’s a lot that can be done to protect your business from data breaches. The most important part is making sure your security is up to snuff.

The world of IT security is constantly changing, which is why it helps to have an experienced team on your side well versed in the latest security updates, penetration testing techniques, and more. But more on that later.

The Problem With Cloud Storage

It’s 2018. Most businesses with a need to store significant amounts of data do so via cloud storage. It’s no longer necessary to have a giant data centre.

But cloud storage comes with its own issues.

As the common saying goes, there is no cloud. It’s just someone else’s computer. This is a massive oversimplification of what cloud storage actually is, but in the strictest sense, it’s true. When your data is stored somewhere else, it can cause security issues.

In the past, we’ve recommended people follow the 3-2-1 backup rule, which ensures that you have an additional backup besides your cloud storage. This can help in case of disastrous data loss, butit doesn’t protect you from security issues in your cloud storage solution itself.

Here are some of the questions you should be asking yourself when deciding whether or not your cloud storage is as secure as it could be.

1. Is my data access limited?

The more people who have access to your systems, the more vulnerable they are. This is why it’s helpful to make sure that different people have access only to what they need.

As an example, imagine a member of your sales team has their login information compromised. This is bad, but it would be a whole lot worse if this person also had access to accounting, HR, marketing, and your website’s administrative bits.

Sometimes a data breach just happens – hackers discover new angles of attack, and industry doesn’t always respond as quickly as it could. And simple human error is more of an issue than most would like to admit. But if you limit the access your staff has to your systems, you can prevent a minor breach from turning into a major one.

2. Am I monitoring the activity happening on my network?

If your company has an office building, you may have security staff to keep an eye on things. At the minimum, you probably have security cameras positioned in key locations to monitor the traffic into and out of your building.

But security cameras are only useful if there’s someone looking at their feed. Otherwise, they act only as a deterrent to amateur thieves.

The same is true with the traffic on your network. By keeping an eye on who’s accessing what, and ensuring your cloud storage solution has an automated cloud monitoring system set up, you can be more proactive in stopping any security intrusions before they start, or cut them off before they’ve had a chance to do too much damage.

This may be a slight hassle for your regular users who do something a little out of the norm, but it’s a small price to may to keep your company’s data safe.

3. Is my security suite up to snuff?

The aforementioned automated cloud monitoring systems notwithstanding, there are lots of other security measures your cloud storage should be taking to protect your data.

This includes the basics like requiring 2-factor authentication on your systems and secure passwords to regularly auditing the devices connected to your systems, monitoring software patches, and actively scanning for viruses and malware, and more.

Some of these are your responsibility, and others are up to the service you choose to use. To get a better understanding of how seriously your potential cloud storage solution takes your security and privacy, take some time to read the terms of service agreement.

4. How often does my cloud storage system update itself?

Frequent updates can be a bit of an annoyance in day-to-day life. If your service has to update itself every other time you use it, that can cut several minutes of productivity out of your day. But it’s actually a good sign.

The more often your software is updated, the securer it will be. After all, you’re protected from all the known security risks the company who built your software knows about up until the last update. And if that update was three months ago, you’re more vulnerable than if your last update was yesterday.

The same goes for your cloud storage. Try choosing an option with a frequently updated platform. Most of the big ones do this, but smaller solutions may not.

5. Has my service been penetration tested?

A penetration test is when you hire a team of ethical hackers to find a gap in your IT security.

It’s kind of like a bank owner hiring a team of bank robbers to try and break into their safe.

Once you’ve hired a penetration testing team, they’ll attack your system from every known angle to see how they can compromise your data. And once that’s complete, they’ll deliver you a report outlining where your gaps are and how you can improve them.

When choosing a cloud storage solution, it pays to make sure the service has been thoroughly penetration tested. But it’s also a good idea to perform a penetration test on your own system once it has been installed.

After all, different software combinations can sometimes cause unexpected security vulnerabilities.

Contact a proven penetration testing team to find out how secure your systems are and what you can do to improve them.

Contact 1st Secure IT

Are you considering a new cloud storage solution? Or are you unsure how secure your current systems are?

1st Secure IT can help.

Contact 1st Secure IT to book an appointment with one of our penetration testing specialists. From there, we’ll help you discover how you can make sure your cloud storage, or any other systems you have, are as secure as possible.

Don’t get caught off guard. In today’s digital landscape, it’s more important than ever to be secure online. Contact 1st Secure IT, and take your first steps toward a safer, stronger, securer business today.

Continue reading
832 Hits
0 Comments

How Bitcoin Is Changing The World Of IT Security

 How Bitcoin Is Changing The World Of IT Security | Bitcoin coin
| 1st Secure IT data loss prevention cyber and IT security services risk management protection firm

Unless you’ve been living under a rock for the last decade, you must have heard of Bitcoin. It’s arguably one of the biggest, most important innovations in the entire history of financial technology (fintech).

Bitcoin itself has many uses, both as a currency and a means to store wealth. But what’s perhaps the most interesting part about Bitcoin is the technology upon which it’s built, which is called blockchain.

What is blockchain? And what does this have to do with IT security? Read on to find out.

What Is Blockchain?

Before we understand what blockchain technology means, we need to understand what it is.

A blockchain is, essentially, a public database and ledger of every transaction that ever takes place on its network. In the case of Bitcoin, that means everything that happens is publicly available. You can take a look at Bitcoin’s blockchain using a block explorer like blockchain.info and find all manner of transactions big and small.

But while this data is available to everyone, what is not available is anything identifying the parties behind transaction. To the outside observer, it just looks like a string of numbers and letters sent 0.36289 bitcoins to another string of numbers and letters.

So why is this important? Each block contains all the transactions completed up to that point online, and once a block is completed, it can’t be altered. This makes blockchain as close to a permanent record of transactions as we can get. This means nobody can go in and alter any records of what happened. It’s all there publicly.

It’s also important because it’s the first time anyone has been able to create a digital asset that isn’t duplicable. Here’s an example:

If I find an MP3 of a song I quite enjoy, I might want to send you a copy so you can hear it too. So I might attach that MP3 to an email and send it off to you so you can download it and listen to it.

Thing is, though, I didn’t send you my MP3. I made a copy of that MP3 and sent you the copy. I still have the original.

With blockchain, you can send a digital asset to someone else without copying it. If I decide to send you one bitcoin, I no longer have that bitcoin myself. It’s yours, and no copies are made. And that’s true with any blockchain project.

For a better understanding of how this technology works, check out this video below:

 

The Difference

Bitcoin is just the first app to be developed on blockchain technology, but it’s by no means the only one. Other projects are being created for all manner of different things.
Because the Bitcoin code is open source, anybody can take it and use it to build their own projects, and many have.

Here are two companies who are using blockchain technology to improve the world of IT security.

REMME Eliminates Passwords

REMME is the brainchild of Ukrainian economist and Bitcoin enthusiast Alex Momot, with a simple but ambitious mission:
“REMME is here to make sure the bad guys can’t hack the autopilot of a self-driving car to cause it to crash into a crowded street; prevent villains from launching a biological attack using just one laptop, and to stop anarchist hackers from compromising presidential election results.”
To accomplish this, they’re focusing on one of the largest gaps in the world of IT security – human error .

The vast majority of cyber attacks are a result of simple logins (usually a firstname/lastname or firstinitial/lastname combination) and weak passwords. Instead, they’re using blockchain technology to provide stronger authentication when logging into a system. But by assigning each device a specific SSL certificate (virtually impossible to forge), which it manages via a blockchain (immutable), REMME’s service makes it incredibly difficult to spoof any password system.

For more information on REMME’s service, visit their website.

 How Bitcoin Is Changing The World Of IT Security | Bitcoin coin
| 1st Secure IT data loss prevention cyber and IT security services risk management protection firm

Blockstack Prevents DDoS Attacks

The DDoS (Distributed Denial-of-Service) attack is one of the most common ways a website can get taken down. The larger a website is, the harder it is to pull off, but even some of the biggest websites out there have suffered from them, including one attack in late 2016 that took down Twitter, Netflix, Amazon, Reddit, Spotify, and a number of other big online businesses.

The idea is to send a tremendous number of junk requests to a website, increasing its traffic higher and higher until it exceeds the server’s capacity to deal with the requests and crashes. It works because of the web’s current DNS (Domain Name System), which converts a domain name which humans can understand (like www.1stsecureit.com) into an IP address machines can read.

Hackers target the centralized part of the DNS database, where most of the data is stored, and can use this to crash website after website.
Blockstack, however, is approaching this problem differently. By providing a fully decentralized DNS framework, they’re significantly reducing the possibility of a DDoS attack. But that’s only a side effect of their goals.

They’re aiming to make the entire web decentralized by removing any third party management of servers, databases, or identification. To find out more about this project, visit their website.

The Future Of IT Security

As the world of IT security continues to change, blockchain technology will no doubt become an essential part of this new landscape.

Here at 1st Secure IT, we’re dedicated to staying at the forefront of the latest innovations in IT security to keep our clients as safe and secure as possible.

To find out how your business can stay secure in the face of a frightening and uncertain digital landscape, contact 1st Secure IT today.

Continue reading
841 Hits
0 Comments

How To Recognize A Phishing Email

One of the most common forms of cyber crime is in the form of the “phishing” email. It’s a clever way for hackers to avoid having to break through a computer’s security systems and spoof you into giving away the keys to the castle.

One common form of phishing is to get you to click on a bogus link designed to look like a legitimate service. From there, you input all of your personal information, which the web page saves and dutifully forwards to its owner. They now have the information they need to get into your email account, your bank, or whatever else it is they need to get access to.

From a corporate perspective, a hacker could easily duplicate the login page to one of your internal portals and seize control of user information, which they could then use to upload ransomware or all manner of malicious code, or extract valuable data for sale on the dark web.

Either way, it helps to be able to recognize the signs of a phishing email and thwart these attacks before they start. Here are a few of the most common signs you’ve received a phishing email.

1. It Ends Up In Your Spam Box

Most email servers have become steadily more sophisticated when it comes to detecting phishing emails, and are able to label them as such.

In June 2017, Google announced in its company blog that it has been beefing up its spam detection on its Gmail servers, and boasted that it can now detect 99.9% of spam messages.

So if you use Gmail, either on its own or to manage your other email addresses, you can bet that any email from an unfamiliar address that ends up in your spam box asking you to click on a link can be safely ignored.

2. It Has Spelling Or Grammar Errors

A strange tradition in phishing emails is the prevalence of spelling errors or sentences that seem to be almost nonsense grammatically. There are a few reasons for this.

First of all, phishing emails are often written by people whose first language is something other than English, and as a result their grasp of the nuances of English idioms isn’t as strong as a native speaker.

But there’s also a second, possibly more cunning possibility behind this.

If they manage to get someone on the hook with a poorly written email, they know they’ve gotten someone particularly gullible.

Sending emails is the easy part – you can find auto-emailers which will scour the internet for email addresses and pepper the web with whatever you like. The trick is to get someone to actually click the link in your email and give you their information. But while you might be able to fool someone with a flashy looking email, as soon as someone realizes they’ve clicked on a bogus link they’ll either leave the page altogether or input false information.

Parsing through the false stuff is time consuming to a scammer, and in the case of organizations that have more security than others – like sending an alert after three failed login attempts, for example – it can alert the account owner that they’ve been phished and draw unwanted attention to the scammers. So if they can be sure they’ve got a gullible shmuck on the hook, they limit their own risk as well.

Either way, if you receive a strange email full of spelling errors, run the other way.

3. They Have A Bogus Link

We’ve demonstrated this one before, but it bears repeating.

Let’s say I want to trick you into visiting a website. I want to send you to Yahoo, for example, but I want you to think I’m sending you to Bing. There’s an easy way to do this.

Ready?

http://www.bing.com

Does that look like a link to Google? Sure, but click on it and you’ll find yourself at Yahoo’s search. This is a simple piece of code which anyone with even the slightest bit of HTML knowledge can do.

Phishing emails will do something similar, except that they will send you to a bogus website they built.

Imagine you banked with JP Morgan Chase, for example. If I created a webpage that mimicked the layout of JP Morgan Chase’s banking login page and made a link to it that looked like the link above, I could in theory convince you to drop in your bank card and password into that page. From there, I could take that information, log into your account and clean you out.

This works for any web-based service. But there’s an easy way to protect yourself against it.

If you’re suspicious of a link, right click on it and click “copy link address”. Then paste it into a Notepad document or something similar (NOT in your browser). If the pasted link doesn’t look anything like the site to which it claims it wants to send you, it’s bogus.

4. They Come From A Weird Email Address

Often, phishing scams claim to be coming from a larger corporation – one you’ve heard of before, like a big bank or a tech company.

These corporate entities all have their own web presences – sometimes several – and will only send emails through their own approved channels. So if you see an email claiming to be from a corporation, check the email address. If it doesn’t match up, you’re likely dealing with a phishing scam.

Phishing scams often come from domains ending in .ru (a Russian national registrar) and .co.jp (a Japanese national registrar). So unless you’ve been doing business in Russia or Japan, you should be suspicious of any emails coming from these domains – especially if they’re claiming to be a North American company.

5. They Have A Sense Of Urgency

URGENT ACTION REQUIRED

ACCOUNT DEACTIVATION IMMINENT

YOUR ACCOUNT HAS BEEN COMPROMISED

Headlines like these are designed to provoke an emotional response so we click on the email as quickly as possible without taking the time to think things through.

Now, logically, if your bank account <em>were</em> actually compromised, one would hope your bank would do more than send you one lousy email. But that’s not what we see. We get scared by the prospect of losing access to our bank account and click.

The same thing goes in the other direction as well – this is the classic Nigerian Prince scam. Rather than scaring you with a loss of your bank account, this makes you think about the potential riches you could be getting – but only if you click that link right now!

Either way, if you receive an email like this it’s more than likely a phishing scam. But if you’re worried, you can always call the company’s hotline and find out whether or not the email is legitimate.

Training Your Staff About Phishing

By making sure your staff recognizes a phishing scam when they see it, you can help protect your systems from potential attacks.

To find out how you can protect your business from phishing attacks, contact 1st Secure IT today.

Continue reading
1086 Hits
0 Comments

Cyber Security: Are You At Risk?

The short answer to the question posed in the title of this article is: yes, you are at risk.

The long answer is a bit more complicated.

Think of your data like a big pile of money – say, a hundred thousand dollars.

That’s no tiny sum. If you’re going to keep that kind of cash around, you better keep it secure. That’s where things like strongboxes, safes, and vaults. But even the highest security facility is still vulnerable to robberies, which is why banks are forced to continuously keep up to date with the latest innovations in security. It’s part of the cost of their business.

But no matter what banks do to improve their security, there are still bank robberies on a regular basis. Go to Google News and search for “bank robbery”, and there will probably be at least few results from within the last three days.

The more money there is in a specific location, the more enticing a target it becomes. And the same is true with data theft.

Why Would They Steal My Data?

If you’re a small business owner, you might be wondering why someone would bother stealing your data, or attacking you with a ransomware attack? After all, hackers would be better off targeting a much larger organization with much larger cash reserves. They stand to gain much more.


And that’s true in most cases. If we stick with our bank robbery analogy, you’d probably get a lot more from robbing a Bank of America bank than you would robbing a local credit union.

But here’s where our analogy breaks down. With a bank robbery, you need to physically be at a bank with a gun, a squad of criminals, and a getaway vehicle. With a cyber attack, you don’t need to be in any one place in particular.

If you want to send out a litany of phishing emails, you can hit a million people or more in one fell swoop. And you only need one of them to click your link and input their information to defraud someone out of their life savings, implant some ransomware on a computer system, or steal a swath of user data and credit card information.

This is why it’s a lot more than just big corporations that are at risk of cyber attacks.

Sure, a hacker will get more from attacking the systems of a big bank than they would a recent college grad with a boatload of debt and $67 in his account, but in the digital world there’s no either/or. A hacker could hit both in the same day, the same hour, even the exact same moment, and be no worse for wear.

How To Protect Yourself

So what can be done to protect you, the individual, from cyber security threats?

Part of it has to do with basic online literacy. Know how to recognize a phishing email, have an effective antivirus and antimalware strategy, and never give out your credit card information to a source that seems fishy.

Limiting the number of services to which you’ve given your personal information can help protect you from cyber security attacks as well. The next time Yahoo suffers from a hack and loses its users’ personal information, for example, you can only lose your information if you have a Yahoo account in the first place. And the more companies have your information, the more likely it is that they can lose your information.

For those that do have your information, be sure to keep tabs on whether they’ve recently experienced a hack. If they do their due diligence, they’ll inform you, but you can’t always rely on that.

If your information has been stolen, it’s important to know how to react appropriately. If your Tumblr account is compromised, for example, it may not be a major issue, but if you happened to be one of the many people whose social security numbers were leaked in the Equifax breach, you’ll have a larger issue.

In a future article, we’ll talk about what to do if you find your personal information was a part of a hack or has leaked.

Contact 1st Secure IT

If you run a business that retains the personal information of your customers, you can’t afford not to take your cyber security seriously.


Contact 1st Secure IT to find out how you can improve the security of your systems and reduce the risk of cyber attacks.

They say there’s no such thing as bad publicity, but nobody wants to see their company’s name in media headlines right next to “data breach” or “cyber security attack”.

Contact 1st Secure IT to find out how to keep your company’s data safe and secure.

Continue reading
837 Hits
0 Comments

How To Configure Your Backups To Protect From A Ransomware Attack

When it comes to ransomware attacks, few things can thwart it more effectively than an effective backup strategy.

When a ransomware attack hits you, the idea is that it locks your data in a vault, releasing it only after you pay a ransom, usually in Bitcoin. The value of that ransom is that it unlocks your data, but if you have your data effectively backed up in the first place you shouldn’t lose more than the few days it will take for you to reformat your systems and restore your data.

We’ve talked before about how it’s generally not a good idea to pay this ransom, since you’re not only rewarding criminals, the criminals themselves have no real incentive to even release your data once you’ve paid the ransom. After all, what are you going to do about it if they don’t?

But while many think having a data backup plan is their strongest line of defense, there’s more to it than that. And a lot of it has to do with how a backup works.

How A Backup Works

When you use a backup service, it’s often modeled on a system called “changed block tracking.” This divides your data up into storage blocks, which it mirrors on another system. The backup system monitors your storage blocks, and when one is modified, it backs up the equivalent block in your backup.

The problem is that these backups can’t always differentiate between a regular file modification and a malicious attack. So while you rest easy in the knowledge that you’re backing up your important data, your backup system might be taking the ransomware code with it, rendering your backup completely useless.

Yikes.

Now look, it’s good that you have a backup system in place. But this is just the first step. Here are a few tips you can implement in your systems which will help protect you from ransomware attacks.

1. Have An Anti-Malware Strategy

This one may seem like a no-brainer, but it’s important enough that it bears repeating.

Having a strategy to deal with ransomware attacks is great, but it pales in comparison to having a strategy to protect yourself against attacks before they occur in the first place.

To put this in perspective, imagine your home insurance plan. Yes, this will protect you in case someone robs your house, but does your insurance plan allow you to rest easily with no locks on your doors?

First, deter. And if deterrence doesn’t work, mitigate.

Start with an effective anti-malware software suite. This includes an effective antivirus from a trusted company like Norton, McAfee, Avast, or BitDefender. It also includes a spyware scanner like CCleaner or Spybot: Search and Destroy.

These programs are imperfect, however – they can only protect you from the known risks out there, and even some of those can occasionally slip through undetected. However, they will stop the vast majority of ransomware attacks out there.

Part of your anti-malware strategy should also include keeping your systems up to date as much as possible. The WannaCry and NotPetya ransomware attacks took advantage of a Windows exploit known as EternalBlue. Are your Windows systems updated? Great, you’re safe from these attacks. If not, your systems are at risk.

2. Employ the 3-2-1 Backup Rule

We’ve talked in a previous article about why the 3-2-1 backup rule is important. But here’s another reason why.

Above, we mentioned that a clever ransomware attack can sneak its way into your files, effectively rendering your backup useless. But if you have another backup on top of that one, you’re in good shape.

The 3-2-1 backup rule states that you should have three different backups, on two different types of storage media, one of which is stored off-site. When we say different types of storage media, we’re talking about things like cloud storage, optical devices (CD-R, DVD, Blu-Ray, etc), flash memory (SSD, USB keys, etc), and magnetic storage devices (HDD, tape cassettes, and floppy disks).

Many of these may seem antiquated – many laptops don’t even come with CD-ROM drives these days, and you’d need a whopping 711 3.5” floppy disks to store just one gigabyte of data. But when it comes keeping your data safe, having a storage device that’s physically separated from the rest of your machine helps.

The trick is to keep your backup entirely separated from the rest of your system. This could mean using floppy disks, but you certainly don’t have to. Things like external hard drives, flash memory, and optical storage can all be easily separated from your system and kept in a drawer somewhere until you need them.

To make this work, you’ll need to set a time to manually back up your information on your own instead of the automatic updates that come with your cloud storage. This is clearly the least convenient backup option. But when your cloud storage dutifully uploads the ransomware you’ve just been infected with to its servers, you’ll be glad you took the time.

3. Retain Older Versions Of Your Files

When many people back up their files, they do so by deleting the older version of the file and replacing it with the newest one. This makes sense on a surface level – most programs these days will allow you to roll back to an older version of a file if you need to.

But here’s the thing – sometimes an infection takes root in your system but doesn’t take effect right away. In fact, you may back up your files into your cloud storage and your external storage, only to realize later they were infected with ransomware without you realizing.

See, here’s how ransomware often works. Once it shows up on a device – say, one of your employees’ devices – it will start by encrypting the files on that device, and from there it will start encrypting the files on any networked drives or devices. This can take a long time depending on the size of your network.

Now, the ransomware won’t reveal its presence until it has done its job completely. After all, if it did, you could take measures to stop it or reduce its impact. So if the ransomware is rifling through your systems and encrypting things all over the place, taking several hours to do so, and you’re in the midst of backing up your files, you could end up erasing your clean files and replacing them with ones which have already been encrypted.

Nasty business.

The best way to get around this is to retain older versions of your files as well as newer ones, and on different devices too.

Contact 1st Secure IT

Of course, these steps are only the basics in protecting yourself against the ransomware threats of the world.

If you want the world to take your business seriously, you need a robust IT security strategy designed to protect your systems and your customers’ information. 1st Secure IT can help.

Contact 1st Secure IT today for the peace of mind that can only come from knowing your business is protected by the best IT security team in North America.

 

Continue reading
853 Hits
0 Comments

If you need help getting started... Contact Us!