Posts

Regular cybersecurity training for employees keeps your business safe

Despite businesses’ best efforts to use encrypted networks, firewalls and other cybersecurity measures, cybercriminals hack millions of networks each year, and cyberattacks are still on the rise. The majority of successful cyberattacks on companies originate through emails. Infomax knows that training employees to recognize cybersecurity threats is a necessity.

Not only is it imperative to protect a business’ confidential data and documents, but protecting against cyberthreats also saves a company’s finances. For instance, ransomware — a type of malicious software or malware that denies user access until a ransom is paid — is forecast to cost U.S. companies and organizations about $11.5 billion in 2019, according to Cybersecurity Ventures.

“We can put out lots of safeguards to make the company secure, but it doesn’t matter if employees don’t know what to do,” said Doug Postel, Infomax’s IT director. “In about 80 percent of ransomware cases, it’s not the technology that gets hacked — it’s the person.”

Doug walks us through how to train employees to recognize cyberthreats.

Regular training

Periodic training is key to keeping companies safe from the latest cyberthreats. Cybercriminals are extremely tech savvy, organized and always advancing their tactics. At Infomax, we keep track of trends so our clients don’t have to. We send regular training tips and tests to our iGuard Managed IT services clients so they can keep up to date. Training often includes a video or a timely examination of a recent security breach in the news.

“We look at a breach that’s happened, how to prevent it and what to look out for,” Doug said.  “There are new threats every day. If you’re not in a subscription mode where you’re getting updates to threats constantly, you’re leaving yourself vulnerable.”

Careful downloading

Approximately 92 percent of malware is delivered through email phishing, according to  Verizon’s 2018 Breach Investigations Report. It’s imperative to teach employees about safely receiving and downloading email files. Many companies use filtering systems for emails, but they aren’t 100 percent foolproof, Doug said.

Cisco’s 2018 Annual Cybersecurity Report found that in 2017 hackers most often used Microsoft Office formats — such as Word, PowerPoint and Excel — to hide malware. Other files hackers often used included .zip and .jar files, as well as PDFs. As a general rule, employees shouldn’t download any files from an email that they weren’t expecting to receive.

Caution clicking

About 91 percent of cyberattacks originate through phishing emails, according to research by PhishMe. To test employees, Infomax often sends test emails similar to phishing attempts employees could receive. Phishing emails are often sent from email domains that have one or two letters off from a company’s actual email, or the email address will include “.org” or “.net” instead of instead of the accurate domain.

Emails prompt employees to click a link that will take them to an unsecured website or download malware. Some links will mirror accurate website employees frequently visit. The imposter sites prompt employees to sign into their accounts, allowing hackers to gain secure passwords.

Similar to downloading documents, employees should only click on links they were expecting to receive and that they thoroughly inspect, checking email domains and links against past emails they have received. A telltale sign of phishing attempts is that they often try to send recipients into a panic by including an urgent warning. Additionally, it’s always safer to navigate to a website you have previously visited rather than to click on a potentially phony link through an email.

Administrator support

It’s important to have a company culture that reinforces cybersecurity efforts. Business administrators can ask Infomax to train and test employees on cybersecurity efforts. Managers will receive a countback of who has participated in that training.

“If an employee fails a test, it’s a chance for us to reinforce that the error could have cost the company tens of thousands of dollars,” Doug said. “It’s a great chance to provide further training.”

To tighten up your workplace’s security, contact us today.

“We take the headaches off of the business owner,” Doug said.

Is Your Network Secure?

From sending email to opening a file, connecting to Wi-Fi to browsing the web, critical business data on your network must be protected. There are dozens of opportunities to protect your network from unwanted access, but here we’d like to share some of the simplest and most effective network security strategies. Is your network secure?

● Are passwords robust? Make sure passwords are eight characters in length or more, and include at least one upper- and one lower-case letter, a number, and a special character. Avoid actual words and letter substitutes—hacking software is sophisticated enough to recognize when you use “$” instead of “S”.

● Are passwords changed regularly? The longer a password exists, the more vulnerable it is. Tired of managing dozens of passwords that change all the time? Consider an enterprise password management service application, so you’ll only need to remember one.

● Are all inactive accounts disabled? Every account is a door that can be breached, so don’t delay—each individual account should be disabled as soon as an employee leaves.

● Is your data regularly backed up offsite? Whether in another office or with a cloud-based server, make sure your data is recoverable even if your office is lost to a fire or disaster.

● Does every computer and mobile device have antivirus software installed? Don’t be a sitting duck for spyware, ransomware, viruses, and other malware. Ensure every piece of hardware in your network has active, up-to-date antivirus software installed. Also, don’t wait to update! It is crucial that all of your devices are running the latest version of antivirus software available to ensure the security of your data.

● Do you use WPA2 encryption? Short for “Wi-Fi Protected Access 2,” WPA2 encryption ensures that your Wi-Fi connection is secure. So, don’t leave your virtual front door open. WPA2 authentication is easy to set up and simple to comply with.

● Is your equipment physically secured? Don’t leave your physical doors open, either. Store critical hardware in a locked room with limited accessibility. A data thief doesn’t need to worry about hacking the network if they can walk in and physically remove the device they want to access.

If you answered “No” to any of these questions, you have work to do. Take these few simple steps and get your network secure and your data protected.

How to Keep Your Network Safe

Maintaining the security of your business’s IT network safe isn’t an easy feat. Securing your network is a process requiring time and dedication even for those entrenched in the IT world. Doing it well on top of your everyday tasks can be daunting at best and fatal for your business at worst. Moreover, the sophistication of today’s hackers leaves no one’s system—not even your home computer—safe from threats.

To avoid these ongoing threats, consider the following tips to keep your business network safe.

Use encryption – Data that is encrypted requires a key or password to decode information, making it the most effective way to secure your network. At the very least, ensure that your Internet network has Wi-Fi Protected Access II encryption, the most up-to-date protocol, to eliminate the likelihood of a breach.

Change access passwords – When considering how to keep your network safe, also consider how conspicuous your passwords are. Of course, certain team members—if not all of them—will need to know your accessibility password. However, administrative passwords, where applicable, should be restricted. Also, if you notice too many users on your network and your bandwidth begins to suffer, consider changing your password and reinforcing its confidentiality to employees with whom it is shared.

Scan your system regularly – The point of malware and spyware is for it to remain undetected on your network in order to do as much damage to your system as possible. So, unless you take the time to regularly look for these programs, you won’t be able to detect their presence. Scanning your system will unveil viruses and spyware on your network, while scanning the ports will inform you of any accessibility issues. It’s recommended to scan your network on a daily basis to ensure security. This is ideal for outsourcing, since a trusted IT partner—like Infomax—will ensure this gets done regularly, whereas in-house staff might push system checks to deal with pressing issues.

Choose a smart SSID – Simply put, the Service Set Identifier (SSID) is the name of your Wi-Fi connection. Remember that this name will appear on a list that is available to anyone attempting to find a Wi-Fi network to join within a certain physical distance of your company. Naming your network after your company in any way provides an easy way for hackers to identify your network. A simple name like Wireless1 or WIFI1 strips your SSID of any company-related identifiers, adding an easy layer of security to your network.

If you’re feeling overwhelmed by the weight of keeping your network safe or you’d like more information on protecting your IT systems, contact Infomax today!

Ensuring Mobile Devices Stay Secure

It’s hard to imagine how to effectively do our jobs without the use of smartphones and tablets. The benefits of incorporating mobile devices in our day-to-day workflows are significant—allowing us to go anywhere in the world, while remaining proactive and productive employees. Bring Your Own Device (BYOD) is a way for employees to access work information via mobile devices, while companies are exempt from paying for the device itself, its maintenance, or any accumulating contractual monthly fees.

While the pros and cons of BYOD are debatable, keeping your company’s data secure is absolutely essential—every business should consider the security of its data a top priority. From internal emails, to client credit card information, and your employees’ social security numbers, there is plenty at risk when it comes to private company data. Setting a company-wide BYOD security strategy to ensure mobile devices stay safe is the first step in protecting your sensitive business data.

Consider implementing the following BYOD strategies to help keep mobile devices that access company files, email, or other data safe.

Remote Locate, Lock, and Wipe – No matter how diligent employees are with their devices, sometimes they are lost. With a remote locate, lock, and wipe system in place, you can find, password-protect, and delete all sensitive business data from an employee’s lost or stolen device from your office. This is a great feature when considering the devices of employees who are terminated or quit.

Device Backup and Updates – End users should be responsible for backing up their device to ensure their personal data is not lost. Doing so also entails processing any current updates or patches to devices, which increases that device’s level of security. So, encourage your employees to regularly backup and update each of their mobile devices used for BYOD

Beef Up Passwords – Ask your team to strengthen each device’s password and privacy settings on their apps to make hacking their devices more difficult. Passwords that are a minimum of ten characters long that use lower and upper case letters, numbers, and punctuation are recommended. Moreover, remember that recognizable words are easily hacked, so encourage employees to use meaningful acronyms as strong passwords.

Consider Outsourced Mobile Device Management – Companies like Infomax work every day to ensure the security of all of their clients’ technology, including across mobile devices. Infomax iGuard is a mobile device management service that provides an easy-to-use, cloud-based solution specifically designed to secure corporate mobile devices. Outsourcing mobile device management removes the onus from your IT staff and ensures that your data is always secure—even when accessed on a smartphone or tablet.

Setting a strategy and ensuring compliance are paramount when it comes to using mobile devices for work purposes. By developing a strategy and implementing it, you can protect your company’s sensitive information, while allowing your employees to be as productive as possible by using their own devices.

Contact Infomax today for more information on keeping your company data secure.

How Safe Is Your Email System?

Everyone thinks they understand email security—don’t open emails from unknown senders, don’t click on suspicious links, don’t open untrustworthy attachments. But email security goes beyond common sense. To protect your business, and your employee and client data, you need to ensure proper email safeguards are in place before your email system s compromised. It’s important to ask the question: “Is your email system really secure?”

Here are several ways you can protect and defend your email system.

  • Consistent email policies. There is strength in unity. Therefore, it is essential that your employees are all on the same page when it comes to email. With just one chink in the armor, your defenses are lowered. Be sure that every employee is on the same page when it comes to email protocol, and then backup your policies with automatic safeguards to ensure compliance.
  • Reliable email filtering. Email filtering is absolutely vital in protecting your company’s sensitive materials. At Infomax, our iGuard core email filtering will recognize and eliminate nearly all viruses, worms, and other intrusions before they present lasting problems.
  • Efficient archiving. If not properly regulated, email archiving can become haphazard and headache inducing. Be sure that your emails are properly archived, so that they are easily retrieved in case of an audit. This will streamline a business process that will benefit your clients, as well as your personnel.
  • Thorough message encryption. Email encryption can help protect your business from prying eyes, both inside and outside your business’ walls. Using specific policy criteria, encrypted messages are sent automatically. This way, your valuable information is kept out of the wrong hands.
  • Dependable disaster recovery. Protecting your inbox from unexpected events is essential. When disaster strikes, be sure there is a reliable recovery system in place. For example, a system that provides auto-spooling of messages will ensure that your email is not thrown to the wolves if something goes wrong.
  • Guaranteed Continuity. When it comes to email, continuity matters. Email management and monitoring ensures that if your system goes down, your email system continues without interruption through a remote, redundant server. This way, your workflows do not come to a grinding stop in the event of an unforeseen problem.

To learn more about how to properly secure your email system, contact Infomax today!

How to Keep IT Costs Down and Security High

Everyone wants a safe and secure IT network. However, everyone also wants to make sure they are not spending an arm and a leg on unnecessary steps or convoluted security measures. Keeping your IT network secure should not break the bank. In fact, keeping your IT costs down and your security high does not have to be difficult at all. With a few tips and a little diligence, you can keep your IT network safe and your costs down.

Here are some tips on how to save cash and secure your IT systems:

  • The basic three. It is paramount, when securing your IT network, that you keep a close eye on the three basic types of IT security. First of all, there must be a proper system for backups. Backups are an essential part of any IT security setup. Secondly, there is maintenance. Ongoing security includes things like firewalls and spam filters, and will catch problems before they manifest, ultimately helping your bottom line and saving your from massive headaches. Finally, be sure you have a proper recovery system in place. Disaster can’t always be prevented, and in those instances, a good recovery system is essential. Focus on these three areas of IT first, and then add on as your budget allows and as your business grows.
  • Getting everyone involved. It’s important to remember that you alone cannot handle your company’s IT network. The security put in place is only as efficient as those maintaining it. Educate your employees on just how to handle the security of the business. Turning off computers at night, avoiding potentially harmful emails, and other basic steps will ensure everyone in your company is doing their best to keep information safe.
  • Get a partner. Finding a reliable partner for IT security is one of the most beneficial steps you can take for your business. Rather than going at it blindly, hire a group of experts who understand the intricacies of IT management. This way, you and your partner can work together to customize plans for your business.

To learn more about IT security and how it can be affordable for your business, contact Infomax today.

What Does Your IT Roadmap Look Like?

An IT roadmap is one of the most important strategic assets a company can have. Essentially, it’s an evaluation of your company’s specific IT needs. Without an IT roadmap, you might as well be driving in the dark with your headlights off. Companies without properly managed IT roadmaps run the risk of data loss, security threats, and all sorts of unfavorable situations.

An IT roadmap will help guide your business toward reaching both your short-term and long-term goals by matching you with specific technology solutions along the way. Here are just a few reasons why having an IT roadmap is essential for your company:

  • Minimizing disruptions. A good IT roadmap will systematically tighten the security and functionality of your systems.
  • Economically sound. No one likes spending time and energy on IT issues. With a properly set up IT roadmap, there will be fewer monetary surprises. You will be able to deal with issues before they arise, so you can mange them quickly and get back to work.
  • Building relationships. Prepare for your service credibility to skyrocket. Your services will continue to improve, as you are not simply moving forward blindly. Rather, you have the guidance of an IT roadmap to get you where you want to go.
  • Adapting fast. In a perfect world, there would be no IT problems. However, in the world we live in, they are inevitable. Fortunately, with an IT roadmap, you can act quicker than ever. When the storm comes, your company will be prepared.
  • Staying current. IT roadmaps are best when developed or updated annually. This is because, as technology continues to improve at lightning speed, so must your roadmap.

Remember, a roadmap should be customized for all areas of your business, and based a strategic evaluation of your company’s needs. Infomax has the ability to build and maintain a reliable and current IT roadmap for your business.

Visit our website, or contact us today to learn more.