Posts

Regular cybersecurity training for employees keeps your business safe

Despite businesses’ best efforts to use encrypted networks, firewalls and other cybersecurity measures, cybercriminals hack millions of networks each year, and cyberattacks are still on the rise. The majority of successful cyberattacks on companies originate through emails. Infomax knows that training employees to recognize cybersecurity threats is a necessity.

Not only is it imperative to protect a business’ confidential data and documents, but protecting against cyberthreats also saves a company’s finances. For instance, ransomware — a type of malicious software or malware that denies user access until a ransom is paid — is forecast to cost U.S. companies and organizations about $11.5 billion in 2019, according to Cybersecurity Ventures.

“We can put out lots of safeguards to make the company secure, but it doesn’t matter if employees don’t know what to do,” said Doug Postel, Infomax’s IT director. “In about 80 percent of ransomware cases, it’s not the technology that gets hacked — it’s the person.”

Doug walks us through how to train employees to recognize cyberthreats.

Regular training

Periodic training is key to keeping companies safe from the latest cyberthreats. Cybercriminals are extremely tech savvy, organized and always advancing their tactics. At Infomax, we keep track of trends so our clients don’t have to. We send regular training tips and tests to our iGuard Managed IT services clients so they can keep up to date. Training often includes a video or a timely examination of a recent security breach in the news.

“We look at a breach that’s happened, how to prevent it and what to look out for,” Doug said.  “There are new threats every day. If you’re not in a subscription mode where you’re getting updates to threats constantly, you’re leaving yourself vulnerable.”

Careful downloading

Approximately 92 percent of malware is delivered through email phishing, according to  Verizon’s 2018 Breach Investigations Report. It’s imperative to teach employees about safely receiving and downloading email files. Many companies use filtering systems for emails, but they aren’t 100 percent foolproof, Doug said.

Cisco’s 2018 Annual Cybersecurity Report found that in 2017 hackers most often used Microsoft Office formats — such as Word, PowerPoint and Excel — to hide malware. Other files hackers often used included .zip and .jar files, as well as PDFs. As a general rule, employees shouldn’t download any files from an email that they weren’t expecting to receive.

Caution clicking

About 91 percent of cyberattacks originate through phishing emails, according to research by PhishMe. To test employees, Infomax often sends test emails similar to phishing attempts employees could receive. Phishing emails are often sent from email domains that have one or two letters off from a company’s actual email, or the email address will include “.org” or “.net” instead of instead of the accurate domain.

Emails prompt employees to click a link that will take them to an unsecured website or download malware. Some links will mirror accurate website employees frequently visit. The imposter sites prompt employees to sign into their accounts, allowing hackers to gain secure passwords.

Similar to downloading documents, employees should only click on links they were expecting to receive and that they thoroughly inspect, checking email domains and links against past emails they have received. A telltale sign of phishing attempts is that they often try to send recipients into a panic by including an urgent warning. Additionally, it’s always safer to navigate to a website you have previously visited rather than to click on a potentially phony link through an email.

Administrator support

It’s important to have a company culture that reinforces cybersecurity efforts. Business administrators can ask Infomax to train and test employees on cybersecurity efforts. Managers will receive a countback of who has participated in that training.

“If an employee fails a test, it’s a chance for us to reinforce that the error could have cost the company tens of thousands of dollars,” Doug said. “It’s a great chance to provide further training.”

To tighten up your workplace’s security, contact us today.

“We take the headaches off of the business owner,” Doug said.

Spring cleaning for your networks

Spring cleaning is often associated with cleaning out the sand, salt and other built-up winter soot. However, spring cleaning shouldn’t just be for your home. Most people spend 40 hours a week at work, and even the less physical aspects of an office could use some tender loving care. Consider cleaning up your networks. It’s essential to keeping them secure and running smoothly.

Your networks are the basis on which your business runs. If they aren’t secured, you can lose valuable data to cybercriminals. Our managed IT staff can help you through this process and monitor your security in the future.

Here are a few tips to get started.

Encrypt and secure your wireless network

If you set up your Wi-Fi network years ago, you may be using easily hackable, outdated encryption. The current standard for Wi-Fi protection is Wi-Fi Protected Access 2 — or WPA2. Second, make sure your wireless network has as random of a name as possible, avoiding dictionary words. Seasoned hackers have a list of the top 1000 most common network names with a list of passwords that could likely crack your wireless network. A unique name makes that network more difficult to find. Lastly, create a lengthy password with a mix of letters, symbols and numbers. You’ve likely already been warned about passwords time and again — to much frustration. There’s a reason for that. Get creative and create a password of more than 16 characters for the most protection. Remember, most Wi-Fi devices will store this password, so the aggravation of entering a long, complicated password should be minimized.

File away your old data

Don’t let clutter clog your network and slow it down. File away anything on your network you haven’t touched in the last few months. This is also a great time to organize files into one spot and back them up on a data recovery service. Emails should also be deleted or properly archived. Few things are more overwhelming than a cluttered inbox. While deleting unnecessary correspondence, organize other emails into labeled folders.

Determine space in your bandwidth

As you clean out your network, monitor the space in your bandwidth, which is the amount of data that can be transferred from one point to the next during a given time. As a business grows, it’s possible that its bandwidth may need to as well.

Talk with employees

No matter how secure your network and password are, daily use can still compromise it to cybercriminals. Teach employees about best practices with password creation and teach them how to recognize spam emails and hyperlinks. Additionally, limit access to your company’s critical data to as few people as possible.

Filter network traffic

Give your employees a leg up by filtering the traffic that enters your network. Use pop-up blockers and email filtering services to monitor any suspicious content that could be coming into your network.

Get rid of old devices

Old, unused devices can not only slow down your network, but they can also be a vulnerable access point for cyberthreats. Unplug and properly store or dispose of those unused fax machines, printers, copiers, computers and phones.

Is Your Network Secure?

From sending email to opening a file, connecting to Wi-Fi to browsing the web, critical business data on your network must be protected. There are dozens of opportunities to protect your network from unwanted access, but here we’d like to share some of the simplest and most effective network security strategies. Is your network secure?

● Are passwords robust? Make sure passwords are eight characters in length or more, and include at least one upper- and one lower-case letter, a number, and a special character. Avoid actual words and letter substitutes—hacking software is sophisticated enough to recognize when you use “$” instead of “S”.

● Are passwords changed regularly? The longer a password exists, the more vulnerable it is. Tired of managing dozens of passwords that change all the time? Consider an enterprise password management service application, so you’ll only need to remember one.

● Are all inactive accounts disabled? Every account is a door that can be breached, so don’t delay—each individual account should be disabled as soon as an employee leaves.

● Is your data regularly backed up offsite? Whether in another office or with a cloud-based server, make sure your data is recoverable even if your office is lost to a fire or disaster.

● Does every computer and mobile device have antivirus software installed? Don’t be a sitting duck for spyware, ransomware, viruses, and other malware. Ensure every piece of hardware in your network has active, up-to-date antivirus software installed. Also, don’t wait to update! It is crucial that all of your devices are running the latest version of antivirus software available to ensure the security of your data.

● Do you use WPA2 encryption? Short for “Wi-Fi Protected Access 2,” WPA2 encryption ensures that your Wi-Fi connection is secure. So, don’t leave your virtual front door open. WPA2 authentication is easy to set up and simple to comply with.

● Is your equipment physically secured? Don’t leave your physical doors open, either. Store critical hardware in a locked room with limited accessibility. A data thief doesn’t need to worry about hacking the network if they can walk in and physically remove the device they want to access.

If you answered “No” to any of these questions, you have work to do. Take these few simple steps and get your network secure and your data protected.

How to Keep Your Network Safe

Maintaining the security of your business’s IT network safe isn’t an easy feat. Securing your network is a process requiring time and dedication even for those entrenched in the IT world. Doing it well on top of your everyday tasks can be daunting at best and fatal for your business at worst. Moreover, the sophistication of today’s hackers leaves no one’s system—not even your home computer—safe from threats.

To avoid these ongoing threats, consider the following tips to keep your business network safe.

Use encryption – Data that is encrypted requires a key or password to decode information, making it the most effective way to secure your network. At the very least, ensure that your Internet network has Wi-Fi Protected Access II encryption, the most up-to-date protocol, to eliminate the likelihood of a breach.

Change access passwords – When considering how to keep your network safe, also consider how conspicuous your passwords are. Of course, certain team members—if not all of them—will need to know your accessibility password. However, administrative passwords, where applicable, should be restricted. Also, if you notice too many users on your network and your bandwidth begins to suffer, consider changing your password and reinforcing its confidentiality to employees with whom it is shared.

Scan your system regularly – The point of malware and spyware is for it to remain undetected on your network in order to do as much damage to your system as possible. So, unless you take the time to regularly look for these programs, you won’t be able to detect their presence. Scanning your system will unveil viruses and spyware on your network, while scanning the ports will inform you of any accessibility issues. It’s recommended to scan your network on a daily basis to ensure security. This is ideal for outsourcing, since a trusted IT partner—like Infomax—will ensure this gets done regularly, whereas in-house staff might push system checks to deal with pressing issues.

Choose a smart SSID – Simply put, the Service Set Identifier (SSID) is the name of your Wi-Fi connection. Remember that this name will appear on a list that is available to anyone attempting to find a Wi-Fi network to join within a certain physical distance of your company. Naming your network after your company in any way provides an easy way for hackers to identify your network. A simple name like Wireless1 or WIFI1 strips your SSID of any company-related identifiers, adding an easy layer of security to your network.

If you’re feeling overwhelmed by the weight of keeping your network safe or you’d like more information on protecting your IT systems, contact Infomax today!

How to Keep IT Costs Down and Security High

Everyone wants a safe and secure IT network. However, everyone also wants to make sure they are not spending an arm and a leg on unnecessary steps or convoluted security measures. Keeping your IT network secure should not break the bank. In fact, keeping your IT costs down and your security high does not have to be difficult at all. With a few tips and a little diligence, you can keep your IT network safe and your costs down.

Here are some tips on how to save cash and secure your IT systems:

  • The basic three. It is paramount, when securing your IT network, that you keep a close eye on the three basic types of IT security. First of all, there must be a proper system for backups. Backups are an essential part of any IT security setup. Secondly, there is maintenance. Ongoing security includes things like firewalls and spam filters, and will catch problems before they manifest, ultimately helping your bottom line and saving your from massive headaches. Finally, be sure you have a proper recovery system in place. Disaster can’t always be prevented, and in those instances, a good recovery system is essential. Focus on these three areas of IT first, and then add on as your budget allows and as your business grows.
  • Getting everyone involved. It’s important to remember that you alone cannot handle your company’s IT network. The security put in place is only as efficient as those maintaining it. Educate your employees on just how to handle the security of the business. Turning off computers at night, avoiding potentially harmful emails, and other basic steps will ensure everyone in your company is doing their best to keep information safe.
  • Get a partner. Finding a reliable partner for IT security is one of the most beneficial steps you can take for your business. Rather than going at it blindly, hire a group of experts who understand the intricacies of IT management. This way, you and your partner can work together to customize plans for your business.

To learn more about IT security and how it can be affordable for your business, contact Infomax today.