43% of cyber attacks target small businesses. Cyber criminals know that most small businesses can’t afford or don’t allocate resources for the level of protection of larger enterprises. For the criminals, it’s easier to infiltrate tens of thousands of small businesses with less security than to try to breach the sophisticated defenses of the large enterprises.
But despite the limitations, it is vital for small businesses to strengthen their defenses. The Network Team has put together a list of network security tips you may not have thought of that can help small businesses without adding too much to the bottom line.
- Use a separate computer for financial transactions. Email and web browsing are common attack vectors criminals use to compromise your computer through malware and phishing attacks. To help limit the risk of them also gaining access to your financial information, have a separate computer that is used exclusively for financial transactions. Ensure the computer is password-protected, and change the password every three to six months. You could also put the dedicated computer on an isolated Internet connection, separating it from the corporate local network.
- Use two-step verification processes for all organization-connected services. The FBI recommends Two Factor Authentication for security. Two Factor authentication, or 2FA, means using two components to access information online. Yes, it will mean an extra step for employees, but it will add a layer of security at little to no cost to your budget. A criminal will not have access to your second source of identification. It usually includes a password or PIN only the user knows and one of the following:
- A device like fob with a code that changes often
- The end user’s fingerprints
- The user’s location at the time of authentication
- Remind employees often of security measures. End-users are one of the biggest holes in cyber security. Small business owners can help close those holes by educating employees on basic security measures. These can include items like updating passwords often, training on how to spot fake websites and malicious emails, and company policy for reporting potential threats. This training should be a regular part of employee onboarding, with refreshers through company newsletters or at company-wide meetings.
If you’re unsure what network security tips need to be included in that employee training, you should attend The Network Team’s Tech Brews Cyber Security Workshop. The free event March 2, 2017 includes drinks, appetizers, and a discussion on cyber security trends, including practical tips on how to help employees keep your network secure. Click below to learn more and register for the event.
2016 was the year of extortion, as ransomware was king, and a major challenge to cyber security. Use of ransomware code jumped 400% between January and September.
We are already into February, and trends are already being reported by the big-name vendors, like Trend Micro. Ransomware is expected to go up by another 25%. Business Email Compromise (BEC) shall grow. Well planned and targeted attacks ae being launched on devices that IT has the least invested in, like tablets and phones. Adobe and Apple vulnerabilities are being discovered at an increasing rate, and their public announcement is undermining the user community that thinks that Apple products are better than Windows based products. Adobe is publicly reporting more vulnerabilities than Microsoft, putting them in the same place as Apple.
Webcams designed to be a part of a security framework are being hacked. The European Union is requiring companies to hire a data protection organization (DPO) or have one internally, but the end of 2016 showed that less than half of all enterprises had one.
Despite the best efforts of folks like TNT and internal IT departments, businesses haven’t adopted a strategy to meet these threats, head on. Our recommendations remain:
- Advanced anti-malware (beyond blacklisting)
- Antispam and antiphishing at the Web and messaging gateways
- Web reputation
- Breach detection systems
- Application control (whitelisting)
- Content filtering
- Vulnerability shielding
- Mobile app reputation
- Host- and network-based intrusion prevention
- Host-based firewall protection
The criminals are getting more targeted and sophisticated with their tactics. They are using social engineering to impersonate bosses, vendors, and clients in order to trick end users into clicking on malicious links and attachments.
Along with the recommendations mentioned above, security experts across the spectrum say businesses are not doing nearly enough employee training to help increase cyber security.
The Network team is hosting an informal, educational workshop Thursday, March 2, 2017 from 4:30 PM – 6:30PM to discuss cyber security. The event includes free drinks, appetizers and time to network as well as the workshop. Seating is limited to 20 participants. Click on the link below to learn more and register.
Post by: Jeff Gaura, President
The Department of Homeland Security says Cyber crime is the biggest threat to the American Economy. Networking Security can help keep your network safe.
A burglar alarm on your building tells you in real time if and when someone is trying to break into your business. And a security officer can help stop the attack while it’s happening, before the thief gets away. But burglary and theft are not the biggest threats to your business.
The Department of Homeland Security claims the greatest threat to the American economy is not the theft of money and property, but cyber crime. It is attackers with no face, name or even traceable citizenship attacking our digital assets. They take our customer information, employee confidential info, and trade secrets and convert the commodities in a market that we don’t know anything about. We never get to see a face, and we get little to no help from law enforcement in finding and prosecuting them. They attack daily, and we don’t even know they are there on most days.
In this video, TNT president Jeff Gaura explains what networking security you need to protect your data using the example of a planned Walmart Heist.
Find the holes in your network, and engage The Network Team to help close them. Contact us today to learn more.
Networking security advances can protect your data better than ever before, much like security guards protect your physical business.
Anytime you see a security guard outside or inside a building, there is a story in hiding. No “normal” business person wants to commit to a recurring cost of a security service or security employee that he/she KNOWS will not add to the bottom line. Yet, most folks consider it, and many do it.
The hidden story is always tragic. It includes tales of theft, loss and damage, with an attached sidebar conversation that answers the question, “what can we do to prevent this from happening again?” It is a story of reaction that nearly always includes lost money and even sleep.
The Department of Homeland Security outwardly states that the greatest threat to the American economy is cyber crime. It isn’t bad guys breaking in though the fence or back door. It is attackers with no face, name or even traceable citizenship attacking our digital assets. They take our customer information, employee confidential information, and trade secrets and convert the commodities in a market that we don’t know anything about. We never get to see a face, and we get no help from law enforcement in finding and prosecuting them. They attack daily, and we don’t even know they are there, on most days. They grow in numbers and in sophistication hourly, and they are committed to a life of learning from mistakes.
Too bad you don’t know about them. They are inside your buildings, and you have no idea who they are or if they can be stopped without disrupting your business.
The Network Team is hosting a free educational webinar, Networking Security: Kindergarten through PhD, to discuss modern networking security options. It is Wednesday, November 30, 2016 from 2:00PM-3:00PM.
In this webinar, we will use the English language and videos we film to help you understand the security story and what a good response to this threat looks like.
We won’t talk about hardware types, software code or even how any of it works, but we will talk about the details of threat and what you should do to stay out of the rent-a-cop business.
by: Jeff Gaura, President