As technology advances, so do cybercriminals. Cyber attacks seem to be occurring more frequently than ever and hurting businesses throughout the world. Furthermore, for many small to enterprise-level businesses, a cybersecurity breach can quickly impact the business’s compliance with significant IT compliance regulations. Even companies with enterprise-level IT support can benefit from easy and necessary IT Security safeguards. Here are 3 easy ways to help safeguard yourself against a cybersecurity breach that takes only 5 minutes each week.
1. Change Your Passwords
Every IT network support progressional will tell you – change your passwords often! This fast and easy fix could save you from a cybersecurity threat. Set time aside to update your passwords on all of your accounts. Experts recommend having different passwords across all your personal network. This ensures that if one is compromised the hacker has access to only one system, not all of them.
Forget the tough passwords; new guidelines recommend keeping it simple. According to the United States National Institution for Standards and Technology (NIST), new password guidelines help you stay protected. NIST suggests, keeping your passwords simple, long, and memorable. Phrases, lowercase letters, and typical English words and objects are suggested when creating passwords. This recommendation had changed from when the organization suggested using unique characters and a mix of lower and uppercase letters.
These new guidelines may seem surprisingly easy, Paul Grassi, senior standards and technology adviser at NIST, who led the new revision of guidelines, says that these new guidelines will help users create longer passwords, which are harder for hackers to break.
Once a cybercriminal has access to your personal credentials they can impersonate you to send personal emails directly to your friends, family, and co-workers. Soon, and IT security breach can lead to imposter postings on your social networks where cybercriminals seek to collect even more sensitive information. This a small business managed network services nightmare. It is also often a socially and professionally embarrassing experience.
Managed IT Services Expert Tip:
A bank will never ask for personal information via email or suspend your account if you do not immediately update your personal information. Most banks and financial institutions usually provide an account number or other personal details within the email. This information is how you can ensure that the email or phone call is coming from a reliable source.
2. Think Before You Click
Many IT network security threats happen by accident. You see an email from an old friend or a significant update from your bank, and you just go ahead and click on the email without thinking. Unfortunately, these emails are socially engineered to look like they came from a trustworthy source, not a cybercriminal. Here are some things to think about before clicking an email.
One of the fastest ways to verify an email is to check all the hyperlinks. Take your mouse and hover over the directed hyperlink in an email. Make sure that the hyperlinks match the URL you land after clicking. Check for spelling errors in the web address. Popular websites are often manipulated but contain spelling errors. For example, if the hyperlink says www.mybank.com, but when you hover over it says wwwmybank.com, do not click it. If you suspect the link may be suspicious, better to not click it.
Is this offer too good to be true?
Most of these cybercriminals will present you with an eye-catching deal to make you think you have won a contest; you have not entered or asking you to claim a prize that is too good to be true. In an instance like this, it is best to remember that if the offer seems too good to be true, it probably is. If you ever have questions, contact the organization directly from a contact page on a trusted website, or your business’s managed IT services team, not the email in question.
Who is sending this email?
Whether you know the sender or not, does the email make sense for you to receive? If not, do not even open it. Simply, delete and move on. Accidentally opening the email can cause IT security issues and potentially make you vulnerable to a cybersecurity threat. If someone you know is asking for money, call or text to verify. When in doubt, always think critically before acting.
3. Install Updates
We all know how annoying it can be when your computer continually reminds you to update your software. That said, an enterprise-level managed network services expert will tell you these updates are essential in protecting you against a cybersecurity threat. Updates give you more than just the latest and greatest features; they make sure you also have the most updated security to protect your IT network. Thousands of new malware variants run every day. Having out of date security software is almost as bad as having none at all.
Is your software up-to-date?
Your un-updated software is vulnerable. According to Sophos, cybercriminals can exploit this vulnerability by writing code explicitly targeting your network’s system. This can infect your computer without you ever taking action. When your computer is compromised, cybercriminals steal data and gain control over your computer and personal information.
Managed IT Services
The 5 minutes each week you devote to strengthening your network will help protect you from any future threats. Small to enterprise-level business owners who are not comfortable with handling their network’s security are good candidates for small business network services or enterprise level managed IT services. Managed IT services allow business owners to focus on their business rather than their system. RJ Young offers free network assessment for businesses. We can help ensure your organization is protected from IT security vulnerabilities.
What is phishing?
Phishing is a common type of email scam designed to trick you into disclosing your personal or financial information for the purpose of financial fraud or identity theft.
Most recently numerous organizations have been victimized by a form of business email compromise. The individual in your organization who typically handles tax information (W2s) for your employees will receive an email from a cyber criminal impersonating the CEO or other executive level employee. The email appears to be from the CEO, and states the following1:
Subject: SALARY REVIEW
Kindly send me the 2015 W-2 (PDF) of our company staff for a quick review
Numerous employees have followed instruction and replied by sending PDF containing sensitive employee information, including names, dates of birth and Social Security numbers. Thinking information was being sent to the company CEO, it was instead sent to the cyber criminal for identity theft. Even if employee information is not listed on your corporate website, cyber criminals are finding information from social media platforms—such as LinkedIn—to spoof email addresses.
Educate your employees against the dangers of phishing emails and cyber crimes because once your information has been compromised, it’s virtually impossible to retrieve.
1 Source: Scott Augenbaum, Special Agent, Federal Bureau of Investigation, Email Notification 3/10/16
James Walker, Regional Director of Managed IT Services
James oversees the Chattanooga, Nashville and Huntsville markets of our managed IT Services department. In his role he manages service delivery and support of engineers in all regions, does security and compliance auditing, and works with businesses in network design, implementation and troubleshooting. He has been in the technology industry for over 24 years. James is originally from Boston, MA and works out of our Chattanooga office. He joined RJ Young in January 2013 through the acquisition of his previous company, Preferred Computers, Inc.