Five ways to secure your business
When it comes to computers and other similar systems, many business owners know they have to think seriously about security. However, they often lack the time or funds to actually take the necessary steps to ensure their systems are as secure as they should be. The fact is that security can be as costly or as affordable as you make it out to be. There are certainly numerous security related steps you can implement that won’t cost a fortune.
Here are five low-cost things you can do to ensure that your business is secure.
1. Communication is key
Many companies take adequate steps to ensure that their systems are adequately protected. The thing is, many security breaches come from within the company. If your employees keep passwords written on pieces of paper that they leave lying around their desks, this is a security issue. It is a good idea to agree with employees where to keep important information and ensure they follow these rules.
Beyond that, if you implement security changes or new systems e.g., new virus scanning software, it is important that you talk to your staff to ensure they know how the system works and how they can use it. You would be surprised at how much effective communication can help to minimize security issues, and best of all? It’s free!
2. Educate your staff
One of the more common security issues comes from spam and malware found in emails. It is a good idea to educate your staff on how to spot these different types of emails and other malicious websites, as well as how to avoid them.
It is worthwhile ensuring that your employees know their roles when it comes to security too. If you have a secretary who you believe is responsible for ensuring the office is locked at the end of the night, take steps to ensure that this person understands their responsibilities. The same goes for computers your staff use: If they are responsible for conducting security scans let them know this. While this may take some time, the cost is low to free.
3. Keep track of your keys
To ensure the security of your IT systems and your physical office, you should keep control of your keys. That is, both the physical keys and those associated with your software (the codes you enter to verify software and unlock full versions).
Keep track of which staff members have a key to the office and if possible number them. The goal here is to know where your keys are at any given time, and if a staff member changes employers make sure you ask for them back.
Many software keys or licenses are single use only. If you invest in software and an employees steals this along with the key, you will likely have to purchase the software again. A good tip is to keep software keys secure and separate from the software itself. The best part about this step is that the cost of doing this is minimal.
4. Keep your software updated
Hackers can be a lazy bunch. They will often target those with out of date software, because it’s usually easier to hack. To reduce the chance of being hacked, you should take steps to ensure that your software is up-to-date. This includes your virus and malware scanners, as well as browsers and even software you don’t use.
Get your staff to perform a ‘software audit’ on their computers on a regular basis. This means going through their computer and properly uninstalling software that they don’t use, while also taking time to ensure their system is completely updated. This step is easy to implement and will cost you next to nothing.
5. Keep important systems off site
Many small to medium businesses keep their servers on site. While this is convenient as your systems are right there and easily accessible, this could also create a security issue. One way to minimize this is to work with an IT partner who can host your systems or servers off site or in the cloud. While this involves some cost, working with an IT partner could save you profits and productivity in the long run, as good providers will ensure that your systems are secure and working properly.
If you are looking to make your systems more secure, please contact us today. We may have a solution that will work for your business.
Published with permission from TechAdvisory.org. Source.
4 types of password management systems
The Internet has undoubtedly made our lives easier, and some would even say better. It is a bit of a double edged sword however, as we have seen an increase in the number of security breaches and hacks exposing our information. One way to minimize data being exposed or stolen is to use different passwords for every site. While this is advisable and fine in theory, it can be a pain to actually keep track of all of your different passwords in reality. That’s where a password management system can help. The next decision is what type of password management system you should use.
Below is a brief overview of the four types of password management system you can use.
1. Cloud or Internet-based
These systems are usually cloud based and accessed through an app or browser plugin. Apps ordinarily store your passwords, or generate one to use, and will automatically apply this when you visit a site that requires a password. These systems are great for breaking the one password habit, However, because they store all of your passwords in one place, they could become a target for hackers.
2. Cloud or Internet-based with two-factor authentication
The next step up from the cloud-based password management system is one that supports two-factor authentication. Your passwords are still stored in the cloud, but you will need to provide another piece of information before you can access sites.
The interesting thing is that many of the cloud based password systems actually offer this in their premium offerings. So, not only do you get better password protection, but it’s with the same system meaning you likely won’t have to switch.
The cloud based systems are a good idea if you use more than one system on a regular basis and if you work from outside of the office.
3. Computer-based
Computer-based password management systems are similar to the cloud versions, only the passwords are stored on your computer, and accessed using a master password. Because many hackers usually don’t go after individual hard drives – they have to get through your network and then find the program and try to break the password – the chances of your passwords being exposed are minimized.
The only problem with systems like these is that you normally have to log in for the service to work. If you forget to log out and someone walks by, they will be able to access everything. However, for the manager who wants a secure system, this is a better option than the cloud based versions.
4. USB-based
There are a number of USB devices that have a smart card in them that can store passwords. When you plug in the USB to your computer, the software on the USB can input the stored passwords when needed. These devices are typically more expensive, with some costing as much as USD$100, but they offer the highest amount of security as your passwords are kept with you.
The main downside to these devices is that they aren’t the biggest and are usually about the size of a standard USB stick. This means that they are easier to lose, making getting your passwords back even tougher.
If you are looking for a better way to keep track of your passwords, please contact us today to see how we can help.
Published with permission from TechAdvisory.org. Source.
50 million LivingSocial accounts hacked
5 ways to insecure passwords
Email fraud – 5 tips to help you spot it
Business owners and managers have many concerns they must address on a regular basis, or at least be aware of. Some of security concerns revolve around fraud, more specifically email fraud. While this isn’t a new concept, email fraud and scam occurrences are on the rise, and it is vital to know how to spot them.
Here’s five tips to help you spot email frauds or scams.
Look at the email address
One of the easiest ways to spot a fraudulent email or scam is by looking at the email address of the sender. Many credit card application scams use third party email services like Gmail or Yahoo. Some scammers go so far as to set up accounts in the name of the company e.g., AMEX_121@gmail.com.
Sophisticated scammers will actually try to copy the legitimate company’s email account – a practice called spoofing. They will usually have a few changes like a missing letter from the address, or an extra . added.
The easiest thing you can do is look for the sender’s site on the Internet. For example: You get an email from AMEX OPEN (American Express’s small business credit card) and notice that the sender’s email address just doesn’t look right. Go to Google and search for amex fraud. You’ll likely find the fraud page which tells you exactly how the company sends emails. If the sender is a smaller company, most of these will have email contact addresses right on the site, take a look and compare the two. If they are different, the email is likely a scam.
Look at the sender’s website
If you think an email is fraudulent, try looking up the website associated with the sender. Should you be unable to find the site, it’s likely a scam.
If you find a website, click through some pages to see if there is anything that looks out of place. For example a website selling a new financial service has pages with Coming Soon or you get errors when you try to load the page. If it looks fishy, it likely is – delete the email.
It would also be a good idea to go to archive.org’s Wayback Machine, copy and paste the website’s URL into the The Wayback Machine Search bar and hit Take me back. This will bring up previous versions of the website. If you see that the site in question was something completely different a few months to a year ago (e.g., it is a financial services page now, but six months ago it was a page selling prescription drugs), chances are high it’s a fraud.
Call them
Many scammers will put phone numbers into emails to make them look more legitimate. If you are unsure about whether this email is legitimate or not, why not try calling the number? Many scammers run more than one fraud operating at the same time and may answer the phone with another name, or not at all.
Similarly, if you call a local number of a supposedly small business and get routed directly to voicemail, it’s likely fraud.
Look carefully at the body of the message
The body of the email can also be a great way to suss out email scammers and potential fraud. Because many fraudulent emails originate outside of the major English speaking countries, there will often be language that just sounds different from the way people write in your area. One great example of this would be a line like ‘We wish to sell you a great product.’
You should also look for spelling errors, grammar mistakes or inconsistencies. While some fraudulent emails will have minor spelling inconsistencies, others will spell common words wrong. If you see mistakes like ‘our product are a great deals’, this should raise a warning flag.
Spelling and grammar errors are a part of business communication, so don’t expect a perfect email from all companies, especially if you see that the company is located overseas. It’s the emails with mistakes supposedly coming from companies in your area that should really raise alarm.
The sender asks for money or passwords
It’s kind of an unwritten rule that when sending out emails you never ask for a person’s credit card number or account passwords. Banks, large companies and many social networks will never ask you for passwords or account information, credit card numbers, pin codes, etc of any kind over email. If you notice that an email selling something asks for you to reply with a credit card details so you can make a purchase, it’s best to delete the email as it’s likely a fraud.
Email fraud is a big deal, and unfortunately it will likely become even more common in the near future. This means you should be able to spot potentially fraudulent emails. If you think an email is a scam, it’s best to just delete it immediately. Don’t respond or forward it to colleagues or employees. If you need to let people know, write another email that describes the suspected email but has no links. You can also forward a screenshot to your colleagues or friends to illustrate the scam.
Looking for more ways you can protect your company? Contact us today. We can work with you to develop a security system that will meet your needs.
Published with permission from TechAdvisory.org. Source.
5 common virus myths dispelled
It can be argued what the most important invention of the last 100 years has been, but many would agree that the computer has to be among the top. These complex machines helped usher in the information age. Unfortunately, they come with a downside: Destructive malware such as viruses have become a major problem for businesses because viruses have been built up to such mythical proportions that many users simply don’t know fact from fiction.
Here are five common myths about viruses that confuse people, and the truths associated with them. Before we delve deeper it would be a good idea to explain what a virus is.
A virus is a computer program that infects a computer and can generally copy itself and infect other computers. Most viruses aim to cause havoc by either deleting important files or rendering a computer inoperable. Most viruses have to be installed by the user, and usually come hidden as programs, browser plugins, etc.
You may hear the term malware used interchangeably with virus. Malware is short for malicious software and is more of an umbrella term that covers any software that aims to cause harm. A virus is simply a type of malware.
Myth 1: Error messages = virus
A common thought many have when their computer shows an error message is that they must have a virus. In truth, bugs in the software, a faulty hard drive, memory or even issues with your virus scanner are more likely the cause. The same goes with if your computer crashes, it likely could be because of something other than a virus.
When you do see error messages, or your computer crashes while trying to run a program or open a file, you should scan for viruses, just to rule it out.
Myth 2: Computers can infect themselves
It’s not uncommon to have clients bring their computers to a techie exclaiming that a virus has magically appeared on the system all by itself. Despite what some may believe, viruses cannot infect computers by themselves. Users have to physically open an infected program, or visit a site that hosts the virus and download it.
To minimize the chance of being infected you should steer clear of any adult oriented sites – they are often loaded with viruses, torrent sites, etc. A good rule of thumb is: If the site has illegal or ‘adult’ content, it likely has viruses that can and will infect your system if visited, or files downloaded from there.
Myth 3: Only PCs can get viruses
If you read the news, you likely know that many of the big viruses and malware infect mostly systems running Windows. This has led users to believe that other systems like Apple’s OS X are virus free.
The truth of the matter is: All systems could be infected by a virus, it’s just that the vast majority of them are written to target Windows machines. This is because most computers run Windows. That being said, there is an increasing number of threats to OS X and Linux, as these systems are becoming more popular. If this trend keeps up, we will see an exponential rise in the number of viruses infecting these systems.
Myth 4: If I reinstall Windows and copy all my old files over, I’ll be ok
Some believe that if their system has been infected, they can simply copy their files onto a hard drive, or backup solution, reinstall Windows and then copy their files back and the virus will be gone.
To be honest, wiping your hard drive and reinstalling Windows will normally get rid of any viruses. However, if the virus is in the files you backed up, your computer will be infected when you move the files back and open them. The key here is that if your system is infected, you need to scan the files and remove the virus before you put them back onto your system.
Myth 5: Firewalls protect networks from viruses
Windows comes with a firewall built into the OS, and many users have been somewhat misled as to what it actually does, and that firewalls can protect from viruses. That’s actually a half truth. Firewalls are actually for network traffic, their main job is to keep networks and computers connected to the network secure; they don’t scan for viruses.
Where they could help is if a virus is sending data to a computer outside of your network. In theory, a firewall will pick up this traffic and alert you to it, or stop the flow of data outright. Some of the bigger viruses actually turn off the firewall, rendering your whole network open to malware attacks.
What can I do?
There are many things you can do to minimize the chances of infection. The most important is to install a virus scanner on all of your systems, keep it up to date and run it regularly. But a defensive strategy like this isn’t enough, you need to be proactive by:
- Not installing programs from sources you don’t know or trust
- Being weary of any program that asks you for your password
- Not installing any browser add-ons or plugins suggested by websites. Instead, download them from the browser’s app store, or the developer’s website.
If you are worried about the security of your systems and network, call us today. Our team of security experts can work with you to provide a plan that will meet your needs.
Published with permission from TechAdvisory.org. Source.