Category: IT Security

Creating a competitive advantage should be one of the main concerns you have as a business owner. Utilizing the power of technology is a great way to bring your small business into the 21st century. The longer you insist on using outdated tools and marketing methods for your company, the harder you will find it to grow your customer base. Read on to find out more about the ways technology can benefit your business.

1. A great website helps you create more business

One of the main things you need to bring your business into the 21st century is a website. When done the right way, a website is a visual representation of what your business can offer. Making sure the website you have built is mobile-friendly is important.

Making your business website easy to find is also something you need to focus on. Creating web content and blogs that are filled with relevant keywords is one of the best ways to increase website traffic. With the help of marketing professionals, creating and implementing an effective SEO strategy will be much easier.

2. Social media is powerful

Are you looking for a way to build stronger relationships with existing and prospective customers? If so, utilizing the power of social media is a great idea. A study conducted by the team at Pew Internet Research found that nearly 68 percent of adults in the United States use social media daily. Posting high-value content on your company’s social media pages is a great way to create sales leads.

3. Simplify invoicing

A recent article published by Viewpost states that nearly 18 percent of small businesses in the United States don’t use any type of accounting software. Simplifying the invoicing process and reducing errors is much easier when using software like QuickBooks.

This software allows you to quickly create and track customer invoices. Not only will this program provide you with notifications when customers pay an invoice, it will also send automated reminders to your clients regarding overdue invoices.

4. Increase efficiency with project management software

Does your company have a number of projects going on simultaneously? Keeping up with the progress of each one of these projects is essential to the success of your company. Using project management systems such as Basecamp is a great way to keep the various projects you have on track. These types of programs allow each member of your team to access items such as schedules and client documents with ease.

5. Streamline customer payments

The system you have in place to pay your employees and vendors should be easy to use. If the existing payment system you have in place is cumbersome or outdated, now is the time to make a change. Programs such as QuickBooks make digitizing payments and paperwork simple.

The QuickBooks program allows customers to pay their invoices by credit card or bank transfer. QuickBooks accepts payments 24/7 and provides you with the ability to transfer money to your bank free of charge. This software will automatically match the payments you receive with the corresponding invoices, which saves you a lot of time.

6. Keep customers informed with email newsletters

Providing your customers with routine updates on what your company is doing can help you keep them loyal. One of the best ways to provide this information is via a monthly email newsletter. These types of newsletters will also allow you to market new products and services to an audience that is already interested.

The team at Kenneally Technology Services specializes in helping business owners implement and maintain new technology. Whether you need an information technology security assessment or hosted cloud solutions, Kenneally Technology Services can help you out. Give them a call today to find out more about the services they offer.

The information security threat landscape is constantly evolving, but it’s not getting any less complicated. In 2017, Ponemon Institute research revealed that 1 in 4 businesses in the U.S. suffered a security breach. Threats aren’t equally distributed by business size, 50 percent of small businesses were targeted by hackers and health care organizations were also heavily-targeted by 15 percent of last year’s incidents.

Recent headlines have revealed plenty of scary threats, including ransomware epidemics and the emergence of wiper viruses. While it’s possible 2018 has new super threats in store, it’s likely you’ll face a well-established threat. From social engineering to weak passwords, you may be surprised by today’s most common information security threats.

1. Crimeware-as-a-Service

Some of today’s smartest hackers are selling ready-made crimeware to wanna-be hackers on the dark web by subscription, including malware-as-a-service and ransomware-as-a-service. Last year, 51 percent of security breaches involved malware, which can now be purchased through illegal channels for just several hundred dollars each month. Criminals are getting bolder–one pre-packaged threat called “Philadelphia” was recently advertised openly on YouTube.

2. IoT Vulnerabilities

Experts predict one of the worst trends in 2018 will be security vulnerabilities caused by connected internet of things (IoT) devices. InfoSecurity Magazine’s Tara Seals attributes this to the fact too many “devices are manufactured without security regulations or industry standards.”

If your business isn’t powered by high-tech sensor or beacons, you’re not necessarily in the clear. IoT devices include office technology. Like IP phones, printers, and routers–all of which could represent possible modes of entry into your company’s network. In one survey, 63 percent of companies admitted to a printer-related security breach.

3. New Compliance Requirements

If your company collects data on European Union Citizens, you’ll need to prepare to comply with the General Data Protection Regulation (GDPR) by May or face fines of €20 million–that’s approximately $24.3 million. Many companies will need to adjust processes and systems to meet requirements from the GDPR, PCI, HIPAA, or other legislation.

While compliance isn’t a threat, it plays an important role in discussions of information security. Just 28.6 percent of companies are still compliant a year after assessment, and failing to meet standards can indicate security risks. Compliance can also demand significant IT resources. If your company is struggling to balance compliance and cybercrime risks, you may need security help.

4. Password Theft

A staggering 81 percent of 2017 security incidents involved weak or stolen passwords, which was often combined with tactics like phishing, hacking or malware. One emerging trend is “password aftershock“–when hackers are able to successfully gain entry to a company’s network using username and password combinations stolen from other breaches due to people’s tendency to recycle the same passwords over and over again.

5. Email Risks

Phishing still works–66 percent of installed malware last year was delivered by an email. Hackers are getting savvier and increasingly employing techniques like social engineering to “spoof” malicious emails into appearing like they were sent by a colleague or personal friend.

Email is a critical business communications tool, but it’s also one of the easiest ways for hackers to get inside your network. Information security awareness training and testing are likely a necessity.

Conclusion: Are You Prepared for These Security Threats?

While 2018 could bring next-generation security risks, businesses are wise to take a look back at the most common threat trends that affected half of small businesses in 2017. Planning for the most common risks–like unsecured printers, weak passwords and phishing–could significantly mitigate your chances of suffering a data breach in 2018.

Avoid the costly impact of a security breach remediation with a complimentary assessment of your organization’s IT security. Click here to learn more.


Sources

  • https://securityintelligence.com/know-the-odds-the-cost-of-a-data-breach-in-2017/
  • https://www.cnbc.com/2017/04/05/congress-addresses-cyberwar-on-small-business-14-million-hacked.html
  • http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/
  • https://www.darkreading.com/threat-intelligence/the-rising-tide-of-crimeware-as-a-service/d/d-id/1329102?
  • https://nakedsecurity.sophos.com/2017/07/25/ransomware-as-a-service-how-the-bad-guys-marketed-philadelphia/
  • http://quocirca.com/content/print-security-cost-complacency-121
  • https://www.gdpr.associates/what-is-gdpr/understanding-gdpr-fines/
  • http://www.verizonenterprise.com/resources/report/rp_pci-report-2015_en_xg.pdf
  • https://www.bna.com/people-dont-seem-b73014447747/

As more digital technologies are released into the mainstream, it is becoming increasingly complex to do business, and more specifically to manage the data that new technologies generate. In the security realm, it is no longer a case of safeguarding your physical premises and assets; you need to ensure your digital assets are secure too.

The threats to your data are real. According to the latest data breach statistics, 3543 data records are lost and stolen every minute. For businesses that collect and store personal data from their customers, there are even more risks to consider. Data such as social security numbers, credit card details and bank account information can prove invaluable to criminals, and they will stop at nothing to get their hands on this information. If they succeed in their mission, your customers could bring about liability proceedings, putting your reputation and your business in serious jeopardy.

Protecting It All With Data Breach Insurance

Data breach insurance, otherwise known as cyber liability insurance, is designed to protect against data security risks and the damage that can be associated with them, be it to your finances or your stature. Your level of cover will depend on the policy you have in place, but most products offer identity protection solutions, legal fees, public relations solutions and liability. If your business ever falls victim to a data breach, it is vital that you restore the public’s confidence as quickly as possible. Data breach insurance helps you to do that.

What Types of Data Breach Insurance Are Available?

Cyber risks usually fall into two categories; first-party exposure and third party exposure. First party exposure covers those risks that affect a business first-hand, while third-party exposure covers risks that could affect the data of third parties such as customers, clients or employees.

First party exposure insurance can protect against the following:

  • Loss or damage to digital assets – this includes the loss or damage of software or data.
  • Non-physical business interruption – if your business network suffers any interruption or service failure, this insurance will cover associated expenses incurred while investigating the interruption.
  • Cyber extortion – if your organization falls victim to cyber extortion, where you receive threats from criminals to steal or damage data or restrict your network, your insurance company will handle the demand. This may involve payment of the extortion monies or criminal proceedings that bring the perpetrators to justice.
  • Reputational damage – this level of insurance helps to protect you from damage to your reputation following a reported data protection breach. Depending on the level of cover, your organization could be paid for loss of income, loss of customers and the cost of PR exercises to repair your reputation.

Third-party exposure insurance typically protects against the following:

  • Security and privacy liability – if a data security breach results in the theft or loss of third-party data, either client or customer, this insurance will cover defense and investigation costs as well as any civil damages you incur.
  • Privacy regulation defense – if your organization is investigated by a regulator following any data breach, this insurance will cover your defense and investigation costs in addition to any fines where applicable.
  • Customer care expenses – if you have a regulatory requirement to notify third parties about any data breach, this can often run into millions of dollars. This insurance will cover your notification expenses subject to the limit on your policy.

Don’t Leave Your Business or Your Data Exposed

Data breach insurance is designed to protect your data as well as privacy and network exposures. Whether it is a sensitive customer, employee or client data, there are increasing requirements for this data to be secure. By investing in comprehensive data breach insurance that is tailored to your business you can go on protecting what matters and give your customers total peace of mind.

In preparation for Cyber Monday, cyber villains have crafted a virtual onslaught of social engineering scams, and malicious, spoofed websites in order to dupe the droves of people expected to spend nearly $4 billion online this year.

It’s important to know the warning signs. Here’s your guide to safe online shopping on Cyber Monday and beyond.

1. Go directly to a store’s website instead of using search engines to look for deals.

2. Close ALL pop-ups and other digital ads–do not even acknowledge them.
Many pop-ups could contain fake coupons and redirect you to malicious sites.

3. Watch out for social media scams, especially on Facebook.
Cybercriminals are using fake or compromised Facebook accounts in order to post links to deals that don’t actually exist.

4. Do NOT open any Cyber Monday emails with attachments.
Emails with attachments, especially zip files, are likely to contain malware.

5. Make sure you’re on a secure connection.
Look for the padlock icon to the left of the URL in your web browser when you go to check out.

6. Do not use debit cards to shop online.
Cybercriminals will have direct access to your bank account when using a debit card. Using a credit card instead gives you the protection of the bank’s fraud program.

7. Avoid using public wifi to shop.
Try to avoid using coffee shops’ or restaurants’ wireless Internet connection as they may be monitored by cybercriminals looking for easy access to a poorly protected computer. Use personal hot-spots or your protected home or office connections instead.

8. Watch out for malicious QR codes.
QR codes are small, pixelated codes meant to be scanned by a smartphone’s camera. They often contain coupons, links to websites, or other product marketing materials. Some hackers have started creating codes that link to phishing or malware sites.

9. Don’t give up any extra personal information.
If a site starts asking for out-of-the-ordinary personal data, like Social Security numbers or password security questions, go no further and end the session.

10. Tighten up security before you shop on Cyber Monday.
Make sure all software on your computer is up-to-date, including your OS, browser, and other apps. Most importantly, your anti-virus and anti-malware software.

We would like to take this opportunity to wish you and your family a safe and happy Thanksgiving!

We live in a practically wireless world today. In fact, there is a very high chance you are reading this article over a wireless connection right now. Our dependency on wireless technology is certain, but how can we enhance the way we access data, secure our connections and ensure that we are getting the best that wireless has to offer?

Wireless Security 101

Most people access data and internet services over wireless connections without really thinking about it. It’s convenient, fast and connects you to all the services you’ve grown to rely on. However, this convenience can cause complacency and that is when you can be at your most vulnerable.

For example, if you are using an open wireless network with no password security you could be leaving your personal data wide open to being intercepted and stolen. That includes your banking details, your email credentials and your social media passwords. In the wrong hands this data could end up costing you dearly. Identity fraud is on the rise and costs U.S. consumers millions of dollars every year.

Today’s wireless networks typically offer 5 major levels of security:

Type Security Length of Password
Open None – Never Recommended N/A
WEP Basic – Not Recommended 10 to 26 characters
WPA Good – Works well for older devices 8 to 63 characters
WPA2 Better – High level of security 8 to 63 characters
WPA/WPA2 Mixed-Mode Dynamic – Only as good as weakest link 8 to 63 characters

Steer Clear of Open and WEP

You’ll often find open networks freely available in internet cafes and fast food restaurants. However, because open wireless networks use no password security, it makes sense to avoid these networks at all costs. Exchanging secure or personal data over these networks can result in your passwords being cracked and stolen, and your data compromised. While WEP networks offer very basic security, it only takes hackers mere moments to "guess" your password using password cracking software.

Protect Your Connection With WPA and WPA2

Whether you are setting up a wireless router at work or home, or accessing a network on the move, it is always recommended that you configure or choose a network that is using WPA or WPA2 security. However, while these technologies offer more robust security there are still a couple of vulnerabilities you should be aware of.

Both WPA and WPA2 networks require password authentication before access is granted. However, the security on these networks is only ever as robust as the password used to control entry. While a strong password that contains 20 characters and is made up of letters, numbers and symbols would be practically impossible to crack, it is human nature to choose a password that is easier to remember. Unfortunately, passwords that are easily remembered are also easy to crack, especially if they use words you can find in the dictionary.

How to Further Secure Your Network

There are still a number of ways you can secure your wireless network. A hidden SSID and MAC address filter will mean users must not only know the name of the network they are connecting to, but they must also be accessing the network using a device whose MAC address has been included in the filter. Add to this a robust password and you have a very secure wireless network. You could also create a separate guest network that segregates guest traffic from the rest of the network and any classified or sensitive data that could be vulnerable.