security threats

The Greatest Threat to Your Company’s Data And, How to Minimize It – Part 3: Getting Down to Brass Tacks

“We have met the enemy and he is us.” – Pogo

Review

Our last two blog posts have focused on revealing the greatest threat to your company’s security. The first cited a 2018 report published by PricewaterhouseCoopers that indicated cyber threats to the security of company data are continuing to increase and that employees are the top sources of security incidents. The second shared the finding that “100% of government entities see their own employees as the biggest threat to security.”

This week we wrap up the series by getting ‘down to the brass tacks’ of the best practices you can implement to minimize the greatest threat to your company’s security.

Respond

Myrtle Beach Data Loss PreventionKnowledge is power only if we use it. Now that we are aware that the greatest weakness in our systems appears to be the users, how we respond to that knowledge is key to protecting your data. Here are a few recommendations for your business.

  • Establish policies that define usage rights and responsibilities.
  • Develop a training program. The program should be formal and documented. Each module of the program should be comprehensive and comprehendible.
  • Start at the beginning. Include employee security awareness and expectations when onboarding new employees. Include computer use policies and cybersecurity awareness and practices as an essential part of employment.
  • Train continuously. Avoid falling into the “one-and-done” trap so common in business training. People to not retain everything they learn. Remind, review, and update training continuously.
  • Put employees to the test. Some companies have gone on phishing excursions. The company creates and sends “fake phishing” emails to employees to see who, if any, responds to them. Use the results to coach those employees and, discreetly, use their cases as examples during employee training.
  • Evaluate employee security performance. Cybersecurity has become an important and essential part of your business. It should, therefore, become an important part of the regular employee evaluation process.
  • Raise awareness of new threats. Stay abreast of new cybersecurity concerns as they arise. Communicate those dangers to your employees. Add the new threats to your cybersecurity training.
  • Reward employee performance and compliance. When employees spot a potential security issue, recognize their contribution. Do the same when they “pass” phishing tests or demonstrate an exemplary approach to their use of your technology.
  • Don’t expect perfection. Yes, after all, we are human. That is what makes employees the biggest threat to your company’s cybersecurity. An occasional reminder that you, too, are human is always helpful. The mistake that is made could be yours.
  • Always err on the side of caution. Need we say more?

We are as concerned about your technology security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
6251 Lindsey Rd.
Myrtle Beach, SC 29588
843-282-2222 Office/Fax
843-902-6885 Cell

protect your technology

The Greatest Threat to Your Company’s Data And, How to Minimize It – Part 1

Yep! That’s one of them.

Surprise!

It’s not hackers and scammers who are the biggest threat to your company’s data security. It’s your employees. And it’s not just because they haven’t learned to keep their coffee away from their keyboard. That’s so late last century.

Speaking of last century, the employee culture then and now are almost polar-opposites. In the 1990s most office staff were unfamiliar with PCs. They were on a learning curve of which the leading edge was the fear of doing something wrong. God forbid that they should do anything that would cause a mistake or to “mash a key” that would create a data error.

Nearing the end of the second decade of the 21st century, the workforce is replete with older employees who have long ago learned the ropes and the next generation that knows no fear. Employees whose first words were “momma, digital, and daddy,” have replaced the retirees who had learned just enough to get by before they got their gold watch (or their pink slip).

The bigger problems today are complacency, carelessness, curiosity, and the occasional class clown. Every research report we have read agrees that the overwhelming majority of data breached can be traced directly to employee negligence. For example,

  • An IBM report indicated that 60% of the cyber-issues reported were caused by insiders.
  • A government survey reported that 57% of cybersecurity incidents were caused by human error.
  • A 2018 PwC report indicated that cyber threats to the security of company date are continuing to increase and that employees are the top sources of security incidents.

Should You Be Worried?

That depends. If you think that your employees are so special that your company is exempt from the reported realities, the answer is yes.

On the other hand, if you take the potential loss or corruption of your business data seriously, and you are willing to take some reasonable steps that will help to ensure that you can reduce the insider threats to your digital technology, the answer is still yes. But you should be able to worry a lot less.

What Should You Do?

We could spend an entire article offering best practices and guidance for guarding your technology in house. That’s what we will do in our next post. Sure, we could do list them here, but we’re going to limit this article to the first and most significant step a business owner must take.

It all depends upon you.

That’s right. The only way to reduce insider threats – malicious, mischievous, or mistakes – is for ownership to make protection of data and technology a priority for your business.

Next week we’ll share some proven ways to protect your technology from damage by your own personnel.

You don’t have to be a techie or a geek or understand all the ins and outs of cyberspace. We are here to help you guard your technology. The first step is raising your awareness of the need before the need becomes an emergency.

We are as concerned about your technology security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
6251 Lindsey Rd.
Myrtle Beach, SC 29588
843-282-2222 Office/Fax
843-902-6885 Cell

internet security

Scary Thoughts About Internet Security

BOO! Welcome to cyberspace.

What? Doesn’t cyberspace scare you? Well, it should. Don’t blame us. We don’t want you to be scared. We want your digital technology to be protected.

We’ve discovered that many people who fear cyber technology the most simply try to avoid it. On the other hand, we have noticed that whole new generations been raised on expanding technology. The problem with this group is more that they are not afraid.

The unchanging truth is that cyberspace – the internet and connected devices – is not safe. It is not dangerous in and of itself so much as that it can lead you to dangerous places or to dangerous persons who attack you unexpectedly. Consider them modern-day scam artists.

Let’s put this into perspective.

Question: What’s the biggest problem with being wealthy?

Answer: You have more stuff to protect. (That’s why rich people live in gated communities and have security guards.)

Question: “What would you think about creating a world in which people sell really insecure products that can be used to attack the very fabric of the internet?”

We are guessing that your answer would be “No!” In that case, “Houston, we’ve got a problem,” because we are already there – relative to both questions asked and answered.

We try to keep our clients and readers aware of specific issues – viruses, malware, and ransomware, for instance. However, we have learned that, in some cases (certainly not yours), we can lead a person to cyberspace, but you can’t make them think.

So, in case you missed the point, we are addressing the fundamental truths that everyone needs to understand.

  1. We are all, whether we like it or not, whether we think we are or not, getting more and more connected to cyberspace.
  2. Cyberspace is a dangerous place.
  3. You need to be aware and alert.
  4. You need to protect your electronic devices.
  5. You need full-time, round-the-clock protection because the danger does not diminish when you or your computer are asleep. Neither is it any less of a threat when you and your devices are awake.

You don’t have to be a techie or a geek or understand all the ins and outs of cyberspace. We are here to help you guard your technology. The first step is raising your awareness of the need before the need becomes an emergency.

We are as concerned about your technology security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
6251 Lindsey Rd.
Myrtle Beach, SC 29588
843-282-2222 Office/Fax
843-902-6885 Cell

Good News and Bad News About Cybercrime

You’ve heard it before. We’ve got good news and we’ve got bad news. Which do you want to hear first?

The crowd response to our question seems to be about 50/50, so we’ll give you the bad news first.

Cybercrime is growing.

You probably either knew that or expected that, so the bad news may not seem to be too bad. Unless, of course, you are the victim of one of the many types of cybercrime. Then, it’s really bad news.

But, let’s look at it on a global scale. A recent report indicates the global cost of crime – what it costs its victims –increased by 20% over the two-year period between 2014 and 2016. That’s a one billion dollar increase from $500 billion to $600 billion, an amount approaching one percent of the global GDP.

Here is a breakdown of some of the details of the bad news.

  1. It is estimated that more than two billion people have had their personal information stolen or compromised online.
  2. 64% of Americans have had personal information stolen or compromised online.
  3. Cybercriminals are generally quicker to adopt new technologies than other users. That doesn’t even consider that cybercriminals may frequently be ahead of the technology curve.
  4. The number of countries that have become centers for cybercrime is increasing, led by Brazil, India, North Korea, and Vietnam.
  5. The emergence of digital currencies has made profiting from cybercrime much easier. (What’s that? You’re not into digital currencies? You will be. Ten years ago, you weren’t into smartphones. Twenty years ago, you weren’t into using debit cards. Thirty years ago, you weren’t into personal computers.)
  6. Cybercrime is easily scalable and growing. One ISP has reported as many as 80 billion malicious scans per day with as many as 300,000 to a million new versions of malicious software being created daily.
  7. Cybercrime is becoming highly automated.
  8. Cybercrime is now being black marketed as CCAS – Cybercrime as a Service.
  9. Cybercriminals, like other criminals, tend to focus their activities where the money is, with North America, Europe, and Central and Eastern Asia each having about an equal portion of 63 percent of the global GDP. The FBI estimates that 4,000 people in the U.S. were victims of ransomware attacks per day in 2016.
  10. Far too many of us choose to ignore the risk.

Now for the good news. You can do something to guard your technology. In fact, you can personally reduce the list of bad news items by ten percent!

Don’t ignore the cybercrime issue. Stay informed and guard your technology.

And here is more good news. Tech Sentries can help you guard your technology. Our services, however, should never be a reason for anyone to willingly ignore the risk.

All we ask of you is to be steadfast in doing your part to keep yourself and other users of your system away from suspicious links and intriguing pop-up ads that may have more to offer you than advertised.

We are as concerned about your technology security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

 

Joe Thibodeau
Tech Sentries Inc
6251 Lindsey Rd.
Myrtle Beach, SC 29588
843-282-2222 Office/Fax
843-902-6885 Cell

What Willie Sutton Can Teach Us About Computer Security

Willie Sutton was arguably one of the most “successful” if not the most infamous bank robbers of the 20th century. Sutton managed to steal close to $2 million during a forty-year career. He passed away in 1980 at the age of 79. He may be long-gone, and it is likely that he never owned a computer, but we can still learn something about computer security from him.

It has been widely reported that someone once asked Sutton why he robbed banks.

He wryly responded, “Because that’s where the money is.”

A 21st century Sutton would probably have told you that your computer was a likely target for cybercriminals, not because of you personally, but “Because that’s where the information is.”

Have you noticed that we don’t hear about many bank robberies anymore? Why do you suppose that is? It’s because the best way to get to the most money is by gathering information that is used to appropriate ill-gotten gain.

Whether the cyber crooks use malware, trojans, ransomware, email scams, worms, or some other misbegotten method, they are coming after any of us who have digital technology. That would be just about all of us.

Why You Need Computer Security

So, here’s another question to which the venerable Mr. Sutton would have likely had a spontaneous answer:

Which computers or computer systems do you think cybercriminals are likely to attack?

Answer: The ones with the least protection and whose owners are not expecting an attack.

Banks today utilize all kinds of security devices to deter and defend against potential intrusions. Why rob a bank that has advanced security when the next one has none?

Cybercriminals are constantly surveilling systems to seek out the most vulnerable. As digital technology advances, so do cybercriminals’ techniques. They are not going to overlook any opportunity, but the presence of top-notch security protecting your data will send them down the road to a more exposed location.

One more piece of advice. Advanced digital technology tools like those available through Tech Sentries protect your data 24/7/365. But we can’t prevent the crime if you open the door and let the villains in. Be extremely cautious – especially as we approach income tax filing time. Willie Sutton once dressed as a mailman to gain easier access to a bank. Be careful not to get caught by a scam disguised as an innocent email.

We are here to help you Guard Your Technology, but it takes a team to do so effectively. If your digital security needs a review, give us a call for a FREE consultation. We’ll show you how you can protect your system and we’ll even give you a few tips on digital self-defense as well.

We are as concerned about your technology security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
6251 Lindsey Rd.
Myrtle Beach, SC 29588
843-282-2222 Office/Fax
843-902-6885 Cell
https://www.techsentries.com

Passwords – The Weakest Link in Computer Security

I recall a morning Pre-PC Era 30-some years ago when no one at my office could log onto their mainframe monitors. It seems that our programmer had worked late into the night. Not only had he changed the system password, he forgot to set his alarm clock. Several attempts to contact him were unsuccessful. This was also the Pre-Cell Phone Era.

Fortunately, we were able to reach him. When we asked him for the new password, he said, “You’ll figure it out. It’s easy.” Without another word, he hung up and, apparently, went back to sleep.

It took us a while, but we finally figured it out when someone suggested that we consider how to properly punctuate what our programmer had said. Turns out he said, “You’ll figure it out. It’s ‘E-A-S-Y’.”

Thirty years later, that’s still a big problem. As advanced as technology has become, passwords are still far too EASY. It’s as if we have a genetic predisposition that precludes us from creating passwords that are impenetrable – or at least difficult. Either that or we don’t have the ability to create and recall complicated passwords. You know the feeling: “How do I make this unique, but still easy to remember?”

123456 and password

Those are the two most popularly-used passwords. They have been for several years. Go figure. Many others are simply variations on these two themes.

When you fail to create passwords that are difficult to discern you might as well paint a target on your back.

As much as we hate to say this, paying for a top-notch digital security service is like spitting into the wind if you don’t use and require strong passwords.

So, here are a few tips to help get you started:

  1. DO NOT use fewer than eight characters. The longer, the better.
  2. DO NOT use logical patterns or letters or numbers.
  3. DO NOT use repetitive or sequential letters or numbers.
  4. DO NOT use names, addresses, or dates.
  5. DO NOT use any words found in the dictionary.

It takes a team to Guard Your Technology, but never forget that it is your technology and they are your passwords. We encourage you to create better passwords. Tech Sentries can take care of the rest.

We are as concerned about your technology security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
6251 Lindsey Rd.
Myrtle Beach, SC 29588
843-282-2222 Office/Fax
843-902-6885 Cell
https://www.techsentries.com

immune

No One Is Immune

immuneDo you remember when the Ebola virus caused world-wide panic a few years ago? The killer virus appeared to be out of control and there wasn’t enough supply of vaccine or enough time to distribute it.

Like the script from a sci-fi horror flick, “No one is immune! Ebola is coming to get you!”

Of course, there were those who believed that it could never happen here. There always are. They are the ones who won’t get a flu shot then wonder how they got the flu several months later.

Real World – Virtual World – Same Problem

The same irrational thinking prevails in the virtual world. Even though, as we have cited before, more than 60% of small businesses have been victims of cyberattacks, the other 40% still think they are immune.

But, according to a recent article in TechTalk, the size of the business is not the only reason some businesses have a false sense of security. The article noted that some corporate enterprises feel that their systems are safe because they operate using a different system. In particular, the misconception is alive and well amongst users of Linux, Ubuntu, and iOS.

The assumption is that “users believe Linux, Ubuntu and iOS are more secure because in most malware cases, Windows users are the victims. Although it is true, Windows PCs are highly targeted, this is only because of their large market share. . .  hackers can cast a wider net when targeting Windows PCs than if they were to target Linux, Ubuntu or iOS.”

That sounds like the small business owners’ reasoning that they won’t come after me because I’m too small. Not only wrong, but proven wrong.

It is also becoming abundantly clear that Linux, Ubuntu, and iOS system have been under attack. They just haven’t grabbed the headlines. Yet.

The first rule of thumb in any security business is never assume you are safe from attack. That goes for cybersecurity, too. The faster technology grows, the more we are exposed to security breaches. It doesn’t matter what size your business is – or what operating system – you use. Your technology needs to be guarded.

Guarding your technology is what we do. We work diligently to keep you aware of potential dangers and how to take a few, common-sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
6251 Lindsey Rd.
Myrtle Beach, SC 29588
843-282-2222 Office/Fax
843-902-6885 Cell
https://www.techsentries.com

What in the World Are Hackers Thinking?

hackersWe already know what we think when our digital technology has been compromised by some &^%#$* hacker and her (yes, her!) virus, malware, ransomware, or phishing expedition. We get frustrated and downright angry. Have you ever wondered, what the hacker was thinking or what motivated her? We thought it might help to understand.

A recent report published by Government CIO indicated that,

“Most cyber criminals are motivated by the commission of a crime. It is a psychological issue that defines them as people with some super traits that cause antisocial behavior. Possibly, these people suffer from one or more forms of psychological disorders that seek to gain recognition or personal gain from illegal activities.

Other personality traits exhibited by the cyber criminals include “self-centeredness, grandiosity, callousness, and lack of remorse or empathy for others coupled with a charismatic, charming, and manipulative superficiality.”

Does that give you a warm, fuzzy feeling? We didn’t think so. Perhaps this will help. In late 2016 Digital Endpoint described eight common types of hackers along with some insights into what motives them.

TYPE PERSONA MOTIVATION
White Hat Good guys Companies employ them to test software, websites, and systems from criminal hackers.
Black Hat Guns for hire They get paid for stealing information by the people who want that information. They don’t care about the information per se.
Grey Hat Wolves in sheep’s clothing They test systems, but without permission. When they find a weakness, they try to sell their findings to their victims for a price.
Script Kiddies Trainees They use packaged software to disrupt systems and establish a reputation in the hacking community.
Hactivists Protesters They are employed by governments to gain information and/or attack foreign entities.
State Sponsored Warriors They hack to harass, expose, and exact revenge on entities to which they are opposed.
Corporate Spies Corporate Spies Corporate spies have existed for years. The internet and digital technology are just new tools.
Cyber Terrorists Terrorists They want to “spread fear and create chaos … by causing unrest.”

Did we mention that some hackers are women? Watch this video. It will give you even more insight in what in the world hackers are thinking.

Guarding your technology takes an awareness of potential dangers and a few, common-sense steps to ensure the safety of your data and devices, not the least of which is having regularly-scheduled system and software audits by digital security professionals.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
6251 Lindsey Rd.
Myrtle Beach, SC 29588
843-282-2222 Office/Fax
843-902-6885 Cell
https://www.techsentries.com

digital hygiene

Did You Know that Digital Hygiene Can Reduce Cyber Breaches?

digital hygieneDigital hygiene? What’s that?

Digital hygiene is a lot like dental hygiene. A dental hygiene regimen helps to protect our teeth and gums from bacteria, infection, and decay. A digital hygiene regimen is necessary to protect our technology and information against infection from viruses, malware, hacking, phishing and other cyber attacks.

Cyber attacks are just about as stealthy as dental attacks. Most often we don’t realize that we have developed a cavity until it is already too late. The same is true with cyber infections. The best hygiene in either the dental or the digital world is preventive. A 2015 report by Verizon revealed that most cyber attacks are not carried out by a full frontal hacking of a device, but rather by manipulating the humans that operate them.

Digital hygiene requires continual, proactive care.

Just as routine dental hygiene involves care at home and checkups by a professional, so, too, does digital hygiene. Here are 10 important steps we recommend to keep your technology safe.

  1. Be extra careful when asked for personal information in response to emails, phone calls (cell phones are technology too), or web pages. It’s not that sharing is, itself a bad thing. Just be super cautious about what you share and with whom you share it.
  2. Do not respond to online or on-phone demands to run a particular software on your computer.
  3. Do not be afraid of specific online threats of “account closure, disciplinary action, or arrest.” Legitimate businesses do not usually threaten people.
  4. Ensure that all of your software is up to date. You can set your devices to update automatically. (If you are not sure if you should or how you can exercise this option, give us a call at 843-282-2222. We will be happy to help.)
  5. Avoid visiting “suspicious” websites or installing “suspicious” programs.
  6. Think carefully about identifying your location on your mobile devices.
  7. Create strong passwords on all devices – including your cell phone.
  8. Think twice before clicking on attachments or links.
  9. Strengthen your security with two-step verification for access. Click on this link to learn how to use Google account two-step verification. (Did you think twice before clicking on the link?)
  10. Have a regular digital hygiene checkup.

Guarding your technology is best done with regular digital hygiene. It just takes an awareness of potential dangers and taking a few, common-sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
6251 Lindsey Rd.
Myrtle Beach, SC 29588
843-282-2222 Office/Fax
843-902-6885 Cell
https://www.techsentries.com

cyber safety

You Are Most Exposed to Cyber Threats When You Think You Are Not a Target

cyber safetyBack in the last decade of the 20th century, an entrepreneur in Orlando proudly, publicly stated that his business was too small to be a target. Granted, he wasn’t talking about cyber threats, but he was talking about other threats to the security of his business.

He was wrong. Within a matter of months after he boldly blurted out what he believed to be true, his company was the target of litigious attack from a German-based company with over 300,000 employees and annual revenue in excess of $80 billion.

Lesson learned: The size of your business does not exempt it from attack.

This applies, in particular, today when it comes to small businesses and cyber threats. As a recent article in CIO magazine put it, “Believing that their security program is good enough means there’s a good chance they’ll be breached.” The article was addressing small business owners.

Think You Are Immune from Cyber Threats?

Think again. The CIO article described the lack of small business ownership with cyber security issues was akin to them being in a time warp compared to Fortune 100 enterprises. In fact, small business owners should consider these documented facts.

  • “95 percent of IT professionals at small businesses believe their cyber security posture is above average. However, 100 percent of the same respondents also said they could improve their ”
  • Small businesses are the victims of a whopping 4,000 cyber attacks per day.
    • That’s more than 120,000 per month.
    • That’s nearly 1.5 million attacks per year.
  • 75 percent of all U.S. companies have experienced some form of cybersecurity breach in the 12 months from April 2016 to March 2017.
  • SMBs are the target of 62 percent of all cyber-attacks.
  • “60 percent of small businesses are unable to sustain their businesses” for more than six months following an attack.

If you think that last statistic is because those businesses aren’t as well operated as yours, this statistic should put it in a more worrisome perspective. The average cost of a single data breach is $225 per record lost or stolen. For small businesses, the average price of recovery from a cyber-attack is $690,000. (Fast Math: ≈ 3,000 records x $225/record)

Our objective is not to scare you. It is to warn you. When it comes to being the target of a cyber threat, size doesn’t seem to matter.

Guarding your technology does not have to involve elaborate evasive tactics. It just takes an awareness of potential dangers and taking a few, common-sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Joe Thibodeau
Tech Sentries Inc
6251 Lindsey Rd.
Myrtle Beach, SC 29588
843-282-2222 Office/Fax
843-902-6885 Cell
https://www.techsentries.com

1 2 3 4