INFORMATION TECHNOLOGY FOR SMBs
Our blog articles archive includes it security tips, cybersecurity alerts, state of IT reports, and tips on information technology for small and medium size businesses.
Once again the Cybersecurity and Infrastructure Security Agency (CISA) warns individuals to remain vigilant for online scams – this time related to Coronavirus Disease 2019 (COVID-19). Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.
There is a great deal of discussion about the advantages and disadvantages of the policy of allowing employees to use their own mobile devices, primarily smartphones, instead of employer-issued devices that are to be used solely for work purposes. This policy, known as “bring your own device” (BYOD) can make employees happy, but it also presents a number of issues that should be explicitly addressed by employers before they adopt any policy. The biggest issue that companies face revolves around
Communication during and following an emergency presents a variety of challenges. So, crafting an employee safety and communication plan that works is absolutely essential. The specifics will vary widely from company to company, but your emergency safety and communication plan must address the following: Address the methods that will ensure employees are safe during a disaster event This will depend heavily on the nature and location of your business. Safety planning for a large manufacturing facility will obviously be very
Did you know that 60% of businesses that suffer a cyber attack go out of business within six months? The vast majority of damage is due to the inability of the company to respond because they have not developed a cyber prevention and response strategy. If your e-commerce system, website, email, or customer data was suddenly inaccessible because of an attack, would you be able to get back up and running within minutes, hours, days, or at all? That depends
How Employees Slip Up When you look around at your digital landscape, you can probably point to any number of ways that a cyber attack might occur — but can you identify your single greatest threat? Employees, the greatest asset to most high-performing organizations, also represent one of the biggest threats. However, there are ways to reduce the cyber security risks of employee negligence. The path to decreased risk can seem daunting at first, when you consider cyber security risks
The Internal Revenue Service (IRS) has launched its “Identity Theft Central” webpage to provide 24/7 access to online information regarding tax-related identity theft and data security protection. Tax-related identity theft occurs when someone steals personal information to commit tax fraud. The Cybersecurity and Infrastructure Security Agency (CISA) encourages taxpayers, tax professionals, and businesses to review the IRS news release and CISA’s Tip on Preventing and Responding to Identity Theft for more information. Tax-related identity theft happens when someone steals your
We deliver a set of services that helps keep you on track with the latest developments, both what to watch for and what to keep away from. It’s good to know what effect technology has on your business. 1. Social Media 75% of security breaches are staged by external actors. When your employees interact through social media, the “external factor” is brought in contact with your business daily, creating a potential point of failure. 2. Artificial Intelligence (AI) A
Microsoft disclosed a security breach today that took place last month in December 2019. In a blog post today, Microsoft announced an investigation of a misconfiguration of security rules on an internal customer support database that was storing user analytics data. In the time period of December 5 – December 31, 2019, anonymized data was accidentally exposed online without proper protections. The leaked customer support database consisted of a cluster of five Elasticsearch servers, a technology used to simplify search
Windows 7 has officially reached End Of Life (EOL) on 14 January 2020, including Windows Server 2008 and Windows Server 2008 R2. Microsoft is offering extended support with Windows 7 Extended Security Updates (ESU) at an annual subscription for Windows 7 users. What does End of Life mean? Every operating system and every software has a life cycle. It doesn’t mean it is programmed to stop abruptly. It means the platform or software maker stops producing the updates, adding new
Ransomware is a form of malware that targets your critical data and systems for the purpose of extortion. Ransomware is frequently delivered through spearphishing emails. After the user has been locked out of the data or system, the cyber actor demands a ransom payment. After receiving payment, the cyber actor will purportedly provide an avenue to the victim to regain access to the system or data. Recent iterations target enterprise end users, making awareness and training a critical preventive measure.
In a recent US-CERT/CISA alert on Dridex malware and its various iterations, information is confirmed that this malware has the capability to impact confidentiality of customer data and availability of data and systems for business processes. According to industry reporting, the original version of Dridex first appeared in 2012, and by 2015 had become one of the most prevalent financial Trojans. We expect actors using Dridex malware and its derivatives to continue targeting the financial services sector, including both financial
New Jersey Healthcare provider Hackensack Meridian hospital paid ransom to hackers to stop a cyberattack
The targeted ransomware event at Hackensack Meridian Health brought the computer network systems down last week, resulting in interruptions across its IT network, including Carrier Clinic in Montgomery and three sub-acute facilities. The Edison-based healthcare company said it had insurance to help cover the costs associated with cyberattacks, including payment, remediation and recovery efforts. The systems were down for 2 days, with no access to electronic records. The company had to resort to using manual patient records while undisclosed amount