5 Tips for Teaching Your Employees What Not to Click

Posted by Steven Vigeant on 6/20/17 8:30 AM

When you’re responsible for the security of your company’s network — and all the sensitive data contained in it — sometimes you can’t help but dream of a world without users.

When you set up a hardware or software security control — provided you configured it correctly and it’s up to date — you know it will do what it’s supposed to do without fail, never taking a shortcut, experiencing a “brain fart,” or suffering from sheer ignorance.

Employees, on the other hand, need to be constantly reminded to take data security seriously.

Read More

Topics: Email

Does Social Engineering Threaten Your Company’s Data?

Posted by Steven Vigeant on 6/6/17 8:30 AM

What came to mind? If your mental image of a hacker is informed by Hollywood stereotypes and stock imagery, you thought of a shadowy figure, bathed in the green glow of multiple screens, furiously pounding out complex algorithms and arcane programming.

If only that were accurate. The truth is, the perpetrators of some of the most devastating cyber attacks of recent years relied more on charm and quick thinking than on technical wizardry.

Hackers succeed by exploiting weaknesses. And long ago, they discovered that the weakest element of most systems is the human element.

It’s easier to talk someone into giving up their password then it is to crack it through sheer computing power. And hackers are all about what’s easier.

Read More

Topics: IT Security, Email

The IT World Is Dangerous; You Need a Backup Plan

Posted by Mike Amaral on 5/5/17 2:52 PM

If your company is like most, you build your worth around information. Client records, research material, inventory data, and financials are all heavy hitters. Now imagine if just one of these critical pieces of information became totally compromised or irretrievable, disappearing in the blink of an eye.

Read More

Topics: Backup and Disaster Recovery

3 Ways Your Network is Vulnerable to Hackers

Posted by Justin May on 4/21/17 8:08 AM

Every month it seems, another large company suffers a network breach or unauthorized access to sensitive information. The number of well-known hacking victims keeps getting larger:

Read More

Topics: IT Security

Tax Season 2017 Is High Season for Spear Phishing Attacks

Posted by Andrew Josephides on 3/21/17 8:10 AM

It’s tax season. And that means, for internet scammers looking to filch your employees’ identities and steal their money, it’s phishing season.

According to a warning issued by the IRS, tax season triggers a 400 percent surge in phishing and malware incidents. The scammers’ target? The sensitive information found on your employees’ W2 forms:

Read More

Topics: IT Security, Email

4 Steps for Designing an Effective Insider Threat Program

Posted by Andrew Josephides on 3/7/17 8:01 AM

The cost of cybercrime is going nowhere but up. Meanwhile, the news reports on staggering incidents of mass data theft on a regular basis. If you’ve become obsessed with combatting intrusion from outside hackers and scammers, it’s understandable.

But if you’re only looking outward, you may be missing one of the leading and most damaging risks to your cybersecurity: those who work in and with your organization.

No one wants to believe their colleagues and partners would compromise their data security – either deliberately or mistakenly – but it happens more often than you would think.

Read More

Topics: IT Security

Slack vs. Microsoft Teams: Which Is Right for Your Office?

Posted by Steven Vigeant on 2/14/17 8:43 AM

It seems like eons have passed since email promised to make office communication easier, more pleasant, and more fun. Remember the feeling? No more navigating awkward voicemail menus, missing connections, or squinting at smudged faxes.

But now, as we confront our overflowing inboxes with dread every morning, many of us long to go back to the days when the desk phone was more than an inert prop and critical information was shared — shockingly — face to face.

Read More

Topics: IT Support

What Is Penetration Testing and Do I Really Need It?

Posted by Andrew Josephides on 2/9/17 8:00 AM

We don’t have to tell you your organization’s IT system is deeply complex. To provide even the most basic services to your users, many layers of hardware and software combine.

Lurking within these layers are vulnerabilities – weaknesses that can be exploited to inflict costly damage on yourorganization. And as the layers of your IT system multiply, so do their vulnerabilities, whether they’re problems in the operating systems, application flaws, or improper configurations.

How do you find these weak points before the bad guys do? That’s exactly what penetration testing is for and why it is a critical part of a company’s security policy.

Read More

Topics: IT Security

4 Expert Tips for Creating an Enforceable IT Security Policy 

Posted by Steven Vigeant on 1/26/17 8:00 AM

As we wrote in our last post, an enforceable IT security policy  is an important part of your organization’s security strategy. Unfortunately, many companies don’t have this policy. As many as one in three companies lacks an information security policy.

It’s not enough to develop this and then put it away. Depending on the size and type of your business this should be visited at least annually with the stakeholders in the systems and processes that are part of the security policy. If this is not done it is difficult to enforce and be sure it meets the needs of the business over time.

Read More

Topics: IT Security Policy

Draft an IT Security Policy in 2017

Posted by Steven Vigeant on 12/27/16 8:14 AM

Nobody enjoys creating policy. It’s complicated, detail-oriented work and just asking for endless debates over minutiae. And the results of the arduous policy-making process are often overlooked or outright ignored. Sometimes it feels like people are going to do whatever they want to do, regardless of your well-crafted, comprehensive policy.

So why bother going to the effort of writing an IT security policy for your business? Surely, there are better ways to spend your time.

Read More

Topics: IT Security


 Comments