Home » Blog » security software

Tag: security software

What Hackers Target In Small Businesses

Hackers today have many ways to attack small businesses and business owners. Many attempt to use technology to send malware, viruses, or phishing attacks; or use information to con owners and employees into handing over more information than they should.

One or more of these techniques can be combined with gaining physical access to steal from vulnerable firms. Identifying precisely how criminals target businesses and what they deem most valuable can help to protect from the most devastating attacks out there.

Remaining vigilant and informed is one of the most vital things you can do as a business owner to protect your assets and reputation.

Extortion

Different types of attacks tend to rise and fall in popularity. Fifteen years ago, computer worms were the most common attack that businesses faced. Security software wasn’t as advanced or as widely used at it is today. Computer worms were, at the time, an exceptionally low-cost and efficient way to inflict the maximum amount of damage for minimum cost.

Today ransomware has seen an unfortunate boom in popularity. This technology aims to encrypt the target’s files on their personal computer. This technique denies the victim access and charges a large fee in exchange for the key to retrieve the victim’s own data.

The attack has worked so often because it requires minimal effort and can be used again and again. Many businesses have no option but to pay because the data is worth far more than the ransom demand the hackers have made.

The best defense against ransomware attacks, in addition to strong online security, is an up-to-date offsite backup — one that is tested to work reliably.

Targeting Customer Records

One of the most important things for your firm to take care of is your customer data records. Records which include names, dates of birth, and other personally identifying details. These details are extremely valuable to hackers or criminals who, either use them personally or sell them on to someone who will.

Many regions have strict laws and guidelines about how this information must be stored, accessed and protected. Failing to follow these can result in severe penalties that could devastate any company.

Targeting Financial Information

Like personal information, a small business must take extreme care when storing customer financial information. Sensitive details such as credit card or banking information are a key target for hackers looking to steal money fast.

The impact on your business reputation following a breach of financial data will be severe and devastating. Even a simple mistake can require years of advertising and great PR to repair. Many firms have failed to recover after losing the trust of their customers.

Social Engineering

Most firms today run good IT security packages to protect against online attacks and other forms of malware. Attackers often know to take their methods offline to achieve the best results.

Whether posing as a supplier, customer, or interested party; attackers can seek to gain information that you may be less than willing to hand over to a stranger. Small businesses can often be used to gather information on vendors and suppliers they do business with in order to attack them too.

Be particularly cautious of the information you provide when discussing business with individuals you haven’t spoken to before.

Keeping Small Business Safe

Each of these targets and attacks are just some of the most popular and hard-hitting attacks out there now. The list is forever changing, and the methods we use to protect against them always needs to change too.

Some can be defended against with great security, backups, and software. Others, such as social engineering, need you and your staff to stay up-to-date and remain vigilant about the major attacks affecting small business today.

If you need help tightening your businesses security, give us a call at 570-779-4018.

Cybersecurity Tips for Small Business

Cybersecurity is an important subject for businesses of all sizes. This fact has been emphasized by the recent media attention, but it has been a major concern of ours for a long time. Sometimes small businesses struggle with the idea of implementing a cyber security plan because of the additional perceived costs. If done right, these costs can be minimal and more importantly, the cost of having a security breach can be avoided.

Here are a few tips to help your small business:

Train your employees

Make sure your employees understand the consequences of their behavior. Teach them to protect customer, business, and private data. Make sure they know about email risks and danger.

Update your software, PCs, servers, and devices

Keep all your equipment up to date with the latest updates and firmware. This includes routers, switches, wireless APs, PCs, servers, tablets, phones, printers, etc.  Anything that is connected to your network and that has access to your systems should be regularly updated.

Protect your network

Make sure you have a Firewall or preferably some type of UTM (unified threat management) system in place, configured and functioning. I strongly advise against using only the device that your ISP (internet service provider) provides.

Backup

Backup! Backup! Backup! This is an often missed yet crucial part of cybersecurity. If you are breached by a hacker, malware or ransomware they may delete all your data. This can cripple or destroy a small business. Make sure you have multiple backup systems and that you regularly check to make sure they are doing the job.

Secure Wireless

Make sure your wireless is secure. You should be using WPA2-PSK at a minimum. If you have guest wireless, make sure that it is encrypted as well. If you don’t have guest wireless, think about installing it and freely giving it to your employees for their personal devices. It will minimize the risk of password sharing, and a properly setup guest system can limit traffic, so they are not taking up all of your valuable bandwidth. Make sure the guest wireless does not access your business network.

Limit access

Control physical access to computers and servers. Make sure each employee has a unique login. Make sure they only have access to the software and data that they need to do their job. Do not allow them to install software.

Use strong passwords

You are probably tired of hearing about strong passwords. I know I am tired of talking about it. It is an important part of cybersecurity, though. There are a number of tools available to create complex passwords you can remember, or there are password managers that allow you to have very complex unique passwords for all your systems with very little inconvenience. If your system allows for the use of multifactor authentication, use it!

Make sure your endpoints have security software

All you PCs, tablets, phones and servers should have some level of security software installed on them. Free software is acceptable at home (although I recommend using a known security company) but it is not adequate for your business. You should also have software with some type of central monitoring so you can keep tabs on your devices.

Make a mobile device plan

If you allow personal and mobile devices access to your business data and email, make sure you have a plan for lost or stolen devices. All of these devices should have passwords, be encrypted and have security software installed.

Cybersecurity - wilkes-barre - NEPA