IT Security Protects Against Malware
In my malware terminology breakdown below, I explain that malware is a general term for all programs written to harm your data and/or to spy on your computer activity. It’s generally thought that these extortionists might target larger companies for bigger payouts, but 50 to 70 percent of ransomware attacks are targeted at small and medium sized businesses.
Changes in how we do business because of the pandemic has left small businesses even more vulnerable. A ransomware attack on a small business may have less ramifications than an attack on a hospital or a public utility, but the consequences for your business directly can be more severe. 43% of all data breaches involve small and medium-sized businesses. Repeat ransomware threats are becoming more likely for companies that recover from these incidents. Here are some things you need to know about malware.
- No target is too small. And every industry is vulnerable. From education and healthcare to manufacturing and government, they are always looking for new opportunities to focus on.
- You NEED a good backup solution. A cloud-based backup is a good option. It keeps your data secure at an off-site location yet is still accessible should you need to recover lost data.
- Remote workers are vulnerable. Remote desktop and VPN access portals are a tempting point of entry to your data. Make sure your staff is trained to spot bogus emails, have multifactor authentication in place and make sure they have the most recent security software updates.
- Have a Disaster Recovery plan. A disaster recovery plan doesn’t just focus on natural or physical disasters. Loss of key business data can qualify as a disaster if it impacts your business. Knowing who to call, how to relay the incident to your staff and how quickly you can recover your data is invaluable.
IT Security Threat: Passwords
As we continue to transition how we do business, it’s important to understand the IT security implications of remote and hybrid workforces and their access to shared passwords. Research shows that roughly 46% of SMBs use a password manager. 51 percent of businesses rank it as their top priority. Only 15% of organizations ranked single sign-on (SSO) as a major priority, while multi-factor authentication (MFA) and Principle of Least Privilege were both at the top of the list for 9% of companies.
When choosing a password manager, it’s important to make sure it is the right fit - beyond cost. A good password manager should scale as the business grows, includes encryption, and most importantly, be easy to use. Even if your team is small, those features grow increasingly important as your team grows.
If you are not using a password manager, here are a few reasons you need to add it to your next budget:
We don’t use strong passwordsMost people use the same simplified password across many of their accounts, both in personal and business cases. This makes the password easy to guess. A strong password needs to be a long combination of numbers, letters, and symbols. Password managers can auto-generate secure passwords and store them securely.
Password Managers can help stop phishing attacksPhishing attacks are one of the most prevalent and successful methods of stealing login information. These emails look to be from reputable sources, but they direct employees to bogus login pages that steal their credentials. If you save a login for a website like Chase.com or Amazon.com, your password manager will remember it and offer to fill it in automatically when you visit Chase.com or Amazon.com. Your password manager won't offer to autofill your credentials if you end up on a different website. Your password manager won’t be fooled by the disguised URL.
Multifactor AuthenticationWhile password managers give us high security, they function best when paired with Multifactor Authentication. Adding MFA in combination with your password manager provides layered security to protect against breaches. With its cost-effectiveness and ease of use, MFA has become much more widespread in the past few years. Some services also offer a more efficient option with simple push notifications.
IT Security Terms You Need to Know
As technology becomes more integrated with our work and social lives, we are more likely to encounter tech terminology in our daily conversations. In celebration of Cyber Security Awareness Month, here are my picks for the top 10 IT security terms you should be familiar with:
A firewall is a piece of software or hardware that can be set up to restrict data from specific sites or programs while allowing relevant and necessary data to flow through. Firewalls have been the first line of defense in network security for over 25 years. A firewall can be hardware, software, or both.
2) Multi-Factor Authentication (MFA)
MFA might seem complicated at first but it’s quite simple. Its increased use has organizations focusing more than ever on making sure the experience is smooth for users. You probably already use it without knowing. For example, you’ve used MFA if you’ve:
- Swiped your bank card at the ATM and then entered your PIN (personal ID number).
- Logged into a website that sent a numeric code to your phone, which you then entered to gain access to your account.
MFA is a security enhancement that allows you to present two pieces of proof - your credentials - when logging into your account. Your login information falls into one of three categories: information you know (like your password or PIN), the information you own (like a smart card), or information about who you are (like your fingerprints). Your login information should come from two different categories for improved security. Therefore, entering two different passwords will not be considered multifactorial.
Terms like virus, spyware, trojan, worm, and ransomware are often confused, although they have distinct meanings. All of them, in most cases, have a malicious aim - to destroy data, spy on computer activity, and so on. Malware is a catch-all phrase for all these programs; it simply refers to any software built with malevolent intent. Viruses are the most common type of malware, however, there is more to malware than viruses. Here is a breakdown:
Malware is any software program deliberately designed to damage a pc, server, or network.
A computer virus is a dangerous piece of software that spreads from one device to another. These self-copying threats, which are a subset of malware, are usually designed to harm a device or steal data.
Spyware is harmful software that collects information about a person or organization and sends it to a third party to harm the user.
A Trojan horse is a form of malware that masquerades as genuine software. Trojans can be used by cybercriminals to spy on you, steal your personal data, and get backdoor access to your system once they've been launched.
A computer worm is a sort of virus that duplicates itself and transmits it from one machine to another. A worm may replicate itself without the need for human intervention, and it does not require attachment to a software application to cause harm.
RansomwareRansomware is a type of virus that uses encryption to hold a victim's data hostage. The vital data of a person or organization is encrypted, making it impossible for them to access files, databases, or apps. Then a ransom is asked in order to gain access.
4) Cloud Backup
Cloud backup is a service that backs up and stores data and applications. Businesses use cloud backup to keep files and data accessible in the case of a system or power outage, hardware failure or damage, or a disaster (natural or otherwise). Cloud backup works by duplicating and storing your server's files on another server in a different physical location. This is a great security layer to protect your data in the event of a network security incident.
5) Single Sign-On (SSO)
SSO allows users to log into numerous applications using a single set of credentials. That means you just need to enter your login and password once to access a business' system (your network or a business site you're using online), and you won't have to do so again to access each application they have.
6) Principal of Least Privilege
The Principle of Least Privilege states that users, systems, and processes should only have access to resources (networks, systems, and files) that are absolutely necessary to accomplish their assigned duties.
7) Data Privacy
Data privacy refers to the procedures you have in place to ensure that the information provided by your clients or customers is only used for the reason for which it was given. Individuals' right to regulate how their personal information is gathered and utilized is known as information privacy.
8) Managed Service Provider
A managed service provider (MSP) is a third-party company that manages your information technology (IT) infrastructure and workstation systems. Businesses often partner with MSPs to perform a defined set of day-to-day management services, including helpdesk and maintenance. These services may also include security and monitoring.
9) Remote Desktop Connection (RDC)
Typically, RDC requires the remote computer to enable the Remote Desktop Services and to be powered on. The connection is established when a local computer requests a connection to a remote computer using RDC-enabled software. On authentication, the local computer has full or restricted access to the remote computer. Besides desktop computers, servers, and laptops, RDC also supports connecting to virtual machines.
10) Social Engineering
Social engineering is a non-technical strategy cyber attackers use that relies heavily on human interaction and often attempts to trick people into breaking established security practices.
Some examples of social engineering are:
PhishingPhishing attacks use malicious email or websites to obtain personal information by posing as a trusted organization. For example, an attacker could send an email that appeared to come from a legitimate credit card company or financial institution requesting account information, often indicating a problem. If users respond with the requested information, attackers could use it to gain access to accounts.
VishingVishing is a verbal form of phishing. It uses verbal scams usually via telephone to trick people into doing things they believe are in their best interests.
SmishingSmishing (sometimes stylized as SMiShing) is another form of phishing attack that involves the use of text messages. These deceptive text messages trick the recipient into replying directly or invite the unsuspecting victim to visit a phishing website.
How Silverado Can Help
Selecting an IT security partner best suited to help you with both short- and long-term cyber security strategies can seem daunting. The best approach is to find a partner focused on the development of a long-term relationship rather than a short-term desire to earn an easy profit. If you're ready to start protecting your company's digital presence right away, contact us for a free Initial Security Assessment.