Healthcare

We’ll start with healthcare, as it is the most prevalent. Healthcare data is protected, and that protection is regulated, and all for good reason. This information is the most personal information an individual has and it has no business being in possession of anyone but the provider, the insurer, and the patient. The most well-known regulation for healthcare in the United States is called the Health Insurance Portability and Accountability Act (HIPAA). It was developed to keep personal health data and personally identifiable information (PII) secure. This was necessary as there have been new systems implemented to transfer health and insurance information between healthcare providers and insurers. 

Getting Employees to Identify Threats

The average employee comes to work and produces. This isn’t a problem until their lack of awareness of other matters hurts the company. Often met with “that isn’t my job”, it has to be explained that security concerns are a part of their job. Employees often can’t see how it is their responsibility, but since 90 percent of data breaches happen because of user negligence, it has to be explained that it could put the entire business in peril. Their cybersecurity efforts can literally save their jobs. 

#1: Is security a priority when we build processes?

Your business has a way that it does what it does. Are those processes created with both physical security and cybersecurity in mind? The amount of threats your business is subject to is literally innumerable. Each day new threats are created and used to try and steal money and data from businesses just like yours. When building your business’ processes, the first consideration that isn’t “can I make money this way” has to be about how to secure your business from outside threats.

Let’s go over how you can review how much of your data these Chrome extensions can access, and how you can adjust these permissions more to your liking.

Fair warning: This will naturally require you to change a few settings, so don’t be afraid to reach out to your IT provider to confirm these changes are okay to make and for assistance in doing so.

We aren’t alone in believing so, either. A recent study examined twenty such AI-integrating cybercrimes to see where the biggest threats would lie.  

Here, we’re looking at the results of this study to see what predictions can be made about the next 15 years where AI-enhanced crime is concerned. Here’s a sneak preview: Deepfakes (fake videos of celebrities and political figures) will be very believable, which is very bad.

When we say that some businesses are using Windows 7, what we really mean is that with a remarkable market share that still sits around 23 percent, a lot of businesses have chosen not to upgrade to Windows 10, Microsoft’s latest OS. In fact, as of January, when Microsoft officially did away with support for Windows 7, nearly half (47 percent) of SMBs were still utilizing it. It’s not a good scene. Let’s take a look at why so many haven’t moved off of Windows 7.

The Changes We’ve Witnessed

For such an… eventful… year, it started off with little anticipation of the events to come. Businesses had ample time to plan their 2020 technology budgets, but most (if not all) of these budgets were postponed (if not thrown out the proverbial window) with the spread of COVID-19.

Why Mobile Security is So Important in the First Place

Consider the capabilities of our mobile devices today, as compared to those that were considered high-end before Apple premiered the iPhone in 2007 (Not to discredit all the classic PDA/smartphones that came before the iPhone, like the Palm Trio, the Blackberry, and the line of super cool HTC Windows phones, but general consensus feels that the big shift in mobile computing really started with Apple). The difference is staggering. While those devices that are affectionately referred to as “dumb phones” certainly can contain sensitive data, it is effectively nothing compared to what a smartphone can access.

Spoiler Alert: Macs Do, in Fact, Get Malware

Not to be juvenile about it, but duh. A computer produced by Apple can just as easily be infected by malware and ransomware, just as they can also experience any of the other problems that a PC user would. Hardware failure, slowing with age, crashes, data loss—these and so many other issues can be seen in a Mac.

Today, it’s not enough to have an antivirus or firewall. You need solutions designed to actively protect your network and data from those that are actively trying to gain access to them. So while it may not be enough, making sure that your firewall and antivirus software are updated with the latest threat definitions, and that your other solutions like spam blocking and virtual private networks are being utilized properly, can set you up for success. Let’s look at four additional strategies that extend traditional cybersecurity into the modern age. 

How Hygienic are Your Passwords?

With so many of us relying on so many passwords every day, poor password hygiene can often seem to be a foregone conclusion. Think about your own passwords, right now, and see how they compare to this list of inherently insecure patterns that many people develop:

What Does a Security Audit Entail?

A security audit is intended to determine how effectively your business’ security is doing its job. Covering hardware specifications, your infrastructure as a whole, your network policies, the software you’re using, even how your employees behave, a good security audit will give you a complete picture of the protections and safeguards you have in place.

How a Company Acquires Your Data

For a company to get your data, all they really have to do is ask you for it. Think about what happens each time you make a purchase online, or even create an account—you’re handing over your contact information, and usually pairing it to one of your financial resources.

Obviously, you’re subconsciously entrusting them with this information, assuming that they will keep it sufficiently protected and secure.

The Advantage COVID-19 Gives Hackers

To put it bluntly, diversion. With so much attention rightly given to COVID-19 right now, there are many who are remaining in their homes as much as possible to try and prevent the pathogen from propagating. This approach makes the Internet even more important to so many people. Not only are many businesses operating remotely, many rely on support services and other online functions for their in-house processes. Otherwise, people who cannot work remotely are seeking ways to pass the time, turning to social media and other online services for that.

Today, there are literally billions of phishing emails sent each day. Inevitably, you are going to confront this problem, and depending on your staff’s preparedness (or intentions), you will either deal with them or they will likely deal with you. 

The first thing that you should know is that you have to train up your staff about phishing and other issues surrounding your organization’s security. They have to understand social engineering tactics used by scammers to infiltrate networks, steal data, and deliver malware. If they are left in the dark about these issues, you will likely see a plethora of cybersecurity problems in your immediate future. It’s good to be lucky, but you’d rather be good.

Security Steps

Let’s face it, your business’ cybersecurity starts and ends with your staff. They need simple, practical directions to follow or they simply won’t pay any mind to it. You don’t want to be the business that deals with significant turnover because security tasks are so demanding that their employees would rather work elsewhere. You will want to take the time to go through every part of your IT and brainstorm potential problems. You will address situations such as:

Business Communications

With so much relying today on shared information and collaboration, the capability to communicate internally and externally is something that any business needs to have. Small businesses especially have greater access to the tools that can provide this capability, such as: 

• VoIP – A Voice over Internet Protocol solution is a great way for a business to acquire comprehensive phone services and features for a much more sustainable cost that the traditional means of telephone services.
• Messaging – Messaging can take many forms, from email to instant messages, and plays a vital role in keeping a business in touch with its various internal parts and with other entities outside of it.
• Cloud collaboration – Cloud technology can provide a variety of business utilities, including the collaborative benefits of sharing documents and cooperatively working on them in real-time.

To help, we’ll be going over a few best practices that you and your team can implement to improve the security of your remote work when using a wireless connection.

Password Best Practices are a Must

Whether at home or in the office, everyone who works within your business needs to subscribe to good password standards. For instance:

• Don’t rely on easy-to-guess passwords, passwords that rely on predictable patterns, or other passwords that might be found on “insecure password” summaries.
• Use a passphrase, or a combination of unrelated, randomly chosen words, instead of a password. Not only are these more secure, they are often easy to remember.
• Update your passwords regularly, including your network access password. Don’t give out the password to your network if you can help it.

You would think that since millions of phishing attacks are ignored, set to spam, and actively mitigated each month, that there wouldn’t be such a desperate effort to educate people about the signs of phishing attacks, but the fact remains that it only takes one successful phishing attack to compromise an entire workstation, network, or computing infrastructure. 

Today, everyone that works for your company will need to be able to spot and report a phishing attack. Doing so can sometimes be extremely difficult if the spammer does his/her homework. Consider using and teaching these tips to keep your business from being a victim of a phishing attack.

With many “non-essential” businesses scrambling to find strategies that will keep revenue coming through the door, setting up a remote workforce has become most businesses' best hope. Unfortunately, with such little notice to dot the Is and cross the Ts, businesses are taking on more risk than many of them are comfortable with. That trepidation is not fruitless, either. In times of crisis, hackers have a tendency to prey on the unprepared. The fact is that workers that are operating where they are not comfortable--or where they’re too comfortable--can mean disaster for their employers.