Coleman Technologies Blog

If you don’t have guards or security cameras in place, you’re more likely to suffer from a physical security breach, which can be just as devastating as a digital breach. Ask yourself how comprehensive your security really is. After all, the new year has just hit, so why not use it as an opportunity to protect your business’ physical assets? With so many cyber threats out there these days, it’s no surprise that organizations focus on the digital aspect of security, but some people are just old-fashioned and would rather infiltrate a business the traditional way.

It’s also important to keep in mind that not everyone is going to be the perfect employee. You might have a couple of bad apples in the bunch that see technology and want it for themselves. In this case, digital security might not mean much, but physical security like locked doors and so on could make all the difference in keeping them from making decisions that are bad for both themselves and your business.

Basically, you need to take this two-pronged approach--one that considers both digital security and physical security--for the following reasons:

• Data access is restricted to those within your organization, but even the best employees make mistakes.
• A tiered approach means that employees only have permission to access data they need for their immediate work responsibilities.
• Knowing who is accessing devices and data, as well as when they are doing so, can help you to resolve issues as they occur.

Let’s consider a couple of scenarios where it helps to have physical and digital security. Access control limits who can access specific information, so if the data is corrupt or missing, then you’ll have a clear idea for who is responsible for it. On the off-chance that it wasn’t the employee, then you know their credentials have been stolen and abused by a cybercriminal. Access monitoring is helpful for this, as it can also determine when someone is accessing data, as well as where they are located. Thus, if someone from another country is accessing data in the wee hours of the morning, it’s likely that you have a digital security problem on your hands.

As far as physical security goes, consider what would happen if you didn’t keep track of who checks out devices. For example, let’s say you have company laptops that can be checked out for use by your employees. If you’re not keeping track of who checks out what device, you’ll never know who currently has the devices in their possession, as well as when they were last taken out. It makes it astonishingly easy to get away with stealing a device.

Therefore, in order to make sure that you’re keeping your data as secure as possible from all avenues of attacks, we recommend you work with the folks from Coleman Technologies. We can help you ensure security. To learn more, reach out to us at (604) 513-9428.

September

9/5 

Providence Health Plan - 122,000 members of the Providence Health Plan had personal information leaked when an unauthorized party accessed the company’s servers. Information that was stolen included plan member names, addresses, email addresses, dates of birth, Social Security numbers, member ID numbers, and subscriber numbers.

Facebook - Facebook had an unprotected server with over 419 million records accessed.  Users had their Facebook’s user ID and phone number exposed. In some cases, user’s names, genders, and locations were also leaked.

9/16

Dealer Leader, LLC. - 198 million prospective car buyers were left exposed by an unprotected server. The information that was left out there included names, email addresses, phone numbers, addresses, and IPs.

9/27

DoorDash - The popular food delivery app had 4.9 million customers’ information breached by a third-party. The information left exposed included the names, delivery addresses, phone numbers, hashed passwords, order history, and the last four numbers of each’s credit card number. In the same hack, over 100,000 delivery drivers had their driver's license information leaked. 

9/30

Zynga - The mobile game maker, Zynga, the developer of popular mobile games such as Farmville and Words with Friends has announced that 218 million players had their data exposed after their network was breached by a hacker.  The company had player names, email addresses, login IDs, phone numbers, Facebook IDs and more left exposed.

October

10/17 

Methodist Hospitals of Indiana - The Methodist Hospitals of Indiana fell victim to an email phishing scam and it allowed hackers to steal 68,000 records that included names, addresses, dates of birth, Social Security numbers, driver’s licenses, and more. 

10/21

Autoclerk - Autoclerk, a hotel property management software developer had an open database infiltrated exposing data that included names, dates of birth, home addresses, phone numbers, dates of travel, travel costs, room numbers, and some masked credit card details of hundreds of thousands of guests. 

10/22

Kalispell Regional Healthcare - Over 130,000 Social Security numbers, addresses, medical record numbers, dates of birth, medical histories and treatment information, and names of treating physicians were exposed by hackers.

10/26

Adobe - Data was exposed that included email addresses, usernames, location, Adobe product licenses, account creation dates, and payment statuses. 7.5 million users were affected.

10/27

Network Solutions - The world’s oldest domain name provider has been exposed in a hack. Millions of individuals’ data that included names, addresses, phone numbers, email addresses, and service information was compromised.

November 

11/9 

Texas Health Resources - The Texas-based health care provider reported a data breach where 82,000 patient records were exposed. Included in the breach were names, addresses, email information, health information, and more. 

11/16 

Disney Plus - The brand-spanking-new Disney+ streaming service had new user account information hijacked by hackers. Login credentials wound up on the Dark Web soon after. 

Magic the Gathering - The popular online strategy game has reported that an unsecured website database has exposed 452,000 player records that include names, usernames, and more. 

11/18

State of Louisiana - The State of Louisiana has been a victim of a ransomware attack that took down many state agencies’ servers. Although no data is said to be lost, the state’s crucial computing infrastructure was down for several days as systems were restored from backup.

11/19

Macy’s - Macy’s had their ecommerce site hacked. Hackers embedded malicious code into their checkout page and put a skimming code on the company’s Wallet page. The malware retrieved names, addresses, phone numbers, email addresses, payment card numbers, card security codes, and card expiration dates.

11/22 

T-Mobile - T-Mobile had over a million customers’ information accessed by a hacker. Information accessed included names, billing addresses, phone numbers, rates, and calling features.

Unknown - An unsecured server containing over 622 million email addresses and 50 million phone numbers, and millions of pieces of other information was discovered. It is unknown what organization this data is tied to as the time of writing.

With hundreds of millions of records being exposed each month, it’s hard to feel confident about giving your personal or financial information to anyone in the current threat landscape. If your business needs help trying to be secure, call us today at (604) 513-9428.

Shadow IT
In a lot of ways, productivity is a lot like the thing it produces, money. People will do anything to get more of it. Businesses, have a plan; and, while they also want to maximize productivity and money, they typically don’t put their whole enterprise in jeopardy to get a little bit more of it. Shadow IT is the process in which an employee will download and use a piece of software that hasn’t been tested or passed by a company’s IT administrator to try and get a little more done.

Often times, the employee is just showing initiative, with no real knowledge that by downloading and utilizing a certain off-brand software that they have just put their whole business in danger. This wouldn’t be such a major deal if it was an isolated incident, but studies show that nearly 80 percent of all employees admit to utilizing software that wasn’t selected, tested, and released for use by their IT administrator. These apps may have vulnerabilities that would-be infiltrators can take advantage of. That is why it is important to utilize the software that has been vetted by the company, even if that means losing out on a bit of productivity.

Cryptojacking
There are well over 1,500 different cryptocurrencies, and in 2018 crytojacking, the strategy of using malware to use a target computer’s resources to mine for cryptocurrency was a major problem for businesses. Since this is a computationally complex task, it significantly reduces the computer’s effectiveness and longevity. As a result, cryptojacking has become en vogue for hackers and others looking to mine cryptocurrency without the investment necessary to do it.

Most studies show that the effect of cryptojacking could get way worse in 2019 since the value of cryptocurrency has fallen significantly over the past year. This means more machines mining for crypto are necessary, and thus more attacks. Users are just learning how these attacks are carried out and how to protect their business against them.

Ransomware
While there was a reported reduction in the number of ransomware cases in 2018, it still remains a major concern for any business looking to build a comprehensive network security strategy. Ransomware, of course, is a strain of malware that encrypts parts of or entire computing systems and then demands payment in cryptocurrency in a set amount of time for safe return of the files/access.

Hackers using ransomware have taken to targeting healthcare organizations’ networks for the breadth of the sensitive data they hold on them. They’ve also began to target operational technology systems, since, as with healthcare, costs of restoration of these systems (rather than payment) are prohibitive. This produces a little more urgency to get the problem resolved.

Unsecured Internet of Things
The Internet of Things keeps expanding, but so does the security threats to networks as a result of security-light devices. With more and more devices presenting security problems for businesses and individuals alike, it becomes important to ascertain exactly what devices are present on your network at any given time. Remember, even if a security-less IoT device is connected to a network-attached smartphone, it still offers up a major vulnerability.

While this is a major threat, there has been a push to improve the security of IoT devices as of late. With more security-minded companies developing useful smart products, these concerns will begin to take a back seat. But until that shift has been well documented, you’ll want to be diligent in the manner in which you utilize IoT devices.

Phishing
No business goes very long without getting some type of phishing email. In fact, it is estimated that 156 million phishing emails are sent every day, making it the most used practice by hackers everywhere. The way it works is that since most accounts are secure enough not to be guessed outright, hackers search for ways for people to help them gain access to the accounts they want to get in to. Nearly every successful cyber attack begins with a successful phishing scheme.

A specific example called business email compromise (BEC) which targets specific members of an organization is responsible for over $12 billion in losses across the globe. Once thought to be an email scam that could be mitigated with strong spam filters, today’s phishing scam is taking on a new shape by utilizing text messaging, instant messaging, phone calls, and even the seemingly-benign social media quiz to gain access to business networks.

2019 is lining up to be another stellar year for business technology, and as more tech is used, more threats come with them. If you would like any more information about how to prioritize network security, give our IT experts a call at (604) 513-9428 today.

Text messages are great. They’re a quick and effective means for us all to communicate. 

Unfortunately, this does bring some downsides, too… namely, they’re a relatively simple means for a scammer to spread their attacks. Let’s discuss why this is so dangerous and how you can identify and avoid these threats.

Phishing Email Attacks Target Us Where We Are, So Is It a Surprise We Get Phishing Texts?

SMS-based phishing, AKA “smishing,” uses text messages as the medium of choice to send a phishing attack. These smishing texts can take numerous forms, from classic phishing attempts like fraudulent communications from “your bank,” fake shipping updates from services like FedEx and UPS, or other such parties, to alerts from government agencies and contests.

A more comprehensive list of common smishing tactics is as follows:

• Fraudulent messages from financial institutions, as mentioned
• Messages claiming you have won a contest that you never entered
• Alerts directly from government agencies or other authority figures
• Delivery notifications for packages you never ordered
• Credit card offers and promotions
• Texts asking for personal information or identity verification
• “Suspicious activity” alerts from your accounts
• Ads for sales and promotions at retail and restaurants
• Claims of payment issues

In a world where most people almost always have a delivery on the way, and are often engaged with the world via text message, many of us can be vulnerable to these types of attacks.

Just as with any scam, a bit of precaution and knowing what to look for will help you, your family, friends, and your team members recognize when a text message is a smishing attack. For instance, if you are asked to confirm your identity or access a link in the message, the message is likely a threat.

Smishing’s Strength Comes from Fear and a Lack of Awareness

Unfortunately, it makes sense that smishing can be so effective. Put yourself in a target’s shoes momentarily: you suddenly get a message that claims there’s some issue with your bank account. Without the forethought that it could be a scam, that suddenly becomes a very high-stress situation for you… not exactly the ideal conditions for rational thought.

Pair that with the tendency for trusted entities to be used as a front, and it is suddenly a lot harder for the average person to catch them.

How to Keep Yourself Safe from Smishing

There are a few steps that you should take with every suspicious message (and before you ever encounter one):

Do NOT Respond
Never answer one of these text messages directly, and never provide any sensitive or personal information… such as identification numbers, private details, passwords, or access credentials. Furthermore, never click any links or attachments sent with one of these messages.

Check Its Legitimacy
Take note of the phone number used and who the message is supposedly from. Go back and check with the purported sender directly—through a different means of communication, of course—to see if the message was, in fact, authentic.

Keep Your Device Secure
Mobile operating systems are regularly updated with added protections to keep scams to a minimum, so keeping up with these updates will only help reduce the security issues you may face. Modern mobile operating systems also commonly feature spam filtering capabilities. It also helps to install a dedicated mobile security application.

Adopt Security Measures
Various protections—multi-factor authentication, filtering and spam protection, encryption, and regular audits—can help keep smishing and other threats to a minimum for a business that adopts them.

Educate Those Around You
Whether you’re surrounded by friends, relatives, coworkers, or employees, don’t be shy about sharing these tips with them to create a bubble of improved security in your circles.

How to Report Smishing Attempts

If you do receive a text-based phishing attempt, it can also help to report it as such. The Global System for Mobile Communications—or GSMA—has an established number for users to send the contents of these attacks to… 7726.

Reporting Smishing on Android

• Very, very carefully, press and hold the offending message.
• Select the three-dot icon to access the menu.
• Select Forward and send it to 7726.

Reporting Smishing on iPhone

• Very, very carefully, press and hold the offending message.
• Select More and then the arrow at the bottom-right corner of the display.
• Forward the message to 7726.

Alert the FTC

It also helps to report these attacks to the Federal Trade Commission. The agency provides a fraud reporting tool that you should fill out so they can inform law enforcement to help stop these attacks. You’ll then be provided with best practices to follow.

We Recommend Sharing This Information with Everyone You Know

The more people that know about this threat, the better, because that means more and more people will be more resilient against them. We’re here to help businesses promote this awareness amongst their ranks and provide the tools to secure their operations better. If you’re interested in learning more about what we offer, call us at (604) 513-9428.

Cloud computing as a whole has been one of the most transformative technologies for businesses. With so many companies (upward of 90 percent of modern businesses) using some type of cloud computing, more companies than ever are really leaning into the technology and use it for mission critical business processes. Let’s take a look at some of the ways businesses can secure their cloud resources. 

Encryption

Encryption ensures that data is converted into a secure format before being stored in the cloud. Advanced encryption technologies now enable data to be encrypted both at rest (when stored) and in transit (when being transferred between systems). This makes it extremely difficult for unauthorized users to access sensitive information without the encryption key.

Zero Trust Security

The zero trust model assumes that no one, whether inside or outside the organization, is automatically trusted. New zero trust architectures verify each user and device before allowing access to cloud data, using methods like multi-factor authentication (MFA), identity verification, and continuous monitoring of activities.

Artificial Intelligence and Machine Learning 

AI and ML are being used to detect and prevent security threats in real time. These technologies can analyze patterns, identify unusual activities, and work to predict potential risks before they become problems for your business. AI also automates security tasks, allowing security teams and network administrators to respond faster.

Secure Access Service Edge

SASE combines network security functions such as secure web gateways and zero-trust network access, with wide-area networking capabilities. SASE helps businesses control how their data is accessed and ensures security policies are enforced consistently across all locations and devices.

Data Loss Prevention 

DLP technologies monitor cloud data for any potential leaks or breaches. It helps prevent sensitive information from being accidentally or intentionally shared with unauthorized users. By using automated tools, DLP ensures that critical business data stays within the company’s security perimeter.

Blockchain Technology 

Finally, blockchain is being explored for securing cloud data by ensuring tamper-proof data transactions and distributed storage. Blockchain’s decentralized nature provides strong protection against unauthorized access, as changes to the data require consensus across a network, making it harder for attackers to manipulate records.

If your business—like many others—relies heavily on the cloud, you need to understand the best ways to secure your data in transit and to protect your business overall. Give the IT experts at Coleman Technologies a call today to learn more about cloud security.

How Do These Threats Work?

These attacks work similarly to how a phishing attack or a spoofed email would, as a user is promised one thing but winds up receiving something very different. While a malicious application may perform the task it claims to, it also may redirect the user to a phishing website or ad (making the cybercriminal some money) or simply steal some of the user’s information, like their birthday or email address.

In the case of these extensions, the code needed for several different malicious operations was present, including:

• Redirecting traffic to advertisements (falsely generating revenue)
• Redirecting traffic to phishing websites
• Collecting personal data
• Collecting browsing history
• Downloading additional malware onto a user’s device

Avast’s researchers believe that only the first code was actively utilized, generating ill-gotten revenue for the creators of these extensions. Regardless, these extensions should be removed from any systems on your business’ network that they may be installed on.

The impacted extensions are as follows:

Chrome

• App Phone for Instagram
• Direct Message for Instagram
• DM for Instagram
• Downloader for Instagram
• Invisible mode for Instagram Direct Message
• Odnoklassniki UnBlock. Works quickly.
• Spotify Music Downloader
• Stories for Instagram
• The New York Times News
• Universal Video Downloader
• Upload photo to Instagram™
• Video Downloader for FaceBook™
• Vimeo™ Video Downloader
• VK UnBlock. Works fast.
• Zoomer for Instagram and Facebook

Edge

• DM for Instagram
• Downloader for Instagram
• Instagram App with Direct Message DM
• Instagram Download Video & Image
• Pretty Kitty, The Cat Pet
• SoundCloud Music Downloader
• Stories for Instagram
• Universal Video Downloader
• Upload photo to Instagram™
• Video Downloader for FaceBook™
• Video Downloader for YouTube
• Vimeo™ Video Downloader
• Volume Controller

Again, we encourage you to check your company’s network to ensure that these extensions are not installed in any of your users’ browsers, and that you encourage your employees to do the same.

Not sure how to go about doing so? Coleman Technologies can help. As a managed service provider, our services include remotely monitoring your business’ technology and network for threats while keeping abreast of this kind of news so that we can proactively resolve any issues that may influence your operations.

Find out more today by reaching out to us at (604) 513-9428.

It’s the holiday season, and you know what that means: lots of gift-giving and online shopping. Regardless of what you and your family celebrate this holiday season, you should be prepared to handle the influx of phishing attacks which always surface around this time every year, including both the usual methods and the more sophisticated ones.

Here are three strategies you can use to avoid phishing attacks and effectively navigate the holiday season without putting your financial or personal information at risk.

Check With the Online Retailer About Orders

Sometimes you might receive an email claiming that there is something wrong with an order. Maybe it’s your financial information, or maybe it’s your shipping information. In any case, these kinds of phishing tricks are using the commercialization of the holiday season to convince you to hand over your sensitive information.

If you receive an email or a text about an order that needs to be updated, then we recommend you go directly to the website in question and log in through their official login portal—especially not through any links contained in emails or text messages.

Don’t Click on Links in Emails (or Texts)

The same advice that works for untrusted links also applies during the holiday season, when emails and texts are being received by the dozens to ensure that orders are confirmed, payments are processed, and shipments are arriving. Don’t get so caught up in receiving these notifications in your email and on your smartphone that you forget to keep security in mind, though. It’s easy to send a text that looks like it is from some random retailer asking you to plug in your payment information again or to confirm a shipping address, only the message isn’t from a retailer and it’s instead coming from a hacker or other cybercriminal to either infect your system with malware or steal credentials from you.

Again, when in doubt, check your order information on the retailer’s official website, not from a link received in an email or to your smartphone.

Only Do Business with Trusted Retailers

This tip is more of just a “be careful of where you shop” caution. During the course of the holidays, people are browsing the Internet all over to find the perfect gifts for their loved ones. Sometimes this search might take them to corners of the Internet they didn’t know existed, where niche online shops thrive. While we are all for supporting small businesses, we just want to raise awareness of how you go about choosing who to trust for online purchases.

The basic premise of it is to only plug your card information into secured portals hosted by trusted retailers. Look at the company’s history, location information, support and other contact numbers, and so on to ensure they are an authentic and trustworthy person to purchase gifts through.

Stay safe this holiday season, and Coleman Technologies hopes you enjoy the time spent with your friends and family!

Your Main Hospital Wireless Network Needs to be Locked Down

First of all, your main office Wi-Fi cannot be used for guest access. The same network that your computers, tablets, laptops, and other equipment run on needs to be completely segregated from the rest of the traffic and secure. This might be pretty obvious for most healthcare professionals, especially those who have an understanding of HIPAA compliance, but it’s worth mentioning because it poses such a huge security risk (and breaks compliance).

Your guest network allows anyone to log in, which means a malicious person could log into it, or an honest person who has a compromised device. Both scenarios can result in serious problems if sensitive health data is accessible.

You need to ensure that your internal network is properly locked down, and that the password is never given out publicly, and is regularly updated. We can audit your existing network to look for vulnerabilities and shortcomings, and help you meet compliance standards—just reach out.

Guest Networks Don’t Necessarily Mean New Hardware

As long as the routers and access points you already have are capable, you usually don’t need to purchase additional hardware in order to establish a separate Wi-Fi network for guests. This is a huge perk—not only are you obviously not having to purchase new equipment, but you don’t need to worry about the installation of additional hardware. Of course, if your network is older, your requirements might be a little different.

One thing to think about, is how much bandwidth your existing wireless network allows. Most modern access points can be split so bandwidth usage is segregated between staff and visitors. You’ll want to make sure that the network can handle guest traffic without interfering with internal operations. You don’t want a visitor in your waiting room streaming Netflix to prevent your front desk from being able to print or access records.

It’s important to establish restrictions—not just deciding what a guest can see or do on the network, but how much bandwidth they are allocated.

Even Guests Require Policies

You don’t want to simply deploy a free-for-all network for your patients to access without setting some ground rules. You should require users to agree to terms of service, and you should definitely be able to monitor logs to detect any fraudulent activity. Depending on your practice, you may consider setting time restrictions so unauthorized users can’t access the network when your facilities are closed. We can also restrict access to certain locations to prevent access from outside your facilities.

Deploying a guest network doesn’t have to be extremely expensive, but it does require a lot more than simply enabling a feature on your wireless router. If you’d like help, we can start with a network audit and review your existing network, and help you establish the security and best practices you need to keep your visitors and patients safe and happy.

Give us a call at (604) 513-9428 to get the process started.

While the word “audit” can easily be a scary thought for businesses, there are certain cases where an audit serves an organization’s direct benefit. Take, for instance, the ones that occur internally to identify and correct security issues and vulnerabilities. These audits are not only a positive endeavor for businesses; they’re extremely important to carry out.

Let’s talk about why this is and review a few standard practices you should prioritize as you go about this process.

First, What is a Security Audit, and Why Is It So Important?

As you would expect, a security audit reviews and analyzes a business’ protections against modern threats. It is meant to identify existing vulnerabilities and indicate where a business needs to improve its protections.

Hopefully, the reason it is so important is already clear, but just in case:

A security audit enables a business to understand its real-life risks better and improve its protections more effectively.

More specifically:

• An audit helps you find and resolve digital vulnerabilities in your infrastructure
• You also get insights into your business’ security and ways to improve it overall
• Auditing your security preparedness also helps you meet the evolution of modern threats
• Taking the initiative to identify and improve these vulnerabilities helps you inspire trust in your clients/customers
• Many compliance standards that businesses are beholden to are more easily followed with the help of an audit
• The information gleaned during an audit can help you develop more effective security policies moving forward
• Cyberattack preparedness and response can also be informed by data collected in an audit

What Kinds of Security Audits Are There?

First, audits can be separated by who is conducting them. Internal audits are conducted by members of the business being audited, and external audits involve a third party evaluating the business’ security preparations. Each has its own benefits and drawbacks, so undergoing both to the best of your ability will probably be ideal.

Whomever it is that is carrying out the audit, there are five security umbrellas that it should cover:

1. Data - How protected is your data and access to it, whether at rest in a technology infrastructure or in transit?
2. Operational - When examining your data loss prevention strategies, does every policy and procedure meet applicable best practices?
3. Network - Are your network-wide security controls actually effective, including your antivirus and monitoring strategies? 
4. System - What processes and procedures are in place regarding account privileges and their management, patching, or role-based access controls?
5. Physical - While your team uses their devices, what requirements are in place for them to access your network securely regarding access controls, authentication measures, and on-device data protections?

How to Optimize Your Security Audits

There are a few things that all of your audits should involve to help ensure you get as much value as you can from each of them. For instance:

Set Goals

While a security audit can and should cover various aspects of your business security, you should go into it with specific objectives in mind. How well does your network security operate? What vulnerabilities do you need to resolve? Having a goal in mind for your audit can help you better understand and approach different shortcomings as they are identified.

Communicate With Your Auditor

Whether an internal resource or an external provider like Coleman Technologies is conducting your evaluation, you must reiterate the goals we just discussed as well as some of your business’ more specific needs… particularly concerning your compliance. While your auditor should already know what to look for, communicating with them can only be helpful.

Act on the Information

Evaluating your existing security measures and not making any changes based on the results would be a waste of time and money. Make sure you consider your audit's outcome completely, lean on an IT professional for assistance, and make the adjustments they recommend.

We Can Be Here for You

If you worked with us, you’d have access to a team of technology experts committed to helping your business’ IT—and, by extension, your business—thrive, focusing on both productivity and security. To learn more about what we can offer, call us at (604) 513-9428.

It’s easy to use the terms “patches” and “updates” as if they mean the same thing, and they are often used interchangeably within the same context. However, understanding the difference between the two can make a world of difference in terms of how you approach implementing each of them. We’re here to clear things up a bit and help you better understand the patches and updates you deploy on a month-to-month basis.

What is the Big Difference?

Patches and updates are critical to ensuring that your devices and mission-critical software are kept secure from potential threats. Over time, vulnerabilities or operational issues which impact security could arise, and software developers rise to the occasion to resolve them by issuing these patches and updates. The big difference between the two is scope and scale.

Patches are generally used for quick fixes to specific problems which need attention. You can think of it like patching a rip or tear in a piece of clothing. You get a piece of fabric, throw it over the problem, and sew it on for a fix.

Updates, on the other hand, are more structural in nature, and they are generally larger in scope. They might address multiple problems at once. It’s like changing the fabric of your shirt entirely rather than just patching the hole.

Why Should You Care?

In short, the biggest reason why you should care about the difference between patches and updates is that it could very well impact your ability to do your job correctly.

Let’s say you implement a new update. Yes, it solves several problems with the security infrastructure of your software or applications, but it could very well introduce new bugs or operational issues that either affect the way your team gets work done or your ability to perform specific tasks. Imagine if someone updated your operating system overnight and, all of a sudden, the user interface changes, or a critical task you need to perform no longer works the way you expect it to. You have to take the time to adjust to the update or review documentation to ensure that it’s not going to disrupt your operations too profoundly.

Make Patches and Updates Easy to Apply

We know that applying patches and updates can be a bit disruptive to your day-to-day duties and responsibilities. Furthermore, you don’t want to be applying patches and updates on a whim; you need to approach these carefully to ensure they have minimal negative impacts on your business’ operations. This is why Coleman Technologies offers remote patching and security update services. We can apply any patches or updates your systems need without the need for an on-site visit. With our management tools, you can rest assured that someone is keeping an eye out for your systems.

To learn more, reach out to Coleman Technologies at (604) 513-9428.

Phishing is a common trick where hackers pretend to be someone you trust to steal your personal information. For example, they might send an email that looks like it's from your bank, asking you to verify your account details. Here's why it's so effective.

Hackers Disguise Themselves

Hackers know you won't respond to random emails. So, they pretend to be someone you know or a company you trust, making you more likely to engage. For instance, they might mimic your favorite online store, prompting you to click on a malicious link. 

Always check who sent the message. If you're unsure, contact the person or company directly using known contact details.

Hackers Conceal Their True Intentions

If someone directly asked for your password, you'd refuse. But if they pose as tech support or offer a fake prize, you might be tempted. A common tactic is sending emails that claim you've won a lottery, urging you to click a link to claim your prize. 

If a message seems too good to be true or feels off, it might be a scam. Report such messages to your tech support or IT department.

Hackers Exploit Your Routine Actions

You're used to clicking links or downloading attachments in emails. Hackers take advantage of this habit. For example, they might send an email appearing to be an invoice from a service you use, tricking you into downloading malware. 

Pause and review emails carefully before clicking or downloading anything. If something seems suspicious, verify it first.

To protect yourself and your organization from phishing attacks, consider investing in professional security measures and comprehensive cybersecurity training. Regularly updating your knowledge about the latest phishing tactics can also help you stay vigilant.

Hackers are always on the lookout for personally identifiable information, or PII, as it’s an immensely lucrative resource. You’ll need to protect it if you want your business to continue operating safely and efficiently. Let’s go over what PII entails and what kinds of data you might find under this term.

What Constitutes PII?

The National Institute of Standards and Technology’s (NIST) Computer Security Resource Center (CSRC) defines PII as such:

“Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means.”

Let’s say your business had a contact named Charlie Brown, some of their data might include the following.

Examples of PII

If you hosted the data for this totally fake individual named Charlie Brown, you might be responsible for the loss of the following data:

• His name
• His address
• His phone number
• His personal identification numbers
• His information that identifies his property
• His personal features
• His asset information

Data Can Combine to Constitute PII

Depending on the other information you have collected, the following combinations could be considered PII as well:

• His date and place of birth
• His race
• His religion
• His weight
• His activities
• His geographic location
• His employment history
• His medical data
• His educational history
• His financial data
• His family information

Hypothetically, if someone had Charlie Brown’s employment history and family information, they could have enough to be considered PII.

Protect Your PII at All Costs

The damages that could result if you do not take proper care of PII stored on your company’s infrastructure are devastating to say the least. We recommend you call us today to learn more about how to secure it all. Contact us today at (604) 513-9428.

All it takes is one oversight to potentially undo any benefits your cybersecurity protections and other best practices may deliver. For instance, even if you have things like multifactor authentication in place, a phishing scam or even some malware varieties could potentially give an attacker access to your email… and all the data your messages contain, just sitting in your inbox.

This is where these kinds of attacks can get really, really bad, especially if there’s sensitive data being shared via email messages. Once a hacker gets access, they can see it all.

Let’s talk about the kind of data that should never be shared in an email for this exact reason.

What Kinds of Information Should Never Just Sit in an Email?

There are various types of data that you don’t want to include in an email, for numerous reasons. First of all, they’re unprotected there, and we’ve already discussed how simple it could be for the contents of a user’s email to be illegitimately accessed. 

Plus, you only have control over your own inbox. Who knows how long an email you’ve sent will sit in someone else’s, just waiting for someone to come and steal the information it holds.

This is why it is so important that the following types of information are only shared through secure means, and that all emails you receive containing them should be deleted immediately. We can implement rules (based on your Microsoft 365 license) to your email platform that periodically scan for such information and try to delete the messages containing any. That said, you and everyone working at your place of business should still be vigilant about not sending or storing these types of data in the body of an email, or even an attachment.

State/Nationally-Issued ID Numbers

From a driver’s license, Social Security number, passport number, or any other government-issued form of identification, this kind of data could be used by a cybercriminal to open many doors and give them considerable power. 

Bank/Financial Account Numbers

Similarly, if an attacker were to gain access to an email with the numbers identifying a user’s financial accounts, they are suddenly halfway to accessing them. This kind of information could easily be used to make a phishing attack that much more convincing and therefore effective.

Credit/Debit Card Numbers

Are you sensing a pattern yet? If cybercriminals access these numbers, they can make fraudulent purchases using them… and why wouldn’t they? They aren’t the ones who will be stuck with the bill.

Protected Health Information

This is where things get particularly dicey. Access to this kind of data is a clear violation of a person’s privacy and could be used to make their life more difficult. Plus, a lot of other personally identifiable information is often contained in these records, making their theft a double whammy.

Documents Protected by Attorney-Client Privilege

Similarly, these documents often contain a massive amount of the aforementioned information and data, meaning their privacy is paramount by inclusion. There are only so many reasons that an exception is made to this kind of privilege, and no, a cybersecurity incident is not one of them.

Passwords or Authentication Credentials

This list wouldn’t be complete without the passwords or other authentication credentials that are too often shared via email. These are not things you want a cybercriminal to have access to, only partially because they can easily give them access to all of the above resources.

Make Sure You and Your Team Keep This List in Mind While Using Email

This also isn’t enough. You also need to ensure that all cybersecurity protections are actively being used, from those you implement into your technology to the behaviors the entire team turns into habits. We can help with that. Reach out to us to learn more about our business cybersecurity services. Give us a call at (604) 513-9428.

Think about the apps you use daily—Google Drive, Netflix, Spotify, even Instagram. All of these run on cloud-based services, which basically means they store and process everything online instead of relying on one physical device. Businesses, big and small, are making the same shift because, honestly, it just makes sense. Let’s take a look at why you should be looking to use cloud services in your business.

It’s Way Cheaper

With the cloud, instead of paying for a ton of expensive computer servers, you just rent exactly what you need online. That’s cloud computing in a nutshell. Businesses only pay for what they use, cutting out unnecessary costs on hardware, maintenance, and IT staff to keep it all running.

Work from Anywhere, Anytime

Cloud services make remote work a breeze. Whether you’re at home, in the office, or halfway across the world, as long as there’s an Internet connection, you can access everything you need. This flexibility helps businesses keep running no matter what—pandemics, bad weather, or just a team that prefers working in their skivvies.

Stronger Security 

Some people worry that storing data online makes it easier to hack, but cloud providers actually have way better security than most businesses can afford on their own. They have teams of experts, automatic backups, and encryption that keeps data safe from cyberattacks, hardware failures, or that one guy who spills coffee on the office computer.

Automatic Updates with No Headaches

Remember the frustration of dealing with slow software updates or having to have a dedicated plan to ensure that all of your software gets the frequent updates and patches it needs to not be a security vulnerability? With cloud services, updates happen automatically in the background. Businesses always have the latest features and security patches without wasting time on annoying installs or hiring someone to do it manually.

Easier to Scale Up (or Down)

Let’s say a business suddenly gets a flood of new customers. If they’re using cloud-based services, they can quickly increase their computing power without buying new hardware. The same can be true if there are times that business slows down; they can scale back and save money. Traditional setups can’t adjust this fast.

Collaboration is Effortless

Ever worked on a group project where one person had an old version of the document, and everything got messy? Cloud-based services like Google Docs and Microsoft 365 fix that problem. Businesses use cloud tools so teams can work on the same files in real time, no matter where they are. No more emailing attachments back and forth.

It’s Good for Your Business

Businesses that aren’t using cloud services are making things harder (and more expensive) than they need to be. It’s not just for tech companies—restaurants, retail stores, startups, and even solo entrepreneurs can all benefit. With lower costs, better security, and the ability to work from anywhere, moving to the cloud isn’t just smart—it’s essential. So, if your business isn’t on the cloud yet, it’s time to ask: What are you waiting for?

The IT professionals at Coleman Technologies can help you get all the technology you need to give your organization the best chance of achieving success. Give us a call today at (604) 513-9428 to learn more.

The Federal Trade Commission, or FTC, has put together a Safeguard Rule to help establish guidelines for how businesses store and interact with customer information. Enacted in 2003, this rule was recently revamped in 2021 to stay relevant with the latest technology used by businesses. Let’s look at some of the policies and procedures that your business needs to know about the FTC Safeguard Rule.

What is the FTC’s Safeguard Rule?

The Safeguard Rule is a mandate put in place to protect personal information. Those impacted by this rule include financial institutions like mortgage lenders, payday lenders, finance companies, mortgage brokers, account servicers, check cashers, wire transferors, collection agencies, credit counselors, and other financial advisors, tax preparation firms, non-federally insured credit unions, and investment advisors that aren’t required to register with the SEC.

Compliance with the FTC Safeguard Rule involves applicable financial institutions writing out their information security program and having it address specific metrics. This plan must also be appropriate for the size and scope of the business, and it must be tailored to the specific type of information that the organization is responsible for.

With the Safeguard Rule in place and governing how businesses manage sensitive information, it should technically address challenges such as the security and confidentiality of customer information, threats to the integrity of this information, and protection from unauthorized access, theft, or destruction of that data, as well as any problems it might cause for the customer.

You Can Build an FTC-Compliant Security Platform Too

When you get into the details, the reality is that there is nothing in the FTC Safeguard Rule that you shouldn’t already be doing for your customer data. Here is a quick rundown that the FTC recommends for businesses that want to make sure their networks are FTC-compliant.

1. Designate a qualified individual to oversee organizational data security.
2. Conduct a comprehensive risk assessment.
3. Design and deploy necessary safeguards outlined in the risk assessment.
4. Monitor system and regularly test it.
5. Train employees in best practices of data security and privacy.
6. Oversee any third-party’s access and control.
7. Regularly update the security program to keep it current. 
8. Create a written response plan for necessary continuity. 

Need a Hand?

Coleman Technologies knows network security and compliance laws like the back of our hands. To learn more about how we can support your business’ efforts, reach out to us at (604) 513-9428.

A popular automotive dealership software platform has recently become the target of a cyberattack, resulting in the solution going down for several days. Any business that has a solution it relies on can sympathize with the situation. After all, if you lose access to your critical business apps for several days, would your operations be able to recover?

Let’s dive into the situation.

CDK Global Outage Takes Down 15,000 Car Dealerships

Most businesses have specific solutions that they rely on to keep operations efficient, and car dealerships are no exception. While various platforms are available, moving from one to another can be costly and time-consuming, making a last-minute pivot next to impossible without a serious financial burden. It involves data migration, system implementation, inventory configuration, and user training.

These platforms are essential for operations, and each industry will utilize them differently. Some might use them for payroll, customer relationship management, inventory management, financial management, marketing, and so on. CDK Global is one of these solutions but for the automotive industry. 1 in 5 car dealerships in the US rely on it.

This outage started on Wednesday, June 19th, bringing down CDK’s systems for hours. On Thursday, yet another cybersecurity incident occurred. As of this writing, most of 15,000 dealerships had their systems restored, in line with a memo issued by CDK that the systems were unlikely to be restored before the end of June. 

Before the restoration, however, it was recommended that dealerships plan to adopt other software for their month-end financial closing processes in the short term.

As you can imagine, this was not an easy task for the car dealerships who rely on this software.

Dealerships Couldn’t Operate, and People Can't Register Cars

If you were a customer ready to pull the trigger on a new vehicle purchase, you’d be disappointed when only one of the five dealerships you visit can help. It’s also problematic if you cannot legally drive it. CDK Global’s software can help car dealerships register cars with the state. Still, depending on state laws, new customers must make an appointment with their local motor vehicle department to legally drive their car home.

Let’s be realistic: no one likes going to the Department of Motor Vehicles, regardless of how quickly or slowly the line moves. The fact that this outage forces customers to engage in this way is not good for CDK users.

Whose Fault is This, Really?

It’s easy to think that CDK Global is at fault, but it’s not necessarily the case (at least as of this writing). While it’s been severe enough to force most car dealerships to work on pen and paper, it’s important to note that cybersecurity issues are an inevitability.

There are ways to prepare for such attacks, but there is always a risk, however miniscule it might be. Even organizations that are well-prepared to handle cybersecurity threats can fall victim to them. What you can do, however, is judge how they respond to such attacks.

Here are some lessons that businesses can learn from this incident.

1. Cyberattacks can have a massive impact on your business and the lives of those you work with.
2. Cyberattacks can happen to literally any organization, large or small.
3. Proper preparation and proactive prevention can minimize the risk of a cyberattack and reduce the impact.
4. Communication during a cybersecurity incident is critical!

If your business relies on specific applications, then it’s time to consider what would happen if those applications were suddenly unavailable. It’s better to be prepared for the worst and never experience it than to be unprepared.

If cybersecurity concerns you, we’ve got your back. Coleman Technologies offers security solutions for your business. Call us at (604) 513-9428 to learn more.

Can you tell the difference between your colleagues and a scammer with access to their email account? This is essentially what a business email compromise attack involves—a scammer initiates a phishing scheme using an internal mode of communication. These scams are also observed in schools, making them dangerous in the education sector.

Today, we’re exploring how to navigate these attacks safely and what’s at stake if you don’t.

How BEC Works

Most employees won’t think twice if they receive a request for information—especially if it comes from a trusted company entity.

Business email compromise is an attack that uses an essential business communication tool to fool the victim into handing over the information directly. In some cases, the attacker might even receive direct access to the information they seek. There are no two ways about it—this situation is bad, full stop.

Here’s how it works:

1. A scammer will select a target, research it, and potentially even craft a fraudulent website to make their efforts that much more effective.
2. The scammer then breaches the company’s email systems and identifies the most effective targets based on the emails they send and conversations they hold.
3. Spoofing an email domain, the scammer prepares to impersonate the right person to influence their target.
4. The scammer then contacts the target, working to build up enough trust to make the ask—whether for money (often in the form of gift cards) or data.

These attacks are increasingly becoming more significant problems for schools and educational institutions.

Public Sector Organizations Are At Risk

Schools and public institutions find themselves the target of these attacks for a couple of reasons:

• Many such organizations have only a limited budget for cybersecurity, making them more likely to be targets of a cyberattack.
• These organizations also commonly exchange large amounts of capital regularly, giving an attacker more opportunities to strike.
• Many of these organizations also rely on complex administrative structuring and processes, making them even more vulnerable as issues are missed and the right people are required to sign off on any action.
• The public sector also typically collects a lot of data throughout its operations, which means that a cybercriminal would be interested in obtaining these stores.

It makes sense that schools in California and Tennessee have been targeted by these attacks, given how much hackers stand to gain from a successful strike. These institutions can sustain damages of up to six or even seven figures. But those are just the direct costs, not to mention the other damages to reputations and penalties.

All of these are reasons to consider your own approach to securing your business from BEC attacks.

What You Can Do to Mitigate Business Email Compromise

We recommend that all British Columbia businesses take the following security precautions for BEC:

• Adequately protect financial data and other sensitive information. A precautionary audit can help you determine what is at risk and where your vulnerabilities lie.
• Consider a cyber insurance policy. Cyberattacks are more commonplace than natural disasters these days, so you should have plans in place to protect you against the financial costs that could result (just make sure you know what’s covered and what limits exist).
• Prioritize compliance. All businesses are subject to certain compliance requirements, and failing to maintain the standards required by government or industry could result in hefty fines should your business fall victim to a scam.
• Monitor your infrastructure at all times. There are tools out there that can help you detect BEC attacks before they become a problem—like, say, a compromised account before it can be leveraged against your staff.

With these measures in place, we’re confident you’ll be in a much better position to identify and prevent BEC attacks.

If you’re worried about your business’ security, you can rely on Coleman Technologies to keep you safe. Learn more today by calling us at (604) 513-9428.

Phishing is a common issue that businesses of all kinds can experience, whether they are a small startup or a large corporation. Hackers are always trying to extol information from your employees, including account credentials, remote access to your systems, and in some cases, funds directly from a bank account. It’s up to you to teach them how to identify and respond to phishing attacks.

Here are some strategies you can teach them for how to address phishing attacks against your infrastructure.

Be Wary of Unsolicited Requests—Especially Suspicious Ones

Chances are you’ve seen the messages you get in your inbox about confirming special offers or doing certain tasks, like clicking on a link or downloading an email attachment. More often than not, these types of unsolicited emails are phishing attempts designed to get you to act in a specific way. If you think a message looks suspicious, then it probably is, and you should flag the message as such so your IT can handle it. You might look for unprofessional language, misspelled words, or other similar telltale signs when you are making your decision.

Be Especially Careful with Phishing Links

Although they are not necessarily anything new, phishing links are still quite dangerous because they take almost no time at all to put together. A phishing link can come in the form of an email, social media message, or even a text message. Hackers will use every trick they can think of to get you to click on the link, and if you’re not careful, you might actually do it. Links can look legitimate even if they are not; for example, a zero could easily be slotted in the place of a capital “o.”

Use Alternative Methods of Identity Confirmation

Let’s say you get a message that you are truly 50-50 on. It could be real, or it could be a scam. If there is even a shadow of a doubt as to the authenticity of the message, you should consider reaching out to the other party through an alternative means, just to confirm that the sender is who they claim to be. For example, if it’s GoDaddy support, contact GoDaddy support through the phone number on their actual website rather than the one in the email message. If it’s an internal message, like one from your supervisor or your IT department, reach out to them with the contact information you have on-hand to verify their identity. In all cases, it’s better to be safe than sorry.

You can help your business stay protected against phishing attacks by working with Coleman Technologies. We can equip your organization with the tools to protect itself and the support your team needs to identify such messages. To learn more, call us at (604) 513-9428.

How Does This Happen?

An employee had access to data that they weren’t authorized to have. According to Trend Micro, they were able to “gain access to a customer support database that contained names, email addresses, Trend Micro support ticket numbers, and in some instances telephone numbers. There are no indications that any other information such as financial or credit payment information was involved…”

This employee, who remains unnamed, apparently had planned to steal data, and ended up being able to bypass the internal protections Trend Micro had in place.

Since the data had more than enough information for a scammer to use to trick a user into believing they were calling from Trend Micro (all it really takes is a name and phone number, and knowing that they use the product), this kind of data has a great deal of value to scammers. It gives them an easy way in to steal money from unsuspecting people under the guise of Trend Micro tech support.

Be Wary of Any Unsolicited Tech Support Calls

This isn’t a new problem, and it definitely isn’t only a problem for Trend Micro customers. Fake tech support scammers have been around for years, often preying on older, less-technically-savvy users. They use scare tactics and feign urgency to get their victim to hand over credit card information or allow remote access to the PC. 

More often than not, these calls will come in saying they are “Microsoft Windows Support” or some general computer support. If the scammer thinks they are targeting an individual at a business, they might say they are from the IT department.

It’s important to be wary and educate your employees so they know the proper channels for getting support requests handled. 

The Other Lesson - Don’t Let Employees Access Data They Don’t Need

As a business owner, you need to ask yourself who has a little too much access. Can all employees wander into folders on your network that contain personal or financial information? 

An employee should only have access to the data that they need, although it’s also important to not make it too difficult for an employee to do their job. Establishing the policies for this can be tricky but setting up the permissions on your network just takes a little work with your IT provider.

Enforcing security policies, like controlling who has access to what data, requiring strong passwords, and setting up multi-factor authentication can go a long way in protecting your business and its customers from a rogue employee running off with data. An ounce of prevention is worth a ton of damage control, in this case.

Need help? Our IT experts can work with you to lock down your data. Give us a call at (604) 513-9428.

Profitable Types of Data

Believe it or not, even a small business with a handful of clients has data worth stealing. You’re in business to make money, and by virtue of this fact, you likely collect and store financial information. In fact, you collect a ton of valuable data. The type of data that hackers are looking for.

In addition to all of the financial details you collect, there is also all of the contact information regarding leads, clients, and customers. With so many emails and phone numbers stored on your infrastructure, hackers can have a field day. They will have all the information they need to steal funds, distribute malware, and create unpleasant situations for your business.

The Unpredictability Factor

Not all hackers have any specific goal in mind when they hack you. Sometimes all they want to do is make your life miserable. The unpredictability associated with hackers is one of the most dangerous parts of them, as they can take advantage of any overlooked vulnerabilities to create a problematic situation for you.

The Impact of Security Negligence

If your business falls victim to a hacker, it’s certain to affect your business' operations. In some cases, it could be subject to compliance fines that could break your budget and put your business at greater risk. Furthermore, you could lose access to important data that makes your business work, threatening its future and all but guaranteeing that recovery can never happen. Therefore, the importance of protecting your network can never be overstated.

Coleman Technologies can help your business implement the security solutions needed to maximize protection from threats. To learn more about what we can do for your organization, reach out to us at (604) 513-9428.