The New Normal COVID-19 Office Security

With continued WFH policies and multiplied COVID-19 scams and threats, the importance of good cyber security stands out. Indeed, with a workforce that is highly dependent on digital services for the foreseeable future, the new normal COVID-19 office security is necessarily stronger, more vigilant, and more dispersed.

Yet, a lot of questions remain unanswered. For example, will behavioral surveillance be part of the new normal? As organizations plan to implement contact tracing, privacy advocates voice their concerns.

Given the uncertainty, we expect to see these non-intrusive measures with clearly defined benefits coming to the new normal.

Thermal cameras for passive temperature checking
The advantages of temperature detection for a business COVID-19 strategy include early discovery and reporting leading to early isolation and treatment.

Advanced temperature detection technology is not a substitute for medical grade FDA approved thermometers. The advantage of an advanced thermal camera system is that it can pick out personnel with abnormal body temperatures in heavy traffic areas to be assessed later by a professional with medically approved equipment.

These systems use an HD video camera and thermal camera side by side looking at the same field of view. The resulting video and metadata output, when combined with advanced artificial intelligence, gives sensible temperature data on multiple objects simultaneously.

Some systems employ facial detection technology paired with a face database and a high temperature detection alarm. They can identify up to 16 targets with a temperature accuracy of .54° F and come with an easy to use interface.

In-office security cameras
Also likely to become more common, in-office security cameras provide a video record of events. They function as a tool to answer concerns about what happened if a COVID-19 behavioral complaint surfaces. The societal resistance to surveillance will likely be counter-balanced by the desire to maintain a safe work environment.

Plexiglas barriers
Plexiglas® extruded acrylic sheets promote both worker and consumer safety to help control the spread of the virus.

Sneeze guards made from Plexiglas make sense. So, it is logical to see their use extended in the office to create barriers between closely seated workers. We’ll see them in other areas to promote social distancing.

Health questions
The CDC recently issued guidance recommending that employers actively encourage sick employees to stay home. Interpreting this guidance, the EEOC confirmed that the rules of the ADA and the Rehabilitation Act continue to apply but do not prevent employers from following guidelines from the CDC and other public health authorities regarding COVID-19.

Per the EEOC’s guidance, employers may ask employees who report feeling ill at work, or who call in sick, questions about their symptoms to determine if they may have COVID-19. In addition, they may require employees to stay home if they have COVID-19 symptoms, screen applicants for symptoms of COVID-19, delay the start date or withdraw the offer of an applicant with symptoms.

Thus, employers may find it necessary to ask employees about their symptoms. They might require notification of high body temperatures, and request disclosure of recent proximity to individuals who have tested positive for COVID-19. In doing so, they must be mindful to do it consistently and avoid discriminatory use of the results.

To simplify the process and avoid collecting unnecessary information, employers may simply ask employees to stay home if they show certain symptoms, rather than asking them about the specific symptoms they have.

Work from home security
The WFH new normal creates multiple security challenges that must be addressed. From simple provisioning issues like shredders for employees handling sensitive documents to updated incident response plans, new circumstances demand new security responses.

For example, the company’s business continuity plan should be updated to address new fail-over and backup procedures. Also, the difficulty of securing and verifying credentials in a remote environment will encourage the use of multifactor authentication.

In addition, with less physical oversight of employees, organizations may need to focus more on user activity. Access logs and user behavior analysis come to mind. Increased threats require increased employee education. And, employees also need to know how to report security risks or threats through all the currently used communication channels (in addition to email).

How To Set Up And Maintain A Secure, Remote Work Environment To Overcome The COVID19 Pandemic

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

“We are in this together.” We can’t say that enough. It’s not you, and I, but US.

Information technology and communications providers are considered essential services in this unprecedented time, and we take our role seriously. We are here to help, and we ask you (no, implore you) to reach out with any technology-related questions as you work to transition from a central office to a remote employee environment.

As you prepare (or maybe you already have transitioned) for remote work environments, many of which will need to be done by the individual who will be working there, we developed this list of 10 things to keep in mind to secure a remote work environment on the fly.

Invest in antivirus software for all employee devices
Yes, technically it is your employee’s devices and these are usually outside of the typical IT circle. But with these circumstances coming about quickly, there may not have been time to follow your normal procurement cycle to get the specific equipment your employees need to remain productive while working from home. That means they will be working from their own device, and they may or may not be as cognizant of your security measures.

So a good rule of thumb is to work to ensure that all employees utilize antivirus software. Many ISPs (Internet service providers) also offer free antivirus software with their service, and we would encourage you to take full advantage. There are several ways you can handle this and we invite you to give us a call to see what will work best for your organization. [Read more…]

Designing A Comprehensive Security Plan For Your Company

After years of being in the industry and watching the evolution of cyberattacks, we feel that there are 13 critical pieces to any cybersecurity plan that we, as your managed service provider, should implement. They are:

Two-factor/Multi-factor authentication

Two-factor authentication is probably the most widely misunderstood security solution, but a critical and effective part of every cybersecurity strategy.

Two-factor authentication is just how it sounds: two separate layers of security. The first is a typical username and password log-in with the addition of a secondary level that looks for something you know, something you have, or something on your body (e.g., fingerprint).

Here are some stats you should know that describe the critical need for two-factor authentication:

  • 90% of passwords can be cracked in less than six hours.
  • Two-thirds of people use the same password everywhere.
  • Sophisticated cyberattackers have the power to test billions of passwords every second.

This sobering reality is why we require two-factor or multi-factor authentication for all of our employees and users of our system, and we highly recommend that you do too.

Password management

The main reason people use the same password everywhere is because it’s impossible to keep track of hundreds of usernames and passwords across various devices and systems.

A secure password is a unique, hard-to-guess one, so it’s understandable why users resort to the use of the same password for each site. This is why we have a password management program built into our procedures. The password manager program generates unique, complex passwords for each site or program then securely stores them in the management program.

When one of our staff needs credentials, they use the master password to open their database of passwords and obtain the login information they need, making it easy to “remember” a complex password and significantly reduce the risk of a breach.

Security risk assessment

A security risk assessment involves reviewing your technology and how you use it, followed by the implementation of security improvements and preventive measures.

The assessment should be performed at a minimum of one time per year, if not more. A full security assessment includes the following pieces:

Identification – When performing a security risk assessment, we first need to take inventory of all of your critical information technology equipment, then determine what sensitive data is created, stored, or transmitted through these devices and create a risk profile for each.

Assessment – This step takes identification to the next level. To complete the assessment step, we need to identify the security risks to each critical asset and determine the most effective and efficient way to allocate time and resources to mitigation.

Mitigation – This is where we solve problems. We have specifically defined a mitigation approach for each potential risk in our network and what security controls will be initiated in case of a breach.

Prevention – We have specific tools and processes to minimize the risk of threats against us and our network in order to help keep you safe.

Information security plan

There is a significant need to safeguard any information that is collected, transmitted, used, and stored within information systems, so the development of an information security plan is crucial. We take this very seriously. We have taken steps to document a plan and designed systems to secure our and our clients’ sensitive business data.

A security program is essentially about risk management, including identifying, quantifying and mitigating risks to computers and data. There are some essential basic steps to risk management:

Identify the Assets – Beyond generating a list of all the hardware and software within the infrastructure, assets also include any data that is processed and stored on these devices.

Assign value – Every asset, including data, has a value and there are two approaches that can be taken to develop the value: qualitative and quantitative. “Quantitative” assigns a financial value to each asset and compares it to the cost of the counter-measure.  “Qualitative” places the threats and security measures of the assets and sets a rank by use of a scoring system.

Identify risks and threats to each asset – Threats to the system go beyond malicious actors attempting to access your data and extend to any event that has the potential to harm the asset. Events like lightning strikes, tornados, hurricanes, floods, human error, or terrorist attacks should also be examined as potential risks.

Estimate potential loss and frequency of attack of those assets – This step depends on the location of the asset. For those operating in the Midwest, the risk of a hurricane causing damage is extremely low while the risk of a tornado would be high.

Recommend countermeasures or other remedial activities – By the end of the above steps, the items that need improvement should become fairly obvious. At this point, you can develop security policies and procedures.

Policies and procedures (internal & external) – A crucial part of an effective cybersecurity plan is the policies and procedures, both for internal assets and external assets. You can’t have one without the other. A general description can be thought of as this: a policy is the “rule” and a procedure is the “how.” With this in mind, a policy would be to effectively secure corporate data with strong passwords. The procedure would be to use multi-factor authentication.

Cybersecurity insurance and data breach financial liability – CyberInsureOne defines cybersecurity insurance as “a product that is offered to individuals and businesses in order to protect them from the effects and consequences of online attacks.”

Cybersecurity insurance can help your business recover in the event of a cyberattack, providing such services as public relations support and funds to draw against to cover any financial losses. It’s something that your MSP should carry as well as your own business.

And just like business liability and auto liability insurance, it is paramount that your business (as well as your MSP) covers themselves with data breach financial liability insurance to cover any event that may be attributed to their activities causing a breach.

Data access management – Access management is determining who is and who isn’t allowed access to certain assets and information, such as administrative accounts.

This is critical for your business as it enables control over who has access to your corporate data, especially during times of employee turnover. Other benefits include increased regulatory compliance, reduced operating costs, and reduced information security risks.

Security awareness training (with phishing training) – Phishing is the number one attack vector today with over 90,000 new attacks launched every month. If your provider is not actively participating in security and phishing awareness training, they will be unable to keep you up on the latest trends in how these malicious actors are attempting to gain access to your businesses data.

Data encryption – At its basic level, data encryption translates data into a different form, making it readable only by the starting and ending points and only with the appropriate password. Encryption is currently considered one of the most effective security measures in use as it is nearly impossible for an outside force to crack.

Next Gen antivirus and firewall – Antivirus is software designed to detect and neutralize any infection that does attempt to access the device and should be on every endpoint.

Many providers are marketing their software as “next generation,” but true next generation antivirus includes features such as exploit techniques (blocking a process that is exploiting or using a typical method of bypassing a normal operation), application whitelisting (a process for validating and controlling everything a program is allowed to do), micro-virtualization (blocks direct execution of a process, essentially operating the program in its own virtual operating system), artificial intelligence (blocking or detecting viruses the same way as a human user could), and EDR/Forensics (using a large data set from endpoint logs, packets, and processes to find out what happened after the fact).

Next generation firewalls also include additional capabilities above the traditional firewall, including intrusion protection, deep packet inspection, SSL-Encrypted traffic termination, and sandboxing.

Business continuity plan – This is a process surrounding the development of a system to manage prevention and recovery from potential threats to a business. A solid business continuity plan includes the following:

  • Policy, purpose, and scope
  • Goals
  • Assumptions
  • Key roles responsibilities
  • A business impact analysis
  • Plans for risk mitigation
  • Data and storage requirements that are offsite
  • Business recovery strategies
  • Alternate operating plans
  • Evaluation of outside vendors’ readiness
  • Response and plan activation
  • Communication plan
  • Drills and practice sessions
  • Regular re-evaluation of the current plan

Your MSP should be able to provide you with a copy of what is included in their plan and how it will affect your business if they do encounter a business continuity event, as well as their backup plan to maintain your critical business infrastructure.

Email security layers – In short, layers limit risk. Email security layers include tactics such as two-factor authentication and spam filters at the basic level (which give your employees time to evaluate a potential threat by removing the words “urgent” or “do right now” from internal subject lines).

As your managed service provider, we are dedicated to helping you maintain effective cybersecurity through these advanced tactics, as well as through a consultative, trusted advisor relationship. You are more than just a number to us and we will do everything in our power to help keep your business safe and running smoothly.

The Five Broad Categories Of The Cybersecurity Framework

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

One of the key methods that the NIST recommends businesses do on a continual basis is focus on these five categories as you assess your cybersecurity framework. These should be done regularly, and proactively, in order to be the most effective.

The categories are broad and cover a wide array of tools that businesses can use to build a cybersecurity framework that best supports their business security needs. They are: identify, protect, detect, respond and recover.

The first step you should take is to identify who should and should not have access to your business’s privileged information, and then maintain strict physical access rules for those personnel who don’t need that access.

NIST recommends that you do not allow cleaning and maintenance staff unsupervised access to rooms that contain computers or other technology that stores sensitive information.

Further recommendations include performing extensive background checks on all prospective employees, setting systems to lock down after several minutes of inactivity and maintaining separate accounts for each user. [Read more…]

Most Small Business Breaches Could Be Prevented

The majority of breaches that affect small and medium businesses like yours could have been prevented through the use of today’s technology. Here are 14 ways you can protect your business:

Security assessment
Establish a baseline and determine when your last security assessment was.

Spam email
Most attacks occur from infected emails. Be sure you secure your accounts. We can help you determine the right level of protection for your business.

Passwords
Set company policies surrounding passwords and external devices in your business. Examples include restricting USB drive access, screen timeout limits, enhanced password policies, and limiting user access to certain files.

Security awareness
Educate, educate,and then educate some more. Employees are the single greatest risk to an organization of a cyber breach by employees inadvertently clicking on a link in an email or downloading a file that contains the virus or ransomware.

Advanced endpoint detection and response (EDR)
Technology advancements have enhanced the traditional methods of virus protection, adding protections for fileless and script-based attacks and can even roll back systems after an attack. Give us a call at (734) 457-5000 (or email at info@mytechexperts.com) to learn more about these features and how they can replace your current virus protection software.

Multi-factor authentication
Multi-Factor Authentication is the process of requiring two modes of identity checks when logging into accounts with sensitive and personal information, such as bank accounts or social media.

This additional layer of protection can be critical in ensuring your data does not become lost.

Computer updates
Automate key software, such as Microsoft Office and OS, Adobe, and Java, to protect your network from the latest attacks. We can provide “critical update” services to your business and help you keep your business protected from these malicious sources.

Dark web research
A little known secret is the reality that many users’ login credentials have been placed for sale on Dark Web sites. Continuously monitor these sites and update credentials as needed if you find your corporate credentials up for sale to the highest bidder.

SIEM/log management
SIEM, or Security Incident & Event Management, uses data engines to review all logs from all covered devices, protecting your systems from unauthorized access.

Web gateway security
New cloud-based security products can detect web and email threats and block them – before they reach your network and users.

Mobile device security
Don’t neglect to secure your employees’ mobile devices and tablets. Many attackers target these devices, believing them to be forgotten by most businesses.

Firewall
Advanced firewall technology today enables intrusion detection and intrusion protection features. Ensure these are enabled on your corporate firewalls, and if you don’t know how, call us today.

Encryption
Encrypt files both at rest and in motion, especially on mobile devices, laptops and tablets. Cell phones are an unexpected attack vector.

Backup
Utilize multiple forms of backup, from cloud backup to on-premise and offline, further reducing the risks of a ransomware attack preventing access to your data.

Three Reasons To Regularly Test Business Systems

Protecting your business requires more time, effort and energy from your technology team than ever before.

Business systems are increasingly complex, requiring staff members to continually learn and adapt to changing conditions and new threats as they emerge.

It’s not unusual for a single ransomware incident to wreak havoc on carefully balanced systems, and this type of attack can be particularly damaging if you do not have the backup and disaster recovery procedures in place to regain critical operations quickly.

From checking for system vulnerabilities to identifying weak points in your processes, here are some reasons why it is so important to regularly test your business systems.

Business System Testing Helps Find Vulnerabilities
The seismic shift in the way business systems work is still settling, making it especially challenging to find the ever-changing vulnerabilities in your systems. Cloud-based applications connect in a variety of different ways, causing additional steps for infrastructure teams as they review the data connectors and storage locations.

Each of these connections is a potential point of failure and could represent a weakness where a cybercriminal could take advantage of to infiltrate your sensitive business and financial data. Regular business system testing allows your technology teams to determine where your defenses may need to be shored up.

As the business continues to evolve through digital transformation, this regular testing and documentation of the results allow your teams to grow their comfort level with the interconnected nature of today’s systems — which is extremely valuable knowledge to share within the organization in the event of a system outage or failure.

Experts note that system testing is being “shifted left”, or pushed earlier in the development cycle. This helps ensure that vulnerabilities are addressed before systems are fully launched, helping to protect business systems and data.

Business System Testing Provides Valuable Insight Into Process Improvement Needs
Business process improvement and automation are never-ending goals, as there are always new tools available that can help optimize the digital and physical operations of your business.

Reviewing business systems in depth allows you to gain a higher-level understanding of the various processes that surround your business systems, allowing you to identify inefficiencies as well as processes that could leave holes in your cybersecurity net.

Prioritizing these process improvements helps identify any crucial needs that can bring significant business value, too. This process of continuous improvement solidifies your business systems and hardens security over time by tightening security and allowing you to review user permissions and individual levels of authority within your business infrastructure and systems.

Business System Testing Allows You to Affirm Your Disaster Recovery Strategy
Your backup and disaster recovery strategy is an integral part of your business.

Although you hope you never have to use it, no business is fully protected without a detailed disaster recovery plan of attack — complete with assigned accountabilities and deliverables. It’s no longer a matter of “if” your business is attacked but “when”, and your technology team must be prepared for that eventuality.

Business testing allows you to review your backup and disaster recovery strategy with the parties that will be engaged to execute it, providing an opportunity for any necessary revisions or adjustments to the plans.

Whether a business system outage comes from a user who is careless with a device or password, a cybercriminal manages to infiltrate your systems or your business systems are damaged in fire or flood, your IT team will be ready to bring your business back online quickly.

Regularly testing your business policies and procedures and validating your disaster recovery plan puts your organization in a safer space when it comes to overcoming an incident that impacts your ability to conduct business.

The complexity of dealing with multi-cloud environments can stymie even the most hardened technology teams, and the added comfort level that is gained by regular testing helps promote ongoing learning and system familiarity for your teams. No one wants to have to rebuild your infrastructure or business systems from the ground up, but running testing procedures over time can help promote a higher level of comfort within teams and vendor partners if the unthinkable does occur.

What Are The Newest Phishing Attacks?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Phishing is a term adapted from the word “fishing.” When we go fishing, we put a line in the water with bait on it, and we sit back and wait for the fish to come along and take the bait. Maybe the fish was hungry. Perhaps it just wasn’t paying attention. At any rate, eventually a fish will bite, and you’ll have something delicious for dinner.

How Does Phishing Work?
This is essentially how cyber phishing works. Cybercriminals create an interesting email, maybe saying that you’ve won a $100 gift certificate from Amazon. Sound too good to be true? Find out! All you have to do is click the link and take a short survey.

Once you click the link, a virus is downloaded onto your system. Sometimes it’s malware, and sometimes it’s ransomware. Malware includes Trojans, worms, spyware, and adware. These malicious programs each have different goals, but all are destructive and aimed at harming your computers. [Read more…]

Using Wireless Printers? Here’s How to Secure Them

With some reports estimating over seven million incidents of cybercrime and online fraud occurring in 2018, it would be a mistake to discount the risks associated with using a wireless printer.

After all, any time data is transmitted wirelessly, there is a chance it could be intercepted. When you think about all the sensitive information that is printed in your company, this threat may then seem quite real.

Try the following tips to minimize the risk of a security vulnerability associated with wireless printing:

Use WPA2
This security certification program essentially password protects your print job capabilities just as you would require login credentials to access wireless internet.

By controlling access to your wireless printers, you can also monitor who is printing what and detect when someone attempts to gain unauthorized access to your systems.

Keep Security Software Updated
Many printers come with some form of built-in security, but the installed version can only be effective for so long.

Regularly check for more updated versions of your printers’ security software and install them as they become available to be protected from the latest threats.

Use Data Encryption
Just as your emails and other document sharing methods are encrypted during transmission, you should make sure your printer data is encrypted as well.

This ensures that, if the information is intercepted by a nefarious third-party, they will not be able to decode the stolen data. This is especially important for printers you use to print checks.

Train Your Staff in Printer Protocol
No matter what measures you take to secure your wireless printers, they won’t be as effective if your staff doesn’t know how to properly use equipment or keep protection programs up to date.

Provide training to your employees about safe printing practices.

These tips don’t just apply to large businesses; the threat of a security breach through wireless printing systems can affect small businesses and even individuals just as easily.

With a little forethought and effort however, you can greatly decrease these risks to be able to print without fear.

Four Questions Every CEO Needs To Ask About Cybersecurity

Leaders in every organization need to make identifying and addressing their cybersecurity needs a top priority. You can begin by starting a conversation between your IT service company and employees at all levels of your company about information security and how best to protect sensitive data, but you need to know the right questions to ask. Here are four questions to ask to get the discussion started and moving in the right direction.

How informed is your team about the vulnerability to and potential impact of cyber attacks on your company?

It’s important to assess the current awareness of everyone in your business about cyber threats and the potential damage from data breaches. It’s likely that everyone has heard of the many well-publicized breaches that have occurred over the last several years, but possibly haven’t considered them within the context of your company.

This is the first step to developing an educational initiative to get everyone up to speed on the problem and identifying the at-risk areas in your system. After that, you can begin to develop a chain of communication to take immediate action in case of a breach and set protocols and expectations for response times. A fast and effective response is critical to limiting data exposure.

What are the specific risks to your infrastructure and what are the best steps to take to address them?

Remember that the threat isn’t limited to just hackers. Many breaches occur because employees click on a link in a phishing email, leave a password lying around where it’s easily seen, or by unknowingly becoming a victim of a social engineering scam by giving it to someone over the phone who is impersonating a company employee.

Then you can begin to identify the resources needed to protect your data, including third-party security software and updated equipment. Simply informing your employees of the threat of such low-tech risks can greatly increase your cybersecurity.

How many security incidents are detected in your systems in a normal month or week, what type are they, and how were others informed about them?

You should have a system in place to detect, monitor, analyze, and record any type of potential security incident no matter how small or seemingly insignificant, and disseminate that information to the appropriate personnel, or perhaps to all employees to raise awareness. You should discuss enhanced alerting and monitoring with your IT professionals.

Does your company have an incident response plan? How effective is it, and how often do you test it?

The only way you can quickly react to prevent or limit the damage from a breach is to have a clearly defined response plan in place. It should document how everyone in your company should react in the event of an emergency. This plan should be available to all employees. It should be tested on a regular basis, at least once each quarter, and updated whenever significant changes are made to your IT infrastructure.

Cyberattacks are just a fact of life these days, and that’s not going to change anytime soon. But by asking your team the right questions, starting a dialogue about how to address the threat, raising awareness and implementing training, and having a response plan in place, although you’ll never completely eliminate them, you can reduce your risks significantly.

What Can Companies Do To Prevent Privacy Violations?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Whether it’s physical, virtual, or in the cloud, discovering and blocking sophisticated threats in the network is at the forefront of every company’s mind.

However, businesses are finding that more and more data violations are taking place when network security centers on the edge of the network are not giving equal protection to the network itself.

Security at the perimeter of the network has received most of the attention from data protection companies.

What many internet service providers and businesses have neglected is protecting what lies within the network. What can your company do to solidify your network and protect you from hackers on the inside? [Read more…]