TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Should Your Business Follow Google’s Security Lead?

Google has introduced a new security strategy – but is it right for your business?

It has put some employees on a cyber diet, restricting their internet access to limit potential threats.

On the surface, it sounds like a smart move. Google’s approach is like building a taller fence around your house to keep out burglars.

By reducing internet connectivity, they’re effectively shrinking their digital footprint and making it harder for cyber criminals to find a way in.

But is it foolproof?

Well, not exactly.

While this strategy does limit external threats, it doesn’t entirely eliminate the risk.

Think of it this way: you’ve built a towering wall around your house, but your teenager leaves the back gate open. Similarly, internal systems might remain connected to other devices that can access the internet, providing a potential entry point for cyber threats.

In other words, you can’t just focus on keeping things out.

Yes, there are very real threats from external hackers using all sorts of techniques like phishing, zero-day attacks, and malware. But the security industry often overlooks significant threats from within the perimeter.

Research shows that insider threats account for 62% of all security breaches. These insiders – disgruntled employees, careless staff, or malicious actors – often have legitimate access rights, intimate knowledge of the system, and can bypass traditional security checks. It’s like having a burglar who knows where you hide your spare key.

So, what’s the takeaway?

While Google’s strategy has its merits, it’s not a one-size-fits-all solution. Just as you wouldn’t wear shoes that are too big, your business needs a cyber security strategy tailored to fit its unique requirements. A robust cyber security strategy should focus on both external and internal threats and have measures in place to mitigate risks from all angles.

Our advice? Instead of simply following in Google’s footsteps, consider your own business’s needs and vulnerabilities. And of course, if you need help with that, get in touch.

How To Organize Your Cybersecurity Strategy Into Left And Right Of Boom

In the pulsating digital landscape, every click and keystroke echoes through cyberspace. The battle for data security rages on.

Businesses stand as both guardians and targets. Unseen adversaries covet their digital assets. Businesses must arm themselves with a sophisticated arsenal of cybersecurity strategies.

On one side, the vigilant guards of prevention (Left of Boom). On the other, the resilient bulwarks of recovery (Right of Boom). Together, these strategies form the linchpin of a comprehensive defense. They help ensure that businesses can repel attacks. And also rise stronger from the ashes if breached.

What Do “Left of Boom” and “Right of Boom” Mean?

In the realm of cybersecurity, “Left of Boom” and “Right of Boom” are strategic terms. They delineate the proactive and reactive approaches to dealing with cyber threats.

“Left of Boom” refers to preemptive measures and preventative strategies. These are things implemented to safeguard against potential security breaches. It encompasses actions aimed at preventing cyber incidents before they occur.

“Right of Boom” pertains to the post-breach recovery strategies. Companies use these after a security incident has taken place. This phase involves activities like incident response planning and data backup.

Together, these terms form a comprehensive cybersecurity strategy. They cover both prevention and recovery aspects.

Left of Boom: Prevention Strategies

User education and awareness: One of the foundational elements of Left of Boom is employee cybersecurity education. Regular training sessions can empower staff.

Robust access control and authentication: Access control tactics include:

  • Least privilege access
  • Multifactor authentication (MFA)
  • Contextual access
  • Single Sign-on (SSO) solutions

Regular software updates and patch management: Left of Boom strategies include ensuring all software is regularly updated.

Network security and firewalls: Firewalls act as the first line of defense against external threats. Install robust firewalls and intrusion detection/prevention systems that alert quickly when a breach is in progress.

Regular security audits and vulnerability assessments: Conduct regular security audits and vulnerability assessments. This helps to identify potential weaknesses in your systems.

Right of Boom: Recovery Strategies

Incident response plan: Having a well-defined incident response plan in place is crucial.

It should include things like:

  • Communication protocols
  • Containment procedures
  • Steps for recovery
  • IT contact numbers

Data backup and disaster recovery: Regularly backing up data is a vital component of Right of Boom. Another critical component is having a robust disaster recovery plan.

Forensic analysis and learning: After a security breach, conduct a thorough forensic analysis. It’s essential to understand the nature of the attack. As well as the extent of the damage, and the vulnerabilities exploited.

Legal and regulatory compliance: Navigating the legal and regulatory landscape after a security breach is important.

Cyber-Compliance Is Serious Business

If you’ve never experienced a cyberattack, you might not think it’s such a big deal.

Especially if you work in management, you’re so busy focusing on the so-called squeaky wheels of every day; does it really matter if you keep up with the intricacies of modern cybersecurity compliance protocol? YES!

Increased digitization across the globe plus ever-advancing cyber threats equals a constantly evolving market, and legislation that scrambles to keep up.

Why Reporting Matters in a Data Breach

Have you ever experienced a cyberattack, either aimed at you or leveled at your organization? If so, then you might already know how important it is to report the breach – and we don’t just mean to your direct managers or the police!

When a data breach happens, you are often beholden to laws detailing what, how fast and to whom you must disclose. For example, financial institutions have to notify the Federal Trade Commission within thirty days.

You typically have to disclose the breach to anyone affected too, depending on what information was stolen. Where do you work? Do you know the laws set upon your industry and role?

So not only does cyber-compliance affect your ability to protect yourself and your customers from a data breach, but that hack will affect customers’ trust in your ability to keep their personal and financial information safe.

There are also legal concerns to think about. Lawsuits can cost millions between legal fees, penalties, profit losses and disruptions to the daily workflow.

Consider that the average company spends $10K per employee on cyber-compliance, and you see why maintaining compliance saves millions – about half of what you’d spend if you let vulnerabilities lay rampantly unpatched.

Maintaining compliance isn’t just smart; it’s necessary. To foster good relationships with your customers and shareholders, and avoid fines and breaches, companies must maintain a compliant cybersecurity structure.

These regulations change over time but do so to keep up with the latest tricks up cybercriminals’ sleeves.

Our IT services include compliance as part of our all-in-one package to reduce excess labor on your end. We’ll stay up to date on changing regulations so you stay cyber-compliant!

Reporting is one of many important regulations that make you more cyber-secure. Think about it: If your bank accounts, or health records, or mailing information got leaked, wouldn’t you want to know?

It’s not just about preferences, though. Data privacy is a right in many countries across the globe. More and more, people and legislation are all pushing for better data privacy protections.

How can we keep our accounts and data private if we don’t know when a breach has occurred? If you don’t know YOUR reporting requirements, now is the time to find out! Give us a call.

Five Habits Your Smart Remote Workers Should Have

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Remote work has become a way of life very quickly, hasn’t it? Loads of businesses and their people are reaping the rewards of flexibility and convenience.

But it also brings cyber security challenges that demand your attention. Of course, this should always be a concern, but when you have employees working from home, a coffee shop, or anywhere else for that matter, you need to make sure they’re making wise decisions that put the security of your data at the forefront.

These are five habits your remote workers should adopt straight away.

Choose your work location wisely

Working from a favorite coffee shop or a picturesque park may seem like a dream come true, but it can expose you to more cyber security risks.

Over-the-shoulder attacks, where cyber criminals discreetly snoop on your screen in public spaces, might seem unlikely, but they have real potential to lead to data breaches. Employees should choose to work in quieter, more private settings to minimize this risk. [Read more…] about Five Habits Your Smart Remote Workers Should Have

Watch Out For New Big Head Ransomware Pretending To Be A Windows Update!

Imagine you’re working away on your PC and see a Windows update prompt. Instead of ignoring it, you take action. But when you install what you think is a legitimate update, you’re infected with ransomware.

Cybercriminals are constantly devising new ways to infiltrate systems. They encrypt valuable data, leaving victims with difficult choices. One such variant that has emerged recently is the “Big Head” ransomware.

The Big Head Ransomware deception

Big Head ransomware presents victims with a convincing and fake Windows update alert. Attackers design this fake alert to trick users. They think that their computer is undergoing a legitimate Windows update.

The message may appear in a pop-up window or as a notification. The deception goes even further. The ransomware uses a forged Microsoft digital signature. The attack fools the victim into thinking it’s a legitimate Windows update.

They then unknowingly download and execute the ransomware onto their system. From there, the ransomware proceeds to encrypt the victim’s files.

Victims see a message demanding a ransom payment in exchange for the decryption key.

Here are some strategies to safeguard yourself from ransomware attacks like Big Head:

Keep Software and Systems Updated: Big Head ransomware leverages the appearance of Windows updates. One way to be sure you’re installing a real update is to automate.

Verify the Authenticity of Update: Genuine Windows updates will come directly from Microsoft’s official website or through your IT service provider or Windows Update settings.

Backup Your Data Regularly: Back up your important files. Use an external storage device or a secure cloud backup service. Backups of your data can allow you to restore your files without paying a ransom.

Use Robust Security Software: Install reputable antivirus and anti-malware software on your computer.

Educate Yourself and Others: Stay informed about the latest ransomware threats and tactics. Educate yourself and your colleagues or family members.

Use Email Security Measures: Put in place robust email security measures. Be cautious about opening email attachments or clicking on links.

Enable Firewall and Network Security: Activate your computer’s firewall. Use network security solutions to prevent unauthorized access to your network and devices.

Disable Auto-Run Features: Configure your computer to disable auto-run functionality for external drives.

Be Wary of Pop-Up Alerts: Exercise caution when encountering pop-up alerts especially those that ask you to download or install software. Verify the legitimacy of such alerts before taking any action.

Keep an Eye on Your System: Keep an eye on your computer’s performance and any unusual activity. If you notice anything suspicious, investigate immediately.

Have a Response Plan: In the unfortunate event of a ransomware attack, have a response plan in place. Know how to disconnect from the network. Report the incident to your IT department or a cybersecurity professional.

Avoid paying the ransom. In most cases, it is against federal law to pay a ransom to hackers.

Cyber Security Threats Your Team Must Know About

Your employees are your first line of defense in cyber security, and their training is as crucial as the cutting-edge tools you’ve invested in. Are you overlooking this vital element?

We strongly advise you make an ongoing commitment to regular cyber security training for every single one of your team. That means keeping them up to date on the latest cyber threats, the warning signs to look out for, and of course, what to do should a situation arise.

If you’re not already doing that, arrange something now (we can help).

While you wait, here are some urgent cyber threats to address right away:

Admin attack

Email addresses like “info@” or “admin@” are often less protected due to perceived low risk. But several teams may require access to these accounts, making them an easy target. Multi-factor Authentication (MFA) can double your security. Even if it seems tedious, don’t neglect it.

MFA fatigue attacks

MFA can feel intrusive, leading employees to approve requests without scrutiny. Cyber criminals exploit this complacency with a flood of fake notifications. Encourage your team to meticulously verify all MFA requests.

Phishing bait

Phishing remains a top threat. Cyber criminals mimic trusted sources with deceptive emails. Teach your team to inspect email addresses closely. Implementing a sender policy framework can also enhance your protection.

Phishing scams are attempts to trick you into revealing your personal information, such as passwords, credit card numbers, or Social Security numbers.

Scammers often send emails or text messages that appear to be from legitimate companies, such as banks, credit card companies, or government agencies. They may also create fake websites that look like real websites.

The three most common phishing scams are:

  • Fake shopping websites, which sell counterfeit products – or even sell nothing at all. They collect your credit card information to sell to other hackers.
  • Romance scams to trick people into falling in love, so they’ll be more willing to send money.
  • Social media scams that either impersonate real people, or invent new personas entirely.

Other common internet scams include:

  • Investment scams (yes, people still fall for these every day) that promise victims high returns on their investments, but the investments are actually fake.
  • Tech support scams which claim to be a tech support company, but then charge for unnecessary services or steal personal information.
  • Lottery and sweepstakes scams tell people that they have won a lottery or sweepstakes, but they need to pay a fee to claim their prize.
  • Charity scams impersonate legitimate charities and ask for donations.

Cyber security training doesn’t have to be tedious. Try simulated attacks and think of them like an escape room challenge—fun yet enlightening. It’s about identifying vulnerabilities, not fault-finding.

Don’t exclude your leadership team. They need to understand the response plan in case of a breach, much like a fire drill.

If you receive an email, text, or call from someone who is asking for your personal information or money, be suspicious! Don’t click on anything until you verify the sender is who they say they are!

Keep Your Smart Home From Turning Against You

Smart homes offer unparalleled convenience and efficiency. But as we embrace the convenience, it’s essential to consider the potential risks.

Recent headlines have shed light on the vulnerabilities of smart home technology, such as the story in the New York Post’s article titled “Locked Out & Hacked: When Smart Homes Turn on Owners.”

The article describes smart home nightmares. Including the new owner of a smart home that unexpectedly got locked in. The prior owner had left preprogrammed settings. Suddenly at 11:30 p.m., the home told him it was time to go to bed and locked every door in the house.

Another technology victim was a woman terrorized by lights and sounds at home. Her ex-partner was maliciously manipulating the smart technology.

As homes get smarter, how can you avoid a similar experience? We’ll explore some key strategies to protect your home and your privacy.

Secure your network

The foundation of any smart home is its network. Just as you wouldn’t leave your front door wide open, you shouldn’t neglect Wi-Fi security.

Strengthen device passwords

Avoid using easily guessable information like “123456” or “password.” Use a combination of upper and lower-case letters, numbers, and symbols.

Enable two-factor authentication (2FA)

Many smart home device manufacturers offer 2FA as an extra layer of security. This helps keep unwanted people out.

Regularly update firmware

Firmware updates are essential for fixing security vulnerabilities in your smart devices. Make it a habit to check and apply firmware updates regularly.

Vet your devices

Look for products that have a history of prompt updates and robust security features. Avoid purchasing devices from obscure or untrusted brands.

Isolate sensitive devices

Consider segregating your most sensitive devices onto a separate network, if possible.

Review app permissions

Smart home apps often request access to various permissions on your devices. Before granting these, scrutinize what data the app is trying to access.

Be cautious with voice assistants

Review your voice assistant’s privacy settings. Be cautious about what information you share with them. Many devices can be programmed to not listen by default.

Check your devices regularly

Regularly check the status and activity of your smart devices. Look for any unusual behavior.

Understand your device’s data usage

Review your smart device’s privacy policy. Understand how it uses your data.

Stay informed

Finally, stay informed about the latest developments in smart home security. Subscribe to security newsletters.

Cybersecurity Skeletons In Your Business’ Closet

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Let’s dive into a topic that might give you the chills – cybersecurity skeletons in your company’s closet.

You may not have old skeletons hidden away in the basement, but there’s a good chance of cybersecurity vulnerabilities lurking in the shadows. Just waiting to wreak havoc.

You can’t fix what you can’t see. It’s time to shine a light on these hidden dangers, so you can take action to protect your business from potential cyber threats.

Here are some of the most common cybersecurity issues faced by small and mid-sized businesses:

Outdated software: The cobweb-covered nightmare

Running outdated software is like inviting hackers to your virtual Halloween party. [Read more…] about Cybersecurity Skeletons In Your Business’ Closet

What is SaaS Ransomware? How Can You Defend Against It?

Software-as-a-Service (SaaS) has revolutionized the way businesses operate. But alongside its benefits, SaaS brings with it potential threats. When software and data are online, they’re more vulnerable to attacks. One of the latest threats to move from endpoint devices to the cloud is ransomware.

Between March and May of 2023, SaaS attacks increased by over 300%. A study in 2022 by Odaseva found that 51% of ransomware attacks targeted SaaS data.

What is SaaS ransomware?

SaaS ransomware is also known as cloud ransomware. It’s malicious code designed to target cloud-based applications and services. These include services like Google Workspace, Microsoft 365, and other cloud collaboration platforms. Here are some tips to defend your business from SaaS ransomware.

Educate your team

Start by educating your employees about the risks of SaaS ransomware. Include how it spreads through phishing emails, malicious links, or breached accounts. Teach them to recognize suspicious activities and report any unusual incidents immediately.

Enable multi-factor authentication (MFA)

MFA is an essential layer of security. Enabling MFA reduces the risk of unauthorized access. This is true, even if a hacker compromises an account’s login credentials.

Regular backups

Frequently backing up your SaaS data is crucial. Having up-to-date backups ensures that you can restore your files. You won’t need to pay the attacker’s ransom demands and you’ll get your business back up and running faster.

Deploy advanced security solutions

Consider using third-party security solutions that specialize in protecting SaaS environments.

These solutions can provide many benefits including:
• Real-time threat detection
• Data loss prevention
• And other advanced security features

Apply the principle of least privilege

Limit user permissions to only the necessary functions. By doing this, you reduce the potential damage an attacker can do if they gain access.

Keep software up to date

Ensure that you keep all software up to date. Regular updates close known vulnerabilities and strengthen your defense.

Track suspicious account activity

Put in place robust monitoring of user activity and network traffic. Suspicious behavior can be early indicators of an attack. One example to watch for is several failed login attempts. Another is access from unusual locations.

Develop an incident response plan

Prepare and practice an incident response plan. It should outline the steps to take in the event of a ransomware attack. A well-coordinated response can mitigate the impact of an incident. It can also aid in faster recovery. The sooner your team can respond, the faster business gets back to normal.

Collaboration Tools Are GREAT. But Are They A Security Risk?

In today’s digital age, workplace collaboration tools and messaging apps such as Slack, Teams, and Zoom have become indispensable.

They’ve revolutionized the way we work, making communication with colleagues a breeze, facilitating seamless file sharing, and allowing for productive meetings without the hassle of commuting.

The ability to discuss even the most sensitive of topics from the warmth and safety of our homes seems like a dream. However, every silver lining has a cloud.

While we see these tools as productivity enhancers, cybercriminals see them as gateways to potential vulnerabilities. The very platforms that have been champions for our productivity are simultaneously creating a playground for cyber threats.

It’s alarming to realize that, for instance, while Slack employs encryption, it does not have end-to-end encryption. The reason behind this? To provide companies with an overview of their internal communications.

Moreover, if you’ve jumped on the WhatsApp bandwagon for business, beware. This popular app has been a victim of numerous social engineering attacks. And Telegram? It’s steadily climbing the list of hotspots for cyber attackers. These threats have ushered in a new form of cyber-attack known as Business Communication Compromise (BCC).

Think of it as the menacing relative of the widely recognized Business Email Compromise (BEC).

Shockingly, a 2022 Data Breach Investigation Report highlighted that a staggering 82% of data breaches stem from human errors. Just one misguided click on a deceitful phishing email, and your prized communication channels become a hotbed for these cyber rogues.

But there’s hope! Here are some measures to safeguard your digital spaces:

Establish robust access controls. Ensure that only authorized individuals can access your platform. Even basic protocols like multi-factor authentication can act as formidable barriers against intruders.

Adopt stringent data loss prevention techniques. Opt for systems that provide end-to-end encryption and have capabilities to remotely wipe data from misplaced or stolen devices.

Educate your team. Regular training sessions on best practices for handling sensitive information can make all the difference.

Your security is our priority. If you need guidance on fortifying your digital defenses, we’re here to assist.