Precautions While Using the Internet

Precautions While Using the Internet

Every day people are bombarded with advertisements regarding general computer security. Many times it comes in the form of identity protection. Other times it may come in the form of antivirus software. Whatever the case, securing a computer while using the internet is not as daunting as some commercials would have computer users think. There are four very simple ideas one could keep in mind to ensure a very low likelihood of getting “hacked” while using the internet. 

  • Common sense
  • Beware of malicious software
  • Storing passwords on a computer
  • Browser security extensions 

Computers are designed to be an extension of the many ways that people think and are programmed as such. This implies that using common sense while browsing the internet can go a long way in keeping a computer user safe from data theft, identity theft, and other computer crimes. When browsing the internet, if something seems conniving, it may very well be so! Therefore, think twice before clicking that link or accepting that request from an unknown party, to say the least.

Many times that people have their private data stolen or their computer hacked is because “malicious software” is installed onto a computer being used by the victim. Malicious software is any type of software that does something illegal or is intended to generally defy the consent of those who use the computer it’s installed on. Malicious software is usually installed unknowingly by a computer user who thinks that legal and genuine software is being installed — the malicious software is hidden by what appears to be legal and genuine software. The point is that great care should be taken to be sure that the websites in which software is downloaded from are generally safe — malicious software usually comes from websites run by criminals. 

One of the conveniences of using the internet is the option to save usernames and passwords so that subsequent uses of certain websites are easier and quicker to access. The downside of this convenience is that if a computer catches a virus, that virus could be smart enough to record those usernames and passwords that are saved and forward that information to a criminal across the internet. Therefore, the pros and cons of saving usernames and passwords on a computer should be carefully weighed.

Lastly, as an extra measure of protection against internet crime, a computer user can install browser security extensions. A browser is what one uses to access websites on the internet. Internet Explorer, Chrome, and FireFox are browsers. An example of a couple of good browser security extensions is NoScript. A search of “browser security extensions” using an internet search engine will reveal many options to use for browsers. 

Please contact us for assistance in determining a balanced and secure approach to using the internet. 

Managed Security Services Work to Stomp Out Security Problems

Managed Security Services Work to Stomp Out Security Problems

In the course of doing business, many of today’s businesses have encountered some type of major security threat. As these threats get more and more sophisticated, you are beginning to see more businesses and other organizations enlisting the services of companies that are in business to keep their clients safe.

We’ll take a look at some of the services that managed security service provides, and how it fits into a business’ IT strategy. Ransomware had really become a major problem as the calendar changed to 2017. No one could imagine what would have happened over the first few months of the year.

It seemed as if there was a new ransomware attack in the news every day; and, coupled with all the other hacking attacks such as distributed denial of service, phishing, viruses, trojan horses, spoofing, and more, it made it increasingly difficult for the modern business to avoid these threats.

IT service providers, who not only understand the workings of networking and infrastructure, but have proficiency in squelching targeted attacks began to roll out security services.

Sure there have been managed security services for quite awhile, but with businesses and other organizations inundated with such profit-killing IT problems coming from outside their own network, more IT businesses began to focus exclusively on higher-end security services.

Why Use a MSSP?

There are a myriad of reasons to utilize outsourced IT services. Whether you want to get comprehensive support for your information technology, you want to cut your support costs, you want help implementing a specific technology, or you simply want a professional technology consultant on retainer, outsourcing your IT management to WheelHouse IT has substantial value.

The managed security service provider does the same, except instead of focusing on your business’ well being, the service is focused solely on keeping threats from interrupting your business’ progress.

To do so, they meet the complexity of today’s threats with equally sophisticated tools designed to block and eliminate any threat thrown your way. Some of the services your average MSSP will provide include:

  • Managed Identity and Access Management
  • Managed Encryption (Virtual Private Networks)
  • Managed Firewall
  • Managed Data Loss Prevention
  • Managed Intrusion Detection
  • Managed Intrusion Prevention
  • Managed Security Information and Event Management
  • Managed Unified Threat Management

These services take your typical network security and turn up the volume. The MSSP makes certain that your information systems are completely controlled and not useful to anyone outside your organization.

Additionally, the MSSP’s security-focused effort makes compliance to regulatory laws and mandates a priority. By ensuring controls are secure,and reports that show a dedication to keep sensitive data secure, an MSSP is a good investment for any business that relies on regulatory compliance to operate effectively.

With network and cyber security becoming essential considerations for every IT department, companies of all sizes are looking to outsourced IT professionals to handle their network security.

Does your business need a security firm to overlook your business’ network?

Leave your thoughts in the comments section below.

Security Tips for Computer Users

Security Tips for Computer Users

Within the procedural infrastructure of most businesses are unavoidable caveats. They come with the territory of owning and operating a business and any business owner, especially one which takes on employees, can testify to this.

Assessing and mitigating security threats found in computer hardware and software is a good place to start the process of securing a business from criminal harm. However, assessing and mitigating the side of security dealing with human error, dishonesty, and crime, is a whole other matter.

Like with most computer users, not excluding business owners, complacency in computer security has been found to be a primary doorway in which a business can be exploited by criminals, whether foul play comes from inside or outside a business. A minimum set of precautions should be taken.

The retaliatory actions of disgruntled employees who are subject to disciplinary action within a company or are outright fired for any given reason are a common problem in any business which hires employees.

There are security measures that can be taken to mitigate the threat of disgruntled employees who can go on the offensive. Two specific measures which should be elementary for any business which hires employees are implementing the security concepts of “least privilege“, and a strict policy (including procedures) for discharging or firing employees. 

The concept of “least privilege” is implemented by giving access to company resources and information only to the extent that is required for an employee to accomplish her job in the company.

As an example, if an employee’s primary job in a company is managing financial resources and dealing with payroll checks, then that employee should be given access only to the resources and information required to carry out those duties.

There’s no need to give her a duplicate key to the storage attic which contains nothing essential to carrying out her duties as a companies’ financial resources manager. This strategy can generally make it much simpler and easier for a company owner to manage employees. 

In the event that an employee must be fired or discharged from a company, there should be strict procedures in place to facilitate a secure transition for the exiting employee.

For example, any computer passwords known by the exiting employee should be changed immediately and any security clearances held by the exiting employee should be revoked.

Please contact us if there is concern regarding security policies for both current and discharged employees.  

Check Out Our Blog!

Tip of the Week: 5 Foundational Pieces to Computing Securely

Tip of the Week: 5 Foundational Pieces to Computing Securely

Every so often, it can be good to get back to basics for a bit of review. That’s why we’re going over five ways that you can improve your security through basic best practices for this week’s tip!

1. Keep Your Computer Protected, Inside…

Your device, whether it’s a workstation or something more mobile, relies on software in order to function. Malware and other threats will seek out vulnerabilities in this software.

To ensure the security of your system and files, you need to make sure that you are proactive in applying software patches and installing antivirus, anti-malware, and firewalls to your device. Utilizing encryption tools will also assist you in keeping your private data as it should be… private.

2. …And Out

Of course, many people tend to focus on threats that are delivered digitally, but some cyber criminals do things the old-fashioned way. You should never leave your computer unattended and unlocked, especially if you’re working remotely and are out of the office environment.

Who’s to say that someone wouldn’t snatch your work laptop in your favorite coffee shop as you walked to the counter to pick up your freshly-made beverage? Even if they don’t try and access your data, that’s still a computer gone… good luck explaining that one.

3. Be Smart

Other attackers will try to fool you, and convince you that they’re someone else to gain your trust before exploiting it to their own ends. Phishing, where an attacker will send an email doing just that, has been the driving force behind many of the more successful recent cyber attacks.

Including a malware-riddled attachment to deliver the payload, the attacker will leverage their victim’s misplaced trust to their advantage. A similar tactic is often used with free, online downloads. Remember, few things in life are truly free, and if it seems too good to be true, it probably is.

4.  Keep A Backup

Stuff happens. Whether you get bamboozled by a phishing scam or one of your employees leaves their laptop open at that coffee shop, there’s a chance that you’ll have to start fresh and wipe your network and/or device to get an unwelcome entity out.

However, without any of your data surviving the wipe, you’re almost in a worse position than before…  unless you maintained a backup solution in keeping with best practices. Your data should frequently and automatically be saved to a remote location, safe from cyber attack and the odd act of nature, to hopefully go unused.

5. Stay In The Know

Cyber security is far from a static, unchanging thing. New threats are constantly in development and familiar ones are always being improved upon.

Therefore, you need to stay apprised and up-to-date not only in your solutions, but also in your knowledge of the state of cyber security. Otherwise, you’re apt to be blindsided by some unforeseen issue. Knowledge is power, especially when it comes to managing your information technology.

We’re here to help. Keep checking back to our blog for more assistance with your IT, including security concerns, best practices, and other useful tips. For more help, reach out to us directly by calling (877) 771-2384.

Disgruntled Employees: A Security Risk

Disgruntled Employees: A Security Risk

Within the procedural infrastructure of most businesses are unavoidable caveats. They come with the territory of owning and operating a business and any business owner, especially one which takes on employees, can testify to this.

Assessing and mitigating security threats found in computer hardware and software is a good place to start the process of securing a business from criminal harm.

However, assessing and mitigating the side of security dealing with human error, dishonesty, and crime, is a whole other matter. Like with most computer users, not excluding business owners, complacency in computer security has been found to be a primary doorway in which a business can be exploited by criminals, whether foul play comes from inside or outside a business. A minimum set of precautions should be taken.

The retaliatory actions of disgruntled employees who are subject to disciplinary action within a company or are outright fired for any given reason are a common problem in any business which hires employees.

There are security measures that can be taken to mitigate the threat of disgruntled employees who can go on the offensive. Two specific measures which should be elementary for any business which hires employees are implementing the security concepts of “least privilege“, and a strict policy (including procedures) for discharging or firing employees. 

The concept of “least privilege” is implemented by giving access to company resources and information only to the extent that is required for an employee to accomplish her job in the company. As an example, if an employee’s primary job in a company is managing financial resources and dealing with payroll checks, then that employee should be given access only to the resources and information required to carry out those duties.

There’s no need to give her a duplicate key to the storage attic which contains nothing essential to carrying out her duties as a companies’ financial resources manager. This strategy can generally make it much simpler and easier for a company owner to manage employees. 

In the event that an employee must be fired or discharged from a company, there should be strict procedures in place to facilitate a secure transition for the exiting employee. For example, any computer passwords known by the exiting employee should be changed immediately and any security clearances held by the exiting employee should be revoked.

Please contact us if there is concern regarding security policies for both current and discharged employees. Â