Tag Archive for: Cybersecurity

Why your IT Provider may be the Weakest Link in your IT Security

If your IT Provider gets breached, it opens the door for cybercriminals to access your private data. Read how to make sure your IT Provider isn’t the weakest link in your data security.

5 Reasons to Use Multi-Factor Authentication

Multi-factor authentication is the number one security control Northeast Ohio businesses can implement today to help prevent a data breach.

Advanced Cybersecurity Controls

Data breaches for Akron Businesses are on the rise. Therefore, we recommended that every business have the following advanced cybersecurity controls in place.

How to Prevent a Ransomware Attack

Northeast Ohio companies that fall victim to a ransomware attack (and that do not have their files properly backed up) usually only have two choices—both of which could put a company out of business.

The first choice presented by cybercriminals is to pay a ransom for the release of the data they are holding hostage. This could cost your business hundreds of thousands or even millions of dollars (it is reported that Colonial Pipeline paid upwards of $5 million for the release of their files) and there is no guarantee you will even get your data back. It is estimated that less than a quarter of companies who paid cybercriminals a ransom in 2020 got all of their data returned.

The second option is to do nothing and risk the confidential data of your customers being released. Not only could this destroy the reputation of your business, but you could potentially face lawsuits or fines for violating compliance laws.

As you can see, neither of these options are good and many businesses that fell prey to a ransomware attack never recovered. The best way to deal with a ransomware attack is to prevent one from ever taking place in the first place.

Here are five things your business must do to keep cyber criminals from holding your files and client data hostage.

    1. Keep all programs and operating systems up to date with the latest patches.
    2. Use and maintain proper antivirus software, email filters, and firewalls while regularly monitoring your system for possible infections.
    3. Use multi-factor authentication for all logins and transactions.
    4. Train staff on what fishing attacks look like and how they can prevent them.
    5. Backup your systems regularly and ensure your backups work.

To further limit the chances of a successful ransomware attack on your business, it is also important to only work with SOC Audited outsourced IT service providers like PCR Business Systems. PCR has been SOC 2, Type 2 Certified to guarantee that we have the highest level of security controls in place to protect your critical data. You can learn more about what the SOC 2 Audit is and what it means for your business here.

 

Have questions about protecting your business from ransomware attacks? Contact PCR President, Pat Carroll for a free Q&A.

IT Security for Working at Home

Unfortunately, due to the Coronavirus many employees have been forced to work from home, or may be working from home in the near future. If you find yourself in this situation it’s important to remember to follow the best IT security practices when working from home to not put your company at risk of an online virus or cyberattack.

Working remotely can be challenging because you likely don’t have the same security safeguards in place at home as you do in the office. In addition, most people have multiple devices connected to their home Wifi, including personal computers, smartphones, game consoles, etc. These can all offer hackers a gateway into your home Wifi which can then give them a backdoor into the corporate device you are working from. It’s up to you to implement your own layers of security controls at home to prevent your company’s data from being breached.

 

Cyber criminals love to prey on companies when they are most vulnerable, and one of the weak spots they look for is employees who are not following the best IT security practices for working remotely.

Below is a list of things you can do to prevent cyberattacks while working remotely. You should follow these guidelines whenever you are logged into a corporate laptop or phone, even if it’s just to check a few emails.

IT Security Checklist for Remote Employees

Only Use Secure Wifi

  • Avoid using Public WiFi
  • Use a VPN (Virtual Private Network)
  • Change the default Wifi router passwords to something more secure
  • Update router firmware

Protect Your Workspace

  • Don’t use your personal computer for work
  • Don’t let anyone eavesdrop on what you are working on
  • Encrypt sensitive data in emails
  • Don’t use the same passwords on work devices as you do personal devices
  • Update software for all devices that are connected to your home network (this includes personal computers, television services, game consoles, thermostats, etc.)

Secure Your Devices

  • Update firmware
  • Create strong passwords using multi-factor authentication
  • Review and follow corporate policies and procedures
  • Don’t leave your work devices unaccompanied in a vehicle
  • Keep your home or apartment securely locked

Use Common Sense

  • Don’t share your work devices with family or friends
  • Don’t post business itineraries or corporate information online. This includes posting photos that may show addresses, client information, or any other personal or business information in the background
  • Don’t let your guard down. It’s easy to feel comfortable at home but practice the same IT security best practices at home as you would at work

Report Any Security Issues Immediately

  • Don’t wait until it’s too late. If you fear your work computer has been breached contact an IT professional within your company immediately

Fill out the form below or contact PCR Business Systems if you have any questions about setting up a secure workspace for your remote employees.

 

It’s Time to Have a Talk with your IT Company

The relationship between a business and IT team or IT person used to be so simple. Do you remember those old Saturday Night Live skits with Jimmy Fallon playing “Nick Burns: Your Company’s Computer Guy?” It was kind of like that, only with less sarcasm.

You would call up your IT Company when you had an issue with your server or a company computer, and someone would come over and fix it.

Today, things are much more complicated. Akron, OH IT Service providers are not only tasked with keeping your networks up and running, but they are also your first line of defense against cyberattacks. If they fail to adequately protect your network, or if their own system gets hacked into, your IT provider could destroy your business and everything you worked so hard for.

We meet with one or two companies every month whose business is on the brink of disaster because their IT company failed to properly secure their network or because they didn’t have a proper backup plan in place. Please, don’t let this happen to your business.

It’s OKAY to ask questions

It’s important to have an open dialogue with your in-house IT team or outsourced IT company to learn everything about what they are doing, and what they plan to do in regards to your company’s Information Technology.

Whether or not you outsource your IT or have an in-house team on staff, your IT provider is an extension of your business. You need to stay on top of what they are up to just as you would one of your employees. Often, business leaders will simply write a check and let the IT provider do “their job.”

10 questions to ask your IT Company

 

Please, have a conversation with your IT Company and ask specific questions about things like cybersecurity, backup plans, and network monitoring.

As we wrote in the article The Wild West of IT Services, there are no regulations governing IT Service Providers. It’s up to you to do your homework before hiring an IT person or team, and to continuing monitoring the work you are doing for you.

What Questions should you ask?

We have created a Cyber Security Risk Assessment that we encourage you to take. This questionnaire takes less than five minutes to complete and will give you an idea of how well your IT Service Provider is managing your network security and protecting your business against cyberattacks.

IN ADDITION, feel free to ask your IT Company any of the questions from this assessment. If there is a question you are unsure of, ASK your IT Provider for the answer. This is a great tool to help you get the conversation started.

 

Feel free to email me directly with any questions.

Pat Carroll